func (this *HookSwitchInspector) onHookSwitchMessage(meta hookswitch.HookSwitchMeta,
eth *layers.Ethernet, ip *layers.IPv4, tcp *layers.TCP) error {
srcEntityID, dstEntityID := makeEntityIDs(eth, ip, tcp)
event, err := signal.NewPacketEvent(this.EntityID,
srcEntityID, dstEntityID, map[string]interface{}{})
if err != nil {
return err
}
actionCh, err := this.trans.SendEvent(event)
if err != nil {
return err
}
action := <-actionCh
switch action.(type) {
case *signal.EventAcceptanceAction:
meta.Op = hookswitch.Accept
case *signal.PacketFaultAction:
meta.Op = hookswitch.Drop
default:
return fmt.Errorf("unknown action %s", action)
}
// ignore original ethBytes, nil is enough
if err = this.sendZMQMessage(meta, nil); err != nil {
return err
}
return nil
}
func (this *NFQInspector) onPacket(nfp netfilter.NFPacket,
ip *layers.IPv4, tcp *layers.TCP) error {
srcEntityID, dstEntityID := makeEntityIDs(nil, ip, tcp)
event, err := signal.NewPacketEvent(this.EntityID,
srcEntityID, dstEntityID, map[string]interface{}{})
if err != nil {
return err
}
actionCh, err := this.trans.SendEvent(event)
if err != nil {
return err
}
action := <-actionCh
switch action.(type) {
case *signal.EventAcceptanceAction:
nfp.SetVerdict(netfilter.NF_ACCEPT)
case *signal.PacketFaultAction:
nfp.SetVerdict(netfilter.NF_DROP)
default:
return fmt.Errorf("unknown action %s", action)
}
return nil
}