pwru

package
v1.0.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 14, 2023 License: Apache-2.0 Imports: 21 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	MaxStackDepth = 50

	BackendKprobe      = "kprobe"
	BackendKprobeMulti = "kprobe-multi"
)

Variables

View Source 
var Version string = "version unknown"

Version is the pwru version and is set at compile time via LDFLAGS-

Functions

func GetFuncsByPos added in v0.0.7 

func GetFuncsByPos(funcs Funcs) map[int][]string

func HaveBPFLinkKprobeMulti added in v0.0.7 

func HaveBPFLinkKprobeMulti() bool

Very hacky way to check whether multi-link kprobe is supported.

func NewOutput 

func NewOutput(flags *Flags, printSkbMap *ebpf.Map, printStackMap *ebpf.Map,
	addr2Name Addr2Name, kprobeMulti bool, btfSpec *btf.Spec) (*output, error)

Types

type Addr2Name 

type Addr2Name struct {
	Addr2NameMap   map[uint64]*ksym
	Addr2NameSlice []*ksym
}

func GetAddrs 

func GetAddrs(funcs Funcs, all bool) (Addr2Name, error)

type Event 

type Event struct {
	PID          uint32
	Type         uint32
	Addr         uint64
	SAddr        uint64
	Timestamp    uint64
	PrintSkbId   uint64
	Meta         Meta
	Tuple        Tuple
	PrintStackId int64
	ParamSecond  uint64
	CPU          uint32
}

type FilterCfg added in v0.0.2 

type FilterCfg struct {
	FilterNetns uint32
	FilterMark  uint32

	// TODO: if there are more options later, then you can consider using a bit map
	OutputRelativeTS uint8
	OutputMeta       uint8
	OutputTuple      uint8
	OutputSkb        uint8
	OutputStack      uint8

	IsSet    byte
	TrackSkb byte
}

func GetConfig added in v0.0.9 

func GetConfig(flags *Flags) FilterCfg

type Flags 

type Flags struct {
	ShowVersion bool

	KernelBTF string

	FilterNetns    uint32
	FilterMark     uint32
	FilterFunc     string
	FilterTrackSkb bool
	FilterPcap     string

	OutputTS         string
	OutputMeta       bool
	OutputTuple      bool
	OutputSkb        bool
	OutputStack      bool
	OutputLimitLines uint64
	OutputFile       string

	KMods    []string
	AllKMods bool

	ReadyFile string

	Backend string
}

func (*Flags) Parse added in v1.0.0 

func (f *Flags) Parse()

func (*Flags) SetFlags added in v0.0.2 

func (f *Flags) SetFlags()

type Funcs 

type Funcs map[string]int

func GetFuncs 

func GetFuncs(pattern string, spec *btf.Spec, kmods []string, kprobeMulti bool) (Funcs, error)

type KProbeMaps added in v0.0.8 

type KProbeMaps interface {
	GetEvents() *ebpf.Map
	GetPrintStackMap() *ebpf.Map
}

type KProbeMapsWithOutputSKB added in v0.0.8 

type KProbeMapsWithOutputSKB interface {
	KProbeMaps
	GetPrintSkbMap() *ebpf.Map
}

type KProbeObjects added in v0.0.8 

type KProbeObjects interface {
	KProbeMaps
	KProbePrograms
	Close() error
}

type KProbePrograms added in v0.0.8 

type KProbePrograms interface {
	GetKprobeSkb1() *ebpf.Program
	GetKprobeSkb2() *ebpf.Program
	GetKprobeSkb3() *ebpf.Program
	GetKprobeSkb4() *ebpf.Program
	GetKprobeSkb5() *ebpf.Program
}

type Meta 

type Meta struct {
	Netns   uint32
	Mark    uint32
	Ifindex uint32
	Len     uint32
	MTU     uint32
	Proto   uint16
	Pad     uint16
}

type StackData added in v0.0.2 

type StackData struct {
	IPs [MaxStackDepth]uint64
}

type Tuple 

type Tuple struct {
	Saddr   [16]byte
	Daddr   [16]byte
	Sport   uint16
	Dport   uint16
	L3Proto uint16
	L4Proto uint8
	Pad     uint8
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.