mirror of
https://github.com/evilsocket/opensnitch.git
synced 2025-03-04 08:34:40 +01:00
83eb82a343
For now, we parse /proc/net/packet, because vishvananda/netlink does not have support to dump AF_PACKET sockets from kernel.
39 lines
1.2 KiB
Go
39 lines
1.2 KiB
Go
package socketsmonitor
|
|
|
|
import (
|
|
"syscall"
|
|
|
|
"golang.org/x/sys/unix"
|
|
)
|
|
|
|
// Protos holds valid combinations of protocols, families and socket types that can be created.
|
|
type Protos struct {
|
|
Proto uint8
|
|
Fam uint8
|
|
}
|
|
|
|
var options = []Protos{
|
|
{syscall.IPPROTO_DCCP, syscall.AF_INET},
|
|
{syscall.IPPROTO_DCCP, syscall.AF_INET6},
|
|
{syscall.IPPROTO_ICMPV6, syscall.AF_INET6},
|
|
{syscall.IPPROTO_ICMP, syscall.AF_INET},
|
|
{syscall.IPPROTO_IGMP, syscall.AF_INET},
|
|
{syscall.IPPROTO_IGMP, syscall.AF_INET6},
|
|
{syscall.IPPROTO_RAW, syscall.AF_INET},
|
|
{syscall.IPPROTO_RAW, syscall.AF_INET6},
|
|
{syscall.IPPROTO_SCTP, syscall.AF_INET},
|
|
{syscall.IPPROTO_SCTP, syscall.AF_INET6},
|
|
{syscall.IPPROTO_TCP, syscall.AF_INET},
|
|
{syscall.IPPROTO_TCP, syscall.AF_INET6},
|
|
{syscall.IPPROTO_UDP, syscall.AF_INET},
|
|
{syscall.IPPROTO_UDP, syscall.AF_INET6},
|
|
{syscall.IPPROTO_UDPLITE, syscall.AF_INET},
|
|
{syscall.IPPROTO_UDPLITE, syscall.AF_INET6},
|
|
|
|
// for AF_PACKET, Type is the "Protocol" (SOCK_DGRAM, SOCK_RAW)
|
|
{syscall.IPPROTO_RAW, unix.AF_PACKET},
|
|
// here UDP is SOCK_DGRAM. Does not imply UDP protocol.
|
|
{syscall.IPPROTO_UDP, unix.AF_PACKET},
|
|
//{syscall.IPPROTO_IP, unix.AF_PACKET},
|
|
//{unix.ETH_P_ALL, syscall.AF_PACKET},
|
|
}
|