network

package
v0.0.0-...-44638ef Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 6, 2024 License: Apache-2.0 Imports: 25 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// DEBUGCLIENT is the ClientID for debugging
	DEBUGCLIENT = "-1"

	// DNSResponseCodeNoError is the value that indicates that the DNS reply contains no errors.
	// We could have used layers.DNSResponseCodeNoErr here. But importing the gopacket library only for this
	// constant is not worth the increased memory cost.
	DNSResponseCodeNoError = 0

	// ConnectionByteKeyMaxLen represents the maximum size in bytes of a connection byte key
	ConnectionByteKeyMaxLen = 41
)

Variables

This section is empty.

Functions

func BeautifyKey 

func BeautifyKey(key string) string

BeautifyKey returns a human readable byte key (used for debugging purposes) it should be in sync with ByteKey Note: This is only used in /debug/* endpoints

func ConnectionSummary 

func ConnectionSummary(c *ConnectionStats, names map[util.Address][]string) string

ConnectionSummary returns a string summarizing a connection

func DNSKey 

func DNSKey(c *ConnectionStats) (dns.Key, bool)

DNSKey generates a key suitable for looking up DNS stats based on a ConnectionStats object

func GetNATLocalAddress 

func GetNATLocalAddress(c ConnectionStats) (util.Address, uint16)

GetNATLocalAddress returns the translated (local ip, local port) pair

func GetNATRemoteAddress 

func GetNATRemoteAddress(c ConnectionStats) (util.Address, uint16)

GetNATRemoteAddress returns the translated (remote ip, remote port) pair

func IsEphemeralPort 

func IsEphemeralPort(port int) bool

IsEphemeralPort returns true if a port belongs to the ephemeral range This is mostly a placeholder for now as we have work planned for a platform-agnostic solution that will, among other things, source these values from procfs for Linux hosts

func IsExcludedConnection 

func IsExcludedConnection(scf []*ConnectionFilter, dcf []*ConnectionFilter, conn *ConnectionStats) bool

IsExcludedConnection returns true if a given connection should be excluded by the tracer based on user defined filters

func ReadInitialState 

func ReadInitialState(procRoot string, protocol ConnectionType, collectIPv6 bool) (map[PortMapping]struct{}, error)

ReadInitialState reads the /proc filesystem and determines which ports are being listened on

func Reclaim 

func Reclaim(c *Connections)

Reclaim memory from the `Connections` underlying buffer

Types

type BufferedData 

type BufferedData struct {
	Conns []ConnectionStats
	// contains filtered or unexported fields
}

BufferedData encapsulates data whose underlying memory can be recycled

type ConnTypeFilter 

type ConnTypeFilter struct {
	TCP bool
	UDP bool
}

ConnTypeFilter holds user-defined protocols

type ConnectionBuffer 

type ConnectionBuffer struct {
	// contains filtered or unexported fields
}

ConnectionBuffer encapsulates a resizing buffer for ConnectionStat objects

func NewConnectionBuffer 

func NewConnectionBuffer(initSize, minSize int) *ConnectionBuffer

NewConnectionBuffer creates a ConnectionBuffer with initial size `size`.

func (*ConnectionBuffer) Append 

func (b *ConnectionBuffer) Append(slice []ConnectionStats)

Append slice to ConnectionBuffer

func (*ConnectionBuffer) Capacity 

func (b *ConnectionBuffer) Capacity() int

Capacity returns the current capacity of the buffer

func (*ConnectionBuffer) Connections 

func (b *ConnectionBuffer) Connections() []ConnectionStats

Connections returns a slice of all the `ConnectionStats` objects returned via `Next` since the last `Reset`.

func (*ConnectionBuffer) Len 

func (b *ConnectionBuffer) Len() int

Len returns the count of the number of written `ConnectionStats` objects since last `Reset`.

func (*ConnectionBuffer) Next 

func (b *ConnectionBuffer) Next() *ConnectionStats

Next returns the next `ConnectionStats` object available for writing. It will resize the internal buffer if necessary.

func (*ConnectionBuffer) Reclaim 

func (b *ConnectionBuffer) Reclaim(n int)

Reclaim captures the last n entries for usage again.

func (*ConnectionBuffer) Reset 

func (b *ConnectionBuffer) Reset()

Reset returns the written object count back to zero. It may resize the internal buffer based on past usage.

type ConnectionDirection 

type ConnectionDirection uint8

ConnectionDirection indicates if the connection is incoming to the host or outbound 

const (
	// INCOMING represents connections inbound to the host
	INCOMING ConnectionDirection = 1

	// OUTGOING represents outbound connections from the host
	OUTGOING ConnectionDirection = 2

	// LOCAL represents connections that don't leave the host
	LOCAL ConnectionDirection = 3

	// NONE represents connections that have no direction (udp, for example)
	NONE ConnectionDirection = 4
)

func (ConnectionDirection) String 

func (d ConnectionDirection) String() string

type ConnectionFamily 

type ConnectionFamily uint8

ConnectionFamily will be either v4 or v6 

const (
	// AFINET represents v4 connections
	AFINET ConnectionFamily = 0

	// AFINET6 represents v6 connections
	AFINET6 ConnectionFamily = 1
)

func (ConnectionFamily) String 

func (c ConnectionFamily) String() string

type ConnectionFilter 

type ConnectionFilter struct {
	IP       *net.IPNet // If nil, then all IPs will be considered matching.
	AllPorts ConnTypeFilter

	Ports map[uint16]ConnTypeFilter
}

ConnectionFilter holds a user-defined excluded IP/CIDR, and ports

func ParseConnectionFilters 

func ParseConnectionFilters(filters map[string][]string) (excludelist []*ConnectionFilter)

ParseConnectionFilters takes the user defined excludelist and returns a slice of ConnectionFilters

type ConnectionStats 

type ConnectionStats struct {
	Source util.Address
	Dest   util.Address

	MonotonicSentBytes uint64
	LastSentBytes      uint64

	MonotonicRecvBytes uint64
	LastRecvBytes      uint64

	MonotonicSentPackets uint64
	LastSentPackets      uint64

	MonotonicRecvPackets uint64
	LastRecvPackets      uint64

	// Last time the stats for this connection were updated
	LastUpdateEpoch uint64

	MonotonicRetransmits uint32
	LastRetransmits      uint32

	RTT    uint32 // Stored in µs
	RTTVar uint32

	// MonotonicTCPEstablished indicates whether or not the TCP connection was established
	// after system-probe initialization.
	// * A value of 0 means that this connection was established before system-probe was initialized;
	// * Value 1 represents a connection that was established after system-probe started;
	// * Values greater than 1 should be rare, but can occur when multiple connections
	//   are established with the same tuple betweeen two agent checks;
	MonotonicTCPEstablished uint32
	LastTCPEstablished      uint32

	MonotonicTCPClosed uint32
	LastTCPClosed      uint32

	Pid   uint32
	NetNS uint32

	SPort            uint16
	DPort            uint16
	Type             ConnectionType
	Family           ConnectionFamily
	Direction        ConnectionDirection
	SPortIsEphemeral EphemeralPortType
	IPTranslation    *IPTranslation
	IntraHost        bool
	Via              *Via

	IsAssured bool
}

ConnectionStats stores statistics for a single connection. Field order in the struct should be 8-byte aligned

func (ConnectionStats) ByteKey 

func (c ConnectionStats) ByteKey(buf []byte) ([]byte, error)

ByteKey returns a unique key for this connection represented as a byte array It's as following: 

 4B      2B      2B     .5B     .5B      4/16B        4/16B   = 17/41B
32b     16b     16b      4b      4b     32/128b      32/128b

| PID | SPORT | DPORT | Family | Type | SrcAddr | DestAddr

func (ConnectionStats) IsExpired 

func (c ConnectionStats) IsExpired(now uint64, timeout uint64) bool

IsExpired returns whether the connection is expired according to the provided time and timeout.

func (ConnectionStats) IsShortLived 

func (c ConnectionStats) IsShortLived() bool

IsShortLived returns true when a connection went through its whole lifecycle between two connection checks

func (ConnectionStats) String 

func (c ConnectionStats) String() string

type ConnectionType 

type ConnectionType uint8

ConnectionType will be either TCP or UDP 

const (
	// TCP connection type
	TCP ConnectionType = 0

	// UDP connection type
	UDP ConnectionType = 1
)

func (ConnectionType) String 

func (c ConnectionType) String() string

type Connections 

type Connections struct {
	BufferedData
	DNS                         map[util.Address][]string
	ConnTelemetry               *ConnectionsTelemetry
	CompilationTelemetryByAsset map[string]RuntimeCompilationTelemetry
	HTTP                        map[http.Key]http.RequestStats
	HTTPTelemetry               *http.TelemetryStats
	DNSStats                    dns.StatsByKeyByNameByType
}

Connections wraps a collection of ConnectionStats

type ConnectionsTelemetry 

type ConnectionsTelemetry struct {
	MonotonicKprobesTriggered          int64
	MonotonicKprobesMissed             int64
	MonotonicConntrackRegisters        int64
	MonotonicConntrackRegistersDropped int64
	MonotonicDNSPacketsProcessed       int64
	MonotonicConnsClosed               int64
	ConnsBpfMapSize                    int64
	MonotonicUDPSendsProcessed         int64
	MonotonicUDPSendsMissed            int64
	ConntrackSamplingPercent           int64
	DNSStatsDropped                    int64
}

ConnectionsTelemetry stores telemetry from the system probe related to connections collection

type Delta 

type Delta struct {
	BufferedData
	HTTP               map[http.Key]http.RequestStats
	HTTPTelemetryStats *http.TelemetryStats
	DNSStats           dns.StatsByKeyByNameByType
}

Delta represents a delta of network data compared to the last call to State.

type EphemeralPortType 

type EphemeralPortType uint8

EphemeralPortType will be either EphemeralUnknown, EphemeralTrue, EphemeralFalse 

const (
	// EphemeralUnknown indicates inability to determine whether the port is in the ephemeral range or not
	EphemeralUnknown EphemeralPortType = 0

	// EphemeralTrue means the port has been detected to be in the configured ephemeral range
	EphemeralTrue EphemeralPortType = 1

	// EphemeralFalse means the port has been detected to not be in the configured ephemeral range
	EphemeralFalse EphemeralPortType = 2
)

func IsPortInEphemeralRange 

func IsPortInEphemeralRange(p uint16) EphemeralPortType

IsPortInEphemeralRange returns whether the port is ephemeral based on the OS-specific configuration.

func (EphemeralPortType) String 

func (e EphemeralPortType) String() string

type IPTranslation 

type IPTranslation struct {
	ReplSrcIP   util.Address
	ReplDstIP   util.Address
	ReplSrcPort uint16
	ReplDstPort uint16
}

IPTranslation can be associated with a connection to show the connection is NAT'd

type PortMapping 

type PortMapping struct {
	Ino  uint32
	Port uint16
}

PortMapping represents a port binding

type Route 

type Route struct {
	Gateway util.Address
	IfIndex int
}

Route stores info for a route table entry

type RouteCache 

type RouteCache interface {
	Get(source, dest util.Address, netns uint32) (Route, bool)
}

RouteCache is the interface to a cache that stores routes for a given (source, destination, net ns) tuple

func NewRouteCache 

func NewRouteCache(size int, router Router) RouteCache

NewRouteCache creates a new RouteCache

type Router 

type Router interface {
	Route(source, dest util.Address, netns uint32) (Route, bool)
}

Router is an interface to get a route for a (source, destination, net ns) tuple

func NewNetlinkRouter 

func NewNetlinkRouter(procRoot string) (Router, error)

NewNetlinkRouter create a Router that queries routes via netlink

type RuntimeCompilationTelemetry 

type RuntimeCompilationTelemetry struct {
	RuntimeCompilationEnabled  bool
	RuntimeCompilationResult   int32
	KernelHeaderFetchResult    int32
	RuntimeCompilationDuration int64
}

RuntimeCompilationTelemetry stores telemetry related to the runtime compilation of various assets

type State 

type State interface {
	// GetDelta returns the a Delta object for  given client when provided the latest set of active connections
	GetDelta(
		clientID string,
		latestTime uint64,
		active []ConnectionStats,
		dns dns.StatsByKeyByNameByType,
		http *http.MonitorReport,
	) Delta

	// RemoveClient stops tracking stateful data for a given client
	RemoveClient(clientID string)

	// RemoveExpiredClients removes expired clients from the state
	RemoveExpiredClients(now time.Time)

	// RemoveConnections removes the given keys from the state
	RemoveConnections(keys []string)

	// StoreClosedConnections stores a batch of closed connections
	StoreClosedConnections(connections []ConnectionStats)

	// GetStats returns a map of statistics about the current network state
	GetStats() map[string]interface{}

	// DebugState returns a map with the current network state for a client ID
	DumpState(clientID string) map[string]interface{}
}

State takes care of handling the logic for: - closed connections - sent and received bytes per connection

func NewState 

func NewState(clientExpiry time.Duration, maxClosedConns, maxClientStats int, maxDNSStats int, maxHTTPStats int) State

NewState creates a new network state

type Subnet 

type Subnet struct {
	Alias string
}

Subnet stores info about a subnet

type Via 

type Via struct {
	Subnet Subnet
}

Via has info about the routing decision for a flow

Source Files

View all Source files

Directories

Path Synopsis
sysctl
debugging
testutil
testutil
connection
testutil

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.