netlog

package
v1.76.6 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 4, 2024 License: BSD-3-Clause Imports: 21 Imported by: 3

Documentation

Overview

Package netlog provides a logger that monitors a TUN device and periodically records any traffic into a log stream.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Device

type Device interface {
	SetStatistics(*connstats.Statistics)
}

Device is an abstraction over a tunnel device or a magic socket. Both *tstun.Wrapper and *magicsock.Conn implement this interface.

type Logger

type Logger struct {
	// contains filtered or unexported fields
}

Logger logs statistics about every connection. At present, it only logs connections within a tailscale network. Exit node traffic is not logged for privacy reasons. The zero value is ready for use.

func (*Logger) ReconfigRoutes

func (nl *Logger) ReconfigRoutes(cfg *router.Config)

ReconfigRoutes configures the network logger with updated routes. The cfg is used to classify the types of connections captured by the tun Device passed to Startup.

func (*Logger) Running

func (nl *Logger) Running() bool

Running reports whether the logger is running.

func (*Logger) Shutdown

func (nl *Logger) Shutdown(ctx context.Context) error

Shutdown shuts down the network logger. This attempts to flush out all pending log messages. Even if an error is returned, the logger is still shut down.

func (*Logger) Startup

func (nl *Logger) Startup(nodeID tailcfg.StableNodeID, nodeLogID, domainLogID logid.PrivateID, tun, sock Device, netMon *netmon.Monitor, health *health.Tracker, logExitFlowEnabledEnabled bool) error

Startup starts an asynchronous network logger that monitors statistics for the provided tun and/or sock device.

The tun Device captures packets within the tailscale network, where at least one address is a tailscale IP address. The source is always from the perspective of the current node. If one of the other endpoint is not a tailscale IP address, then it suggests the use of a subnet router or exit node. For example, when using a subnet router, the source address is the tailscale IP address of the current node, and the destination address is an IP address within the subnet range. In contrast, when acting as a subnet router, the source address is an IP address within the subnet range, and the destination is a tailscale IP address that initiated the subnet proxy connection. In this case, the node acting as a subnet router is acting on behalf of some remote endpoint within the subnet range. The tun is used to populate the VirtualTraffic, SubnetTraffic, and ExitTraffic fields in Message.

The sock Device captures packets at the magicsock layer. The source is always a tailscale IP address and the destination is a non-tailscale IP address to contact for that particular tailscale node. The IP protocol and source port are always zero. The sock is used to populated the PhysicalTraffic field in Message. The netMon parameter is optional; if non-nil it's used to do faster interface lookups.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL