func (pb *Packetbeat) makeWorkerFactory(filter string) sniffer.WorkerFactory {
return func(dl layers.LinkType) (sniffer.Worker, string, error) {
var f *flows.Flows
var err error
config := &pb.Config
if config.Flows.IsEnabled() {
f, err = flows.NewFlows(pb.Pub, config.Flows)
if err != nil {
return nil, "", err
}
}
var icmp4 icmp.ICMPv4Processor
var icmp6 icmp.ICMPv6Processor
if cfg := config.Protocols["icmp"]; cfg.Enabled() {
icmp, err := icmp.New(false, pb.Pub, cfg)
if err != nil {
return nil, "", err
}
icmp4 = icmp
icmp6 = icmp
}
tcp, err := tcp.NewTcp(&protos.Protos)
if err != nil {
return nil, "", err
}
udp, err := udp.NewUdp(&protos.Protos)
if err != nil {
return nil, "", err
}
worker, err := decoder.NewDecoder(f, dl, icmp4, icmp6, tcp, udp)
if err != nil {
return nil, "", err
}
if f != nil {
pb.services = append(pb.services, f)
}
return worker, filter, nil
}
}
func (sniffer *SnifferSetup) Init(
test_mode bool,
icmp4 icmp.ICMPv4Processor,
icmp6 icmp.ICMPv6Processor,
tcp tcp.Processor,
udp udp.Processor,
) error {
if config.ConfigSingleton.Interfaces.Bpf_filter == "" {
with_vlans := config.ConfigSingleton.Interfaces.With_vlans
with_icmp := config.ConfigSingleton.Protocols.Icmp.Enabled
config.ConfigSingleton.Interfaces.Bpf_filter = protos.Protos.BpfFilter(with_vlans, with_icmp)
}
logp.Debug("sniffer", "BPF filter: %s", config.ConfigSingleton.Interfaces.Bpf_filter)
var err error
if !test_mode {
err = sniffer.setFromConfig(&config.ConfigSingleton.Interfaces)
if err != nil {
return fmt.Errorf("Error creating sniffer: %v", err)
}
}
sniffer.Decoder, err = decoder.NewDecoder(sniffer.Datalink(), icmp4, icmp6, tcp, udp)
if err != nil {
return fmt.Errorf("Error creating decoder: %v", err)
}
if sniffer.config.Dumpfile != "" {
p, err := pcap.OpenDead(sniffer.Datalink(), 65535)
if err != nil {
return err
}
sniffer.dumper, err = p.NewDumper(sniffer.config.Dumpfile)
if err != nil {
return err
}
}
sniffer.isAlive = true
return nil
}
