Documentation
¶
Index ¶
- func LoadBpf() (*ebpf.CollectionSpec, error)
- func LoadBpfObjects(obj interface{}, opts *ebpf.CollectionOptions) error
- type BpfAdditionalMetrics
- type BpfDirectionT
- type BpfDnsFlowId
- type BpfDnsRecordT
- type BpfFilterActionT
- type BpfFilterKeyT
- type BpfFilterValueT
- type BpfFlowId
- type BpfFlowIdT
- type BpfFlowMetrics
- type BpfFlowMetricsT
- type BpfFlowRecordT
- type BpfGlobalCountersKeyT
- type BpfMapSpecs
- type BpfMaps
- type BpfObjects
- type BpfPktDropsT
- type BpfProgramSpecs
- type BpfPrograms
- type BpfSpecs
- type BpfTcpFlagsT
- type BpfTranslatedFlowT
- type BpfVariableSpecs
- type BpfVariables
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func LoadBpf ¶ added in v0.3.0
func LoadBpf() (*ebpf.CollectionSpec, error)
LoadBpf returns the embedded CollectionSpec for Bpf.
func LoadBpfObjects ¶ added in v0.3.0
func LoadBpfObjects(obj interface{}, opts *ebpf.CollectionOptions) error
LoadBpfObjects loads Bpf and converts it into a struct.
The following types are suitable as obj argument:
*BpfObjects *BpfPrograms *BpfMaps
See ebpf.CollectionSpec.LoadAndAssign documentation for details.
Types ¶
type BpfAdditionalMetrics ¶
type BpfAdditionalMetrics struct {
StartMonoTimeTs uint64
EndMonoTimeTs uint64
DnsRecord BpfDnsRecordT
PktDrops BpfPktDropsT
FlowRtt uint64
NetworkEvents [4][8]uint8
TranslatedFlow BpfTranslatedFlowT
EthProtocol uint16
NetworkEventsIdx uint8
FlowEncrypted bool
FlowEncryptedRet uint8
// contains filtered or unexported fields
}
type BpfDirectionT ¶
type BpfDirectionT uint32
const ( BpfDirectionTINGRESS BpfDirectionT = 0 BpfDirectionTEGRESS BpfDirectionT = 1 BpfDirectionTMAX_DIRECTION BpfDirectionT = 2 )
type BpfDnsFlowId ¶ added in v0.3.2
type BpfDnsRecordT ¶ added in v0.3.2
type BpfFilterActionT ¶
type BpfFilterActionT uint32
const ( BpfFilterActionTACCEPT BpfFilterActionT = 0 BpfFilterActionTREJECT BpfFilterActionT = 1 BpfFilterActionTMAX_FILTER_ACTIONS BpfFilterActionT = 2 )
type BpfFilterKeyT ¶
type BpfFilterValueT ¶
type BpfFilterValueT struct {
Protocol uint8
DstPortStart uint16
DstPortEnd uint16
DstPort1 uint16
DstPort2 uint16
SrcPortStart uint16
SrcPortEnd uint16
SrcPort1 uint16
SrcPort2 uint16
PortStart uint16
PortEnd uint16
Port1 uint16
Port2 uint16
IcmpType uint8
IcmpCode uint8
Direction BpfDirectionT
Action BpfFilterActionT
TcpFlags BpfTcpFlagsT
FilterDrops uint8
Sample uint32
DoPeerCIDR_lookup uint8
// contains filtered or unexported fields
}
type BpfFlowId ¶ added in v0.3.0
type BpfFlowId BpfFlowIdT
type BpfFlowIdT ¶ added in v0.3.0
type BpfFlowMetrics ¶ added in v0.3.0
type BpfFlowMetrics BpfFlowMetricsT
type BpfFlowMetricsT ¶ added in v0.3.0
type BpfFlowMetricsT struct {
StartMonoTimeTs uint64
EndMonoTimeTs uint64
Bytes uint64
Packets uint32
EthProtocol uint16
Flags uint16
SrcMac [6]uint8
DstMac [6]uint8
IfIndexFirstSeen uint32
Lock struct{ Val uint32 }
Sampling uint32
DirectionFirstSeen uint8
Errno uint8
Dscp uint8
NbObservedIntf uint8
ObservedDirection [6]uint8
ObservedIntf [6]uint32
// contains filtered or unexported fields
}
type BpfFlowRecordT ¶ added in v0.3.0
type BpfFlowRecordT struct {
Id BpfFlowId
Metrics BpfFlowMetrics
}
type BpfGlobalCountersKeyT ¶
type BpfGlobalCountersKeyT uint32
const ( BpfGlobalCountersKeyTHASHMAP_FLOWS_DROPPED BpfGlobalCountersKeyT = 0 BpfGlobalCountersKeyTHASHMAP_FAIL_UPDATE_DNS BpfGlobalCountersKeyT = 1 BpfGlobalCountersKeyTFILTER_REJECT BpfGlobalCountersKeyT = 2 BpfGlobalCountersKeyTFILTER_ACCEPT BpfGlobalCountersKeyT = 3 BpfGlobalCountersKeyTFILTER_NOMATCH BpfGlobalCountersKeyT = 4 BpfGlobalCountersKeyTNETWORK_EVENTS_ERR BpfGlobalCountersKeyT = 5 BpfGlobalCountersKeyTNETWORK_EVENTS_ERR_GROUPID_MISMATCH BpfGlobalCountersKeyT = 6 BpfGlobalCountersKeyTNETWORK_EVENTS_ERR_UPDATE_MAP_FLOWS BpfGlobalCountersKeyT = 7 BpfGlobalCountersKeyTNETWORK_EVENTS_GOOD BpfGlobalCountersKeyT = 8 BpfGlobalCountersKeyTOBSERVED_INTF_MISSED BpfGlobalCountersKeyT = 9 BpfGlobalCountersKeyTMAX_COUNTERS BpfGlobalCountersKeyT = 10 )
type BpfMapSpecs ¶ added in v0.3.0
type BpfMapSpecs struct {
AdditionalFlowMetrics *ebpf.MapSpec `ebpf:"additional_flow_metrics"`
AggregatedFlows *ebpf.MapSpec `ebpf:"aggregated_flows"`
DirectFlows *ebpf.MapSpec `ebpf:"direct_flows"`
DnsFlows *ebpf.MapSpec `ebpf:"dns_flows"`
FilterMap *ebpf.MapSpec `ebpf:"filter_map"`
GlobalCounters *ebpf.MapSpec `ebpf:"global_counters"`
IpsecEgressMap *ebpf.MapSpec `ebpf:"ipsec_egress_map"`
IpsecIngressMap *ebpf.MapSpec `ebpf:"ipsec_ingress_map"`
PacketRecord *ebpf.MapSpec `ebpf:"packet_record"`
PeerFilterMap *ebpf.MapSpec `ebpf:"peer_filter_map"`
}
BpfMapSpecs contains maps before they are loaded into the kernel.
It can be passed ebpf.CollectionSpec.Assign.
type BpfMaps ¶ added in v0.3.0
type BpfMaps struct {
AdditionalFlowMetrics *ebpf.Map `ebpf:"additional_flow_metrics"`
AggregatedFlows *ebpf.Map `ebpf:"aggregated_flows"`
DirectFlows *ebpf.Map `ebpf:"direct_flows"`
DnsFlows *ebpf.Map `ebpf:"dns_flows"`
FilterMap *ebpf.Map `ebpf:"filter_map"`
GlobalCounters *ebpf.Map `ebpf:"global_counters"`
IpsecEgressMap *ebpf.Map `ebpf:"ipsec_egress_map"`
IpsecIngressMap *ebpf.Map `ebpf:"ipsec_ingress_map"`
PacketRecord *ebpf.Map `ebpf:"packet_record"`
PeerFilterMap *ebpf.Map `ebpf:"peer_filter_map"`
}
BpfMaps contains all maps after they have been loaded into the kernel.
It can be passed to LoadBpfObjects or ebpf.CollectionSpec.LoadAndAssign.
type BpfObjects ¶ added in v0.3.0
type BpfObjects struct {
BpfPrograms
BpfMaps
BpfVariables
}
BpfObjects contains all objects after they have been loaded into the kernel.
It can be passed to LoadBpfObjects or ebpf.CollectionSpec.LoadAndAssign.
func (*BpfObjects) Close ¶ added in v0.3.0
func (o *BpfObjects) Close() error
type BpfPktDropsT ¶ added in v0.3.2
type BpfProgramSpecs ¶ added in v0.3.0
type BpfProgramSpecs struct {
KfreeSkb *ebpf.ProgramSpec `ebpf:"kfree_skb"`
NetworkEventsMonitoring *ebpf.ProgramSpec `ebpf:"network_events_monitoring"`
TcEgressFlowParse *ebpf.ProgramSpec `ebpf:"tc_egress_flow_parse"`
TcEgressPcaParse *ebpf.ProgramSpec `ebpf:"tc_egress_pca_parse"`
TcIngressFlowParse *ebpf.ProgramSpec `ebpf:"tc_ingress_flow_parse"`
TcIngressPcaParse *ebpf.ProgramSpec `ebpf:"tc_ingress_pca_parse"`
TcpRcvFentry *ebpf.ProgramSpec `ebpf:"tcp_rcv_fentry"`
TcpRcvKprobe *ebpf.ProgramSpec `ebpf:"tcp_rcv_kprobe"`
TcxEgressFlowParse *ebpf.ProgramSpec `ebpf:"tcx_egress_flow_parse"`
TcxEgressPcaParse *ebpf.ProgramSpec `ebpf:"tcx_egress_pca_parse"`
TcxIngressFlowParse *ebpf.ProgramSpec `ebpf:"tcx_ingress_flow_parse"`
TcxIngressPcaParse *ebpf.ProgramSpec `ebpf:"tcx_ingress_pca_parse"`
TrackNatManipPkt *ebpf.ProgramSpec `ebpf:"track_nat_manip_pkt"`
XfrmInputKprobe *ebpf.ProgramSpec `ebpf:"xfrm_input_kprobe"`
XfrmInputKretprobe *ebpf.ProgramSpec `ebpf:"xfrm_input_kretprobe"`
XfrmOutputKprobe *ebpf.ProgramSpec `ebpf:"xfrm_output_kprobe"`
XfrmOutputKretprobe *ebpf.ProgramSpec `ebpf:"xfrm_output_kretprobe"`
}
BpfProgramSpecs contains programs before they are loaded into the kernel.
It can be passed ebpf.CollectionSpec.Assign.
type BpfPrograms ¶ added in v0.3.0
type BpfPrograms struct {
KfreeSkb *ebpf.Program `ebpf:"kfree_skb"`
NetworkEventsMonitoring *ebpf.Program `ebpf:"network_events_monitoring"`
TcEgressFlowParse *ebpf.Program `ebpf:"tc_egress_flow_parse"`
TcEgressPcaParse *ebpf.Program `ebpf:"tc_egress_pca_parse"`
TcIngressFlowParse *ebpf.Program `ebpf:"tc_ingress_flow_parse"`
TcIngressPcaParse *ebpf.Program `ebpf:"tc_ingress_pca_parse"`
TcpRcvFentry *ebpf.Program `ebpf:"tcp_rcv_fentry"`
TcpRcvKprobe *ebpf.Program `ebpf:"tcp_rcv_kprobe"`
TcxEgressFlowParse *ebpf.Program `ebpf:"tcx_egress_flow_parse"`
TcxEgressPcaParse *ebpf.Program `ebpf:"tcx_egress_pca_parse"`
TcxIngressFlowParse *ebpf.Program `ebpf:"tcx_ingress_flow_parse"`
TcxIngressPcaParse *ebpf.Program `ebpf:"tcx_ingress_pca_parse"`
TrackNatManipPkt *ebpf.Program `ebpf:"track_nat_manip_pkt"`
XfrmInputKprobe *ebpf.Program `ebpf:"xfrm_input_kprobe"`
XfrmInputKretprobe *ebpf.Program `ebpf:"xfrm_input_kretprobe"`
XfrmOutputKprobe *ebpf.Program `ebpf:"xfrm_output_kprobe"`
XfrmOutputKretprobe *ebpf.Program `ebpf:"xfrm_output_kretprobe"`
}
BpfPrograms contains all programs after they have been loaded into the kernel.
It can be passed to LoadBpfObjects or ebpf.CollectionSpec.LoadAndAssign.
func (*BpfPrograms) Close ¶ added in v0.3.0
func (p *BpfPrograms) Close() error
type BpfSpecs ¶ added in v0.3.0
type BpfSpecs struct {
BpfProgramSpecs
BpfMapSpecs
BpfVariableSpecs
}
BpfSpecs contains maps and programs before they are loaded into the kernel.
It can be passed ebpf.CollectionSpec.Assign.
type BpfTcpFlagsT ¶
type BpfTcpFlagsT uint32
const ( BpfTcpFlagsTFIN_FLAG BpfTcpFlagsT = 1 BpfTcpFlagsTSYN_FLAG BpfTcpFlagsT = 2 BpfTcpFlagsTRST_FLAG BpfTcpFlagsT = 4 BpfTcpFlagsTPSH_FLAG BpfTcpFlagsT = 8 BpfTcpFlagsTACK_FLAG BpfTcpFlagsT = 16 BpfTcpFlagsTURG_FLAG BpfTcpFlagsT = 32 BpfTcpFlagsTECE_FLAG BpfTcpFlagsT = 64 BpfTcpFlagsTCWR_FLAG BpfTcpFlagsT = 128 BpfTcpFlagsTSYN_ACK_FLAG BpfTcpFlagsT = 256 BpfTcpFlagsTFIN_ACK_FLAG BpfTcpFlagsT = 512 BpfTcpFlagsTRST_ACK_FLAG BpfTcpFlagsT = 1024 )
type BpfTranslatedFlowT ¶
type BpfVariableSpecs ¶
type BpfVariableSpecs struct {
DnsPort *ebpf.VariableSpec `ebpf:"dns_port"`
EnableDnsTracking *ebpf.VariableSpec `ebpf:"enable_dns_tracking"`
EnableFlowsFiltering *ebpf.VariableSpec `ebpf:"enable_flows_filtering"`
EnableIpsec *ebpf.VariableSpec `ebpf:"enable_ipsec"`
EnableNetworkEventsMonitoring *ebpf.VariableSpec `ebpf:"enable_network_events_monitoring"`
EnablePca *ebpf.VariableSpec `ebpf:"enable_pca"`
EnablePktTranslationTracking *ebpf.VariableSpec `ebpf:"enable_pkt_translation_tracking"`
EnableRtt *ebpf.VariableSpec `ebpf:"enable_rtt"`
FilterKey *ebpf.VariableSpec `ebpf:"filter_key"`
FilterValue *ebpf.VariableSpec `ebpf:"filter_value"`
HasFilterSampling *ebpf.VariableSpec `ebpf:"has_filter_sampling"`
NetworkEventsMonitoringGroupid *ebpf.VariableSpec `ebpf:"network_events_monitoring_groupid"`
Sampling *ebpf.VariableSpec `ebpf:"sampling"`
TraceMessages *ebpf.VariableSpec `ebpf:"trace_messages"`
Unused8 *ebpf.VariableSpec `ebpf:"unused8"`
Unused9 *ebpf.VariableSpec `ebpf:"unused9"`
}
BpfVariableSpecs contains global variables before they are loaded into the kernel.
It can be passed ebpf.CollectionSpec.Assign.
type BpfVariables ¶
type BpfVariables struct {
DnsPort *ebpf.Variable `ebpf:"dns_port"`
EnableDnsTracking *ebpf.Variable `ebpf:"enable_dns_tracking"`
EnableFlowsFiltering *ebpf.Variable `ebpf:"enable_flows_filtering"`
EnableIpsec *ebpf.Variable `ebpf:"enable_ipsec"`
EnableNetworkEventsMonitoring *ebpf.Variable `ebpf:"enable_network_events_monitoring"`
EnablePca *ebpf.Variable `ebpf:"enable_pca"`
EnablePktTranslationTracking *ebpf.Variable `ebpf:"enable_pkt_translation_tracking"`
EnableRtt *ebpf.Variable `ebpf:"enable_rtt"`
FilterKey *ebpf.Variable `ebpf:"filter_key"`
FilterValue *ebpf.Variable `ebpf:"filter_value"`
HasFilterSampling *ebpf.Variable `ebpf:"has_filter_sampling"`
NetworkEventsMonitoringGroupid *ebpf.Variable `ebpf:"network_events_monitoring_groupid"`
Sampling *ebpf.Variable `ebpf:"sampling"`
TraceMessages *ebpf.Variable `ebpf:"trace_messages"`
Unused8 *ebpf.Variable `ebpf:"unused8"`
Unused9 *ebpf.Variable `ebpf:"unused9"`
}
BpfVariables contains all global variables after they have been loaded into the kernel.
It can be passed to LoadBpfObjects or ebpf.CollectionSpec.LoadAndAssign.
Source Files
Click to show internal directories.
Click to hide internal directories.