Trait t2plugin::T2Plugin

source · 
pub trait T2Plugin {
    // Required method
    fn new() -> Self;

    // Provided methods
    fn get_dependencies() -> Vec<&'static str> { ... }
    fn initialize() { ... }
    fn print_header() -> Header { ... }
    fn on_flow_generated(&mut self, packet: &Packet, flow: &mut Flow) { ... }
    fn claim_l2_info(
        packet: &Packet,
        plugin: Option<&mut Self>,
        flow: Option<&mut Flow>
    ) { ... }
    fn claim_l4_info(&mut self, packet: &Packet, flow: &mut Flow) { ... }
    fn on_flow_terminate(&mut self, flow: &mut Flow) { ... }
    fn on_application_terminate() { ... }
}
Expand description

Trait to tranform a per flow struct into a Tranalyzer2 plugin.

The t2plugin! macro can transform any struct implementing this trait into a Tranalyzer2 plugin.

Required Methods§

source

fn new() -> Self

Creates a new per flow plugin structure with default values.

This function is called when Tranalyzer2 creates a new flow

Provided Methods§

source

fn get_dependencies() -> Vec<&'static str>

Returns a list of other plugins which are required by this plugin.

Example
impl T2Plugin for ExamplePlugin {
    ...
    fn get_dependencies() -> Vec<&'static str> {
        // this plugin cannot run if "tcpFlags" and "httpSniffer" are not loaded
        vec!["tcpFlags", "httpSniffer"]
    }
}
source

fn initialize()

This method is called once when Tranalyzer2 starts.

Plugin specific global variables and files should be created/opened here.

source

fn print_header() -> Header

Returns a Header describing the columns outputted by this plugin.

Example
impl T2Plugin for ExamplePlugin {
    ...
    fn print_header() -> Header {
        let mut header = Header::new();
        header.add_simple_col("IPv4 source address", "srcIP4", false, BinaryType::bt_ip4_addr);
        header.add_simple_col("HTTP cookies", "httpCookies", true, BinaryType::bt_string);
        header
    }
}
source

fn on_flow_generated(&mut self, packet: &Packet, flow: &mut Flow)

Called on the first seen packet of a flow.

This method is called right after the per flow struct of this plugin is created with the T2Plugin::new method.

source

fn claim_l2_info( packet: &Packet, plugin: Option<&mut Self>, flow: Option<&mut Flow> )

Called on each packet which has a layer 2 header.

The plugin and flow parameters contain Some data only if ETH_ACTIVATE (Ethernet flows) is activated in Tranalyzer2. Otherwise they are None and only the packet contains useful information.

source

fn claim_l4_info(&mut self, packet: &Packet, flow: &mut Flow)

Called on each packet which has a layer 4 header.

source

fn on_flow_terminate(&mut self, flow: &mut Flow)

Called when a flow terminates.

This is where the columns, defined in the T2Plugin::print_header method, are filled.

Example
impl T2Plugin for ExamplePlugin {
    ...
    fn on_flow_terminate(&mut self, flow: &mut Flow) {
        // fill the source IPv4 column (bt_ip4_addr)
        match flow.src_ip4() {
            Some(ip) => output_bytes(&ip.octets()),
            None => output_bytes(&[0u8; 4]),
        }
        // fill the HTTP cookies column (repetitive bt_string)
        output_strings(&self.cookies);
    }
}
source

fn on_application_terminate()

Called before Tranalyzer2 terminates.

Plugin variables and files should be closed/cleaned here. This method should generally clean what was created in the T2Plugin::initialize method.

Implementors§