Program Listing for File peafowl.hpp¶
↰ Return to documentation for file (include/peafowl/peafowl.hpp)
#ifndef PFWL_API_HPP
#define PFWL_API_HPP
#include <peafowl/peafowl.h>
#include <vector>
#include <string>
namespace peafowl{
class String {
private:
pfwl_string_t _string;
public:
String();
String(pfwl_string_t string);
const unsigned char* getValue() const;
size_t getLength() const;
};
template <typename T>
class Pair{
private:
T _first, _second;
public:
Pair();
Pair(T first, T second);
};
typedef pfwl_field_type_t FieldType;
typedef pfwl_statistic_t Statistic;
typedef pfwl_timestamp_unit_t TimestampUnit;
typedef pfwl_flows_strategy_t FlowsStrategy;
class Field {
private:
pfwl_field_t _field;
public:
Field();
Field(pfwl_field_t field);
bool isPresent() const;
std::string getString() const;
int64_t getNumber() const;
pfwl_field_t getNative() const;
};
class IpAddress {
private:
pfwl_ip_addr _addr;
bool _isIPv6;
public:
IpAddress(pfwl_ip_addr addr, bool isIPv6 = false);
bool isIPv4() const;
bool isIPv6() const;
uint32_t getIPv4() const;
struct in6_addr getIPv6() const;
std::string toString() const;
};
typedef pfwl_direction_t Direction;
class ProtocolL2{
private:
const pfwl_protocol_l2_t _protocol;
const std::string _name;
public:
ProtocolL2(pfwl_protocol_l2_t protocol);
ProtocolL2(const std::string& protocol);
const std::string& getName() const;
pfwl_protocol_l2_t getId() const;
operator pfwl_protocol_l2_t() const {return _protocol;}
friend bool operator== (const ProtocolL2 &p1, const pfwl_protocol_l2_t &p2);
friend bool operator!= (const ProtocolL2 &p1, const pfwl_protocol_l2_t &p2);
};
class ProtocolL3{
private:
const pfwl_protocol_l3_t _protocol;
const std::string _name;
public:
ProtocolL3(pfwl_protocol_l3_t protocol);
ProtocolL3(const std::string& protocol);
const std::string& getName() const;
pfwl_protocol_l3_t getId() const;
operator pfwl_protocol_l3_t() const {return _protocol;}
friend bool operator== (const ProtocolL3 &p1, const pfwl_protocol_l3_t &p2);
friend bool operator!= (const ProtocolL3 &p1, const pfwl_protocol_l3_t &p2);
};
class ProtocolL4{
private:
const pfwl_protocol_l4_t _protocol;
const std::string _name;
public:
ProtocolL4(pfwl_protocol_l4_t protocol);
ProtocolL4(const std::string& protocol);
const std::string& getName() const;
pfwl_protocol_l4_t getId() const;
operator pfwl_protocol_l4_t() const {return _protocol;}
friend bool operator== (const ProtocolL4 &p1, const pfwl_protocol_l4_t &p2);
friend bool operator!= (const ProtocolL4 &p1, const pfwl_protocol_l4_t &p2);
friend bool operator== (const ProtocolL4 &p1, const int &p2);
friend bool operator!= (const ProtocolL4 &p1, const int &p2);
};
class ProtocolL7{
private:
const pfwl_protocol_l7_t _protocol;
const std::string _name;
public:
ProtocolL7(pfwl_protocol_l7_t protocol);
ProtocolL7(const std::string& protocol);
const std::string& getName() const;
pfwl_protocol_l7_t getId() const;
operator pfwl_protocol_l7_t() const {return _protocol;}
friend bool operator== (const ProtocolL7 &p1, const pfwl_protocol_l7_t &p2);
friend bool operator!= (const ProtocolL7 &p1, const pfwl_protocol_l7_t &p2);
};
class FlowInfo {
private:
pfwl_flow_info_t _flowInfo;
public:
FlowInfo();
FlowInfo(pfwl_flow_info_t info);
uint64_t getId() const;
uint16_t getThreadId() const;
IpAddress getAddressSrc() const;
IpAddress getAddressDst() const;
uint16_t getPortSrc() const;
uint16_t getPortDst() const;
ProtocolL2 getProtocolL2() const;
ProtocolL3 getProtocolL3() const;
ProtocolL4 getProtocolL4() const;
std::vector<ProtocolL7> getProtocolsL7() const;
double getStatistic(Statistic stat, Direction dir) const;
void** getUserData() const;
pfwl_flow_info_t getNative() const;
void setUserData(void* udata);
};
class DissectionInfoL2{
private:
pfwl_dissection_info_l2_t _dissectionInfo;
public:
DissectionInfoL2();
DissectionInfoL2(pfwl_dissection_info_l2_t dissectionInfo);
size_t getLength() const;
ProtocolL2 getProtocol() const;
pfwl_dissection_info_l2_t getNative() const;
};
class DissectionInfoL3{
private:
pfwl_dissection_info_l3_t _dissectionInfo;
public:
DissectionInfoL3();
DissectionInfoL3(pfwl_dissection_info_l3_t dissectionInfo);
size_t getLength() const;
size_t getPayloadLength() const;
IpAddress getAddressSrc() const;
IpAddress getAddressDst() const;
std::pair<const unsigned char*, size_t> getRefragmentedPacket() const;
ProtocolL3 getProtocol() const;
pfwl_dissection_info_l3_t getNative() const;
};
class DissectionInfoL4{
private:
pfwl_dissection_info_l4_t _dissectionInfo;
public:
DissectionInfoL4();
DissectionInfoL4(pfwl_dissection_info_l4_t dissectionInfo);
size_t getLength() const;
size_t getPayloadLength() const;
uint16_t getPortSrc() const;
uint16_t getPortDst() const;
Direction getDirection() const;
std::pair<const unsigned char*, size_t> getResegmentedPacket() const;
ProtocolL4 getProtocol() const;
pfwl_dissection_info_l4_t getNative() const;
};
typedef pfwl_field_id_t FieldId;
class DissectionInfoL7{
private:
pfwl_dissection_info_l7_t _dissectionInfo;
public:
DissectionInfoL7();
DissectionInfoL7(pfwl_dissection_info_l7_t dissectionInfo);
std::vector<ProtocolL7> getProtocols() const;
ProtocolL7 getProtocol() const;
Field getField(FieldId id) const;
std::vector<Field> getFields() const;
std::vector<std::string> getTags() const;
Field httpGetHeader(const char *headerName) const;
pfwl_dissection_info_l7_t getNative() const;
};
class Status{
private:
pfwl_status_t _status;
public:
Status(pfwl_status_t status);
std::string getMessage() const;
bool isError() const;
};
class DissectionInfo{
friend class FlowInfoPrivate;
private:
pfwl_dissection_info_t _dissectionInfo;
DissectionInfoL2 _l2;
DissectionInfoL3 _l3;
DissectionInfoL4 _l4;
DissectionInfoL7 _l7;
FlowInfo _flowInfo;
Status _status;
public:
DissectionInfo(pfwl_dissection_info_t dissectionInfo, Status status);
DissectionInfo& operator=(const pfwl_dissection_info_t& rhs);
ProtocolL7 guessProtocol() const;
bool hasProtocolL7(ProtocolL7 protocol) const;
Status getStatus() const;
DissectionInfoL2 getL2() const;
DissectionInfoL3 getL3() const;
DissectionInfoL4 getL4() const;
DissectionInfoL7 getL7() const;
FlowInfo getFlowInfo() const;
const pfwl_dissection_info_t& getNativeInfo() const;
};
class Peafowl;
class FlowInfoPrivate{
friend class Peafowl;
private:
pfwl_flow_info_private_t* _info;
public:
FlowInfoPrivate(const Peafowl& state, const DissectionInfo &info);
~FlowInfoPrivate();
};
typedef pfwl_dissector_accuracy_t DissectorAccuracy;
typedef pfwl_field_matching_t FieldMatching;
class FlowManager{
public:
~FlowManager();
virtual void onTermination(const FlowInfo& info){;}
};
class DefragmentationOptions{
friend class Peafowl;
private:
uint16_t _tableSizeIPv4, _tableSizeIPv6;
uint32_t _perHostMemoryLimitIPv4, _perHostMemoryLimitIPv6;
uint32_t _totalMemoryLimitIPv4, _totalMemoryLimitIPv6;
uint8_t _reassemblyTimeoutIPv4, _reassemblyTimeoutIPv6;
bool _enabledIPv4, _enabledIPv6;
bool _perHostMemoryLimitIPv4set, _perHostMemoryLimitIPv6set;
bool _totalMemoryLimitIPv4set, _totalMemoryLimitIPv6set;
bool _reassemblyTimeoutIPv4set, _reassemblyTimeoutIPv6set;
public:
DefragmentationOptions();
void enableIPv4(uint16_t tableSize);
void enableIPv6(uint16_t tableSize);
void setPerHostMemoryLimitIPv4(uint32_t perHostMemoryLimit);
void setPerHostMemoryLimitIPv6(uint32_t perHostMemoryLimit);
void setTotalMemoryLimitIPv4(uint32_t totalMemoryLimit);
void setTotalMemoryLimitIPv6(uint32_t totalMemoryLimit);
void setReassemblyTimeoutIPv4(uint8_t timeoutSeconds);
void setReassemblyTimeoutIPv6(uint8_t timeoutSeconds);
void disableIPv4();
void disableIPv6();
};
// clang-format on
class Peafowl{
friend class FlowInfoPrivate;
private:
pfwl_state_t* _state;
public:
Peafowl();
~Peafowl();
void setFlowManager(FlowManager* flowManager);
void setExpectedFlows(uint32_t flows, FlowsStrategy strategy);
void setMaxTrials(uint16_t maxTrials);
void setDefragmentationOptions(const DefragmentationOptions& options);
void tcpReorderingEnable();
void tcpReorderingDisable();
void protocolL7Enable(ProtocolL7 protocol);
void protocolL7Disable(ProtocolL7 protocol);
void protocolL7EnableAll();
void protocolL7DisableAll();
void setTimestampUnit(TimestampUnit unit);
DissectionInfo dissectFromL2(const std::string& pkt,
double timestamp,
ProtocolL2 datalinkType);
DissectionInfo dissectFromL3(const std::string& pkt,
double timestamp);
DissectionInfo dissectFromL4(const std::string& pkt,
double timestamp,
const DissectionInfo& info);
DissectionInfo dissectL2(const std::string& pkt,
pfwl_protocol_l2_t datalinkType);
DissectionInfo dissectL3(const std::string& pkt,
double timestamp);
DissectionInfo dissectL4(const std::string& pkt,
double timestamp,
const DissectionInfo& info,
FlowInfoPrivate &flowInfoPrivate);
DissectionInfo dissectL7(const std::string& pkt,
const DissectionInfo& info,
FlowInfoPrivate &flowInfoPrivate);
void fieldAddL7(FieldId field);
void fieldRemoveL7(FieldId field);
void setProtocolAccuracyL7(ProtocolL7 protocol, DissectorAccuracy accuracy);
void fieldTagsLoadL7(FieldId field, const char* tagsFile);
void fieldStringTagsAddL7(FieldId field, const std::string& value, FieldMatching matchingType, const std::string& tag);
void fieldMmapTagsAddL7(FieldId field, const std::string& key, const std::string& value, FieldMatching matchingType, const std::string& tag);
void fieldTagsUnloadL7(FieldId field);
void statisticAdd(Statistic stat);
void statisticRemove(Statistic stat);
};
std::vector<std::string> getL2ProtocolsNames();
std::vector<std::string> getL3ProtocolsNames();
std::vector<std::string> getL4ProtocolsNames();
std::vector<std::string> getL7ProtocolsNames();
std::string getL7FieldName(FieldId field);
FieldId getL7FieldId(ProtocolL7 protocol, std::string fieldName);
ProtocolL7 getL7FieldProtocol(FieldId field);
FieldType getL7FieldType(FieldId field);
Field fieldGet(std::vector<Field> fields, FieldId id);
ProtocolL2 convertPcapDlt(int dlt);
} // namespace peafowl
#endif // PFWL_API_HPP