Documentation
¶
Index ¶
Constants ¶
const ( XMLHeader = "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n" ConntrackOpenTag = "<conntrack>\n" TimeWait = "TIME_WAIT" TCP = "tcp" New = "new" Update = "update" Destroy = "destroy" )
Constants exported for testing
const ( Addr = "addr" // typically IPv4 Port = "port" Conntracked = "conntracked" Procspied = "procspied" )
Node metadata keys.
Variables ¶
var ConntrackModulePresent = func() bool { f, err := os.Open(modules) if err != nil { return false } defer f.Close() scanner := bufio.NewScanner(f) for scanner.Scan() { line := scanner.Text() if strings.HasPrefix(line, conntrackModule) { return true } } if err := scanner.Err(); err != nil { log.Printf("conntrack error: %v", err) } log.Printf("conntrack: failed to find module %s", conntrackModule) return false }
ConntrackModulePresent returns true if the kernel has the conntrack module present. It is made public for mocking.
var SpyDuration = prometheus.NewSummaryVec( prometheus.SummaryOpts{ Namespace: "scope", Subsystem: "probe", Name: "spy_time_nanoseconds", Help: "Total time spent spying on active connections.", MaxAge: 10 * time.Second, }, []string{}, )
SpyDuration is an exported prometheus metric
Functions ¶
This section is empty.
Types ¶
type Conntracker ¶ added in v0.7.0
type Conntracker interface {
WalkFlows(f func(Flow))
Stop()
}
Conntracker is something that tracks connections.
func NewConntracker ¶ added in v0.7.0
func NewConntracker(existingConns bool, args ...string) (Conntracker, error)
NewConntracker creates and starts a new Conntracter
type Flow ¶ added in v0.7.0
type Flow struct {
XMLName xml.Name `xml:"flow"`
Metas []Meta `xml:"meta"`
Type string `xml:"type,attr"`
Original, Reply, Independent *Meta `xml:"-"`
}
Flow - these structs are for the parsed conntrack output
type Layer3 ¶ added in v0.7.0
type Layer3 struct {
XMLName xml.Name `xml:"layer3"`
SrcIP string `xml:"src"`
DstIP string `xml:"dst"`
}
Layer3 - these structs are for the parsed conntrack output
type Layer4 ¶ added in v0.7.0
type Layer4 struct {
XMLName xml.Name `xml:"layer4"`
SrcPort int `xml:"sport"`
DstPort int `xml:"dport"`
Proto string `xml:"protoname,attr"`
}
Layer4 - these structs are for the parsed conntrack output
type Meta ¶ added in v0.7.0
type Meta struct {
XMLName xml.Name `xml:"meta"`
Direction string `xml:"direction,attr"`
Layer3 Layer3 `xml:"layer3"`
Layer4 Layer4 `xml:"layer4"`
ID int64 `xml:"id"`
State string `xml:"state"`
}
Meta - these structs are for the parsed conntrack output
type NATMapper ¶ added in v0.8.0
type NATMapper struct {
Conntracker
}
NATMapper rewrites a report to deal with NAT's connections
func NewNATMapper ¶ added in v0.8.0
func NewNATMapper(ct Conntracker) NATMapper
NewNATMapper is exposed for testing
type Reporter ¶
type Reporter struct {
// contains filtered or unexported fields
}
Reporter generates Reports containing the Endpoint topology.
func NewReporter ¶
NewReporter creates a new Reporter that invokes procspy.Connections to generate a report.Report that contains every discovered (spied) connection on the host machine, at the granularity of host and port. That information is stored in the Endpoint topology. It optionally enriches that topology with process (PID) information.
type ReverseResolver ¶ added in v0.7.0
type ReverseResolver struct {
Throttle <-chan time.Time // Made public for mocking
Resolver revResFunc
// contains filtered or unexported fields
}
ReverseResolver is a caching, reverse resolver.
func NewReverseResolver ¶ added in v0.7.0
func NewReverseResolver() *ReverseResolver
NewReverseResolver starts a new reverse resolver that performs reverse resolutions and caches the result.
func (*ReverseResolver) Get ¶ added in v0.7.0
func (r *ReverseResolver) Get(address string) (string, error)
Get the reverse resolution for an IP address if already in the cache, a gcache.NotFoundKeyError error otherwise. Note: it returns one of the possible names that can be obtained for that IP.
func (*ReverseResolver) Stop ¶ added in v0.7.0
func (r *ReverseResolver) Stop()
Stop the async reverse resolver.
Source Files