implemented support for USB

dreadl0ck · Dec 29, 2018 · 43f7362 · 43f7362
1 parent 7f35c92
commit 43f7362
Show file tree

Hide file tree

Showing 11 changed files with 973 additions and 424 deletions.
diff --git a/TODO.md b/TODO.md
@@ -14,8 +14,22 @@ Benchmarks:
 
 ## new protos
 
-- increase protocol coverage + USB support
 - MLDv2MulticastListenerReport
+- VRRPv2
+- FDDI
+- GRE
+- EAPOL + Key
+- EAP
+- CiscoDiscoveryInfo
+- CDPHello
+- CDPEnergyWise
+- BFD
+- ASExternalLSA
+- OSPF
+- LSAheader
+- ModbusTCP
+- MPLS
+- LCM
 
 ## update documentation
 

diff --git a/encoder/geneve.go b/encoder/geneve.go
@@ -1,10 +1,10 @@
 package encoder
 
 import (
-	"github.com/dreadl0ck/gopacket/layers"
 	"github.com/dreadl0ck/netcap/types"
 	"github.com/golang/protobuf/proto"
 	"github.com/google/gopacket"
+	"github.com/google/gopacket/layers"
 )
 
 var geneveEncoder = CreateLayerEncoder(types.Type_NC_Geneve, layers.LayerTypeGeneve, func(layer gopacket.Layer, timestamp string) proto.Message {

diff --git a/encoder/layerEncoder.go b/encoder/layerEncoder.go
@@ -73,6 +73,7 @@ var (
 		geneveEncoder,
 		ip6FragmentEncoder,
 		vxlanEncoder,
+		usbEncoder,
 	}
 )
 

diff --git a/encoder/usb.go b/encoder/usb.go
@@ -0,0 +1,48 @@
+/*
+ * NETCAP - Traffic Analysis Framework
+ * Copyright (c) 2017 Philipp Mieden <dreadl0ck [at] protonmail [dot] ch>
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+package encoder
+
+import (
+	"github.com/dreadl0ck/netcap/types"
+	"github.com/golang/protobuf/proto"
+	"github.com/google/gopacket"
+	"github.com/google/gopacket/layers"
+)
+
+var usbEncoder = CreateLayerEncoder(types.Type_NC_USB, layers.LayerTypeUSB, func(layer gopacket.Layer, timestamp string) proto.Message {
+	if usb, ok := layer.(*layers.USB); ok {
+		return &types.USB{
+			Timestamp:              timestamp,
+			ID:                     uint64(usb.ID),
+			EventType:              int32(usb.EventType),
+			TransferType:           int32(usb.TransferType),
+			Direction:              int32(usb.Direction),
+			EndpointNumber:         int32(usb.EndpointNumber),
+			DeviceAddress:          int32(usb.DeviceAddress),
+			BusID:                  int32(usb.BusID),
+			TimestampSec:           int64(usb.TimestampSec),
+			TimestampUsec:          int32(usb.TimestampUsec),
+			Setup:                  bool(usb.Setup),
+			Data:                   bool(usb.Data),
+			Status:                 int32(usb.Status),
+			UrbLength:              uint32(usb.UrbLength),
+			UrbDataLength:          uint32(usb.UrbDataLength),
+			UrbInterval:            uint32(usb.UrbInterval),
+			UrbStartFrame:          uint32(usb.UrbStartFrame),
+			UrbCopyOfTransferFlags: uint32(usb.UrbCopyOfTransferFlags),
+			IsoNumDesc:             uint32(usb.IsoNumDesc),
+		}
+	}
+	return nil
+})
diff --git a/netcap.go b/netcap.go
@@ -111,6 +111,8 @@ func InitRecord(typ types.Type) (record proto.Message) {
 		record = new(types.Geneve)
 	case types.Type_NC_VXLAN:
 		record = new(types.VXLAN)
+	case types.Type_NC_USB:
+		record = new(types.USB)
 	default:
 		panic("InitRecord: unknown type: " + typ.String())
 	}

diff --git a/netcap.proto b/netcap.proto
@@ -115,6 +115,7 @@ enum Type {
     NC_Geneve                      = 67;
     NC_IPv6Fragment                = 68;
     NC_VXLAN                       = 69;
+    NC_USB                         = 70;
 }
 
 /*
@@ -911,3 +912,25 @@ message VXLAN {
     bool       GBPApplied           = 6;   // 'A' bit per Group Policy
     int32      GBPGroupPolicyID     = 7;   // 'Group Policy ID' 16 bits per Group Policy
 }
+
+message USB {
+    string      Timestamp                 = 1;
+    uint64      ID                        = 2;
+    int32       EventType                 = 3;
+    int32       TransferType              = 4;           
+    int32       Direction                 = 5;           
+    int32       EndpointNumber            = 6;
+    int32       DeviceAddress             = 7;
+    int32       BusID                     = 8; 
+    int64       TimestampSec              = 9; 
+    int32       TimestampUsec             = 10;
+    bool        Setup                     = 11;
+    bool        Data                      = 12;
+    int32       Status                    = 13;
+    uint32      UrbLength                 = 14;
+    uint32      UrbDataLength             = 15;
+    uint32      UrbInterval               = 16;
+    uint32      UrbStartFrame             = 17;
+    uint32      UrbCopyOfTransferFlags    = 18;
+    uint32      IsoNumDesc                = 19;
+}