public class KrakenTcpHandler extends KrakenBaseProtocol
TcpDecoder
. The following properties
may be observed:
Due to Kraken's constraint of using a TCP-Next Protocol mapper, which is per se
not always desirable for certain use cases, a corresponding Mapper has to be
constructed and passed during the creation of the TCP decoder itself. Currently,
this is not directly feasible because in theory, the exact strategy is chosen
by the user and may deviate from application layer protocol to another application layer
protocol. This library constraint is respected by creating the TCP decoder
only during the invocation of initialize(at.jku.fim.rubanetra.config.model.KrakenProtocolConfiguration)
as well as the transport layer to application layer mapping strategy.
However, if a restriction based, e.g. port-based, mapping strategy is considered it should be noted that
this class tries to dispatch TCP activities regardless of the mapping strategy
in use. These activities are exclusively passed to listeners on the individual
instance of this class, which may not care about a potential application layer
restriction that would in practice discard any non-relevant packets at the
transport layer due to the mapping strategy in use and prevent potentially useful analysis.
Therefore, TcpActivity
objects
are dispatched to all registered listeners regardless of mapping strategy restrictions in place, and any protocol handler
bindings will only receive those decoded packets that pass and conform to the mapping strategy in use (which
could be all, none or a subset of all TCP packets).
These forward bindings are currently comprised of:
Modifier and Type | Field and Description |
---|---|
static ProtocolId |
krakenTcpProtocolId |
static String |
NEW_TCP_ACTIVITY_PROPERTY_NAME |
BINDING_METHOD_NAME, log, propertyChangeSupport, protocolSetting
Constructor and Description |
---|
KrakenTcpHandler() |
Modifier and Type | Method and Description |
---|---|
void |
bind(KrakenDnsProtocolHandler dnsHandler)
Forward binding to a DNS handler, i.e.
|
void |
bind(KrakenFtpHandler ftpHandler)
Forward binding to a FTP handler, i.e.
|
void |
bind(KrakenHttpHandler protocolHandler)
Forward binding to a HTTP protocol handler, i.e.
|
void |
bind(KrakenIpv4Handler protocol)
Experimental backward binding from an IPv4 handler to this TCP handler
|
void |
bind(KrakenIpv6Handler protocol)
Experimental backward binding from an IPv6 handler to this TCP handler
|
void |
bind(KrakenMsnHandler protocolHandler)
Forward binding to a MSN handler, i.e.
|
void |
bind(KrakenNetbiosHandler netbiosHandler)
Forward binding to a NetBios handler, i.e.
|
void |
bind(KrakenPop3Handler pop3Handler)
Forward binding to a POP3 handler, i.e.
|
void |
bind(KrakenSmtpHandler smtpHandler)
Forward binding to a SMTP handler, i.e.
|
void |
bind(KrakenTelnetHandler telnetHandler)
Forward binding to a Telnet handler, i.e.
|
protected void |
fireNewTcpActivity(org.krakenapps.pcap.decoder.tcp.TcpPacket tcpPacket,
org.krakenapps.pcap.decoder.tcp.TcpSession tcpSession) |
org.krakenapps.pcap.decoder.tcp.TcpDecoder |
getKrakenTcpDecoder() |
ProtocolId |
getProtocolId()
An arbitrary identifier for the protocol(s) this decoder should be able to parse and decode.
|
void |
initialize(KrakenProtocolConfiguration setting)
Initializes this protocol decoder with the information provided by the user.
|
addPropertyChangeListener, addPropertyChangeListener, bind, findProtocolBindingMethod, getCurrentPcapActivity, getPcapHandler, getProtocolConfiguration, removePropertyChangeListener, removePropertyChangeListener
public static final String NEW_TCP_ACTIVITY_PROPERTY_NAME
public static final ProtocolId krakenTcpProtocolId
public void initialize(KrakenProtocolConfiguration setting)
KrakenBaseProtocol
KrakenProtocolConfigurationBuilderImpl
before the bindings are processed.
This method should be called exactly once, multiple calls will result in an exception being thrown.initialize
in class KrakenBaseProtocol
setting
- the protocol configuration provided by the userprotected void fireNewTcpActivity(org.krakenapps.pcap.decoder.tcp.TcpPacket tcpPacket, org.krakenapps.pcap.decoder.tcp.TcpSession tcpSession)
public ProtocolId getProtocolId()
BaseProtocol
public void bind(KrakenIpv4Handler protocol)
protocol
- the IPv4 handlerpublic void bind(KrakenIpv6Handler protocol)
protocol
- the IPv6 handlerpublic void bind(KrakenHttpHandler protocolHandler)
protocolHandler
- the HTTP protocol handlerpublic void bind(KrakenMsnHandler protocolHandler)
protocolHandler
- the MSN protocol handlerpublic void bind(KrakenDnsProtocolHandler dnsHandler)
dnsHandler
- the DNS protocol handlerpublic void bind(KrakenFtpHandler ftpHandler)
ftpHandler
- the FTP protocol handlerpublic void bind(KrakenNetbiosHandler netbiosHandler)
netbiosHandler
- the NetBios handlerpublic void bind(KrakenPop3Handler pop3Handler)
pop3Handler
- the POP3 handlerpublic void bind(KrakenTelnetHandler telnetHandler)
telnetHandler
- the Telnet handlerpublic void bind(KrakenSmtpHandler smtpHandler)
smtpHandler
- the SMTP handlerpublic org.krakenapps.pcap.decoder.tcp.TcpDecoder getKrakenTcpDecoder()
Copyright © 2013–2015 Institute of networks and security. All rights reserved.