/* Adds the SIFF header to a packet, or modifies it in the case that it already exists. Pass in the NFPacket, the flags (bitwise OR them if you need both), and the capabilities and capability updates arrays. If only IsSiff is set, just fill the last 4 bytes with dummy data, it'll be ignored. If you want to update specific fields, then use the [update function name here] function */ func setSiffFields(packet *netfilter.NFPacket, flags uint8, capabilities []byte, updoots []byte) { var ipLayer *layers.IPv4 var option [1]layers.IPv4Option option[0].OptionType = 86 option[0].OptionLength = 8 /* Get the IPv4 layer, and if it doesn't exist, keep doing shit I can't be arsed for proper response outside the bounds of this project */ if layer := packet.Packet.Layer(layers.LayerTypeIPv4); layer != nil { ipLayer = layer.(*layers.IPv4) } else { // maybe do something? } /* Modify the ip layer information */ var IHLchange uint16 = uint16(ipLayer.IHL) // compute new IHL and length if (flags & CapabilityUpdate) == CapabilityUpdate { ipLayer.IHL = 8 option[0].OptionLength = 12 } else if (flags&IsSiff) == IsSiff || (flags&Exp) == Exp { ipLayer.IHL = 7 } else { ipLayer.IHL = 5 } IHLchange = uint16(ipLayer.IHL) - IHLchange if IHLchange != 0 { ipLayer.Length += IHLchange * 4 } if (flags & Evil) == Evil { // set the evil flag. If we do this, we don't need to do anything else, // since evil packets are legacy, and don't have other flags ipLayer.Flags |= layers.IPv4EvilBit } else { // set the flags option option[0].OptionData = []byte{0, 0} if (flags & Exp) == Exp { option[0].OptionData[0] = byte(Exp) } if (flags & CapabilityUpdate) == CapabilityUpdate { option[0].OptionData[0] |= byte(IsSiff | CapabilityUpdate) } else if (flags & IsSiff) == IsSiff { option[0].OptionData[0] |= byte(IsSiff) } // handle the options if flags != 0 { for _, b := range capabilities { option[0].OptionData = append(option[0].OptionData, b) } } if (flags & CapabilityUpdate) == CapabilityUpdate { for _, b := range updoots { option[0].OptionData = append(option[0].OptionData, b) } } // add options if flags != 0 { ipLayer.Options = append([]layers.IPv4Option{option[0]}, ipLayer.Options...) } } // we're done }