Expand description
Main module for packet analysis. PacketFlow – Unified network packet parsing abstraction
This module provides the PacketFlow structure, which represents a
fully parsed network packet across multiple layers:
- Data Link (L2)
- Internet (L3)
- Transport (L4)
- Application (L7, best-effort)
The parsing model is layered and progressive: each layer is parsed
from the payload of the previous one. Unsupported protocols do not
cause a hard failure and are represented as None, allowing partial
decoding of real-world traffic.
§Design goals
- Deterministic, allocation-free parsing using
&[u8]references - Clear separation between protocol layers
- Robust handling of unknown or unsupported protocols
- Suitable for network auditing, traffic analysis and post-capture inspection
This module does not perform stream reassembly or session tracking. It expects a complete packet buffer (e.g. from PCAP capture).
Modules§
- application
- data_
link - The
DataLinkmodule provides functionality to parse and analyze data link layer packets, specifically Ethernet frames. It extracts MAC addresses, Ethertype, and the payload from a raw byte slice. - internet
- transport
Structs§
- Packet
Flow - A fully or partially parsed network packet flow.