Documentation
¶
Index ¶
- Constants
- func ConnectionExceptionReportHash(r *ConnectionExceptionReport) uint64
- func StatsFlowContentHash(r *FlowRecord) (contenthash uint64)
- func StatsFlowHash(r *FlowRecord) (flowhash, contenthash uint64)
- func StatsUserHash(r *UserRecord) error
- type ConnectionExceptionReport
- type ContainerRecord
- type CounterReport
- type Counters
- type DNSRequestReport
- type DefaultCollector
- func (d *DefaultCollector) CollectConnectionExceptionReport(report *ConnectionExceptionReport)
- func (d *DefaultCollector) CollectContainerEvent(record *ContainerRecord)
- func (d *DefaultCollector) CollectCounterEvent(report *CounterReport)
- func (d *DefaultCollector) CollectDNSRequests(report *DNSRequestReport)
- func (d *DefaultCollector) CollectFlowEvent(record *FlowRecord)
- func (d *DefaultCollector) CollectPacketEvent(report *PacketReport)
- func (d *DefaultCollector) CollectPingEvent(report *PingReport)
- func (d *DefaultCollector) CollectTraceEvent(records []string)
- func (d *DefaultCollector) CollectUserEvent(record *UserRecord)
- type EndPoint
- type EndPointType
- type EventCollector
- type FlowRecord
- type IPTablesTrace
- type IPTablesTraceRecord
- type PacketReport
- type PingReport
- type UserRecord
Constants ¶
View Source
const ( // FlowReject indicates that a flow was rejected FlowReject = "reject" // FlowAccept logs that a flow is accepted FlowAccept = "accept" // MissingToken indicates that the token was missing MissingToken = "missingtoken" // InvalidToken indicates that the token was invalid InvalidToken = "token" // InvalidFormat indicates that the packet metadata were not correct InvalidFormat = "format" // InvalidHeader indicates that the TCP header was not there. InvalidHeader = "header" // InvalidPayload indicates that the TCP payload was not there or bad. InvalidPayload = "payload" // InvalidContext indicates that there was no context in the metadata InvalidContext = "context" // InvalidConnection indicates that there was no connection found InvalidConnection = "connection" // InvalidState indicates that a packet was received without proper state information InvalidState = "state" // InvalidNonse indicates that the nonse check failed InvalidNonse = "nonse" // PolicyDrop indicates that the flow is rejected because of the policy decision PolicyDrop = "policy" // APIPolicyDrop indicates that the request was dropped because of failed API validation. APIPolicyDrop = "api" // UnableToDial indicates that the proxy cannot dial out the connection UnableToDial = "dial" // CompressedTagMismatch indicates that the compressed tag version is dissimilar CompressedTagMismatch = "compressedtagmismatch" // EncryptionMismatch indicates that the policy encryption varies between client and server enforcer EncryptionMismatch = "encryptionmismatch" // DatapathVersionMismatch indicates that the datapath version is dissimilar DatapathVersionMismatch = "datapathversionmismatch" // PacketDrop indicate a single packet drop PacketDrop = "packetdrop" )
Flow event description
View Source
const ( // ContainerStart indicates a container start event ContainerStart = "start" // ContainerStop indicates a container stop event ContainerStop = "stop" // ContainerCreate indicates a container create event ContainerCreate = "create" // ContainerDelete indicates a container delete event ContainerDelete = "delete" // ContainerUpdate indicates a container policy update event ContainerUpdate = "update" // ContainerFailed indicates an event that a container was stopped because of policy issues ContainerFailed = "forcestop" // ContainerIgnored indicates that the container will be ignored by Trireme ContainerIgnored = "ignore" // ContainerDeleteUnknown indicates that policy for an unknown container was deleted ContainerDeleteUnknown = "unknowncontainer" )
Container event description
View Source
const ( // PolicyValid Normal flow accept PolicyValid = "V" // DefaultEndPoint provides a string for unknown container sources DefaultEndPoint = "default" // SomeClaimsSource provides a string for some claims flow source. SomeClaimsSource = "some-claims" )
Variables ¶
This section is empty.
Functions ¶
func ConnectionExceptionReportHash ¶
func ConnectionExceptionReportHash(r *ConnectionExceptionReport) uint64
ConnectionExceptionReportHash is a hash function to hash connection exception reports.
func StatsFlowContentHash ¶
func StatsFlowContentHash(r *FlowRecord) (contenthash uint64)
StatsFlowContentHash is a hash function to hash flows. Ignores source ports. Returns contenthash - hash with all contents to compare quickly and report when changes are observed
func StatsFlowHash ¶
func StatsFlowHash(r *FlowRecord) (flowhash, contenthash uint64)
StatsFlowHash is a hash function to hash flows. Ignores source ports. Returns two hashes flowhash - minimal with SIP/DIP/Dport contenthash - hash with all contents to compare quickly and report when changes are observed
func StatsUserHash ¶
func StatsUserHash(r *UserRecord) error
StatsUserHash is a hash function to hash user records.
Types ¶
type ConnectionExceptionReport ¶
type ConnectionExceptionReport struct {
Timestamp time.Time
PUID string
Namespace string
Protocol int
SourceIP string
DestinationIP string
DestinationPort uint16
State string
Reason string
Value uint32
}
ConnectionExceptionReport represents a single connection exception report from datapath.
type ContainerRecord ¶
type ContainerRecord struct {
ContextID string
IPAddress policy.ExtendedMap
Tags *policy.TagStore
Event string
}
ContainerRecord is a statistics record for a container
type CounterReport ¶
CounterReport is called from the PU which reports Counters from the datapath
type DNSRequestReport ¶
type DNSRequestReport struct {
ContextID string
Namespace string
Source *EndPoint
Destination *EndPoint
NameLookup string
Error string
Count int
Ts time.Time
IPs []string
}
DNSRequestReport object is used to report dns requests being made by PU's
type DefaultCollector ¶
type DefaultCollector struct{}
DefaultCollector implements a default collector infrastructure to syslog
func (*DefaultCollector) CollectConnectionExceptionReport ¶
func (d *DefaultCollector) CollectConnectionExceptionReport(report *ConnectionExceptionReport)
CollectConnectionExceptionReport collects the connection exception report
func (*DefaultCollector) CollectContainerEvent ¶
func (d *DefaultCollector) CollectContainerEvent(record *ContainerRecord)
CollectContainerEvent is part of the EventCollector interface.
func (*DefaultCollector) CollectCounterEvent ¶
func (d *DefaultCollector) CollectCounterEvent(report *CounterReport)
CollectCounterEvent collect counters from the datapath
func (*DefaultCollector) CollectDNSRequests ¶
func (d *DefaultCollector) CollectDNSRequests(report *DNSRequestReport)
CollectDNSRequests collect counters from the datapath
func (*DefaultCollector) CollectFlowEvent ¶
func (d *DefaultCollector) CollectFlowEvent(record *FlowRecord)
CollectFlowEvent is part of the EventCollector interface.
func (*DefaultCollector) CollectPacketEvent ¶
func (d *DefaultCollector) CollectPacketEvent(report *PacketReport)
CollectPacketEvent collects packet events from the datapath
func (*DefaultCollector) CollectPingEvent ¶
func (d *DefaultCollector) CollectPingEvent(report *PingReport)
CollectPingEvent collects ping events from the datapath
func (*DefaultCollector) CollectTraceEvent ¶
func (d *DefaultCollector) CollectTraceEvent(records []string)
CollectTraceEvent collects iptables trace events
func (*DefaultCollector) CollectUserEvent ¶
func (d *DefaultCollector) CollectUserEvent(record *UserRecord)
CollectUserEvent is part of the EventCollector interface.
type EndPoint ¶ added in v1.0.24
type EndPoint struct {
ID string
IP string
URI string
HTTPMethod string
UserID string
Type EndPointType
Port uint16
}
EndPoint is a structure that holds all the endpoint information
type EndPointType ¶ added in v1.0.24
type EndPointType byte
EndPointType is the type of an endpoint (PU or an external IP address )
const ( // EndPointTypeExternalIP indicates that the endpoint is an external IP address EndPointTypeExternalIP EndPointType = iota // EndPointTypePU indicates that the endpoint is a PU. EndPointTypePU // EndPointTypeClaims indicates that the endpoint is of type claims. EndPointTypeClaims )
func (*EndPointType) String ¶ added in v1.0.24
func (e *EndPointType) String() string
type EventCollector ¶
type EventCollector interface {
// CollectFlowEvent collect a flow event.
CollectFlowEvent(record *FlowRecord)
// CollectContainerEvent collects a container events
CollectContainerEvent(record *ContainerRecord)
// CollectUserEvent collects a user event
CollectUserEvent(record *UserRecord)
// CollectTraceEvent collects a set of trace messages generated with Iptables trace command
CollectTraceEvent(records []string)
// CollectPacketEvent collects packet event from nfqdatapath
CollectPacketEvent(report *PacketReport)
// CollectCounterEvent collects the counters from
CollectCounterEvent(counterReport *CounterReport)
// CollectDNSRequests collects the dns requests
CollectDNSRequests(request *DNSRequestReport)
// CollectPingEvent collects the ping events
CollectPingEvent(report *PingReport)
// CollectConnectionExceptionReport collects the connection exception report
CollectConnectionExceptionReport(report *ConnectionExceptionReport)
}
EventCollector is the interface for collecting events.
func NewDefaultCollector ¶
func NewDefaultCollector() EventCollector
NewDefaultCollector returns a default implementation of an EventCollector
type FlowRecord ¶
type FlowRecord struct {
ContextID string
Namespace string
Source EndPoint
Destination EndPoint
Tags []string
DropReason string
PolicyID string
ObservedPolicyID string
ServiceType policy.ServiceType
ServiceID string
Count int
Action policy.ActionType
ObservedAction policy.ActionType
ObservedActionType policy.ObserveActionType
L4Protocol uint8
SourceController string
DestinationController string
RuleName string
}
FlowRecord describes a flow record for statistis
func (*FlowRecord) String ¶ added in v1.0.24
func (f *FlowRecord) String() string
type IPTablesTrace ¶
type IPTablesTrace struct {
Namespace string
Timestamp int64
Records []*IPTablesTraceRecord
}
IPTablesTrace is a bundle of iptables trace records
type IPTablesTraceRecord ¶
type IPTablesTraceRecord struct {
TTL int
Chain string
DestinationIP string
DestinationInterface string
DestinationPort int
Length int
PacketID int
Protocol int
RuleID int
SourceIP string
SourceInterface string
SourcePort int
TableName string
}
IPTablesTraceRecord is the info parsed out from a trace event message
type PacketReport ¶
type PacketReport struct {
TCPFlags int
Claims []string
DestinationIP string
DestinationPort int
DropReason string
Encrypt bool
Event packettracing.PacketEvent
Length int
Mark int
Namespace string
PacketID int
Protocol int
PUID string
SourceIP string
SourcePort int
TriremePacket bool
Timestamp int64
Payload []byte
}
PacketReport is the struct which is used to report packets captured in datapath
type PingReport ¶
type PingReport struct {
PingID string
IterationID int
Type gaia.PingProbeTypeValue
PUID string
Namespace string
FourTuple string
RTT string
Protocol int
ServiceType string
PayloadSize int
PayloadSizeType gaia.PingProbePayloadSizeTypeValue
PolicyID string
PolicyAction policy.ActionType
AgentVersion string
ApplicationListening bool
SeqNum uint32
TargetTCPNetworks bool
ExcludedNetworks bool
Error string
Claims []string
ClaimsType gaia.PingProbeClaimsTypeValue
ACLPolicyID string
ACLPolicyAction policy.ActionType
PeerCertIssuer string
PeerCertSubject string
PeerCertExpiry time.Time
IsServer bool
ServiceID string
// Remote pu fields.
RemoteController string
RemotePUID string
RemoteEndpointType EndPointType
RemoteNamespace string
RemoteNamespaceType gaia.PingProbeRemoteNamespaceTypeValue
}
PingReport represents a single ping report from datapath.
type UserRecord ¶
UserRecord reports a new user access. These will be reported periodically.
Source Files
Directories
¶
| Path | Synopsis |
|---|---|
|
Package mockcollector is a generated GoMock package.
|
Package mockcollector is a generated GoMock package. |
Click to show internal directories.
Click to hide internal directories.