Documentation ¶
Overview ¶
Package network contains logic and types for network tracing
Index ¶
- Constants
- Variables
- func BeautifyKey(key string) string
- func ConnectionKeysFromConnectionStats(connectionStats ConnectionStats) []types.ConnectionKey
- func ConnectionSummary(c *ConnectionStats, names map[util.Address][]dns.Hostname) string
- func DNSKey(c *ConnectionStats) (dns.Key, bool)
- func EphemeralRange() (begin, end uint16)
- func GetNATLocalAddress(c ConnectionStats) (util.Address, uint16)
- func GetNATRemoteAddress(c ConnectionStats) (util.Address, uint16)
- func GetStaticTags(staticTags uint64) (tags []string)
- func IsExcludedConnection(scf []*ConnectionFilter, dcf []*ConnectionFilter, conn *ConnectionStats) bool
- func IsTLSTag(staticTags uint64) bool
- func ReadListeningPorts(procRoot string, protocol ConnectionType, collectIPv6 bool) (map[PortMapping]uint32, error)
- func Reclaim(c *Connections)
- func WithKey(connectionStats ConnectionStats, f func(key types.ConnectionKey) (stop bool))
- type BufferedData
- type ClientBuffer
- type ConnTelemetryType
- type ConnTypeFilter
- type ConnectionBuffer
- func (b *ConnectionBuffer) Append(slice []ConnectionStats)
- func (b *ConnectionBuffer) Assign(slice []ConnectionStats)
- func (b *ConnectionBuffer) Capacity() int
- func (b *ConnectionBuffer) Connections() []ConnectionStats
- func (b *ConnectionBuffer) Len() int
- func (b *ConnectionBuffer) Next() *ConnectionStats
- func (b *ConnectionBuffer) Reclaim(n int)
- func (b *ConnectionBuffer) Reset()
- type ConnectionDirection
- type ConnectionFamily
- type ConnectionFilter
- type ConnectionFilterFunc
- type ConnectionStats
- type ConnectionTuple
- type ConnectionType
- type Connections
- type Delta
- type EphemeralPortType
- type GatewayLookup
- type IPTranslation
- type LocalResolver
- type PortMapping
- type Route
- type RouteCache
- type Router
- type RuntimeCompilationTelemetry
- type StatCookie
- type StatCounters
- type State
- type Subnet
- type TagsSet
- type Via
Constants ¶
const ( // DEBUGCLIENT is the ClientID for debugging DEBUGCLIENT = "-1" // DNSResponseCodeNoError is the value that indicates that the DNS reply contains no errors. // We could have used layers.DNSResponseCodeNoErr here. But importing the gopacket library only for this // constant is not worth the increased memory cost. DNSResponseCodeNoError = 0 )
const ( // ConnTagGnuTLS is the tag for GnuTLS connections ConnTagGnuTLS = http.GnuTLS // ConnTagOpenSSL is the tag for OpenSSL connections ConnTagOpenSSL = http.OpenSSL // ConnTagGo is the tag for GO TLS connections ConnTagGo = http.Go // ConnTagTLS is the tag for TLS connections in general ConnTagTLS = http.TLS // ConnTagIstio is the tag for Istio TLS connections ConnTagIstio = http.Istio // ConnTagNodeJS is the tag for NodeJS TLS connections ConnTagNodeJS = http.NodeJS )
const (
// ConnectionByteKeyMaxLen represents the maximum size in bytes of a connection byte key
ConnectionByteKeyMaxLen = 41
)
Variables ¶
var ( // ConnTelemetryTypes lists all the possible (non-monotonic) telemetry which can be bundled // into the network connections payload ConnTelemetryTypes = []ConnTelemetryType{ DNSStatsDropped, ConnsBpfMapSize, ConntrackSamplingPercent, NPMDriverFlowsMissedMaxExceeded, } // MonotonicConnTelemetryTypes lists all the possible monotonic telemetry which can be bundled // into the network connections payload MonotonicConnTelemetryTypes = []ConnTelemetryType{ MonotonicKprobesTriggered, MonotonicKprobesMissed, MonotonicClosedConnDropped, MonotonicConnDropped, MonotonicConnsClosed, MonotonicConntrackRegisters, MonotonicDNSPacketsProcessed, MonotonicPerfLost, MonotonicUDPSendsProcessed, MonotonicUDPSendsMissed, MonotonicDNSPacketsDropped, } // USMPayloadTelemetry lists all USM metrics that are sent as payload telemetry USMPayloadTelemetry = []ConnTelemetryType{ USMHTTPHits, } )
var ClientPool *clientBufferPool
ClientPool holds a ConnectionBuffer object per client
var Cloud cloudProvider
Cloud is exported for tracer testing purposes
var SubnetForHwAddrFunc func(net.HardwareAddr) (Subnet, error)
SubnetForHwAddrFunc is exported for tracer testing purposes
Functions ¶
func BeautifyKey ¶
BeautifyKey returns a human readable byte key (used for debugging purposes) it should be in sync with ByteKey Note: This is only used in /debug/* endpoints
func ConnectionKeysFromConnectionStats ¶
func ConnectionKeysFromConnectionStats(connectionStats ConnectionStats) []types.ConnectionKey
ConnectionKeysFromConnectionStats constructs connection key using the underlying raw connection stats object, which is produced by the tracer. Each ConnectionStats object contains both the source and destination addresses, as well as an IPTranslation object that stores the original addresses in the event that the connection is NAT'd. This function generates all relevant combinations of connection keys: [(source, dest), (dest, source), (NAT'd source, NAT'd dest), (NAT'd dest, NAT'd source)]. This is necessary to handle all possible scenarios for connections originating from the USM module (i.e., whether they are NAT'd or not, and whether they use TLS).
func ConnectionSummary ¶
ConnectionSummary returns a string summarizing a connection
func DNSKey ¶ added in v0.9.0
func DNSKey(c *ConnectionStats) (dns.Key, bool)
DNSKey generates a key suitable for looking up DNS stats based on a ConnectionStats object
func EphemeralRange ¶
func EphemeralRange() (begin, end uint16)
EphemeralRange returns the ephemeral port range for this machine
func GetNATLocalAddress ¶ added in v0.9.0
func GetNATLocalAddress(c ConnectionStats) (util.Address, uint16)
GetNATLocalAddress returns the translated (local ip, local port) pair
func GetNATRemoteAddress ¶ added in v0.9.0
func GetNATRemoteAddress(c ConnectionStats) (util.Address, uint16)
GetNATRemoteAddress returns the translated (remote ip, remote port) pair
func GetStaticTags ¶
GetStaticTags return the string list of static tags from network.ConnectionStats.Tags
func IsExcludedConnection ¶ added in v0.9.0
func IsExcludedConnection(scf []*ConnectionFilter, dcf []*ConnectionFilter, conn *ConnectionStats) bool
IsExcludedConnection returns true if a given connection should be excluded by the tracer based on user defined filters
func ReadListeningPorts ¶
func ReadListeningPorts(procRoot string, protocol ConnectionType, collectIPv6 bool) (map[PortMapping]uint32, error)
ReadListeningPorts reads the /proc filesystem and determines which ports are being listened on
func Reclaim ¶ added in v0.9.0
func Reclaim(c *Connections)
Reclaim memory from the `Connections` underlying buffer
func WithKey ¶
func WithKey(connectionStats ConnectionStats, f func(key types.ConnectionKey) (stop bool))
WithKey calls `f` *up to* 4 times (or until the callback returns a `true`) with all possible connection keys. The generated keys are: 1) (src, dst) 2) (dst, src) 3) (src, dst) NAT 4) (dst, src) NAT In addition to that, we do a best-effort to call `f` in the order that most likely to succeed early (see comment below)
Types ¶
type BufferedData ¶ added in v0.9.0
type BufferedData struct { Conns []ConnectionStats // contains filtered or unexported fields }
BufferedData encapsulates data whose underlying memory can be recycled
type ClientBuffer ¶
type ClientBuffer struct { *ConnectionBuffer // contains filtered or unexported fields }
ClientBuffer amortizes the allocations of objects generated when a client calls `GetConnections`.
type ConnTelemetryType ¶
type ConnTelemetryType string
ConnTelemetryType enumerates the connection telemetry gathered by the system-probe The string name of each telemetry type is the metric name which will be emitted
const ( MonotonicKprobesTriggered ConnTelemetryType = "kprobes_triggered" MonotonicKprobesMissed ConnTelemetryType = "kprobes_missed" MonotonicClosedConnDropped ConnTelemetryType = "closed_conn_dropped" MonotonicConnDropped ConnTelemetryType = "conn_dropped" MonotonicConnsClosed ConnTelemetryType = "conns_closed" MonotonicConntrackRegisters ConnTelemetryType = "conntrack_registers" MonotonicDNSPacketsProcessed ConnTelemetryType = "dns_packets_processed" MonotonicPerfLost ConnTelemetryType = "perf_lost" MonotonicUDPSendsProcessed ConnTelemetryType = "udp_sends_processed" MonotonicUDPSendsMissed ConnTelemetryType = "udp_sends_missed" MonotonicDNSPacketsDropped ConnTelemetryType = "dns_packets_dropped" DNSStatsDropped ConnTelemetryType = "dns_stats_dropped" ConnsBpfMapSize ConnTelemetryType = "conns_bpf_map_size" ConntrackSamplingPercent ConnTelemetryType = "conntrack_sampling_percent" NPMDriverFlowsMissedMaxExceeded ConnTelemetryType = "driver_flows_missed_max_exceeded" // USM Payload Telemetry USMHTTPHits ConnTelemetryType = "usm.http.total_hits" )
type ConnTypeFilter ¶
ConnTypeFilter holds user-defined protocols
type ConnectionBuffer ¶ added in v0.9.0
type ConnectionBuffer struct {
// contains filtered or unexported fields
}
ConnectionBuffer encapsulates a resizing buffer for ConnectionStat objects
func NewConnectionBuffer ¶ added in v0.9.0
func NewConnectionBuffer(initSize, minSize int) *ConnectionBuffer
NewConnectionBuffer creates a ConnectionBuffer with initial size `size`.
func (*ConnectionBuffer) Append ¶ added in v0.9.0
func (b *ConnectionBuffer) Append(slice []ConnectionStats)
Append slice to ConnectionBuffer
func (*ConnectionBuffer) Assign ¶
func (b *ConnectionBuffer) Assign(slice []ConnectionStats)
Assign slice to ConnectionBuffer
func (*ConnectionBuffer) Capacity ¶ added in v0.9.0
func (b *ConnectionBuffer) Capacity() int
Capacity returns the current capacity of the buffer
func (*ConnectionBuffer) Connections ¶ added in v0.9.0
func (b *ConnectionBuffer) Connections() []ConnectionStats
Connections returns a slice of all the `ConnectionStats` objects returned via `Next` since the last `Reset`.
func (*ConnectionBuffer) Len ¶ added in v0.9.0
func (b *ConnectionBuffer) Len() int
Len returns the count of the number of written `ConnectionStats` objects since last `Reset`.
func (*ConnectionBuffer) Next ¶ added in v0.9.0
func (b *ConnectionBuffer) Next() *ConnectionStats
Next returns the next `ConnectionStats` object available for writing. It will resize the internal buffer if necessary.
func (*ConnectionBuffer) Reclaim ¶ added in v0.9.0
func (b *ConnectionBuffer) Reclaim(n int)
Reclaim captures the last n entries for usage again.
func (*ConnectionBuffer) Reset ¶ added in v0.9.0
func (b *ConnectionBuffer) Reset()
Reset returns the written object count back to zero. It may resize the internal buffer based on past usage.
type ConnectionDirection ¶
type ConnectionDirection uint8
ConnectionDirection indicates if the connection is incoming to the host or outbound
const ( // INCOMING represents connections inbound to the host INCOMING ConnectionDirection = 1 // incoming // OUTGOING represents outbound connections from the host OUTGOING ConnectionDirection = 2 // outgoing // LOCAL represents connections that don't leave the host LOCAL ConnectionDirection = 3 // local // NONE represents connections that have no direction (udp, for example) NONE ConnectionDirection = 4 // none )
func (ConnectionDirection) String ¶
func (i ConnectionDirection) String() string
type ConnectionFamily ¶
type ConnectionFamily uint8
ConnectionFamily will be either v4 or v6
const ( // AFINET represents v4 connections AFINET ConnectionFamily = 0 // v4 // AFINET6 represents v6 connections AFINET6 ConnectionFamily = 1 // v6 )
func (ConnectionFamily) String ¶ added in v0.9.0
func (i ConnectionFamily) String() string
type ConnectionFilter ¶
type ConnectionFilter struct { IP netip.Prefix // zero-value matches all IPs AllPorts ConnTypeFilter Ports map[uint16]ConnTypeFilter }
ConnectionFilter holds a user-defined excluded IP/CIDR, and ports
func ParseConnectionFilters ¶
func ParseConnectionFilters(filters map[string][]string) (excludelist []*ConnectionFilter)
ParseConnectionFilters takes the user defined excludelist and returns a slice of ConnectionFilters
type ConnectionFilterFunc ¶
type ConnectionFilterFunc func(c ConnectionStats) bool
ConnectionFilterFunc is a function type which returns whether the provided connection matches the filter
func ByDestAddress ¶
func ByDestAddress(a net.Addr) ConnectionFilterFunc
ByDestAddress matches connections with the same destination address and port
func ByFamily ¶
func ByFamily(f ConnectionFamily) ConnectionFilterFunc
ByFamily matches connections with the same family (IPv4 / IPv6)
func BySourceAddress ¶
func BySourceAddress(a net.Addr) ConnectionFilterFunc
BySourceAddress matches connections with the same source address and port
func ByTuple ¶
func ByTuple(l, r net.Addr) ConnectionFilterFunc
ByTuple matches connections when both source and destination address and port match
func ByType ¶
func ByType(ct ConnectionType) ConnectionFilterFunc
ByType matches connections with the same connection type (TCP/UDP)
type ConnectionStats ¶
type ConnectionStats struct { // move pointer fields first to reduce number of bytes GC has to scan IPTranslation *IPTranslation Via *Via Tags []*intern.Value ContainerID struct { Source, Dest *intern.Value } DNSStats map[dns.Hostname]map[dns.QueryType]dns.Stats // TCPFailures stores the number of failures for a POSIX error code TCPFailures map[uint16]uint32 ConnectionTuple Monotonic StatCounters Last StatCounters Cookie StatCookie // LastUpdateEpoch is the last time the stats for this connection were updated LastUpdateEpoch uint64 Duration time.Duration RTT uint32 // Stored in µs RTTVar uint32 StaticTags uint64 ProtocolStack protocols.Stack TLSTags tls.Tags // keep these fields last because they are 1 byte each and otherwise inflate the struct size due to alignment SPortIsEphemeral EphemeralPortType IntraHost bool IsAssured bool IsClosed bool }
ConnectionStats stores statistics for a single connection. Field order in the struct should be 8-byte aligned
func FilterConnections ¶
func FilterConnections(c *Connections, filters ...ConnectionFilterFunc) []ConnectionStats
FilterConnections returns connections which match all filters
func FirstConnection ¶
func FirstConnection(c *Connections, filters ...ConnectionFilterFunc) *ConnectionStats
FirstConnection returns the first connection with matches all filters
func (ConnectionStats) ByteKey ¶
func (c ConnectionStats) ByteKey(buf []byte) []byte
ByteKey returns a unique key for this connection represented as a byte slice It's as following:
4B 2B 2B .5B .5B 4/16B 4/16B = 17/41B 32b 16b 16b 4b 4b 32/128b 32/128b
| PID | SPORT | DPORT | Family | Type | SrcAddr | DestAddr
func (ConnectionStats) ByteKeyNAT ¶
func (c ConnectionStats) ByteKeyNAT(buf []byte) []byte
ByteKeyNAT returns a unique key for this connection represented as a byte slice. The format is similar to the one emitted by `ByteKey` with the sole difference that the addresses used are translated. Currently this key is used only for the aggregation of ephemeral connections.
func (ConnectionStats) IsEmpty ¶
func (c ConnectionStats) IsEmpty() bool
IsEmpty returns whether the connection has any statistics
func (ConnectionStats) IsExpired ¶ added in v0.9.0
func (c ConnectionStats) IsExpired(now uint64, timeout uint64) bool
IsExpired returns whether the connection is expired according to the provided time and timeout.
func (ConnectionStats) IsValid ¶
func (c ConnectionStats) IsValid() bool
IsValid returns `true` if the connection has a valid source and dest ports and IPs
func (ConnectionStats) String ¶
func (c ConnectionStats) String() string
type ConnectionTuple ¶
type ConnectionTuple struct { Source util.Address Dest util.Address Pid uint32 NetNS uint32 SPort uint16 DPort uint16 Type ConnectionType Family ConnectionFamily Direction ConnectionDirection }
ConnectionTuple represents the unique network key for a connection
func (ConnectionTuple) String ¶
func (c ConnectionTuple) String() string
type ConnectionType ¶
type ConnectionType uint8
ConnectionType will be either TCP or UDP
const ( // TCP connection type TCP ConnectionType = 0 // UDP connection type UDP ConnectionType = 1 )
func (ConnectionType) String ¶
func (i ConnectionType) String() string
func (ConnectionType) Tags ¶
func (c ConnectionType) Tags() map[string]string
Tags returns `ip_proto` tags for use in hot-path telemetry
type Connections ¶
type Connections struct { BufferedData DNS map[util.Address][]dns.Hostname ConnTelemetry map[ConnTelemetryType]int64 CompilationTelemetryByAsset map[string]RuntimeCompilationTelemetry KernelHeaderFetchResult int32 CORETelemetryByAsset map[string]int32 PrebuiltAssets []string HTTP map[http.Key]*http.RequestStats HTTP2 map[http.Key]*http.RequestStats Kafka map[kafka.Key]*kafka.RequestStats Postgres map[postgres.Key]*postgres.RequestStat Redis map[redis.Key]*redis.RequestStat }
Connections wraps a collection of ConnectionStats
func NewConnections ¶
func NewConnections(buffer *ClientBuffer) *Connections
NewConnections create a new Connections object
type Delta ¶ added in v0.9.0
type Delta struct { Conns []ConnectionStats HTTP map[http.Key]*http.RequestStats HTTP2 map[http.Key]*http.RequestStats Kafka map[kafka.Key]*kafka.RequestStats Postgres map[postgres.Key]*postgres.RequestStat Redis map[redis.Key]*redis.RequestStat }
Delta represents a delta of network data compared to the last call to State.
type EphemeralPortType ¶ added in v0.9.0
type EphemeralPortType uint8
EphemeralPortType will be either EphemeralUnknown, EphemeralTrue, EphemeralFalse
const ( // EphemeralUnknown indicates inability to determine whether the port is in the ephemeral range or not EphemeralUnknown EphemeralPortType = 0 // unspecified // EphemeralTrue means the port has been detected to be in the configured ephemeral range EphemeralTrue EphemeralPortType = 1 // ephemeral // EphemeralFalse means the port has been detected to not be in the configured ephemeral range EphemeralFalse EphemeralPortType = 2 // not ephemeral )
func IsPortInEphemeralRange ¶ added in v0.9.0
func IsPortInEphemeralRange(_ ConnectionFamily, _ ConnectionType, p uint16) EphemeralPortType
IsPortInEphemeralRange returns whether the port is ephemeral based on the OS-specific configuration.
The ConnectionFamily and ConnectionType arguments are only relevant for Windows
func (EphemeralPortType) String ¶ added in v0.9.0
func (i EphemeralPortType) String() string
type GatewayLookup ¶
type GatewayLookup interface { Lookup(cs *ConnectionStats) *Via LookupWithIPs(source util.Address, dest util.Address, netns uint32) *Via Close() }
GatewayLookup is an interface for performing gateway lookups
func NewGatewayLookup ¶
func NewGatewayLookup(rootNsLookup nsLookupFunc, maxRouteCacheSize uint32, telemetryComp telemetryComponent.Component) GatewayLookup
NewGatewayLookup creates a new instance of a gateway lookup using a given root network namespace and a size for the route cache
type IPTranslation ¶
type IPTranslation struct { ReplSrcIP util.Address ReplDstIP util.Address ReplSrcPort uint16 ReplDstPort uint16 }
IPTranslation can be associated with a connection to show the connection is NAT'd
type LocalResolver ¶
type LocalResolver struct {
// contains filtered or unexported fields
}
LocalResolver resolves connection remote addresses
func NewLocalResolver ¶
func NewLocalResolver(processEventsEnabled bool) LocalResolver
NewLocalResolver creates a new LocalResolver
func (LocalResolver) Resolve ¶
func (r LocalResolver) Resolve(conns slice.Chain[ConnectionStats])
Resolve binds container IDs to the Raddr of connections
An attempt is made to resolve as many local containers as possible.
First, we go over all connections that have a container ID populated for their laddr, indexing them by (laddr, raddr, proto, netns). An additional entry is also inserted for a non-loopback laddr with netns = 0 as well. Translated laddr and raddr are used throughout. Incoming connection dest ports (the ephemeral side) are also zero-ed before inserting into the index.
Second, we go over the connections again, this time resolving the raddr container id using the lookup table we built previously. Translated addresses are used throughout. This time outgoing connection source ports are zero-ed when doing a lookup (since we zero-ed out the incoming dest ports in the index).
Only connections that are local are resolved, i.e., for which `IntraHost` is set to true.
type PortMapping ¶
PortMapping represents a port binding
type RouteCache ¶ added in v0.9.0
RouteCache is the interface to a cache that stores routes for a given (source, destination, net ns) tuple
func NewRouteCache ¶ added in v0.9.0
func NewRouteCache(_ telemetryComponent.Component, size int, router Router) RouteCache
NewRouteCache creates a new RouteCache
type Router ¶ added in v0.9.0
Router is an interface to get a route for a (source, destination, net ns) tuple
type RuntimeCompilationTelemetry ¶ added in v0.9.0
type RuntimeCompilationTelemetry struct { RuntimeCompilationEnabled bool RuntimeCompilationResult int32 RuntimeCompilationDuration int64 }
RuntimeCompilationTelemetry stores telemetry related to the runtime compilation of various assets
type StatCookie ¶
type StatCookie = uint64
StatCookie A 64-bit hash designed to uniquely identify a connection. In eBPF this is 32 bits but it gets re-hashed to 64 bits in userspace to reduce collisions; see PR #17197 for more info.
type StatCounters ¶
type StatCounters struct { SentBytes uint64 RecvBytes uint64 SentPackets uint64 RecvPackets uint64 Retransmits uint32 // TCPEstablished indicates whether the TCP connection was established // after system-probe initialization. // * A value of 0 means that this connection was established before system-probe was initialized; // * Value 1 represents a connection that was established after system-probe started; // * Values greater than 1 should be rare, but can occur when multiple connections // are established with the same tuple between two agent checks; TCPEstablished uint16 TCPClosed uint16 }
StatCounters represents all the per-connection stats we collect
func (StatCounters) Add ¶
func (s StatCounters) Add(other StatCounters) StatCounters
Add returns s+other
func (StatCounters) IsZero ¶
func (s StatCounters) IsZero() bool
IsZero returns whether all the stat counter values are zeroes
func (StatCounters) Max ¶
func (s StatCounters) Max(other StatCounters) StatCounters
Max returns max(s, other)
func (StatCounters) Sub ¶
func (s StatCounters) Sub(other StatCounters) (sc StatCounters, underflow bool)
Sub returns s-other.
This implementation is different from the implementation on other platforms as packet counts are actually sampled from the kernel as uint32's, but stored in StatCounters as uint64's. To detect overflows in these counts correctly, a simple subtraction will not do, and they need to be treated differently (see below)
type State ¶
type State interface { // GetDelta returns a Delta object for the given client when provided the latest set of active connections GetDelta( clientID string, latestTime uint64, active []ConnectionStats, dns dns.StatsByKeyByNameByType, usmStats map[protocols.ProtocolType]interface{}, ) Delta // GetTelemetryDelta returns the telemetry delta since last time the given client requested telemetry data. GetTelemetryDelta( id string, telemetry map[ConnTelemetryType]int64, ) map[ConnTelemetryType]int64 // RegisterClient starts tracking stateful data for the given client // If the client is already registered, it does nothing. RegisterClient(clientID string) // RemoveClient stops tracking stateful data for a given client RemoveClient(clientID string) // RemoveExpiredClients removes expired clients from the state RemoveExpiredClients(now time.Time) // RemoveConnections removes the given keys from the state RemoveConnections(conns []*ConnectionStats) // StoreClosedConnection stores a batch of closed connections StoreClosedConnection(connection *ConnectionStats) // GetStats returns a map of statistics about the current network state GetStats() map[string]interface{} // DumpState returns a map with the current network state for a client ID DumpState(clientID string) map[string]interface{} }
State takes care of handling the logic for: - closed connections - sent and received bytes per connection
func NewState ¶
func NewState(_ telemetryComponent.Component, clientExpiry time.Duration, maxClosedConns uint32, maxClientStats, maxDNSStats, maxHTTPStats, maxKafkaStats, maxPostgresStats, maxRedisStats int, enableConnectionRollup bool, processEventConsumerEnabled bool) State
NewState creates a new network state
type Subnet ¶ added in v0.9.0
type Subnet struct {
Alias string `json:"alias,omitempty"`
}
Subnet stores info about a subnet
Source Files ¶
Directories ¶
Path | Synopsis |
---|---|
Package config implements network tracing configuration
|
Package config implements network tracing configuration |
sysctl
Package sysctl implements reading of system parameters such as system limits
|
Package sysctl implements reading of system parameters such as system limits |
Package dns traces DNS activity and caches DNS lookups for reverse DNS capability
|
Package dns traces DNS activity and caches DNS lookups for reverse DNS capability |
Package ebpf implements tracing network events with eBPF
|
Package ebpf implements tracing network events with eBPF |
Package encoding contains two subpackages marshal and unmarshal.
|
Package encoding contains two subpackages marshal and unmarshal. |
marshal
Package marshal implements the marshaling side of network encoding
|
Package marshal implements the marshaling side of network encoding |
unmarshal
Package unmarshal implements the unmarshalling side of network encoding
|
Package unmarshal implements the unmarshalling side of network encoding |
Package events handles process events
|
Package events handles process events |
Package filter exposes interfaces and implementations for packet capture
|
Package filter exposes interfaces and implementations for packet capture |
go
|
|
asmscan
Package asmscan provides functions for scanning the machine code of functions.
|
Package asmscan provides functions for scanning the machine code of functions. |
bininspect
Package bininspect provides tools to inspect a Go binary.
|
Package bininspect provides tools to inspect a Go binary. |
binversion
Package binversion provides access to information embedded in a Go binary about how it was built.
|
Package binversion provides access to information embedded in a Go binary about how it was built. |
dwarfutils
Package dwarfutils provides utilities for working with DWARF debug information.
|
Package dwarfutils provides utilities for working with DWARF debug information. |
dwarfutils/locexpr
Package locexpr provides a function to statically execute a DWARF location expression.
|
Package locexpr provides a function to statically execute a DWARF location expression. |
goid
Package goid provides a function to get the current goroutine ID.
|
Package goid provides a function to get the current goroutine ID. |
goid/internal
Package main is responsible for extracting Go type information from DWARF data across multiple Go versions.
|
Package main is responsible for extracting Go type information from DWARF data across multiple Go versions. |
goid/internal/testprogram
Package main holds main related files
|
Package main holds main related files |
goversion
Package goversion provides a wrapper around the `GoVersion` type from the delve debugger
|
Package goversion provides a wrapper around the `GoVersion` type from the delve debugger |
lutgen
Package lutgen provides tools to generate lookup tables for Go binaries.
|
Package lutgen provides tools to generate lookup tables for Go binaries. |
rungo
Package rungo provides tools to run the Go toolchain.
|
Package rungo provides tools to run the Go toolchain. |
rungo/matrix
Package matrix provides a utility for running a single Go command
|
Package matrix provides a utility for running a single Go command |
Package netlink implements network connection tracking.
|
Package netlink implements network connection tracking. |
testutil
Package testutil contains helper functions used for testing conntrack
|
Package testutil contains helper functions used for testing conntrack |
Package main - single file executable
|
Package main - single file executable |
Package protocols provides the implementation of the network tracer protocols
|
Package protocols provides the implementation of the network tracer protocols |
amqp
Package amqp provides a simple wrapper around 3rd party amqp client.
|
Package amqp provides a simple wrapper around 3rd party amqp client. |
http
Package http contains the userspace portion of USM's HTTP monitoring code
|
Package http contains the userspace portion of USM's HTTP monitoring code |
http/debugging
Package debugging provides a debugging view of the HTTP protocol.
|
Package debugging provides a debugging view of the HTTP protocol. |
http/gotls/lookup
Package lookup provides a lookup table for the protocol package.
|
Package lookup provides a lookup table for the protocol package. |
http/gotls/lookup/internal/testprogram
Package main provides a test program for generating lookup tables for TLS types
|
Package main provides a test program for generating lookup tables for TLS types |
http/testutil
Package testutil provides utilities for testing the HTTP protocol.
|
Package testutil provides utilities for testing the HTTP protocol. |
http2
Package http2 provides a HTTP/2 implementation for the network package for supporting HTTP/2 and gRPC monitoring with USM.
|
Package http2 provides a HTTP/2 implementation for the network package for supporting HTTP/2 and gRPC monitoring with USM. |
kafka/debugging
Package debugging provides debug-friendly representations of internal data structures
|
Package debugging provides debug-friendly representations of internal data structures |
mongo
Package mongo provides a simple wrapper around 3rd party mongo client.
|
Package mongo provides a simple wrapper around 3rd party mongo client. |
mysql
Package mysql provides a MySQL client to interact with a MySQL server.
|
Package mysql provides a MySQL client to interact with a MySQL server. |
postgres/debugging
Package debugging provides debug-friendly representations of internal data structures
|
Package debugging provides debug-friendly representations of internal data structures |
redis/debugging
Package debugging provides debug-friendly representation of internal data structures
|
Package debugging provides debug-friendly representation of internal data structures |
telemetry
Package telemetry provides a way to collect metrics from eBPF programs.
|
Package telemetry provides a way to collect metrics from eBPF programs. |
testutil
Package testutil provides general utilities for protocols UTs.
|
Package testutil provides general utilities for protocols UTs. |
tls
Package tls contains definitions and methods related to tags parsed from the TLS handshake
|
Package tls contains definitions and methods related to tags parsed from the TLS handshake |
tls/gotls/testutil
Package testutil provides utilities for testing the TLS package.
|
Package testutil provides utilities for testing the TLS package. |
tls/gotls/testutil/gotls_client
Package main is a simple client for the gotls_server.
|
Package main is a simple client for the gotls_server. |
tls/gotls/testutil/gotls_server
Package main is a simple client for the gotls_server.
|
Package main is a simple client for the gotls_server. |
Package slice implements helpers for slice operations
|
Package slice implements helpers for slice operations |
Package testutil contains helper functions used in network tests
|
Package testutil contains helper functions used in network tests |
Package tracer implements the functionality of the network tracer
|
Package tracer implements the functionality of the network tracer |
connection/ebpfless
Package ebpfless contains supporting code for the ebpfless tracer
|
Package ebpfless contains supporting code for the ebpfless tracer |
testutil/proxy/external_unix_proxy_server
Package main provides a unix transparent proxy server that can be used for testing.
|
Package main provides a unix transparent proxy server that can be used for testing. |
Package types implements the definition for network connection tuples
|
Package types implements the definition for network connection tuples |
usm
|
|
config
Package config provides helpers for USM configuration
|
Package config provides helpers for USM configuration |
consts
Package consts contains constants used by the USM package.
|
Package consts contains constants used by the USM package. |
sharedlibraries
Package sharedlibraries contains implementation for monitoring of shared libraries opened by other programs
|
Package sharedlibraries contains implementation for monitoring of shared libraries opened by other programs |
sharedlibraries/testutil/fmapper
Package main is used for testing purposes and it essentially maps into memory
|
Package main is used for testing purposes and it essentially maps into memory |
state
Package state provides the state of the USM monitor.
|
Package state provides the state of the USM monitor. |
testutil
Package testutil provides utilities for testing USM.
|
Package testutil provides utilities for testing USM. |
testutil/grpc
Package grpc provides a gRPC client that fits the gRPC server.
|
Package grpc provides a gRPC client that fits the gRPC server. |
testutil/grpc/grpc_external_server
Package main provides a simple gRPC server that can be used for testing.
|
Package main provides a simple gRPC server that can be used for testing. |
testutil/prefetch_file
Package main is a simple utility to prefetch files into the page cache.
|
Package main is a simple utility to prefetch files into the page cache. |
utils
Package utils contains common code shared across the USM codebase
|
Package utils contains common code shared across the USM codebase |