ebpfwindows

package
v0.0.0-...-3aae1eb Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 20, 2025 License: MIT Imports: 21 Imported by: 0

Documentation

Rendered for windows/amd64

Index

Constants

View Source 
const (
	CiliumNotifyUnspec        = 0
	CiliumNotifyDrop          = 1
	CiliumNotifyDebugMessage  = 2
	CiliumNotifyDebugCapture  = 3
	CiliumNotifyTrace         = 4
	CiliumNotifyPolicyVerdict = 5
	CiliumNotifyCapture       = 6
	CiliumNotifyTraceSock     = 7
)

Notification types

Variables

View Source 
var (
	ErrInvalidEventData = errors.New("The Cilium Event Data is invalid")
	ErrNilEnricher      = errors.New("enricher is nil")
)
View Source 
var DropInvalid uint8 = 2

DropInvalid is the Invalid packet reason.

View Source 
var DropMin uint8 = 130

DropMin numbers less than this are non-drop reason codes

Functions

func BPFFileName 

func BPFFileName(id uint8) string

BPFFileName returns the file name for the given BPF file id.

func DropReason 

func DropReason(reason uint8) string

DropReason prints the drop reason in a human readable string

func DropReasonExt 

func DropReasonExt(reason uint8, extError int8) string

func MetricDirection 

func MetricDirection(dir uint8) string

MetricDirection gets the direction in human readable string format

func New 

func New(cfg *kcfg.Config) registry.Plugin

Types

type DropNotify 

type DropNotify struct {
	NotifyCaptureHdr
	SrcLabel uint32
	DstLabel uint32
	DstID    uint32 // 0 for egress
	Line     uint16
	File     uint8
	ExtError int8
	Ifindex  uint32
	Data     [128]byte
}

DropNotify is the notification for a packet drop

func (*DropNotify) String 

func (k *DropNotify) String() string

String returns a string representation of the DropNotify

type EventsMap 

type EventsMap interface {
	RegisterForCallback(eventsMapCallback) error
	UnregisterForCallback() error
}

EventsMap interface represents a events map

func NewEventsMap 

func NewEventsMap() EventsMap

NewEventsMap creates a new metrics map

type IP 

type IP struct {
	Address uint32
	Pad1    uint32
	Pad2    uint32
	Pad3    uint32
}

IP represents an IPv4 or IPv4 or IPv6 address

func (*IP) ConvertToString 

func (ip *IP) ConvertToString(IPv6 bool) string

type IterateCallback 

type IterateCallback func(*MetricsKey, *MetricsValues)

IterateCallback represents the signature of the callback function expected by the IterateWithCallback method, which in turn is used to iterate all the keys/values of a metrics map.

type MetricsKey 

type MetricsKey struct {
	Reason uint8 `align:"reason"`
	Dir    uint8 `align:"dir"`
	// Line contains the line number of the metrics statement.
	Line uint16 `align:"line"`
	// File is the number of the source file containing the metrics statement.
	File     uint8    `align:"file"`
	Reserved [3]uint8 `align:"reserved"`
}

Value must be in sync with struct metrics_key in <bpf/lib/common.h>

func (*MetricsKey) Direction 

func (k *MetricsKey) Direction() string

Direction gets the direction in human readable string format

func (*MetricsKey) DropForwardReason 

func (k *MetricsKey) DropForwardReason() string

DropForwardReason gets the forwarded/dropped reason in human readable string format

func (*MetricsKey) FileName 

func (k *MetricsKey) FileName() string

FileName returns the filename where the event occurred, in string format.

func (*MetricsKey) IsDrop 

func (k *MetricsKey) IsDrop() bool

IsDrop checks if the reason is drop or not.

func (*MetricsKey) IsEgress 

func (k *MetricsKey) IsEgress() bool

IsEgress checks if the direction is egress or not.

func (*MetricsKey) IsIngress 

func (k *MetricsKey) IsIngress() bool

IsIngress checks if the direction is ingress or not.

func (*MetricsKey) String 

func (k *MetricsKey) String() string

String returns the key in human readable string format

type MetricsMap 

type MetricsMap interface {
	IterateWithCallback(IterateCallback) error
}

MetricsMap interface represents a metrics map, and can be reused to implement mock maps for unit tests.

func NewMetricsMap 

func NewMetricsMap() MetricsMap

NewMetricsMap creates a new metrics map

type MetricsValue 

type MetricsValue struct {
	Count uint64 `align:"count"`
	Bytes uint64 `align:"bytes"`
}

Value must be in sync with struct metrics_value in <bpf/lib/common.h>

type MetricsValues 

type MetricsValues []MetricsValue

MetricsMapValues is a slice of MetricsMapValue

func (MetricsValues) Bytes 

func (vs MetricsValues) Bytes() uint64

Bytes returns the sum of all the per-CPU bytes values

func (MetricsValues) Count 

func (vs MetricsValues) Count() uint64

Count returns the sum of all the per-CPU count values

func (MetricsValues) String 

func (vs MetricsValues) String() string

type NotifyCaptureHdr 

type NotifyCaptureHdr struct {
	NotifyCommonHdr
	LenOrig uint32 // Length of original packet
	LenCap  uint16 // Length of captured bytes
	Version uint16 // Capture header version
}

NotifyCaptureHdr is the common header for all capture notifications

type NotifyCommonHdr 

type NotifyCommonHdr struct {
	Type    uint8
	Subtype uint8
	Source  uint16
	Hash    uint32
}

NotifyCommonHdr is the common header for all notifications

type Plugin 

type Plugin struct {
	// contains filtered or unexported fields
}

Plugin is the ebpfwindows plugin

func (*Plugin) Compile 

func (p *Plugin) Compile(context.Context) error

Compile is a no-op for the ebpfwindows plugin

func (*Plugin) Generate 

func (p *Plugin) Generate(context.Context) error

Generate is a no-op for the ebpfwindows plugin

func (*Plugin) Init 

func (p *Plugin) Init() error

Init is a no-op for the ebpfwindows plugin

func (*Plugin) Name 

func (p *Plugin) Name() string

Name returns the name of the ebpfwindows plugin

func (*Plugin) SetupChannel 

func (p *Plugin) SetupChannel(ch chan *v1.Event) error

SetupChannel saves the external channel to which the plugin will send events.

func (*Plugin) Start 

func (p *Plugin) Start(ctx context.Context) error

Start the plugin by starting a periodic timer.

func (*Plugin) Stop 

func (p *Plugin) Stop() error

Stop the plugin by cancelling the periodic timer.

type TraceNotify 

type TraceNotify struct {
	NotifyCaptureHdr
	SrcLabel uint32
	DstLabel uint32
	DstID    uint16
	Reason   uint8
	IPv6     bool
	Ifindex  uint32
	OrigIP   IP
	Data     [128]byte
}

TraceNotify is the notification for a packet trace

func (*TraceNotify) String 

func (k *TraceNotify) String() string

String returns a string representation of the TraceNotify

type TraceSockNotify 

type TraceSockNotify struct {
	Type       uint8
	XlatePoint uint8
	DstIP      IP
	DstPort    uint16
	SockCookie uint64
	CgroupID   uint64
	L4Proto    uint8
	IPv6       bool
	Data       [128]byte
}

TraceSockNotify is the notification for a socket trace

func (*TraceSockNotify) String 

func (k *TraceSockNotify) String() string

String returns a string representation of the TraceSockNotify

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.