func (this *HookSwitchInspector) onHookSwitchMessage(meta hookswitch.HookSwitchMeta,
	eth *layers.Ethernet, ip *layers.IPv4, tcp *layers.TCP) error {
	srcEntityID, dstEntityID := makeEntityIDs(eth, ip, tcp)
	event, err := signal.NewPacketEvent(this.EntityID,
		srcEntityID, dstEntityID, map[string]interface{}{})
	if err != nil {
		return err
	}
	actionCh, err := this.trans.SendEvent(event)
	if err != nil {
		return err
	}
	action := <-actionCh
	switch action.(type) {
	case *signal.EventAcceptanceAction:
		meta.Op = hookswitch.Accept
	case *signal.PacketFaultAction:
		meta.Op = hookswitch.Drop
	default:
		return fmt.Errorf("unknown action %s", action)
	}
	// ignore original ethBytes, nil is enough
	if err = this.sendZMQMessage(meta, nil); err != nil {
		return err
	}
	return nil
}
Beispiel #2
0
func (this *NFQInspector) onPacket(nfp netfilter.NFPacket,
	ip *layers.IPv4, tcp *layers.TCP) error {
	srcEntityID, dstEntityID := makeEntityIDs(nil, ip, tcp)
	event, err := signal.NewPacketEvent(this.EntityID,
		srcEntityID, dstEntityID, map[string]interface{}{})
	if err != nil {
		return err
	}
	actionCh, err := this.trans.SendEvent(event)
	if err != nil {
		return err
	}
	action := <-actionCh
	switch action.(type) {
	case *signal.EventAcceptanceAction:
		nfp.SetVerdict(netfilter.NF_ACCEPT)
	case *signal.PacketFaultAction:
		nfp.SetVerdict(netfilter.NF_DROP)
	default:
		return fmt.Errorf("unknown action %s", action)
	}
	return nil
}