netflow

package module
v0.0.0-...-fdba09b Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 15, 2024 License: AGPL-3.0 Imports: 25 Imported by: 0

README

netflow

monitor net flow on server

Documentation

Index

Constants

View Source 
const (
	EstablishedSymbol = "01"
	ListenSymbol      = "0A"
)
View Source 
const (
	TCP_ESTABLISHED = iota + 1
	TCP_SYN_SENT
	TCP_SYN_RECV
	TCP_FIN_WAIT1
	TCP_FIN_WAIT2
	TCP_TIME_WAIT
	TCP_CLOSE
	TCP_CLOSE_WAIT
	TCP_LAST_ACK
	TCP_LISTEN
	TCP_CLOSING
)

Variables

View Source 
var (
	ErrQueueFull = errors.New("queue is full")
)
View Source 
var StateMapping = map[string]string{
	"01": "ESTABLISHED",
	"02": "SYN_SENT",
	"03": "SYN_RECV",
	"04": "FIN_WAIT1",
	"05": "FIN_WAIT2",
	"06": "TIME_WAIT",
	"07": "CLOSE",
	"08": "CLOSE_WAIT",
	"09": "LAST_ACK",
	"0A": "LISTEN",
	"0B": "CLOSING",
}

https://github.com/torvalds/linux/blob/master/include/net/tcp_states.h

Functions

func GetProcesses 

func GetProcesses() (map[string]*Process, error)

func MarshalIndent 

func MarshalIndent(v interface{}) string

func NewProcessController 

func NewProcessController(ctx context.Context) *processController

func WithBindDevices 

func WithBindDevices(devs []string) optionFunc

func WithBindIPs 

func WithBindIPs(ips []string) optionFunc

func WithCaptureTimeout 

func WithCaptureTimeout(dur time.Duration) optionFunc

func WithCtx 

func WithCtx(ctx context.Context) optionFunc

func WithLimitCgroup 

func WithLimitCgroup(cpu float64, mem int) optionFunc

WithLimitCgroup use cgroup to limit cpu and mem, param cpu's unit is cpu core num , mem's unit is MB

func WithLogger 

func WithLogger(logger LoggerInterface) optionFunc

func WithOpenDebug 

func WithOpenDebug() optionFunc

func WithPcapFilter 

func WithPcapFilter(filter string) optionFunc

WithPcapFilter set custom pcap filter filter: "port 80", "src host xiaorui.cc and port 80"

func WithQueueSize 

func WithQueueSize(size int) optionFunc

func WithStorePcap 

func WithStorePcap(fpath string) optionFunc

func WithSyncInterval 

func WithSyncInterval(dur time.Duration) optionFunc

func WithWorkerNum 

func WithWorkerNum(num int) optionFunc

Types

type ConnectionItem 

type ConnectionItem struct {
	Addr        string `json:"addr" valid:"-"`
	ReverseAddr string `json:"reverse_addr" valid:"-"`
	SrcIP       string `json:"ip"`
	SrcPort     string `json:"port"`
	DestIP      string `json:"foreignip"`
	DestPort    string `json:"foreignport"`
	State       string `json:"state"`

	TxQueue       int           `json:"tx_queue" valid:"-"`
	RxQueue       int           `json:"rx_queue" valid:"-"`
	Timer         int8          `json:"timer" valid:"-"`
	TimerDuration time.Duration `json:"timer_duration" valid:"-"`
	Rto           time.Duration // retransmission timeout
	Uid           int
	Uname         string
	Timeout       time.Duration
	Inode         string `json:"inode"`
	Raw           string `json:"raw"`
}

func Tcp 

func Tcp() []*ConnectionItem

Tcp func Get a slice of Process type with TCP data

func Tcp6 

func Tcp6() []*ConnectionItem

Tcp6 func Get a slice of Process type with TCP6 data

func Udp 

func Udp() []*ConnectionItem

Udp func Get a slice of Process type with UDP data

func Udp6 

func Udp6() []*ConnectionItem

Udp6 func Get a slice of Process type with UDP6 data

func (*ConnectionItem) GetAddr 

func (ci *ConnectionItem) GetAddr() string

type Interface 

type Interface interface {
	// start netflow
	Start() error

	// stop netflow
	Stop()

	// sum packet
	LoadCounter() int64

	// when ctx.cancel() or timeout, notify done.
	Done() <-chan struct{}

	// GetProcessRank
	// param limit, size of data returned.
	// param recentSeconds, the average of the last few seconds' value.
	GetProcessRank(limit int, recentSeconds int) ([]*Process, error)
}

func New 

func New(opts ...optionFunc) (Interface, error)

type LoggerInterface 

type LoggerInterface interface {
	Debug(...interface{})
	Error(...interface{})
}

type Mapping 

type Mapping struct {
	sync.RWMutex
	// contains filtered or unexported fields
}

func NewMapping 

func NewMapping() *Mapping

func (*Mapping) Add 

func (m *Mapping) Add(k, v string)

func (*Mapping) Delete 

func (m *Mapping) Delete(k string)

func (*Mapping) Get 

func (m *Mapping) Get(k string) string

func (*Mapping) Handle 

func (m *Mapping) Handle()

func (*Mapping) String 

func (m *Mapping) String() string

type Netflow 

type Netflow struct {
	// contains filtered or unexported fields
}

func (*Netflow) Done 

func (nf *Netflow) Done() <-chan struct{}

func (*Netflow) GetProcessRank 

func (nf *Netflow) GetProcessRank(limit int, recentSeconds int) ([]*Process, error)

func (*Netflow) LoadCounter 

func (nf *Netflow) LoadCounter() int64

func (*Netflow) Start 

func (nf *Netflow) Start() error

func (*Netflow) Stop 

func (nf *Netflow) Stop()

type Null 

type Null struct{}

type Process 

type Process struct {
	Name         string             `json:"name"`
	Pid          string             `json:"pid"`
	Exe          string             `json:"exe"`
	State        string             `json:"state"`
	InodeCount   int                `json:"inode_count"`
	TrafficStats *trafficStatsEntry `json:"traffic_stats"`

	// todo: use ringbuffer array to reduce gc cost.
	Ring []*trafficEntry `json:"ring"`
	// contains filtered or unexported fields
}

func (*Process) IncreaseInput 

func (po *Process) IncreaseInput(n int64)

func (*Process) IncreaseOutput 

func (po *Process) IncreaseOutput(n int64)

IncreaseOutput

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.