mirrors/opensnitch
1
0
Fork 0
mirror of https://github.com/evilsocket/opensnitch.git synced 2025-03-04 08:34:40 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Merge pull request #256 from p-/issue-206

Browse source 
Also detect applications that use the AF_INET6 socket for IPv4 connections (like Java)
This commit is contained in:
evilsocket 2019-06-04 11:55:45 +02:00 committed by GitHub
commit d7ad9569dc
Failed to generate hash of commit
1 changed files with 17 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
daemon/netstat/find.go
View file

@ -2,11 +2,27 @@ package netstat
import (
"net"
"strings"
"github.com/evilsocket/opensnitch/daemon/log"
)
func FindEntry(proto string, srcIP net.IP, srcPort uint, dstIP net.IP, dstPort uint) *Entry {
if entry := findEntryForProtocol(proto, srcIP, srcPort, dstIP, dstPort); entry != nil {
return entry
}
ipv6Suffix := "6"
if strings.HasSuffix(proto, ipv6Suffix) == false {
otherProto := proto + ipv6Suffix
log.Debug("Searching for %s netstat entry instead of %s", otherProto, proto)
return findEntryForProtocol(otherProto, srcIP, srcPort, dstIP, dstPort)
}
return nil;
}
func findEntryForProtocol(proto string, srcIP net.IP, srcPort uint, dstIP net.IP, dstPort uint) *Entry {
entries, err := Parse(proto)
if err != nil {
log.Warning("Error while searching for %s netstat entry: %s", proto, err)