Crate parse_layer7
source ·Expand description
§Layer 7 Packet Analyzer
This crate provides functionality for parsing and analyzing various Layer 7 (application layer) network protocols. It supports protocols such as DNS, TLS, DHCP, HTTP, Modbus, NTP, and Bitcoin.
§Modules
packet: Contains submodules for each supported protocol, each providing parsing functions and data structures for the respective protocol.
§Usage
The main function provided by this crate is parse_layer_7_infos, which attempts to detect and parse the protocol of a given TCP or UDP payload.
use parse_layer7::parse_layer_7_infos;
let packet: &[u8] = &[/* raw packet data */];
match parse_layer_7_infos(packet) {
Some(info) => println!("Parsed Layer 7 Info: {}", info),
None => println!("Unable to parse the packet."),
}§Modules Documentation
§packet
The packet module contains submodules for each supported protocol. Each submodule provides the necessary functions to parse the protocol’s packets and the data structures representing the parsed data.
§Example
use parse_layer7::packet::tls::{parse_tls_packet, TlsPacket};
let tls_packet_data: &[u8] = &[/* raw TLS packet data */];
match parse_tls_packet(tls_packet_data) {
Ok(tls_packet) => println!("Parsed TLS Packet: {:?}", tls_packet),
Err(e) => println!("Failed to parse TLS packet: {}", e),
}§Structs and Enums
§Layer7Info
Represents the possible layer 7 information that can be parsed.
use parse_layer7::packet::{
bitcoin::{parse_bitcoin_packet, BitcoinPacket},
dhcp::{parse_dhcp_packet, DhcpPacket},
dns::{parse_dns_packet, DnsPacket},
http::{parse_http_request, HttpRequest},
modbus::{parse_modbus_packet, ModbusPacket},
ntp::{parse_ntp_packet, NtpPacket},
tls::{parse_tls_packet, TlsPacket},
};
#[derive(Debug)]
pub enum Layer7Info {
DnsPacket(DnsPacket),
TlsPacket(TlsPacket),
DhcpPacket(DhcpPacket),
HttpRequest(HttpRequest),
ModbusPacket(ModbusPacket),
NtpPacket(NtpPacket),
BitcoinPacket(BitcoinPacket),
None,
}§Layer7Infos
Contains information about the layer 7 protocol and its parsed data.
§Examples
§Parse a TLS Packet
use parse_layer7::parse_layer_7_infos;
let tls_payload = vec![22, 3, 3, 0, 5, 1, 2, 3, 4, 5]; // Example TLS payload
let result = parse_layer_7_infos(&tls_payload);
match result {
Some(layer_7_infos) => println!("Parsed Info: {}", layer_7_infos),
None => println!("Failed to parse the packet."),
}§Parse a DNS Packet
use parse_layer7::parse_layer_7_infos;
let dns_payload = vec![
0xdd, 0xc7, 0x01, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x03, 0x77, 0x77, 0x77,
0x06, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x03, 0x63, 0x6f, 0x6d, 0x00, 0x00, 0x01, 0x00, 0x01
]; // Example DNS payload
let result = parse_layer_7_infos(&dns_payload);
match result {
Some(layer_7_infos) => println!("Parsed Info: {}", layer_7_infos),
None => println!("Failed to parse the packet."),
}§Test Module
The crate includes a tests module with tests for various packet types to ensure the correctness of the parsing functions.
#[cfg(test)]
mod tests {
use super::*;
#[test]
fn test_parse_layer_7_infos_tls() {
// Test code for parsing TLS packets...
}
#[test]
fn test_parse_layer_7_infos_dns() {
// Test code for parsing DNS packets...
}
// Additional tests...
}Modules§
- Packet Module
Structs§
Layer7Infoscontains information about the layer 7 protocol and its parsed data.
Enums§
Layer7Inforepresents the possible layer 7 information that can be parsed.
Functions§
- Tries to detect the protocol of the TCP or UDP payload given.