gopacket.Newpacket does not provide MetaData for the new packet??

[Chun Zhang]

Hi, all,

I am trying to capture a GRE tunneled packet and get rid off the GRE header to retrieve the encapsulated packet. 

The code is quite simple, I basically grabs the GRE tunneled packet and build a new one from its payload. The problem I have here is the MetaData of the packet1 channel is completely empty, even though the decoded layers look just fine.

Can anybody help me to figure out where I made the mistake?

Thanks,

Chun

--------- code snip ------

        packetSource := gopacket.NewPacketSource(handle, handle.LinkType())

        for packet := range packetSource.Packets() {

                if packet.Layer(layers.LayerTypeGRE) == nil {

                        fmt.Println("not gre kets")

                        //if this is not a GRE tunneled pkt, then this is not what we are looking for

                        continue

                }

                fmt.Println("find a GRE tunnedl pkt")

                packet1 := gopacket.NewPacket(packet.Layer(layers.LayerTypeGRE).LayerPayload(), layers.LinkTypeEthernet, gopacket.Default)

// shouldn't a channel type of Packet being returned here, with Metadata() method implemented?

                // Process packet here

                fmt.Println(packet1)

                fmt.Println("capture lenght:", packet1.Metadata().CaptureLength, "timestamp:", packet1.Metadata().Timestamp, "capture info:", packet1.Metadata().CaptureInfo)

                w.WritePacket(packet1.Metadata().CaptureInfo, packet1.Data())

                packetCount++

------ console print -------- test.pcap is completely empty since the capture length from the metadata is 0

find a GRE tunnedl pkt

PACKET: 64 bytes

- Layer 1 (14 bytes) = Ethernet {Contents=[..14..] Payload=[..50..] SrcMAC=00:04:96:6d:49:00 DstMAC=00:50:56:88:4e:2d EthernetType=Dot1Q Length=0}

- Layer 2 (04 bytes) = Dot1Q    {Contents=[0, 69, 8, 0] Payload=[..46..] Priority=0 DropEligible=false VLANIdentifier=69 Type=IPv4}

- Layer 3 (20 bytes) = IPv4     {Contents=[..20..] Payload=[..20..] Version=4 IHL=5 TOS=16 Length=40 Id=25729 Flags=DF FragOffset=0 TTL=59 Protocol=TCP Checksum=6231 SrcIP=10.6.105.21 DstIP=10.68.69.137 Options=[] Padding=[]}

- Layer 4 (20 bytes) = TCP      {Contents=[..20..] Payload=[] SrcPort=50507 DstPort=22(ssh) Seq=3986061698 Ack=2511277766 DataOffset=5 FIN=false SYN=false RST=false PSH=false ACK=true URG=false ECE=false CWR=false NS=false Window=8039 Checksum=64660 Urgent=0 Options=[] Padding=[]}

capture lenght: 0 timestamp: 0001-01-01 00:00:00 +0000 UTC capture info: {0001-01-01 00:00:00 +0000 UTC 0 0 0}

[dgorb...@zuzex.com]

Hello! 

Did you find the answer? 

I had the same problem - i've got some packets from pcap file, stored it data into DB. 

When i'm trying to create new packet from this stored data its works well, but packet metadata is empty.