func (sniffer *SnifferSetup) Init(test_mode bool, events chan common.MapStr) error {
config.ConfigSingleton.Interfaces.Bpf_filter = tcp.BpfFilter()
var err error
if !test_mode {
err = sniffer.setFromConfig(&config.ConfigSingleton.Interfaces)
if err != nil {
return fmt.Errorf("Error creating sniffer: %v", err)
}
}
sniffer.Decoder, err = tcp.CreateDecoder(sniffer.Datalink())
if err != nil {
return fmt.Errorf("Error creating decoder: %v", err)
}
if sniffer.config.Dumpfile != "" {
p, err := pcap.OpenDead(sniffer.Datalink(), 65535)
if err != nil {
return err
}
sniffer.dumper, err = p.NewDumper(sniffer.config.Dumpfile)
if err != nil {
return err
}
}
sniffer.isAlive = true
return nil
}
func (sniffer *SnifferSetup) Init(test_mode bool, factory WorkerFactory, interfaces *config.InterfacesConfig) error {
var err error
if !test_mode {
err = sniffer.setFromConfig(interfaces)
if err != nil {
return fmt.Errorf("Error creating sniffer: %v", err)
}
}
sniffer.worker, sniffer.filter, err = factory(sniffer.Datalink())
if err != nil {
return fmt.Errorf("Error creating decoder: %v", err)
}
logp.Debug("sniffer", "BPF filter: '%s'", sniffer.filter)
if sniffer.config.Dumpfile != "" {
p, err := pcap.OpenDead(sniffer.Datalink(), 65535)
if err != nil {
return err
}
sniffer.dumper, err = p.NewDumper(sniffer.config.Dumpfile)
if err != nil {
return err
}
}
sniffer.isAlive = true
return nil
}
func (sniffer *SnifferSetup) Init(
test_mode bool,
icmp4 icmp.ICMPv4Processor,
icmp6 icmp.ICMPv6Processor,
tcp tcp.Processor,
udp udp.Processor,
) error {
if config.ConfigSingleton.Interfaces.Bpf_filter == "" {
with_vlans := config.ConfigSingleton.Interfaces.With_vlans
with_icmp := config.ConfigSingleton.Protocols.Icmp.Enabled
config.ConfigSingleton.Interfaces.Bpf_filter = protos.Protos.BpfFilter(with_vlans, with_icmp)
}
logp.Debug("sniffer", "BPF filter: %s", config.ConfigSingleton.Interfaces.Bpf_filter)
var err error
if !test_mode {
err = sniffer.setFromConfig(&config.ConfigSingleton.Interfaces)
if err != nil {
return fmt.Errorf("Error creating sniffer: %v", err)
}
}
sniffer.Decoder, err = decoder.NewDecoder(sniffer.Datalink(), icmp4, icmp6, tcp, udp)
if err != nil {
return fmt.Errorf("Error creating decoder: %v", err)
}
if sniffer.config.Dumpfile != "" {
p, err := pcap.OpenDead(sniffer.Datalink(), 65535)
if err != nil {
return err
}
sniffer.dumper, err = p.NewDumper(sniffer.config.Dumpfile)
if err != nil {
return err
}
}
sniffer.isAlive = true
return nil
}
func (sniffer *SnifferSetup) Init(testMode bool, filter string, factory WorkerFactory, interfaces *config.InterfacesConfig) error {
var err error
if !testMode {
sniffer.filter = filter
logp.Debug("sniffer", "BPF filter: '%s'", sniffer.filter)
err = sniffer.setFromConfig(interfaces)
if err != nil {
return fmt.Errorf("Error creating sniffer: %v", err)
}
}
if len(interfaces.File) == 0 {
if interfaces.Device == "any" {
// OS X or Windows
if runtime.GOOS == "windows" || runtime.GOOS == "darwin" {
return fmt.Errorf("any interface is not supported on %s", runtime.GOOS)
}
}
}
sniffer.worker, err = factory(sniffer.Datalink())
if err != nil {
return fmt.Errorf("Error creating decoder: %v", err)
}
if sniffer.config.Dumpfile != "" {
p, err := pcap.OpenDead(sniffer.Datalink(), 65535)
if err != nil {
return err
}
sniffer.dumper, err = p.NewDumper(sniffer.config.Dumpfile)
if err != nil {
return err
}
}
sniffer.isAlive = true
return nil
}
// SetBPFFilter compiles and sets a BPF filter for the TPacket handle.
func (h *TPacket) SetBPFFilter(expr string) (err error) {
// Open a dummy pcap handle
p, err := pcap.OpenDead(layers.LinkTypeEthernet, int32(h.opts.frameSize))
if err != nil {
return fmt.Errorf("OpenDead: %s", err)
}
bpf, err := p.NewBPF(expr)
if err != nil {
return fmt.Errorf("NewBPF: %s", err)
}
program := bpf.BPF()
_, err = C.setsockopt(h.fd, C.SOL_SOCKET, C.SO_ATTACH_FILTER,
unsafe.Pointer(&program), C.socklen_t(unsafe.Sizeof(program)))
if err != nil {
return fmt.Errorf("setsockopt: %s", err)
}
return nil
}
