Documentation ¶
Index ¶
- Constants
- func Dissect(dissect bool, data []byte)
- func GetAllTypes() []string
- func GetConnectionSummary(data []byte) string
- type DebugCapture
- type DebugCaptureVerbose
- type DebugMsg
- type DissectSummary
- type DropNotify
- type DropNotifyVerbose
- type Flow
- type LogRecordNotify
- type LogRecordNotifyVerbose
- type TraceNotify
- type TraceNotifyVerbose
Constants ¶
const ( DbgCaptureUnspec = iota DbgCaptureReserved1 DbgCaptureReserved2 DbgCaptureReserved3 DbgCaptureDelivery DbgCaptureFromLb DbgCaptureAfterV46 DbgCaptureAfterV64 DbgCaptureProxyPre DbgCaptureProxyPost )
must be in sync with <bpf/lib/dbg.h>
const ( DbgUnspec = iota DbgGeneric DbgLocalDelivery DbgEncap DbgLxcFound DbgPolicyDenied DbgCtLookup DbgCtLookupRev DbgCtMatch DbgCtCreated DbgCtCreated2 DbgIcmp6Handle DbgIcmp6Request DbgIcmp6Ns DbgIcmp6TimeExceeded DbgCtVerdict DbgDecap DbgPortMap DbgErrorRet DbgToHost DbgToStack DbgPktHash DbgLb6LookupMaster DbgLb6LookupMasterFail DbgLb6LookupSlave DbgLb6LookupSlaveSuccess DbgLb6ReverseNatLookup DbgLb6ReverseNat DbgLb4LookupMaster DbgLb4LookupMasterFail DbgLb4LookupSlave DbgLb4LookupSlaveSuccess DbgLb4ReverseNatLookup DbgLb4ReverseNat DbgLb4LoopbackSnat DbgLb4LoopbackSnatRev DbgCtLookup4 DbgRRSlaveSel DbgRevProxyLookup DbgRevProxyFound DbgRevProxyUpdate DbgL4Policy DbgNetdevInCluster DbgNetdevEncap4 DbgCTLookup41 DbgCTLookup42 DbgCTCreated4 DbgCTLookup61 DbgCTLookup62 DbgCTCreated6 DbgSkipProxy DbgL4Create DbgIPIDMapFailed4 DbgIPIDMapFailed6 DbgIPIDMapSucceed4 DbgIPIDMapSucceed6 )
must be in sync with <bpf/lib/dbg.h>
const ( CtNew uint32 = iota CtEstablished CtReply CtRelated )
must be in sync with <bpf/lib/conntrack.h>
const ( TraceToLxc = iota TraceToProxy TraceToHost TraceToStack TraceToOverlay TraceFromLxc TraceFromProxy TraceFromHost TraceFromStack TraceFromOverlay )
Available observation points.
const ( TraceReasonPolicy = iota TraceReasonCtEstablished TraceReasonCtReply TraceReasonCtRelated )
Reasons for forwarding a packet.
const (
// DebugCaptureLen is the amount of packet data in a packet capture message
DebugCaptureLen = 24
)
const (
// DropNotifyLen is the amount of packet data provided in a drop notification
DropNotifyLen = 32
)
const (
// TraceNotifyLen is the amount of packet data provided in a trace notification
TraceNotifyLen = 32
)
Variables ¶
This section is empty.
Functions ¶
func Dissect ¶
Dissect parses and prints the provided data if dissect is set to true, otherwise the data is printed as HEX output
func GetAllTypes ¶
func GetAllTypes() []string
GetAllTypes returns a slice of all known message types, sorted
func GetConnectionSummary ¶
GetConnectionSummary decodes the data into layers and returns a connection summary in the format:
- sIP:sPort -> dIP:dPort, e.g. 1.1.1.1:2000 -> 2.2.2.2:80 - sIP -> dIP icmpCode, 1.1.1.1 -> 2.2.2.2 echo-request
Types ¶
type DebugCapture ¶
type DebugCapture struct { Type uint8 SubType uint8 // Source, if populated, is the ID of the source endpoint. Source uint16 Hash uint32 Len uint32 OrigLen uint32 Arg1 uint32 Arg2 uint32 }
DebugCapture is the metadata sent along with a captured packet frame
func (*DebugCapture) DumpInfo ¶
func (n *DebugCapture) DumpInfo(data []byte)
DumpInfo prints a summary of the capture messages.
func (*DebugCapture) DumpJSON ¶
func (n *DebugCapture) DumpJSON(data []byte, cpuPrefix string)
DumpJSON prints notification in json format
func (*DebugCapture) DumpVerbose ¶
func (n *DebugCapture) DumpVerbose(dissect bool, data []byte, prefix string)
DumpVerbose prints the captured packet in human readable format
type DebugCaptureVerbose ¶
type DebugCaptureVerbose struct { CPUPrefix string `json:"cpu,omitempty"` Type string `json:"type,omitempty"` Mark string `json:"mark,omitempty"` Message string `json:"message,omitempty"` Prefix string `json:"prefix,omitempty"` Source uint16 `json:"source"` Bytes uint32 `json:"bytes"` Summary string `json:"summary,omitempty"` }
DebugCaptureVerbose represents a json notification printed by monitor
func DebugCaptureToVerbose ¶
func DebugCaptureToVerbose(n *DebugCapture) DebugCaptureVerbose
DebugCaptureToVerbose creates verbose notification from base TraceNotify
type DebugMsg ¶
type DebugMsg struct { Type uint8 SubType uint8 Source uint16 Hash uint32 Arg1 uint32 Arg2 uint32 Arg3 uint32 }
DebugMsg is the message format of the debug message found in the BPF ring buffer
type DissectSummary ¶
type DissectSummary struct { Ethernet string `json:"ethernet,omitempty"` IPv4 string `json:"ipv4,omitempty"` IPv6 string `json:"ipv6,omitempty"` TCP string `json:"tcp,omitempty"` UDP string `json:"udp,omitempty"` ICMPv4 string `json:"icmpv4,omitempty"` ICMPv6 string `json:"icmpv6,omitempty"` L2 *Flow `json:"l2,omitempty"` L3 *Flow `json:"l3,omitempty"` L4 *Flow `json:"l4,omitempty"` }
DissectSummary bundles decoded layers into json-marshallable message
func GetDissectSummary ¶
func GetDissectSummary(data []byte) *DissectSummary
GetDissectSummary returns DissectSummary created from data
type DropNotify ¶
type DropNotify struct { Type uint8 SubType uint8 Source uint16 Hash uint32 OrigLen uint32 CapLen uint32 SrcLabel uint32 DstLabel uint32 DstID uint32 Unused uint32 }
DropNotify is the message format of a drop notification in the BPF ring buffer
func (*DropNotify) DumpInfo ¶
func (n *DropNotify) DumpInfo(data []byte)
DumpInfo prints a summary of the drop messages.
func (*DropNotify) DumpJSON ¶
func (n *DropNotify) DumpJSON(data []byte, cpuPrefix string)
DumpJSON prints notification in json format
func (*DropNotify) DumpVerbose ¶
func (n *DropNotify) DumpVerbose(dissect bool, data []byte, prefix string)
DumpVerbose prints the drop notification in human readable form
type DropNotifyVerbose ¶
type DropNotifyVerbose struct { CPUPrefix string `json:"cpu,omitempty"` Type string `json:"type,omitempty"` Mark string `json:"mark,omitempty"` Reason string `json:"reason,omitempty"` Source uint16 `json:"source"` Bytes uint32 `json:"bytes"` SrcLabel uint32 `json:"srcLabel"` DstLabel uint32 `json:"dstLabel"` DstID uint32 `json:"dstID"` Summary *DissectSummary `json:"summary,omitempty"` }
DropNotifyVerbose represents a json notification printed by monitor
func DropNotifyToVerbose ¶
func DropNotifyToVerbose(n *DropNotify) DropNotifyVerbose
DropNotifyToVerbose creates verbose notification from DropNotify
type LogRecordNotify ¶
LogRecordNotify is a proxy access log notification
func (*LogRecordNotify) DumpInfo ¶
func (l *LogRecordNotify) DumpInfo()
DumpInfo dumps an access log notification
func (*LogRecordNotify) DumpJSON ¶
func (l *LogRecordNotify) DumpJSON()
DumpJSON prints notification in json format
type LogRecordNotifyVerbose ¶
type LogRecordNotifyVerbose struct { Type string `json:"type"` ObservationPoint accesslog.ObservationPoint `json:"observationPoint"` FlowType accesslog.FlowType `json:"flowType"` L7Proto string `json:"l7Proto"` SrcEpID uint64 `json:"srcEpID"` SrcEpLabels []string `json:"srcEpLabels"` SrcIdentity uint64 `json:"srcIdentity"` DstEpID uint64 `json:"dstEpID"` DstEpLabels []string `json:"dstEpLabels"` DstIdentity uint64 `json:"dstIdentity"` Verdict accesslog.FlowVerdict `json:"verdict"` HTTP *accesslog.LogRecordHTTP `json:"http,omitempty"` Kafka *accesslog.LogRecordKafka `json:"kafka,omitempty"` DNS *accesslog.LogRecordDNS `json:"dns,omitempty"` L7 *accesslog.LogRecordL7 `json:"l7,omitempty"` }
LogRecordNotifyVerbose represents a json notification printed by monitor
func LogRecordNotifyToVerbose ¶
func LogRecordNotifyToVerbose(n *LogRecordNotify) LogRecordNotifyVerbose
LogRecordNotifyToVerbose turns LogRecordNotify into json-friendly Verbose structure
type TraceNotify ¶
type TraceNotify struct { Type uint8 ObsPoint uint8 Source uint16 Hash uint32 OrigLen uint32 CapLen uint32 SrcLabel uint32 DstLabel uint32 DstID uint16 Reason uint8 Pad uint8 Ifindex uint32 }
TraceNotify is the message format of a trace notification in the BPF ring buffer
func (*TraceNotify) DumpInfo ¶
func (n *TraceNotify) DumpInfo(data []byte)
DumpInfo prints a summary of the trace messages.
func (*TraceNotify) DumpJSON ¶
func (n *TraceNotify) DumpJSON(data []byte, cpuPrefix string)
DumpJSON prints notification in json format
func (*TraceNotify) DumpVerbose ¶
func (n *TraceNotify) DumpVerbose(dissect bool, data []byte, prefix string)
DumpVerbose prints the trace notification in human readable form
type TraceNotifyVerbose ¶
type TraceNotifyVerbose struct { CPUPrefix string `json:"cpu,omitempty"` Type string `json:"type,omitempty"` Mark string `json:"mark,omitempty"` Ifindex string `json:"ifindex,omitempty"` State string `json:"state,omitempty"` ObservationPoint string `json:"observationPoint"` TraceSummary string `json:"traceSummary"` Source uint16 `json:"source"` Bytes uint32 `json:"bytes"` SrcLabel uint32 `json:"srcLabel"` DstLabel uint32 `json:"dstLabel"` DstID uint16 `json:"dstID"` Summary *DissectSummary `json:"summary,omitempty"` }
TraceNotifyVerbose represents a json notification printed by monitor
func TraceNotifyToVerbose ¶
func TraceNotifyToVerbose(n *TraceNotify) TraceNotifyVerbose
TraceNotifyToVerbose creates verbose notification from base TraceNotify
Source Files ¶
Directories ¶
Path | Synopsis |
---|---|
Package format provides stdout formatting of monitor messages for reuse by command-line clients of the monitor event channel.
|
Package format provides stdout formatting of monitor messages for reuse by command-line clients of the monitor event channel. |