pub trait Plugin: Sync + Send {
// Required method
fn name(&self) -> &'static str;
// Provided methods
fn plugin_type(&self) -> u16 { ... }
fn pre_process(&mut self) { ... }
fn post_process(&mut self) { ... }
fn handle_layer_physical<'s, 'i>(
&'s mut self,
_packet: &'s Packet<'_>,
_data: &'i [u8],
) -> PluginResult<'i> { ... }
fn handle_layer_link<'s, 'i>(
&'s mut self,
_packet: &'s Packet<'_>,
_linklayertype: u16,
_data: &'i [u8],
) -> PluginResult<'i> { ... }
fn handle_layer_network<'s, 'i>(
&'s mut self,
_packet: &'s Packet<'_>,
_payload: &'i [u8],
_t3: &'s ThreeTuple,
) -> PluginResult<'i> { ... }
fn handle_layer_transport<'s, 'i>(
&'s mut self,
_packet: &'s Packet<'_>,
_pinfo: &PacketInfo<'_, '_, '_, '_>,
) -> PluginResult<'i> { ... }
fn flow_created(&mut self, _flow: &Flow) { ... }
fn flow_destroyed(&mut self, _flow: &Flow) { ... }
fn get_results(&mut self) -> Option<Box<dyn Any>> { ... }
fn save_results(&mut self, _path: &str) -> Result<(), &'static str> { ... }
}Expand description
Pcap/Pcap-ng analysis plugin instance
Plugins must be thread-safe because functions can (and will) be called concurrently from multiple threads.
Required Methods§
Provided Methods§
Sourcefn plugin_type(&self) -> u16
fn plugin_type(&self) -> u16
Returns the layers registered by this plugin
Sourcefn pre_process(&mut self)
fn pre_process(&mut self)
Plugin initialization function Called before processing a pcap file
Sourcefn post_process(&mut self)
fn post_process(&mut self)
Plugin end of processing function Called after processing a pcap file
fn handle_layer_physical<'s, 'i>( &'s mut self, _packet: &'s Packet<'_>, _data: &'i [u8], ) -> PluginResult<'i>
Sourcefn handle_layer_link<'s, 'i>(
&'s mut self,
_packet: &'s Packet<'_>,
_linklayertype: u16,
_data: &'i [u8],
) -> PluginResult<'i>
fn handle_layer_link<'s, 'i>( &'s mut self, _packet: &'s Packet<'_>, _linklayertype: u16, _data: &'i [u8], ) -> PluginResult<'i>
Callback function when layer 2 data is available
data is the raw ethernet data
PLUGIN_L1 must be added to plugin_type() return
See crate::layers for possible linklayertype values
Sourcefn handle_layer_network<'s, 'i>(
&'s mut self,
_packet: &'s Packet<'_>,
_payload: &'i [u8],
_t3: &'s ThreeTuple,
) -> PluginResult<'i>
fn handle_layer_network<'s, 'i>( &'s mut self, _packet: &'s Packet<'_>, _payload: &'i [u8], _t3: &'s ThreeTuple, ) -> PluginResult<'i>
Callback function when layer 3 data is available
packet is the initial layer 3 packet information
payload is the layer 3 payload. It can be different from packet.data if defragmentation occured
t3 is the three-tuple of the connection
PLUGIN_L3 must be added to plugin_type() return
Sourcefn handle_layer_transport<'s, 'i>(
&'s mut self,
_packet: &'s Packet<'_>,
_pinfo: &PacketInfo<'_, '_, '_, '_>,
) -> PluginResult<'i>
fn handle_layer_transport<'s, 'i>( &'s mut self, _packet: &'s Packet<'_>, _pinfo: &PacketInfo<'_, '_, '_, '_>, ) -> PluginResult<'i>
Callback function when layer 4 data is available
packet is the initial layer 3 packet information
pinfo is the flow and layers information, including payload
PLUGIN_L4 must be added to plugin_type() return
Sourcefn flow_created(&mut self, _flow: &Flow)
fn flow_created(&mut self, _flow: &Flow)
Callback function when a new flow is created
PLUGIN_FLOW_NEW must be added to plugin_type() return
Sourcefn flow_destroyed(&mut self, _flow: &Flow)
fn flow_destroyed(&mut self, _flow: &Flow)
Callback function when a flow is destroyed
PLUGIN_FLOW_DEL must be added to plugin_type() return
Sourcefn get_results(&mut self) -> Option<Box<dyn Any>>
fn get_results(&mut self) -> Option<Box<dyn Any>>
Get results, if present