network

package
v0.9.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 20, 2021 License: Apache-2.0 Imports: 24 Imported by: 1

Documentation

Index

Constants

View Source 
const (
	// DEBUGCLIENT is the ClientID for debugging
	DEBUGCLIENT = "-1"

	// DNSResponseCodeNoError is the value that indicates that the DNS reply contains no errors.
	// We could have used layers.DNSResponseCodeNoErr here. But importing the gopacket library only for this
	// constant is not worth the increased memory cost.
	DNSResponseCodeNoError = 0

	// ConnectionByteKeyMaxLen represents the maximum size in bytes of a connection byte key
	ConnectionByteKeyMaxLen = 41
)

Variables

This section is empty.

Functions

func BeautifyKey 

func BeautifyKey(key string) string

BeautifyKey returns a human readable byte key (used for debugging purposes) it should be in sync with ByteKey Note: This is only used in /debug/* endpoints

func ConnectionSummary 

func ConnectionSummary(c *ConnectionStats, names map[util.Address][]string) string

ConnectionSummary returns a string summarizing a connection

func DNSKey added in v0.9.0 

func DNSKey(c *ConnectionStats) (dns.Key, bool)

DNSKey generates a key suitable for looking up DNS stats based on a ConnectionStats object

func GetNATLocalAddress added in v0.9.0 

func GetNATLocalAddress(c ConnectionStats) (util.Address, uint16)

GetNATLocalAddress returns the translated (local ip, local port) pair

func GetNATRemoteAddress added in v0.9.0 

func GetNATRemoteAddress(c ConnectionStats) (util.Address, uint16)

GetNATRemoteAddress returns the translated (remote ip, remote port) pair

func IsEphemeralPort added in v0.9.0 

func IsEphemeralPort(port int) bool

IsEphemeralPort returns true if a port belongs to the ephemeral range This is mostly a placeholder for now as we have work planned for a platform-agnostic solution that will, among other things, source these values from procfs for Linux hosts

func IsExcludedConnection added in v0.9.0 

func IsExcludedConnection(scf []*ConnectionFilter, dcf []*ConnectionFilter, conn *ConnectionStats) bool

IsExcludedConnection returns true if a given connection should be excluded by the tracer based on user defined filters

func ReadInitialState added in v0.9.0 

func ReadInitialState(procRoot string, protocol ConnectionType, collectIPv6 bool) (map[PortMapping]struct{}, error)

ReadInitialState reads the /proc filesystem and determines which ports are being listened on

func Reclaim added in v0.9.0 

func Reclaim(c *Connections)

Reclaim memory from the `Connections` underlying buffer

Types

type BufferedData added in v0.9.0 

type BufferedData struct {
	Conns []ConnectionStats
	// contains filtered or unexported fields
}

BufferedData encapsulates data whose underlying memory can be recycled

type ConnTypeFilter 

type ConnTypeFilter struct {
	TCP bool
	UDP bool
}

ConnTypeFilter holds user-defined protocols

type ConnectionBuffer added in v0.9.0 

type ConnectionBuffer struct {
	// contains filtered or unexported fields
}

ConnectionBuffer encapsulates a resizing buffer for ConnectionStat objects

func NewConnectionBuffer added in v0.9.0 

func NewConnectionBuffer(initSize, minSize int) *ConnectionBuffer

NewConnectionBuffer creates a ConnectionBuffer with initial size `size`.

func (*ConnectionBuffer) Append added in v0.9.0 

func (b *ConnectionBuffer) Append(slice []ConnectionStats)

Append slice to ConnectionBuffer

func (*ConnectionBuffer) Capacity added in v0.9.0 

func (b *ConnectionBuffer) Capacity() int

Capacity returns the current capacity of the buffer

func (*ConnectionBuffer) Connections added in v0.9.0 

func (b *ConnectionBuffer) Connections() []ConnectionStats

Connections returns a slice of all the `ConnectionStats` objects returned via `Next` since the last `Reset`.

func (*ConnectionBuffer) Len added in v0.9.0 

func (b *ConnectionBuffer) Len() int

Len returns the count of the number of written `ConnectionStats` objects since last `Reset`.

func (*ConnectionBuffer) Next added in v0.9.0 

func (b *ConnectionBuffer) Next() *ConnectionStats

Next returns the next `ConnectionStats` object available for writing. It will resize the internal buffer if necessary.

func (*ConnectionBuffer) Reclaim added in v0.9.0 

func (b *ConnectionBuffer) Reclaim(n int)

Reclaim captures the last n entries for usage again.

func (*ConnectionBuffer) Reset added in v0.9.0 

func (b *ConnectionBuffer) Reset()

Reset returns the written object count back to zero. It may resize the internal buffer based on past usage.

type ConnectionDirection 

type ConnectionDirection uint8

ConnectionDirection indicates if the connection is incoming to the host or outbound 

const (
	// INCOMING represents connections inbound to the host
	INCOMING ConnectionDirection = 1

	// OUTGOING represents outbound connections from the host
	OUTGOING ConnectionDirection = 2

	// LOCAL represents connections that don't leave the host
	LOCAL ConnectionDirection = 3

	// NONE represents connections that have no direction (udp, for example)
	NONE ConnectionDirection = 4
)

func (ConnectionDirection) String 

func (d ConnectionDirection) String() string

type ConnectionFamily 

type ConnectionFamily uint8

ConnectionFamily will be either v4 or v6 

const (
	// AFINET represents v4 connections
	AFINET ConnectionFamily = 0

	// AFINET6 represents v6 connections
	AFINET6 ConnectionFamily = 1
)

func (ConnectionFamily) String added in v0.9.0 

func (c ConnectionFamily) String() string

type ConnectionFilter 

type ConnectionFilter struct {
	IP       *net.IPNet // If nil, then all IPs will be considered matching.
	AllPorts ConnTypeFilter

	Ports map[uint16]ConnTypeFilter
}

ConnectionFilter holds a user-defined excluded IP/CIDR, and ports

func ParseConnectionFilters 

func ParseConnectionFilters(filters map[string][]string) (excludelist []*ConnectionFilter)

ParseConnectionFilters takes the user defined excludelist and returns a slice of ConnectionFilters

type ConnectionStats 

type ConnectionStats struct {
	Source util.Address
	Dest   util.Address

	MonotonicSentBytes uint64
	LastSentBytes      uint64

	MonotonicRecvBytes uint64
	LastRecvBytes      uint64

	MonotonicSentPackets uint64
	LastSentPackets      uint64

	MonotonicRecvPackets uint64
	LastRecvPackets      uint64

	// Last time the stats for this connection were updated
	LastUpdateEpoch uint64

	MonotonicRetransmits uint32
	LastRetransmits      uint32

	RTT    uint32 // Stored in µs
	RTTVar uint32

	// MonotonicTCPEstablished indicates whether or not the TCP connection was established
	// after system-probe initialization.
	// * A value of 0 means that this connection was established before system-probe was initialized;
	// * Value 1 represents a connection that was established after system-probe started;
	// * Values greater than 1 should be rare, but can occur when multiple connections
	//   are established with the same tuple betweeen two agent checks;
	MonotonicTCPEstablished uint32
	LastTCPEstablished      uint32

	MonotonicTCPClosed uint32
	LastTCPClosed      uint32

	Pid   uint32
	NetNS uint32

	SPort            uint16
	DPort            uint16
	Type             ConnectionType
	Family           ConnectionFamily
	Direction        ConnectionDirection
	SPortIsEphemeral EphemeralPortType
	IPTranslation    *IPTranslation
	IntraHost        bool
	Via              *Via

	IsAssured bool
}

ConnectionStats stores statistics for a single connection. Field order in the struct should be 8-byte aligned

func (ConnectionStats) ByteKey 

func (c ConnectionStats) ByteKey(buf []byte) ([]byte, error)

ByteKey returns a unique key for this connection represented as a byte array It's as following: 

 4B      2B      2B     .5B     .5B      4/16B        4/16B   = 17/41B
32b     16b     16b      4b      4b     32/128b      32/128b

| PID | SPORT | DPORT | Family | Type | SrcAddr | DestAddr

func (ConnectionStats) IsExpired added in v0.9.0 

func (c ConnectionStats) IsExpired(now uint64, timeout uint64) bool

IsExpired returns whether the connection is expired according to the provided time and timeout.

func (ConnectionStats) String 

func (c ConnectionStats) String() string

type ConnectionType 

type ConnectionType uint8

ConnectionType will be either TCP or UDP 

const (
	// TCP connection type
	TCP ConnectionType = 0

	// UDP connection type
	UDP ConnectionType = 1
)

func (ConnectionType) String 

func (c ConnectionType) String() string

type Connections 

type Connections struct {
	BufferedData
	DNS                         map[util.Address][]string
	ConnTelemetry               *ConnectionsTelemetry
	CompilationTelemetryByAsset map[string]RuntimeCompilationTelemetry
	HTTP                        map[http.Key]http.RequestStats
	DNSStats                    dns.StatsByKeyByNameByType
}

Connections wraps a collection of ConnectionStats

type ConnectionsTelemetry 

type ConnectionsTelemetry struct {
	MonotonicKprobesTriggered          int64
	MonotonicKprobesMissed             int64
	MonotonicConntrackRegisters        int64
	MonotonicConntrackRegistersDropped int64
	MonotonicDNSPacketsProcessed       int64
	MonotonicConnsClosed               int64
	ConnsBpfMapSize                    int64
	MonotonicUDPSendsProcessed         int64
	MonotonicUDPSendsMissed            int64
	ConntrackSamplingPercent           int64
	DNSStatsDropped                    int64
}

ConnectionsTelemetry stores telemetry from the system probe related to connections collection

type Delta added in v0.9.0 

type Delta struct {
	BufferedData
	HTTP     map[http.Key]http.RequestStats
	DNSStats dns.StatsByKeyByNameByType
}

Delta represents a delta of network data compared to the last call to State.

type EphemeralPortType added in v0.9.0 

type EphemeralPortType uint8

EphemeralPortType will be either EphemeralUnknown, EphemeralTrue, EphemeralFalse 

const (
	// EphemeralUnknown indicates inability to determine whether the port is in the ephemeral range or not
	EphemeralUnknown EphemeralPortType = 0

	// EphemeralTrue means the port has been detected to be in the configured ephemeral range
	EphemeralTrue EphemeralPortType = 1

	// EphemeralFalse means the port has been detected to not be in the configured ephemeral range
	EphemeralFalse EphemeralPortType = 2
)

func IsPortInEphemeralRange added in v0.9.0 

func IsPortInEphemeralRange(p uint16) EphemeralPortType

IsPortInEphemeralRange returns whether the port is ephemeral based on the OS-specific configuration.

func (EphemeralPortType) String added in v0.9.0 

func (e EphemeralPortType) String() string

type IPTranslation 

type IPTranslation struct {
	ReplSrcIP   util.Address
	ReplDstIP   util.Address
	ReplSrcPort uint16
	ReplDstPort uint16
}

IPTranslation can be associated with a connection to show the connection is NAT'd

type PortMapping 

type PortMapping struct {
	Ino  uint32
	Port uint16
}

PortMapping represents a port binding

type Route added in v0.9.0 

type Route struct {
	Gateway util.Address
	IfIndex int
}

Route stores info for a route table entry

type RouteCache added in v0.9.0 

type RouteCache interface {
	Get(source, dest util.Address, netns uint32) (Route, bool)
}

RouteCache is the interface to a cache that stores routes for a given (source, destination, net ns) tuple

func NewRouteCache added in v0.9.0 

func NewRouteCache(size int, router Router) RouteCache

NewRouteCache creates a new RouteCache

type Router added in v0.9.0 

type Router interface {
	Route(source, dest util.Address, netns uint32) (Route, bool)
}

Router is an interface to get a route for a (source, destination, net ns) tuple

func NewNetlinkRouter added in v0.9.0 

func NewNetlinkRouter(procRoot string) (Router, error)

NewNetlinkRouter create a Router that queries routes via netlink

type RuntimeCompilationTelemetry added in v0.9.0 

type RuntimeCompilationTelemetry struct {
	RuntimeCompilationEnabled  bool
	RuntimeCompilationResult   int32
	KernelHeaderFetchResult    int32
	RuntimeCompilationDuration int64
}

RuntimeCompilationTelemetry stores telemetry related to the runtime compilation of various assets

type State 

type State interface {
	// GetDelta returns the a Delta object for  given client when provided the latest set of active connections
	GetDelta(
		clientID string,
		latestTime uint64,
		active []ConnectionStats,
		dns dns.StatsByKeyByNameByType,
		http map[http.Key]http.RequestStats,
	) Delta

	// RemoveClient stops tracking stateful data for a given client
	RemoveClient(clientID string)

	// RemoveExpiredClients removes expired clients from the state
	RemoveExpiredClients(now time.Time)

	// RemoveConnections removes the given keys from the state
	RemoveConnections(keys []string)

	// StoreClosedConnections stores a batch of closed connections
	StoreClosedConnections(connections []ConnectionStats)

	// GetStats returns a map of statistics about the current network state
	GetStats() map[string]interface{}

	// DebugState returns a map with the current network state for a client ID
	DumpState(clientID string) map[string]interface{}
}

State takes care of handling the logic for: - closed connections - sent and received bytes per connection

func NewState 

func NewState(clientExpiry time.Duration, maxClosedConns, maxClientStats int, maxDNSStats int, maxHTTPStats int) State

NewState creates a new network state

type Subnet added in v0.9.0 

type Subnet struct {
	Alias string
}

Subnet stores info about a subnet

type Via added in v0.9.0 

type Via struct {
	Subnet Subnet
}

Via has info about the routing decision for a flow

Source Files

View all Source files

Directories

Path Synopsis
sysctl
debugging
testutil
testutil
payload module
connection

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.