-
Notifications
You must be signed in to change notification settings - Fork 6
/
connection.go
40 lines (37 loc) · 1.15 KB
/
connection.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
package gourmet
import (
"bytes"
"time"
)
// Connection contains basic information about an IP connection, including application layer bytes.
// If the connection is TCP-based, then the Connection contains basic information about the reassembled
// stream of packets for that TCP session.
//
// A Connection is given to each Analyzer. The Result returned from an Analyzer is added to the
// Analyzers map for that Connection object. Once all Analyzers have been run against the Connection,
// it is marshaled as a JSON object into raw bytes and written to the log file.
type Connection struct {
Timestamp time.Time
UID uint64
SourceIP string
SourcePort int
DestinationIP string
DestinationPort int
TransportType string
Duration float64
State string `json:",omitempty"`
Payload *bytes.Buffer `json:"-"`
Analyzers map[string]interface{}
}
func (c *Connection) analyze() error {
for _, analyzer := range registeredAnalyzers {
if analyzer.Filter(c) {
result, err := analyzer.Analyze(c)
if err != nil {
return err
}
c.Analyzers[result.Key()] = result
}
}
return nil
}