package bcap

import (
	"net"
	"time"

	"github.com/gopacket/gopacket"
)

type ProtocolKind string

const (
	ProtocolUnknown ProtocolKind = "unknown"
	ProtocolTCP     ProtocolKind = "tcp"
	ProtocolUDP     ProtocolKind = "udp"
	ProtocolICMPv4  ProtocolKind = "icmp"
	ProtocolICMPv6  ProtocolKind = "icmpv6"
	ProtocolARP     ProtocolKind = "arp"
)

type NetworkFamily string

const (
	NetworkFamilyUnknown NetworkFamily = "unknown"
	NetworkFamilyIPv4    NetworkFamily = "ipv4"
	NetworkFamilyIPv6    NetworkFamily = "ipv6"
	NetworkFamilyARP     NetworkFamily = "arp"
)

type LinkKind string

const (
	LinkKindUnknown   LinkKind = "unknown"
	LinkKindEthernet  LinkKind = "ethernet"
	LinkKindLinuxSLL  LinkKind = "linux_sll"
	LinkKindLinuxSLL2 LinkKind = "linux_sll2"
)

type Tag string

const (
	TagTransportUnknown   Tag = "transport.unknown"
	TagTCPHandshakeSYN    Tag = "tcp.handshake.syn"
	TagTCPHandshakeSYNACK Tag = "tcp.handshake.synack"
	TagTCPHandshakeACK    Tag = "tcp.handshake.ack"
	TagTCPTeardownFIN     Tag = "tcp.teardown.fin"
	TagTCPTeardownFINACK  Tag = "tcp.teardown.finack"
	TagTCPTeardownACK     Tag = "tcp.teardown.ack"
	TagTCPPacket          Tag = "tcp.packet"
	TagTCPRetransmit      Tag = "tcp.retransmit"
	TagTCPKeepalive       Tag = "tcp.keepalive"
	TagTCPKeepaliveResp   Tag = "tcp.keepalive.response"
	TagTCPRst             Tag = "tcp.rst"
	TagTCPEce             Tag = "tcp.ece"
	TagTCPCwr             Tag = "tcp.cwr"
	TagUDPPacket          Tag = "udp.packet"
	TagICMPPacket         Tag = "icmp.packet"
	TagICMPEchoRequest    Tag = "icmp.echo-request"
	TagICMPEchoReply      Tag = "icmp.echo-reply"
	TagICMPUnreachable    Tag = "icmp.unreachable"
	TagICMPTimeExceeded   Tag = "icmp.time-exceeded"
	TagARPRequest         Tag = "arp.request"
	TagARPReply           Tag = "arp.reply"
)

type Packet struct {
	Meta      Meta
	Link      LinkFacts
	Network   NetworkFacts
	Transport TransportFacts
	Raw       RawFacts
}

type Meta struct {
	Timestamp       time.Time
	TimestampMicros int64
	RelativeTime    time.Duration
	CaptureLength   int
	Length          int
}

type LinkFacts struct {
	Kind   LinkKind
	SrcMAC net.HardwareAddr
	DstMAC net.HardwareAddr
}

type NetworkFacts struct {
	Family         NetworkFamily
	SrcIP          string
	DstIP          string
	TTL            uint8
	HopLimit       uint8
	ProtocolNumber uint16
	ARP            *ARPFacts
}

type ARPFacts struct {
	Operation uint16
	SenderMAC net.HardwareAddr
	TargetMAC net.HardwareAddr
	SenderIP  string
	TargetIP  string
}

type TransportFacts struct {
	Kind    ProtocolKind
	Payload int
	TCP     *TCPFacts
	UDP     *UDPFacts
	ICMP    *ICMPFacts
	Unknown *UnknownTransportFacts
}

type TCPFacts struct {
	SrcPort  string
	DstPort  string
	Seq      uint32
	Ack      uint32
	Window   uint16
	SYN      bool
	ACK      bool
	FIN      bool
	RST      bool
	ECE      bool
	CWR      bool
	PSH      bool
	Checksum uint16
	Payload  int
}

type UDPFacts struct {
	SrcPort string
	DstPort string
	Length  uint16
	Payload int
}

type ICMPFacts struct {
	Version  int
	Type     uint8
	Code     uint8
	Checksum uint16
	ID       uint16
	Seq      uint16
	Payload  int
}

type UnknownTransportFacts struct {
	Payload int
}

type RawFacts struct {
	Packet gopacket.Packet
}

type Endpoint struct {
	IP   string
	Port string
}

type FlowKey struct {
	Family   NetworkFamily
	Protocol ProtocolKind
	Src      Endpoint
	Dst      Endpoint
}

type FlowRef struct {
	Forward FlowKey
	Reverse FlowKey
	Stable  string
}

type Observation struct {
	Packet Packet
	Flow   FlowRef
	Hints  HintSet
}

type SummaryHint struct {
	Code string
}

type HintSet struct {
	Summary SummaryHint
	Tags    []Tag

	TCP  *TCPHint
	UDP  *UDPHint
	ICMP *ICMPHint
	ARP  *ARPHint
}

type TCPPhase string

const (
	TCPPhaseUnknown     TCPPhase = "unknown"
	TCPPhaseHandshake   TCPPhase = "handshake"
	TCPPhaseEstablished TCPPhase = "established"
	TCPPhaseTeardown    TCPPhase = "teardown"
	TCPPhaseSpecial     TCPPhase = "special"
)

type TCPEvent string

const (
	TCPEventUnknown        TCPEvent = "unknown"
	TCPEventSYN            TCPEvent = "syn"
	TCPEventSYNACK         TCPEvent = "synack"
	TCPEventHandshakeACK   TCPEvent = "handshake_ack"
	TCPEventACK            TCPEvent = "ack"
	TCPEventRetransmission TCPEvent = "retransmission"
	TCPEventKeepalive      TCPEvent = "keepalive"
	TCPEventKeepaliveResp  TCPEvent = "keepalive_response"
	TCPEventFIN            TCPEvent = "fin"
	TCPEventFINACK         TCPEvent = "finack"
	TCPEventTeardownACK    TCPEvent = "teardown_ack"
	TCPEventRST            TCPEvent = "rst"
	TCPEventECE            TCPEvent = "ece"
	TCPEventCWR            TCPEvent = "cwr"
)

type TCPHint struct {
	Phase             TCPPhase
	Event             TCPEvent
	LegacyState       uint8
	Seq               uint32
	Ack               uint32
	Window            uint16
	Payload           int
	Retransmission    bool
	Keepalive         bool
	KeepaliveResponse bool
	RST               bool
	ECE               bool
	CWR               bool
}

type UDPHint struct {
	Payload int
}

type ICMPHint struct {
	Version        int
	Type           uint8
	Code           uint8
	IsEcho         bool
	IsEchoReply    bool
	IsUnreachable  bool
	IsTimeExceeded bool
}

type ARPHint struct {
	Operation uint16
	Request   bool
	Reply     bool
}