Crate scalpel

Source
Expand description

A crate for dissecting and sculpting network packets.

Being able to dissect a stream of bytes from wire into a human or machine readable structures can be useful in many applications. scalpel is designed for such use cases. In other languages such use-cases are served by tools like gopacket or Wireshark.

Ability to dissect packets and looking at details of each of the protocols carried in the Packet can be quite useful for debugging protocol implementations, network issuess and so on. Also, having such ability in an API friendly way should allow -

  • Writing dissector for new protocols.
  • Using the dissection functionality in your own application.

Thus, the main focus of scalpel is to provide API based framework for dissecting packets such that it’s possible for anyone to write a dissector for a new protocol. scalpel natively supports dissection for a set of widely used protocols out of the box. See layers modules for supported protocols.

A Basic unit in a scalpel is a Packet structure that represents a dissected Packet from the wire. This structure carries information about the dissected protocols, each of the protocol that is dissected implements a trait called Layer. See Packet for details.

§Opt-in Features

  • python-bindings: Python bindings for the scalpel Rust API. Currently support is to generate Packet structure in Python.
  • logging: Enable logging during decoding the packets. Since, packet dissection is usually done in the fast, path, use this feature mainly for debugging packet dissections. an error log is provided for the failing register_defaults function when this feature is enabled.
  • wasm: Build WASM capability in the scalpel. Currently dissect_packet API is provided, dissects the packet and a JSON is generated for the packet.
  • sculpting: Experimental, allows one to generate packet from layers using metadata. For example this will be useful to develop packet generators.

Note: wasm and python-bindings features cannot be enabled at the same time.

Modules§

cfg_macros
errors
Error types for scalpel.
layer
‘Layer’ trait
layers
Scalpel Layers
packet
Packet Structure
types
All types that we are supporting

Structs§

Packet
Packet is a structure in scalpel containing the decoded data and some metadata.

Statics§

ENCAP_TYPE_ETH
ENCAP_TYPE_LINUX_SLL
ENCAP_TYPE_LINUX_SLL2

Traits§

Layer
Layer Trait defines a ‘Layer’ in a Packet

Functions§

register_defaults
Register Default protocol handlers.