From 63c1d4cc5d2b4e74d5de38c005e09b55de6339ad Mon Sep 17 00:00:00 2001 From: geoffrey Date: Wed, 10 Jul 2024 21:20:16 +0200 Subject: [PATCH] Update project --- Server/Dockerfile | 3 - exec.sh | 4 +- ic.c | 42 ++++- ic.h | 3 + ic_v1.c | 325 +++++++++++++++++++++++++++++++++++++ influxdb.pcap | Bin 0 -> 3081 bytes influxdb.py | 24 --- load_bpf.c | 57 ++++++- main | Bin 22400 -> 0 bytes main.c | 39 ----- prometheus.py | 30 ---- tests/main | Bin 0 -> 23312 bytes tests/main.c | 44 +++++ main.py => tests/main.py | 0 tests/read.sh | 13 ++ write.sh => tests/write.sh | 0 tp_tcp_py.c | 149 ----------------- 17 files changed, 475 insertions(+), 258 deletions(-) delete mode 100644 Server/Dockerfile create mode 100644 ic_v1.c create mode 100644 influxdb.pcap delete mode 100644 influxdb.py delete mode 100755 main delete mode 100644 main.c delete mode 100644 prometheus.py create mode 100755 tests/main create mode 100644 tests/main.c rename main.py => tests/main.py (100%) create mode 100755 tests/read.sh rename write.sh => tests/write.sh (100%) delete mode 100644 tp_tcp_py.c diff --git a/Server/Dockerfile b/Server/Dockerfile deleted file mode 100644 index a5efce8..0000000 --- a/Server/Dockerfile +++ /dev/null @@ -1,3 +0,0 @@ -FROM ubuntu:latest - -RUN apt-get update -y && apt-get install -y nmap diff --git a/exec.sh b/exec.sh index d3705e0..69653c9 100755 --- a/exec.sh +++ b/exec.sh @@ -1,5 +1,5 @@ #!/usr/bin/sh clang-11 -g -O2 -target bpf -c tp_tcp.c -o tp_tcp.o && \ -gcc load_bpf.c -o load_bpf -lbpf && \ -sudo ./load_bpf +gcc ic.c load_bpf.c -o load_bpf -lbpf && \ +sudo ./load_bpf 192.168.1.68 f32d493484526abc _HK7-cwCZuOiaBIFi17J3riUeQ8OeR6oOp9o3QZMNpehdJMTkleR4B7-CczXSzwhx656GMZi3m6h15h59burbg== tcp_metrics diff --git a/ic.c b/ic.c index 860f465..b2a476e 100644 --- a/ic.c +++ b/ic.c @@ -41,6 +41,8 @@ long influx_port = 0; char influx_database[256+1]; /* the influxdb database */ char influx_username[64+1]; /* optional for influxdb access */ char influx_password[64+1]; /* optional for influxdb access */ +char influx_token[128+1]; +char influx_orgID[64+1]; char *output; /* all the stats must fit in this buffer */ long output_size = 0; @@ -117,6 +119,14 @@ void ic_influx_database(char *host, long port, char *db) /* note: converts influ } } +void ic_influx_token(char *token){ + DEBUG fprintf(stderr, "ic_influx_token(token=%s))\n", token); + strncpy(influx_token, token, 128); +} +void ic_influx_orgID(char *orgID){ + DEBUG fprintf(stderr, "ic_influx_orgID(ordID=%s))\n", orgID); + strncpy(influx_orgID, orgID, 64); +} void ic_influx_userpw(char *user, char *pw) { DEBUG fprintf(stderr,"ic_influx_userpw(username=%s,pssword=%s))\n",user,pw); @@ -278,9 +288,8 @@ void ic_push() if (influx_port) { DEBUG fprintf(stderr, "ic_push() size=%ld\n", output_char); if (create_socket() == 1) { - - sprintf(buffer, "POST /write?db=%s&u=%s&p=%s HTTP/1.1\r\nHost: %s:%ld\r\nContent-Length: %ld\r\n\r\n", - influx_database, influx_username, influx_password, influx_hostname, influx_port, output_char); + sprintf(buffer, "POST /api/v2/write?bucket=%s&orgID=%s HTTP/1.1\r\nHost: %s:%ld\r\nContent-Length: %ld\r\nAuthorization: Token %s\r\n\r\n", + influx_database, influx_orgID, influx_hostname, influx_port, output_char, influx_token); DEBUG fprintf(stderr, "buffer size=%ld\nbuffer=<%s>\n", strlen(buffer), buffer); if ((ret = write(sockfd, buffer, strlen(buffer))) != strlen(buffer)) { fprintf(stderr, "warning: \"write post to sockfd failed.\" errno=%d\n", errno); @@ -323,3 +332,30 @@ void ic_push() output[0] = 0; output_char = 0; } +int ic_read(const char *ipsrc, const char *ipdst){ + int value; + int ret; + char buffer[1024 * 8]; + char request[1024]; + char result[1024]; + int len = 0; + + sprintf(request, "from(bucket: \"tcp_metrics\")|> range(start: -1m)|> filter(fn: (r) => r[\"_measurement\"] == \"tcp_reset\")|> filter(fn: (r) => r[\"host\"] == \"%s\")|> filter(fn: (r) => r[\"_field\"] == \"%s\")|> last()", ipsrc, ipdst); + len = strlen(request); + + if (create_socket() == 1) { + sprintf(buffer, "POST /api/v2/query?bucket=%s&orgID=%s HTTP/1.1\r\nHost: %s:%ld\r\nContent-Type: application/vnd.flux\r\nAccept: application/csv\r\nContent-Length: %d\r\nAuthorization: Token %s\r\n\r\n%s", + influx_database, influx_orgID, influx_hostname, influx_port, len, influx_token, request); + DEBUG fprintf(stderr, "buffer size=%ld\nbuffer=<%s>\n", strlen(buffer), buffer); + printf("%s\n", buffer); + if ((ret = write(sockfd, buffer, strlen(buffer))) != strlen(buffer)) { + fprintf(stderr, "warning: \"write post to sockfd failed.\" errno=%d\n", errno); + } + if ((ret = read(sockfd, result, sizeof(result))) > 0) { + printf("%s\n", result); + } + close(sockfd); + sockfd = 0; + } + return value; +} diff --git a/ic.h b/ic.h index 1bc9411..9f6ef86 100644 --- a/ic.h +++ b/ic.h @@ -5,6 +5,8 @@ */ void ic_influx_database(char *host, long port, char *db); void ic_influx_userpw(char *user, char *pw); + void ic_influx_orgID(char *orgID); + void ic_influx_token(char *token); void ic_tags(char *tags); void ic_measure(char *section); @@ -18,5 +20,6 @@ void ic_string(char *name, char *value); void ic_push(); + int ic_read(const char *, const char *); void ic_debug(int level); diff --git a/ic_v1.c b/ic_v1.c new file mode 100644 index 0000000..860f465 --- /dev/null +++ b/ic_v1.c @@ -0,0 +1,325 @@ +/* + * Influx C (ic) client for data capture + * Developer: Nigel Griffiths. + * (C) Copyright 2021 Nigel Griffiths + + This program is free software: you can redistribute it and/or modify + it under the terms of the gnu general public license as published by + the free software foundation, either version 3 of the license, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but without any warranty; without even the implied warranty of + merchantability or fitness for a particular purpose. see the + gnu general public license for more details. + + You should have received a copy of the gnu general public license + along with this program. if not, see . + + Compile: cc ic.c -g -O3 -o ic + */ +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#define DEBUG if(debug) +#define MEGABYTE ( 1024 * 1024 ) /* USed as the default buffer sizes */ + +int debug = 0; /* 0=off, 1=on basic, 2=trace like output */ + +char influx_hostname[1024 + 1] = { 0 };/* details of the influxdb server or telegraf */ +char influx_ip[16 + 1] = { 0 }; +long influx_port = 0; + +char influx_database[256+1]; /* the influxdb database */ +char influx_username[64+1]; /* optional for influxdb access */ +char influx_password[64+1]; /* optional for influxdb access */ + +char *output; /* all the stats must fit in this buffer */ +long output_size = 0; +long output_char = 0; + +char *influx_tags; /* saved tags for every influxdb line protocol mesurement */ + +int subended = 0; /* stop ic_subend and ic_measureend both enig the measure */ +int first_sub = 0; /* need to remove the ic_measure measure before adding ic_sub measure */ +char saved_section[64]; +char saved_sub[64]; + +int sockfd; /* file desciptor for socket connection */ + +void error(char *buf) +{ + fprintf(stderr, "error: \"%s\" errno=%d meaning=\"%s\"\n", buf, errno, strerror(errno)); + close(sockfd); + sleep(2); /* this can help the socket close cleanly at the remote end */ + exit(1); +} + +void ic_debug(int level) +{ + debug = level; +} + +/* ic_tags() argument is the measurement tags for influddb */ +/* example: "host=vm1234" note:the comma & hostname of the virtual machine sending the data */ +/* complex: "host=lpar42,serialnum=987654,arch=power9" note:the comma separated list */ +void ic_tags(char *t) +{ + DEBUG fprintf(stderr,"ic_tags(%s)\n",t); + if( influx_tags == (char *) 0) { + if( (influx_tags = (char *)malloc(MEGABYTE)) == (char *)-1) + error("failed to malloc() tags buffer"); + } + + strncpy(influx_tags,t,256); +} + +void ic_influx_database(char *host, long port, char *db) /* note: converts influxdb hostname to ip address */ +{ + struct hostent *he; + char errorbuf[1024 +1 ]; + + influx_port = port; + strncpy(influx_database,db,256); + + if(host[0] <= '0' && host[0] <='9') { + DEBUG fprintf(stderr,"ic_influx(ipaddr=%s,port=%ld,database=%s))\n",host,port,db); + strncpy(influx_ip,host,16); + } else { + DEBUG fprintf(stderr,"ic_influx_by_hostname(host=%s,port=%ld,database=%s))\n",host,port,db); + strncpy(influx_hostname,host,1024); + if (isalpha(host[0])) { + + he = gethostbyname(host); + if (he == NULL) { + sprintf(errorbuf, "influx host=%s to ip address convertion failed gethostbyname(), bailing out\n", host); + error(errorbuf); + } + /* this could return multiple ip addresses but we assume its the first one */ + if (he->h_addr_list[0] != NULL) { + strcpy(influx_ip, inet_ntoa(*(struct in_addr *) (he->h_addr_list[0]))); + DEBUG fprintf(stderr,"ic_influx_by_hostname hostname=%s converted to ip address %s))\n",host,influx_ip); + } else { + sprintf(errorbuf, "influx host=%s to ip address convertion failed (empty list), bailing out\n", host); + error(errorbuf); + } + } else { + strcpy( influx_ip, host); /* perhaps the hostname is actually an ip address */ + } + } +} + +void ic_influx_userpw(char *user, char *pw) +{ + DEBUG fprintf(stderr,"ic_influx_userpw(username=%s,pssword=%s))\n",user,pw); + strncpy(influx_username,user,64); + strncpy(influx_password,pw,64); +} + +int create_socket() /* returns 1 for error and 0 for ok */ +{ + int i; + static char buffer[4096]; + static struct sockaddr_in serv_addr; + + if(debug) DEBUG fprintf(stderr, "socket: trying to connect to \"%s\":%ld\n", influx_ip, influx_port); + if ((sockfd = socket(AF_INET, SOCK_STREAM, 0)) < 0) { + error("socket() call failed"); + return 0; + } + + serv_addr.sin_family = AF_INET; + serv_addr.sin_addr.s_addr = inet_addr(influx_ip); + serv_addr.sin_port = htons(influx_port); + + /* connect tot he socket offered by the web server */ + if (connect(sockfd, (struct sockaddr *) &serv_addr, sizeof(serv_addr)) < 0) { + DEBUG fprintf(stderr, " connect() call failed errno=%d", errno); + return 0; + } + return 1; +} + +void ic_check(long adding) /* Check the buffer space */ +{ + if(output == (char *)0) { /* First time create the buffer * + if( (output = (char *)malloc(MEGABYTE)) == (char *)-1) + error("failed to malloc() output buffer"); + } + if(output_char + (2*adding) > output_size) /* When near the end of the output buffer, extend it*/ + if( (output = (char *)realloc(output, output_size + MEGABYTE)) == (char *)-1) + error("failed to realloc() output buffer"); + } +} + +void remove_ending_comma_if_any() +{ + if (output[output_char - 1] == ',') { + output[output_char - 1] = 0; /* remove the char */ + output_char--; + } +} + +void ic_measure(char *section) +{ + ic_check( strlen(section) + strlen(influx_tags) + 3); + + output_char += sprintf(&output[output_char], "%s,%s ", section, influx_tags); + strcpy(saved_section, section); + first_sub = 1; + subended = 0; + DEBUG fprintf(stderr, "ic_measure(\"%s\") count=%ld\n", section, output_char); +} + +void ic_measureend() +{ + ic_check( 4 ); + remove_ending_comma_if_any(); + if (!subended) { + output_char += sprintf(&output[output_char], " \n"); + } + subended = 0; + DEBUG fprintf(stderr, "ic_measureend()\n"); +} + +/* Note this added a further tag to the measurement of the "resource_name" */ +/* measurement might be "disks" */ +/* sub might be "sda1", "sdb1", etc */ +void ic_sub(char *resource) +{ + int i; + + ic_check( strlen(saved_section) + strlen(influx_tags) +strlen(saved_sub) + strlen(resource) + 9); + + /* remove previously added section */ + if (first_sub) { + for (i = output_char - 1; i > 0; i--) { + if (output[i] == '\n') { + output[i + 1] = 0; + output_char = i + 1; + break; + } + } + } + first_sub = 0; + + /* remove the trailing s */ + strcpy(saved_sub, saved_section); + if (saved_sub[strlen(saved_sub) - 1] == 's') { + saved_sub[strlen(saved_sub) - 1] = 0; + } + output_char += sprintf(&output[output_char], "%s,%s,%s_name=%s ", saved_section, influx_tags, saved_sub, resource); + subended = 0; + DEBUG fprintf(stderr, "ic_sub(\"%s\") count=%ld\n", resource, output_char); +} + +void ic_subend() +{ + ic_check( 4 ); + remove_ending_comma_if_any(); + output_char += sprintf(&output[output_char], " \n"); + subended = 1; + DEBUG fprintf(stderr, "ic_subend()\n"); +} + +void ic_long(char *name, long long value) +{ + ic_check( strlen(name) + 16 + 4 ); + output_char += sprintf(&output[output_char], "%s=%lldi,", name, value); + DEBUG fprintf(stderr, "ic_long(\"%s\",%lld) count=%ld\n", name, value, output_char); +} + +void ic_double(char *name, double value) +{ + ic_check( strlen(name) + 16 + 4 ); + if (isnan(value) || isinf(value)) { /* not-a-number or infinity */ + DEBUG fprintf(stderr, "ic_double(%s,%.1f) - nan error\n", name, value); + } else { + output_char += sprintf(&output[output_char], "%s=%.3f,", name, value); + DEBUG fprintf(stderr, "ic_double(\"%s\",%.1f) count=%ld\n", name, value, output_char); + } +} + +void ic_string(char *name, char *value) +{ + int i; + int len; + + ic_check( strlen(name) + strlen(value) + 4 ); + len = strlen(value); + for (i = 0; i < len; i++) /* replace problem characters and with a space */ + if (value[i] == '\n' || iscntrl(value[i])) + value[i] = ' '; + output_char += sprintf(&output[output_char], "%s=\"%s\",", name, value); + DEBUG fprintf(stderr, "ic_string(\"%s\",\"%s\") count=%ld\n", name, value, output_char); +} + +void ic_push() +{ + char header[1024]; + char result[1024]; + char buffer[1024 * 8]; + int ret; + int i; + int total; + int sent; + int code; + + if (output_char == 0) /* nothing to send so skip this operation */ + return; + if (influx_port) { + DEBUG fprintf(stderr, "ic_push() size=%ld\n", output_char); + if (create_socket() == 1) { + + sprintf(buffer, "POST /write?db=%s&u=%s&p=%s HTTP/1.1\r\nHost: %s:%ld\r\nContent-Length: %ld\r\n\r\n", + influx_database, influx_username, influx_password, influx_hostname, influx_port, output_char); + DEBUG fprintf(stderr, "buffer size=%ld\nbuffer=<%s>\n", strlen(buffer), buffer); + if ((ret = write(sockfd, buffer, strlen(buffer))) != strlen(buffer)) { + fprintf(stderr, "warning: \"write post to sockfd failed.\" errno=%d\n", errno); + } + total = output_char; + sent = 0; + if (debug == 2) + fprintf(stderr, "output size=%d output=\n<%s>\n", total, output); + while (sent < total) { + ret = write(sockfd, &output[sent], total - sent); + DEBUG fprintf(stderr, "written=%d bytes sent=%d total=%d\n", ret, sent, total); + if (ret < 0) { + fprintf(stderr, "warning: \"write body to sockfd failed.\" errno=%d\n", errno); + break; + } + sent = sent + ret; + } + for (i = 0; i < 1024; i++) /* empty the buffer */ + result[i] = 0; + if ((ret = read(sockfd, result, sizeof(result))) > 0) { + result[ret] = 0; + DEBUG fprintf(stderr, "received bytes=%d data=<%s>\n", ret, result); + sscanf(result, "HTTP/1.1 %d", &code); + for (i = 13; i < 1024; i++) + if (result[i] == '\r') + result[i] = 0; + if (debug == 2) + fprintf(stderr, "http-code=%d text=%s [204=Success]\n", code, &result[13]); + if (code != 204) + fprintf(stderr, "code %d -->%s<--\n", code, result); + } + close(sockfd); + sockfd = 0; + DEBUG fprintf(stderr, "ic_push complete\n"); + } else { + DEBUG fprintf(stderr, "socket create failed\n"); + } + } else error("influx port is not set, bailing out"); + + output[0] = 0; + output_char = 0; +} diff --git a/influxdb.pcap b/influxdb.pcap new file mode 100644 index 0000000000000000000000000000000000000000..1aecd92c941db409d799bfb49036837d34e48e63 GIT binary patch literal 3081 zcmchZTTC2P7{|{p6mXI?VobO^$N{y0WiPV~yUWNbw{n&Hwo*(b%kEir!m_)}%yLUj zsIAc$l{aEi(3(EzbJJ35lcq^yEwRK1jZI3U_41$(qEy?&lwQ9yz+72>I{dv;RiZ$;uA8EAv3Gyey;2I+Xx** zsAln}T2z~bUcB<9;UyT2D=S5Fise)moqpQ5dH=*82pKc?oy#=laBJ=N3g~r1Mn*Q} ze{h_|M_DXGTK7fZI*mvhY_9Qz#k-XIP-JrR z4IA%%ujh7m^?9(>8$Q-cv%n${>H_C!WV z7!S6zJI%g{hJjd@xgtkt0R>?109`F67;uqct%2`SEzTI z8+_CKebW=cNk^5Vxnn@89CZZws$f<1P)r^gcDqfSi3`Y)(XzNGA}&dhrKJ4Wt627i zhe?^DdS%#wnIEOs0#ZmNa#vF1_~#!zdoUo8ke@j}d!}*?`_`{h?)4~>n{U`WbuYoa0WDRy>o7Qa8}4dPS|aWz zl}xHuu*xgg7xc;?q&ubt%q|mm*eg$oIBqQS!LTplm%_s)uHW1mrk?W;nd@Ux$S>lq zzCPXM!$elVogyB$Tbvd!aHCfR5$cD^J4xRpXX1xw&jEUSQ>=uHKs2bCg@!nc&_onp-$ST49T1d9D6KY4x|k8mnn}O!Z!-dRu^N z2D8(_K1V~r>>}mvk1)BA$0xr@q5)#7lVyS2REhJ($Ub6v|Jeg?8YS+sx$Z%qlGYM!BdoaVXl$!~6qiu0}?4X@`A{ z$<^1pRYkd%Zl=^rO}e^pCSV2b_VD?=^)3T<44Q!swu#Wu*$b3g`f{RPt+@hL&79Ok zPw7oWpHbR#rGh>_+=&MVPJDCo62@3dqxR2O-I2C2hqkd*#>V=!jeWRxW9A<@bO|;^ zM{;92?iX85jXTKX<{P%V-$`)SXh)|!4g}m8!8>mkx&;4MgFPPD4X~BR2FO?18TF=} zQ9qwo+>{m|RtS(a>eXXU!o8?*dzjo@-HT#^d-)ctUY+#9mP?cV2fg&gP2kld&|BMq k&4l!KKzb{!_d6z6-&?a^YxQ=g)q4bVXin3?20GmN2XPmF5dZ)H literal 0 HcmV?d00001 diff --git a/influxdb.py b/influxdb.py deleted file mode 100644 index 4ba02fe..0000000 --- a/influxdb.py +++ /dev/null @@ -1,24 +0,0 @@ -import influxdb_client -from influxdb_client import InfluxDBClient, Point, WritePrecision -from influxdb_client.client.write_api import SYNCHRONOUS -import os - -#token = os.environ.get("dQV0BbJvy7W9Bool6FGh1ryb_uXBNqZB8BlJqb8yC4yNB8RTDSooT5hixoqMf8cBeXUXTRUdmkwlxnkI9PCsBA==") -token = os.environ.get("sySU58aCfMdTGtBTttduzSS_x_4CBI1twpicYw4Idq9abZWGsAXdbvww2wWmwmLDTtrALAx4Q0wZK9PUIr4ejg==") -org = "gbucchino" -url = "http://192.168.1.68:8086" - -write_client = influxdb_client.InfluxDBClient(url=url, token=token, org=org) - -bucket="tcp" - -write_api = write_client.write_api(write_options=SYNCHRONOUS) - -for value in range(5): - point = ( - Point("measurement1") - .tag("tagname1", "tagvalue1") - .field("field1", value) - ) - write_api.write(bucket=bucket, org="gbucchino", record=point) - time.sleep(1) # separate points by 1 second diff --git a/load_bpf.c b/load_bpf.c index 3fc3453..02770b5 100644 --- a/load_bpf.c +++ b/load_bpf.c @@ -7,12 +7,23 @@ #include "common.h" #include #include +#include "ic.h" + +#define BUF_SIZE 300 +#define BUCKET_SIZE 16 // Bucket size for InfluxDB +#define INFLUXDB_SIZE 64 // Host and ordID size for InfluxDB +#define TOKEN_SIZE 128 // Token size for InfluxDB +#define CNT_ARGS 5 // Number of args + static void clean_obj(struct bpf_object *obj){ printf("Cleaning\n"); bpf_object__close(obj); -} -int main(void){ +} +static void usage(char *app){ + printf("Usage: %s \n", app); +} +int main(int argc, char *argv[]){ const char *fileObj = "tp_tcp.o"; struct bpf_object *obj; struct bpf_program *program; @@ -26,6 +37,26 @@ int main(void){ int keys = 0; int indexPackets = 0; int index = 0; + char buf[BUF_SIZE]; + char host[INFLUXDB_SIZE]; + char orgID[INFLUXDB_SIZE]; + char token[TOKEN_SIZE]; + char bucket[BUCKET_SIZE]; + + if (argc < CNT_ARGS){ + usage(argv[0]); + return -1; + } + + strncpy(host, argv[1], INFLUXDB_SIZE); + strncpy(orgID, argv[2], INFLUXDB_SIZE); + strncpy(token, argv[3], TOKEN_SIZE); + strncpy(bucket, argv[4], BUCKET_SIZE); + + // Connect to InfluxDB + ic_influx_database(host, 8086, bucket); + ic_influx_orgID(orgID); + ic_influx_token(token); obj = bpf_object__open_file(fileObj, NULL); if (!obj){ @@ -93,12 +124,8 @@ int main(void){ __s16 f = AF_INET; err = bpf_map_update_elem(map_fd_filter_family, &keys, &f, BPF_ANY); - printf("Waiting for new packets\n"); while(1){ - // Get the index - // and we compare with the local variable - // If it's different, we get the new variable err = bpf_map_lookup_elem(map_fd_index, &keys, &indexPackets); // We have a new packet @@ -110,15 +137,29 @@ int main(void){ struct in_addr *src = (struct in_addr*)&s_reset.saddr; struct in_addr *dest = (struct in_addr*)&s_reset.daddr; char *s = inet_ntoa(*src); + char *d; char tmp[35]; + int lastValue; memcpy(tmp, s, 35); - char *d = inet_ntoa(*dest); + d = inet_ntoa(*dest); printf("Sport: %d; dport: %d %d %d %s - %s\n", s_reset.sport, s_reset.dport, s_reset.family, s_reset.proto, tmp, d); + // Get the last value from InfluxDB + lastValue = ic_read(s, d); + + // Send data to InfluxDB + snprintf(buf, BUF_SIZE, "host=%s", s); + ic_tags(buf); + + ic_measure("tcp_reset"); + ic_long(d, 1); + ic_measureend(); + ic_push(); + + memset(buf, 0, BUF_SIZE); } memset(&s_reset, 0, sizeof(struct reset)); - //sleep(1); } } diff --git a/main b/main deleted file mode 100755 index 1653d8403d17129df2560d2fa79e05cf478fe9e3..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 22400 zcmeHPdwf*Yoj((}7*oOwNHl=T6^({UhJ=?q0tPU8>4HQ7tF3mJ%uL8=GBcfr5LP8@ zOl7=|rMf6xb;YfHYfGyr+9E-eV5=>(tECoed{8HX8l$$Uui5YKJZ|n>Gwx>}pZ)9~ z9LW66?|FXboZoreb7#(m`lS~Zxm--8VQc{-to`B0hl=uHv7`?JB)xLV3;|CSWTv3h#!T(Nq4N@;VQ`m9BhXt7_sLHzpdc0jE|33q& zn=h5+73v3%tha))dD+yKaO12QQ(J;nE#XLNUDdkTv#Msz@Ft?(X}oCiOUEC@)I}Gs zV(7OnqDgbCs9oU79`VLXKFNP?Q{BfeZ@GPzsb`)OXGZxPcCtyr7O5g7eD)^s5Wd7sC;K z2s<=g3}yed0(6)eQa)aQ-dlivPXYSE0`%_`pa%=kX}AtmuMZ2*zgd7@SAgy-(4N%4 zLzVlx0`v_9=r-@f^aKzsdULRudkUz*;{Vgrg01HGT zkx(EB5lj;SUn1#`Cw;B{aD+9*;^9cLi6x?eYeGquNX7%PHZqlLi-mlRKCayoO@xRQ zAs%2$D8dpgp-_wp;RPh5nKhwgb2O1`Y>W6?L##O&jU-qiqRL1HL-9Bn0Eos>3ScBk zW%!ffXoQ8TBo93Nv<<7HmGpyV+?@TK{eFpO_S-H#y&q8a$iDW3ga@pdRXe6}K-`GN> zu4#=%WP|yH=#YXm>kY#{7yqQ(a4Scc;%PRjkR4%hsY_j$p@$c zKP2~8G^b0`+yO7q zS8E-qmD}iipG8C@-A1RnsZ?pBQyD5%+vuw8h&S6tms>8bQfH%=C?kM|jZSleN)0yp zNJRv^+(t)$SZTG5KFXpp)@-A@ZSumJVHu-iNU2eHKcax1SLxTlsRv7`PLP7^xnZ{akNqy8376FBN`;WTlh z{uWLXHtKKTG*P4e3P*39#(V1m#`}wK94ELZ4&r4Fywrhf4*U}wW7zdSaNut_@FNcV zB?tbz1AoqeKkdMGIq)40{6Po)T?c-T1K;AnGY-7dfnV>yQx3e=1>`I(alO#akJ_ZfTMKHu0gFwAi6GY)>5918Q6@sHmy+%(3k6 zK=yO&kFeXHY_pH2K573UvVdyMgZ=FHxQJ)4LWcW^F2jZY2i%V`_oH1Eq}bWzzVYwm zplAis-bEEmcV-E6>>|KYGYnBxBh%SO^i1hb$5B~>0q_S-7F-yq;qf4hn04ib$;aN6 zD2Ce=By)DQ>q9Dx8fOHiQ!4&eP)u$AY~C*G(eC#kYZYJmvKXoDym%S#6HxZi<(7ymAZVN`;wq_SXM$*pMma!?bgIwP#tC=N zgu8E_NA51`!{Ed~nYqU9Xq;*bvyazVG2xTdzUl9r)n{YfFIg>M*~WpX{TM}HNX{~~ z`$TSvVV3=w4^Ayg#itJ%nX(;3$jm(1?!db+^*G9APayi3m=`i|Dy^M|*fg~oe0FxV zjYC^#LNB`pt+ta?dcTE_rfzKlWQu5ZT}cI?wXTEFv{pjFZSr{p!3A;|$W3Xj54AA0 zL--UUAyayo*XuVBc@iQh4iz~xi&v>48y!IRBWktpfr2=@vz!VUjI*gw;qDyOc2XTa zJ7q!l=hTm#U8#EHe?oceo;)z~B=9?UAHP73p9EW&o^B+HsnPmnO;2^a*zRnYBEi<{ zX4z#z+Q+4{E*eglI;Nz)h(4Grc#8*l`?%?8ijdaMLDn|UT2np3B1=B){u}wU7yf9Z z1j>U%aUC)`x`q*2$|uaSH+XlK?iam&koR@1OISHbHO*-MdI}lX$6G6V9@^Ci9Dv>L zlC0|hDt;GNrgACxdAv{oD6d=lCV14o-P%UvD4E)HypTZLoo$$+|)xcoW?Z#}wvdgjb2#0>iSE)+aK}Xf1@jl`6t2Tlx!@W$Ii(90g5*kTr z2wsI(Nt9RN5OUqxpYch_)HcuHF48~@A#0@f@TlYAjygVsZ6h_}73AMw=uj_IV!6Xo zs{Mp)LuA%pRYzPWDQ6MIwHGqKl9Vx$V%8rbm0=vEo;s1x0Omkb`x0c)XqUmGbCK=H zy3+N>jxI!nM*=nLj~QEK43(tL0rjtQ6t$y^q6-lOAmu0~{TGG*a%++!IF}C5c zZtX9iP=Z_UAuIZFvUG6a2XHx~jhAR6M;nNA0!Z#hh8NW)Ql|qQ;Hur(x&_to-gT!T z*R7q2PfDit{4^`Nib%-Rz5@ysg6KMpTa$rsF02h1UGJ*7D*F$7^(*_~Y;Nf11b9q6 zi029;Js4BE<=CxK2J-=O-P+Cgqyb=RwZbuqsnO&SVv3%QR80K~H`$%l$g9DaQadPG zATTTkC?Z~c56#fgHJ0-Av>KUZCs47b<{^-&Ekbprv>e1sxOF**i{ccZv zUz6Kg-?#ouo`27ML+JtxsV4WzJ)mogkayqF)zRm=u`9X2)QY%Q?i;B{xb*w#L6@2g zcLV`bdM6(IZ2vb6s*_5!r1Sw&!T$l=$C26Cttx8i%3awYW5v6 zXL>kqzu@i10^{7gb@UXWHbP99*vIsa`m778^XiXXcOQc5M|^tL9wH!uOS&zC>*_IJ zs1>4&O6G0XLGrxq+K@A~c~h<6Y8Dnx1O>qbYcvJW_ID~bB?suusOjeX>3@Z>@ff{f zFgiw_#T@zBSQ_j*_$=+xCgGsG|xS6si zrjt3^Q2jHPn|VFAFKgNZ<2VWO;Q3PcGgn%o&VTP6FtN7c+^C9dZJ{E_R=OW8w$X0q za5=iyq|0rc%Wd&sDm@#zroge#?J>3Ic!N@19(voVi}r^pygRE=%mc`pJE#~lLq6fr z1D^|dm~~MIsSUxID79l3F&gA7bcPatb}pLFqY;N>)QiRHBqB zajvR_`w>x#+R~Iq(F#}W8B@Cm?jQtGQ%q4Jo__}&G&=T_!o6SM(9i0OJKjR`canGW zpGDEhN=xzZ7p=|^@YKPhRysNqKyV}W#QKLSF@)SiMKMtA^?^KCMLbr&&bt-A?f zD4T)WQ7krFgg72mwX3CgnN9pMDgHGQrxS>)B;gy>uBLWFHMTn_rCV!9j?z&V=CJy# z{TZ<47|GhVwKT6);(R5&>li=m*wMqmmO}uJIjw_>6m6jWmTqr_kB+KGtc9?ICsJ;s zqYLLe!0>r_v60U7al`iv5HJl7sO6wCY@?0zJ;ek}LkATb*^Ea}%Q>}Swqe#)8|hA+ zQ@2!dswxDAY=u+{#o1iMDx^+O4MA0fGzjYDoN5)anp3wlbE+zY9{^Z2i3!DZT*NA* zT~Id(sw!l&pl;<1?7wz0{2(IvjxX;+R z&4SAxnxia@*M!1Q5m{SIl$@>-=%@6--Csk@{W=lgt*O-MO7RODjl%?9gj+ z%SVqWM~HN1ujh)|3gJrj1=>txw2L`PJ~l|k)p&jp`?!0sYKz=$c*5g30}o^f+OhmV z30gtmtVm2QVf59(P*6`sb@A26%E>x0^~O|F zQz(wFQwDtDNK;E{U1c~%UoMysa=%m;a(am7&&HvQ2NnHztR0Ca+ymiBLSYwvvE!WlAiOSR0K8ZOtgZ ze>zuB#@nb`Xb<_FRmxI7&P4~5NHKI;0N*>6jl=sviRZJdkg)Z;{K_f>(RQ&^QguB# z8m&YfittIK;-N|^79~Yf5#IeJOxJZDPEsHg305KuxFU3Ys-?+BBGvd=eL=U>5K}F| z@DviqH%`}Z`6)!pE0kA{WP;HYzLJVCo>JkhX_~B8=@EZ~Y8Z`^6Z0#))0^m-kQ=91LI+?UXh?qEG=0ajU+>nWYyA8WKFUebRw3PFfj%P3lRAH+KR*i zQ5c+E>yOjW#)#)->M>ZR5TWlcHw9%xcn9Z#5+-|DxE++8KEFg-B`a`-W{t+SWGJC0 z;2B}bXwu(;j4at%Zeujq_W9+;LxE8ES`0UCmrT<1A#0PljZ3 zP!;6(rm0L1C-g`(iJB(!<`M1)PE#mt5MJR69X!3WVO7GvCNx*~PNi>+>$Nm*EzoOe zPy@vL7|_85Om%Y!TNvQ6Mtxqw8rB9yCK-q^IpZ=*G09WaaY3=baI1^_Dox4x9i9RPjfpL4l7;BNt52{`=aT<$u+ zI|1pn~-lbspD*ktY;yMp;BZ6@Oia zbGfrg=7JM&TEy5{_`|UxGya&%ZHF8i<+*TF`Ip>ZSXovw;%Lvq%TuB;4S!@gEnd*TKy=`H;NXQj;QY#Mt=MNe`)aWT5phdF`NZT z{QdZA2mf|JOSkA|ESTGuY3ZLJbl?}24Qo2r(ZfI0~qBwQ_FOu}{v zH%qup!tD}vNq9iQ9try-#E%hq@<^ylSS?|lgbfm|mM|t^yM&u1+$Q063A-d5x|W5h z>UU@tEnYlVuUyrLXS9@FQ{$cCt*)v`akS=!Y16#bGbT%NVOzwZ{vFQV<*ysyRP)YQ9kPO+fq3pcC@U{L(#`zFGat@ z-L_H)t1BlK6_CFSblqlGWpBYerZddKvL6*aUcgQ#r+e6oa-!yYPbeAiXDB~!fjs%y ze3`H;rzLiK0sB9c_J_%d{}SoYQ=og`r^n&vucf^6cgF`or*hXh%6*CCi$*iG{;2xC z#_cF<5T1?pAv<-lT-w4?`fCCC(U2di9S#(rpULSS_Pkt3)cP@{fIPkQ<^3+}RmZ(y zYEU)i$V8LoUE}4BfFW`%VXXD!k?`{UjcdQ$6I7SDnGB1^wl!nT$0f$>6_$u zSL3J+^r7M{!|5J&liXPF=U9|`7wF`ta~yqN+K)NL%R|ymnRJ{#o59XbNna_)DSwUy zeXpd?KLZF7f93=HwY1;vu>S{1?{UQQE0Vs+(LQfVx-RE=)o$;CPW^aT#yNjpMY$hw zI(d?x+)yO>4RXWB&j}zhiPQ6C37cMkeo+DXS3sxubhdL7==x{Pvv!h4zr}We1;6I2*i^$-Y9N7@Hd9(g$V;8k;H2e zZ-5Qnj^InS`T}%6LIRS(sBcY6w9((<3nruSgwLN^heJwn6dCkZ4=q7ARD^y0c--IS z!&z&*jWxybiozF6wYJjD6E+O5V#3Kh(Qp9X;L!0}AH6HVfuT4fMp<+&37*e);iU_g z)%)r%zQBk38ZNlv;)TnWECv}D)cEQR$u%yxl=&`Nx_r^XrM~4CUbv!urElfJMN8|U z;k+TE&bm_qH$^xutgv`=qlCO4BailZS4%)1*Js#M(@PG1ElECuzi#uX_d{r8s)e|6WAKuXJe9n+ zVR;;sLa+1GwI+Ey=UpDYU?S>k_D6zr&&QJGC=pFcegydo9R4dGGQ$o_>g%Xo@x8!*Mu6Sd>JA>YN^2=HBWaJCF zJes(yC6DCutz5QPjYqm_Wyt$eWNG1;bv;a;5q{fD9wq;_n|u~c8&pA2XImRlx5$$C zI}5yoM7-JVy0Pp`haYrXjYZ%?oL`cYM;dG>3gFmU#=MEPR=g$#OvVLlRyo|X0~zMU z+n11cO(f-w#iKF2=xwu+8dG6h;uQ``(!xbcs%SFi;>~_^uQ%8hK@kEb03ymh?Dde=mOQU=48dFiba^YW>}8;|m-#2ads^Kmoo*|9KT zLrly8o=z1uu}o%6}!N;0@r@8J)t_Ih}&5rM}aDNoE;js7;l=IyY4CkQ7wqJL`X^ z)L$g!)H$Sr>fDm_sm+}F_kl)jqU>AyMY(TO=d%#u$=Uz3PqgdnQcpqt4pHh7kZcQn z-=Tj%ZiE$7^2&t572NL7?~(cnZgX_F(o^s;hrYVEQ^7Ae4v3YW@@Kb0U!5~3sLsEY zytDnDminsy)pM+ZN3cJ(CujN3IrP=}lY$T1m63Or|0jq3Hkwe76zsAb6Lb|n0%Pn5 zGNbS(hpBb0r|ye%$}3#KccJUH>8o@9fm#rel$^i@aYg?G42oSx;hS6IUP77(c>Zw1yye~{}NmI hj;xg~r-cP+i6eehxq?g2ibLz)C*Qw}cPKbe_8)=L&p`kH diff --git a/main.c b/main.c deleted file mode 100644 index 8821e46..0000000 --- a/main.c +++ /dev/null @@ -1,39 +0,0 @@ -#include -#include -#include -#include "ic.h" - -int main(int argc, char *argv[], char *argp[]){ - char buf[300]; - char host[64]; - char account[64]; - char pwd[64]; - - if (argc < 3){ - printf("Usage: ./main "); - return 0; - } - - memcpy(host, argv[1], 64); - memcpy(account, argv[2], 64); - memcpy(pwd, argv[3], 64); - printf("Host: %s\n", host); - printf("Account: %s\n", account); - printf("Pwd: %s\n", pwd); - - ic_influx_database(host, 8086, "tcp"); - ic_influx_userpw(account, pwd); - ic_debug(2); - - snprintf(buf, 300, "host=%s", host); - ic_tags(buf); - - ic_measure("tcp_reset"); - - ic_string("ipsrc", "192.168.1.1"); - - ic_measureend(); - ic_push(); - - return 0; -} diff --git a/prometheus.py b/prometheus.py deleted file mode 100644 index c5e6eee..0000000 --- a/prometheus.py +++ /dev/null @@ -1,30 +0,0 @@ -from prometheus_client import start_http_server, Summary, Counter -import random -import time - -# Create a metric to track time spent and requests made. -#REQUEST_TIME = Summary('request_processing_seconds', 'Time spent processing request', 'foo') -#REQUEST_TIME = Summary('request_processing_seconds', 'foo') - - -# Decorate function with metric. -#@REQUEST_TIME.time() -#def process_request(t): -# """A dummy function that takes some time.""" -# time.sleep(t) - -c = Counter("tcp_reset_stats", "TCP RST stats") -def tcp_rst_stats(): - c.inc() - -if __name__ == '__main__': - # Start up the server to expose the metrics. - start_http_server(8000) - # Generate some requests. - while True: - # process_request(random.random()) - - # Count - print("Inc") - tcp_rst_stats() - time.sleep(30) diff --git a/tests/main b/tests/main new file mode 100755 index 0000000000000000000000000000000000000000..c579cf551e5baf59dd6661e9d976a7dc191d04b8 GIT binary patch literal 23312 zcmeHPeRx#WnLm@{3PzF%N-%=Th(-e?Apt@|B#;2Xn{JQ@0kMk1Br_o+$xJ$P2NPNq z3{l4GSlWuRu0GXnrMBB{{a6*LA3=P;x;~1oA8GwcE!r7Dji@zlmD%5WK5p&|8K2$# zqt8D3aFo2~{XFk^&wI|f_uM=8y86bYSq=wNC7Uf^gdH3&D7BKYeWk1b)Uqme3jUtW z&SED4&*3z|uN44XQQEUo;aEw}1|+@vBtIRVDdiMY9ug$IOr`x4!BLPE2%PjZs!BW^ z=AAC&6jXexy>h{4X|Ow2&=s`nQEcKhf*)U&3dd3aP^u;isPrftq&F<}hNYf@gE9~b zs(4aN=-)Fkp6PH2cvKW5St?EM8D6UEb2)k(d|r^5f=cfa=#iiQ-J-(2LbjJFE=AIR z1!Z^H%npCc+&MElyrmufK%~30yJ~Lf+&N|8VA(9*?+I{(LVD4~tJu$1kGb-d)qAd; z{N~eV*BsG4zwyfdNRZ#;1KA@PDkLwP z=Evu>I)RQ_E(i70Q8-I7(9c4Hu2JM^Tt~CBD+9ec1HCx|o#Hi`{f9EpKgdA;bq0Dz z2Kqn-`u8%>Z_hw~Fav#FhIoEIgZ$JC^u`SINg3#r5TnI&RtEaL8R&Wj|6j}?zb6Cz z`V4fKAJxx(&?y$_WjhGt*%^#oA~4nJ<`4J`cfbgGNH;*rA)lwCBiKrK zhc5s{Unmp^xJ@O1iE z+tnez;bW~G!7vc%SGdFH>p~-~-5z(FKj7)`Z}L&oP!EPc#{$&q4jZ13;qLVK11ubn zio~FWXfC^`v0>3-_pGwnR_)tXZB|(&b2l_EbHg9sdVkpPg_@Tw?g$2a&7PJH9~xNS z84Sn<+(L9zL0YqD)uO+n|3|!R8&AmQND5^Dt#jGzQ$V#YpXT@H(GK#pq@B+3Y&Hhs zBomqBKbh=|7wSyyXDT1=mw7NG_bWy3lJs~JjG!pG!UvWMI<2{KOXP$>8y${WC2ph3 zOBBuC`a~Q3ej8n0+Hvk~8@`#HXdaN61ucXPa&aN5!m+c`dqaN5ce zn>jw6aN5EWT^yfEIBi{tbwYjtV{O}k^HT9)L-eI9_2|2L@1dcl=Ej&d3AXiE-a}|o zkJa1)Pm_i3<8zOf|P&(J*K@&VBWA%h;(=od`gFtlY`DFo5}D#2_gR&m#=(~ zz_ep}bV%R((L#OiaJKH)ufKH6m;eJiq=B)?!8YEG(%)S3Bj~Zn%vE}C%|=KuJ^G$8 zPB&}53wpd15stUx&wkAh+_6^aDVX>^n5&?(5}8}1N3V&;{a+`OCW{`3Q+)O4zW5p< zP*zVN7tK}ihUkDEt32l{YV5#n>P|cdvZi*do{{3CP;+hBi2vF_`SOn-{5 zr{g<_8r9w=s;RwBpm#VK8He!x3fl2W=p`6Wa{jX6J#;OqM_+)|_)T9WliPnU9NBWD zJck%h#Q#S29v4l<*D{w-#cP>56u-lN^QPVi#DHwMq&&4V`@Jg zF>ZXb@%M1;Wrb9?8K=V^VLSv2@lF_zKg;=e#Sfis72pd{1z`*!osLyx+(XR|e`XHX`6_T?z{ zo`MlMJ#HPbcah!R50pKmh8##g+57qN_Vj3E$ka9no9DvET5faMko0rB-R^nE+kJrg z-3Ytze`wE0dtVZL&PaQvHb%5D*VMkA$9phCHw&xzVxs*!D0=iIJytlL2(ilNCJ{j{ zE5Cu6J?II05(&=4n$iGQqS{Z;D^rW%Z(o1UL=3}Y(2LK)Xz>Lpu?_NV2eeHP$f8x5 z)|2=Gn2Ty1prN~ufr8}4puRqwOtwX}72ISs{)#ykt6YFO_%}igt;{yH8sY!c_!6j? zm=fA4c+a-vEN;ZQiR0QH}O} zxgcA60Y)}Xj_mq^9N7maen1MK+)5P3fZp4mP3W0?eJ#9_xMto$4m6!WY`#NSd5O9g ztL!|3F&>-vc_~$BJHC1S5;ia<^AN6U zg}ECEz^_>4AB$|()==NM<84wPs$GHF0j&jpshHXX;hT%b4UYo!=w6;vJdM$_AHrU| zmb?>jlNw)J{hggF4LjutEo6vH9aMumiXl!zI|IM2YUjnvutOm6zapP7LMa zWRQ=|bEM6asvorj+J5|{Vrt!$R^Hspo6wemLgvwtBABxBrVQ4O%bRj+0iv;9+Oo{T zCSl|<0z6xOjmu5T#&pZ0Dk%`v%1}F?&B0&FX;XWD4)=(%<#(u3w$K%|%9cA}FMcZd zlD3jy1;^wXrV-En48HXCPoVlOv}c)xyRrSi;$8x=`B~_ol$KL*1+zVh>ZtY1f+ z1@%L1&a(QUP3Q9Zr_O8hHe!0TIh*%_u5Ciyd0T()kYj7VaiOX0nN6{BZha5|LhnqV z%AGdd89-K4{(>&iG50CB@vG2aqK^v~?yBZGza4R0A*M|1XRhA*BMzuuSRenvJ;D#+?Gn4+moSG|p}LqkXXivRYLlzvZs=S@7#`*?dM~`B8Td<^GvZ5jS309z0++1Eh$;Aq9tA4M zCktn)l_iYj>LD<(#hKdk@miA3RVWrxC#X zhiLC`mb32>pvZPF_z)`u*<3XUXLs0*9779L@LSl$DGl-}phDLX*lYG;Pa*?R za=1b|ti@;Y(ZUX-J%Oqj88ny0%~gl$ct)(SH*gnpdapUedd`bK{gLcV6gqGuMJ@ul z!>1w^j`}#-zOa7Kc{AMxs~Iz%X2s6^TeU%qJfmFSa?Oz>2LIakO|6PtjKzqxN8AsQ zyGPL;;!CYNZ#l;Mcxc3gsZABVC`K>7D6pF0_o{ip(&DeO%v<_@ejj%|laBdsB@R#Xj<- z=6N({lvs+hY>KhUZoAUyq@<0X%P)?f`;e~B7!WGBo`oLf-ggm)k4vfBd-se7L+xdC zFce=31Ba_j?IQ?4whXfSq%4+9OZEbiokX&9BVR$-B^X#pzlBYRu3!&n@1REIuw(nk z1s<&wYj6M&ed2L`F!1pG9PGFcK&C)1XJuVSmm*VOSu6x^9g#~y;%TVkHjgXz_Tv^5 z2OtV7z_L1mfq`Dq_3BsXsIapGcG4usz?!joG)Bizdi1Vs1WX-<))awChgG2N6jT?e zxE_qrkrt@;acWZ)ZidVCXrDNk*|D2bZBD^q)kv*S)VYY&NRyzh5meO(oqM4Xx*pa| ztC22F-O#7Svi$bx@gb zXe@79Zvu4z8Op)zFGo+t->do6e@#jPYPDJ2D1WrWYL53H{tYA*A)x((0za7l4^S}tqz_&a=Fml1S{*Dp(^xrpg%iL|x( zLX3p{fwqoFcZt7?-qNfo4$tTchK!ox4(|-F$MCdx!afkE!4?%u-rdsUrdKxUh0PMG ze6yx##3cpEAAgsN8uW$3F1%v8(HEk3MqSe1l=nePrp<7*pdaX>D;P1jBcuAk&67j$ zMHv;Hw>2jE@;~&a#Mjwn^td|kUTC^ABc2$+4Zc7L|0^Rl!V8AhH!LX$hP(|+Y|*sG zGZOZNx~?uEAiFT5D;&NWDs~0&`fjz$2=!1n5J&lbE>&s#t1)o7Oo(ByTk+DZ3@RT# zC7#N%QpuJt^6g#-BIaEYL!}H71kt5LK-z^PAzukKiD>R~WMPSg~a&2F0^qWS)@qRMR zA~A28malAf&GdBnXKtJ|lfT})uq8roVq7V!xu108-0QGMmy+4tc&2C>5zXDf7!a))lAt3jlA5vTqdUXhz|m!$d+ zE}vCCr)FiOwH1ra+FV9#D7Z>X7Ziu*mzMHerBOo;cXoC744;}nu2#$f!zaT*U6AVr zEs-vN*cAvG=&6yiKB-jU5NCu`u2V#Tetg}kuxGum+Eq4_-c@(ar*(0GYd%i|K)!}7 zK(b;y@qaE;>40INg@iIAm+=u7Rim{F(-Dc;8fJ2hWkkdBikJOS9FwyzqyxDk{2TZ~ zGFgO!f$lew$y&f|fOI_D`DQY?2KcLh24EcUR>1GQl}!E{;G^#(ldk}d8B8WW1H2S) z0=B0EfO7y}{8KX73^?Om=mYiu-U@ixpK+W3co=X1@JH_@lV1Uz@qRLSCeBFv0p|n0 z@t0)s3cvy!6>J8q#tF!MfNOB{aS(7fU=clPMZvi{FOE$sn4`PEF?rmWvD+PE3W$Ct z{_Xr@GWjhb!vBsg&)9iVe)m8!c{lpR@(Y&c7k$Th%GF~xvxSo`oId-!sbqlkm*8JH z?2aXZEELZx@GlQBY$sY>e!&e{i}OyZ@69GZy7BKa@Nnon!n+vG0_A=JHi93u^Ru>c z0pim!%){U>MZ7HA*>zbYK>PvxdjsRs1ZeTI{=w282Kkh?GxI4AE(E_TMSp{(Uj@Di z{#c5Q>RWcUL$y!&5=LIEP0?Rt>34&FKlsa1_&VpiK-&raTi_4c`G{TCYg~l)@o~uf zBXaD=cA2c0W#dioPeJbO0+@Z)ocjEdo3$nRNiV8QjZ?H*^5-e52FMXOBXNnRE>(-pT`K4oi1U4{PC2cS4oGJ z-?aZxQNOWL?f)$)`U4gh#WN4yzhP-8DRC8NTv~AcgOZPzBRFpP&0G2V|53jyPj8tX z6;W9#;c5xnB-|+B4HDia;Vuauk#N6+uSxj6gnyOrBzo40GEu_wC7dhaQVCZ}*e2md z32%__HVJo0_=tqUI<7UFMD3!*i>qBFOMESU+_P1bm(41xD4jb^)?Bm7XH}F}RFo^N z(P1{;f>PfruuITyE}v0}XJcgJmyPjJ={Zb&2f!u{Y0a7ksq~YWnlGvJF-+xEDt#EoDdRC*rkPm4e4W#jk4>bnxDcAVBalS+s2QN|)0 zzerZ!D@c_;l@;M#i1d=pPP5i6J1-lnf?BUq>4j{xd6CT~GWC1aRC%l>O?HZ?XX9>Y za8x>0(@RE^SF7jHKjsF7)64OSfW4d}>1zE~JPMZstNU2# zk6N!5bNcb|xk}nm`-!r%k;@++=N+Jr=KmdB{tQ-dnXrJ7=4BWDl0Pm-hC53-KAv|LLHU z9haP6=q4|P8RU;+>vHqe%Veh@MRls|r(FscvAIH>(pokeYi9g2U49CzjaO_E-#)_KXeL(<#j`k?05 zt_=R{;q-jw#8O6upW6UF3p)9kKELSwR`RDQZ5|CuJJ+Af%`kozf$DpbzE{R`P_WsM zq_4r-OH}w72jDR1WPe?n{T%d<=>3vjOG+sDlHM-qDn6xhzB5TzdHZuoUw5g{-y#4z zUD{!CpHg{&vPpXZ=j!s$}k2Ifoo$7DY9b2#vqXOLf)fo^1=-v~P8dHT5g z1az0p4^{mQ$Ahok7ls{dixUN&wBDQ@@R(ufK_ zivt`FI{Cw7{MERe!{xbX%Aa{kUgo*V=f({3ZcfiI^*QZ0Cyd&y-N*DY&UoXX+fv;hg9#d6o{(t^HZ1#@52xO`DvqkH+%r7P>3-OY82 z8tcg_{}N7XIKulvPsGGS3pams06u?iY<;GuR(%zRzJMb??UO?Lrmx~a9$x}V5l4G? zsAp@IKg^Jik4C;Cl%f;zbp|*35O6P^Nx3mdogTNp&Fu*w&Jb*Af^j z3-@&5Z4f{sBw)L$;j>|Qb%B-PVW_WceIQcS67l0hfPSwe)h%i$#egx+YxiIj%e*}S z*b~qQ2@YNX3DZ2}ViIwK7xHy@NI}-RIt*6E6SfT1vh_ir^q`lO(b5f}AYU-beC=|v zZpXLBEKI11Ra+ijjuxIWemB?;Ss+I;@^khWD^vf!Rl6m?Fe zpgNb8Y%Z(n1nF{&jwqGBI?qz@JQA`MZ09LuE-<^kI`>l0l_E{|^r>YDQ2aDBsM=TO zV+zX4a_jt9?eEIU#i-C(vC>!P$qE+XdXWm9H&dLHei0E-=(dGKl)gG|Q&62plPndo zVJ}w#p|fA5ug>KZTqK2Y*};pFQ*Z;Qbe61eb$+K{tx!A8e@SMWP@$MAeRa;K;D8iV z?WgyDtJGg4<V)8*F?L*Xt q@?W_{^TYC8st_oW2YFp;;gUSnt`eo`KAQfv6+(i(XK62KDElu%?k4mA literal 0 HcmV?d00001 diff --git a/tests/main.c b/tests/main.c new file mode 100644 index 0000000..5a9b353 --- /dev/null +++ b/tests/main.c @@ -0,0 +1,44 @@ +#include +#include +#include +#include "ic.h" + +int main(int argc, char *argv[], char *argp[]){ + char buf[300]; + char host[64]; + char orgID[64]; + char token[128]; + int stats = 0; + + if (argc < 3){ + printf("Usage: ./main "); + return 0; + } + printf("%s %s %s\n", argv[1], argv[2], argv[3]); + memcpy(host, argv[1], 64); + memcpy(orgID, argv[2], 64); + memcpy(token, argv[3], 128); + printf("Host: %s\n", host); + printf("orgID: %s\n", orgID); + printf("Token: %s\n", token); + + ic_influx_database(host, 8086, "tcp_metrics"); + ic_influx_orgID(orgID); + ic_influx_token(token); + ic_debug(2); + + while(1){ + snprintf(buf, 300, "host=%s", host); + ic_tags(buf); + + ic_measure("tcp_reset"); + + stats += 1; + + ic_measureend(); + ic_push(); + sleep(30); + } + + return 0; +} diff --git a/main.py b/tests/main.py similarity index 100% rename from main.py rename to tests/main.py diff --git a/tests/read.sh b/tests/read.sh new file mode 100755 index 0000000..2eb9b4a --- /dev/null +++ b/tests/read.sh @@ -0,0 +1,13 @@ +#!/usr/bin/bash + +curl -i -X POST "http://192.168.1.68:8086/api/v2/query?bucket=tcp_metrics&orgID=f32d493484526abc" \ + --header "Authorization: Token $1" \ + --header "Accept: application/csv" \ + --header "Content-Type: application/vnd.flux" \ + --data 'from(bucket: "tcp_metrics")|> range(start: -1m)|> filter(fn: (r) => r["_measurement"] == "tcp_reset")|> filter(fn: (r) => r["host"] == "127.0.0.1")|> filter(fn: (r) => r["_field"] == "127.0.0.1")|> last()' +# --data 'from(bucket: "tcp_metrics") +# |> range(start: -5m) +# |> filter(fn: (r) => r["_measurement"] == "tcp_reset") +# |> filter(fn: (r) => r["host"] == "127.0.0.1") +# |> filter(fn: (r) => r["_field"] == "127.0.0.1") +# |> yield(name: "mean")' diff --git a/write.sh b/tests/write.sh similarity index 100% rename from write.sh rename to tests/write.sh diff --git a/tp_tcp_py.c b/tp_tcp_py.c deleted file mode 100644 index bcc1143..0000000 --- a/tp_tcp_py.c +++ /dev/null @@ -1,149 +0,0 @@ -#define BPF_NO_GLOBAL_DATA -//#define __TARGET_ARCH_x86 -#include "vmlinux.h" -#include -#include -#include -#include -#include "common.h" - -char LICENSE[] SEC("license") = "Dual BSD/GPL"; - - -struct ctx_receive_reset { - __u16 common_type; // unsigned short - __u8 common_flags; // unsigned char - __u8 common_count; // unsigned char - __s32 pid; // int - - const void *skaddr; - __u16 sport; - __u16 dport; - __u16 family; - __u8 saddr[4]; - __u8 daddr[4]; - __u8 saddr_v6[16]; - __u8 daddr_v6[16]; - __u64 sock_cookie; -}; -struct ctx_send_reset { - __u16 common_type; // unsigned short - __u8 common_flags; // unsigned char - __u8 common_count; // unsigned char - __s32 pid; // int - - const void *skbaddr; - const void *skaddr; - __s32 state; // int - __u16 sport; - __u16 dport; - __u8 saddr[4]; - __u8 daddr[4]; - __u8 saddr_v6[16]; - __u8 daddr_v6[16]; -}; - -struct { - __uint(type, BPF_MAP_TYPE_ARRAY); - __uint(max_entries, 4096); - __type(key, 1); - __type(value, __s32); -} tcp_stats_index SEC(".maps"); - -struct { - __uint(type, BPF_MAP_TYPE_ARRAY); - __uint(max_entries, 4096); - __type(key, 4); - __type(value, struct reset); -} tcp_reset_stats SEC(".maps"); - -struct { - __uint(type, BPF_MAP_TYPE_ARRAY); - __uint(max_entries, 1); - __type(key, __s32); - __type(value, __u16); -} filter_family SEC(".maps"); - -struct { - __uint(type, BPF_MAP_TYPE_ARRAY); - __uint(max_entries, 1); - __type(key, __s32); - __type(value, __u16); -} filter_sport SEC(".maps"); - -// sudo tcpdump -i any 'tcp[13] & 4 != 0' -n -> filter TCP reset flags - -/* - * This project do not trace any sniffing ports, because, the tracepoint tcp:tcp_send_reset - * works only for an establish socket, but, if you have a lot of TCP RST, you can have - * an issue with your system - */ - -/* - * Identify all tracepoint available - * - cat /sys/kernel/tracing/available_events - * Enable an event: - * - echo 'tcp_receive_reset' >> /sys/kernel/tracing/set_event -> important to add the '>>' - * Docs: https://docs.kernel.org/trace/events.html - * https://events.linuxfoundation.org/wp-content/uploads/2022/10/elena-zannoni-tracing-tutorial-LF-2021.pdf - * https://docs.kernel.org/trace/tracepoints.html - * Why we need to detect RST: - * When we scan the port, the scanner send an SYN flag and if the port is block, we receive a RST flag: - * listening on any, link-type LINUX_SLL2 (Linux cooked v2), snapshot length 262144 bytes -10:48:28.531295 lo In IP localhost.43961 > localhost.tproxy: Flags [S], seq 2197047013, win 1024, options [mss 1460], length 0 -10:48:28.531306 lo In IP localhost.tproxy > localhost.43961: Flags [R.], seq 0, ack 2197047014, win 0, length 0 - * But we can also block all receive RST: iptables -I INPUT -p tcp --dport -j REJECT --reject-with tcp-reset - */ - -//SEC("tp/tcp_retransmit_synack") -//SEC("tracepoint/tcp/tcp_receive_reset") -//SEC("tracepoint/tcp/tcp_send_reset") -int tcp_retransmit(struct ctx_send_reset *ctx){ - struct reset s_reset = {}; - int *index; - int keys = 0; - struct sock *sk; - __u16 family; - __s16 *f_family; - __u16 proto; - int err; - - memset(&s_reset, 0, sizeof(struct reset)); - - // Get filter - sk = (struct sock*)ctx->skaddr; - f_family = bpf_map_lookup_elem(&filter_family, &keys); - if (!f_family) - return 0; - - index = bpf_map_lookup_elem(&tcp_stats_index, &keys); - if (!index) - return 0; - - - // Get the family of the socket - bpf_probe_read_kernel(&family, sizeof(family), &sk->__sk_common.skc_family); - if (family != *f_family) - return 0; - - // Get and update the index in the map - *index += 1; - - // Proto type: here it's 6 (TCP) - bpf_probe_read_kernel(&proto, sizeof(proto), &sk->sk_protocol); - - memcpy(s_reset.saddr, ctx->saddr, 4); - memcpy(s_reset.daddr, ctx->daddr, 4); - - //bpf_probe_read_kernel(&s_reset.saddr, 4, &ctx->saddr); - //bpf_probe_read_kernel(&s_reset.daddr, 4, &ctx->daddr); - - s_reset.sport = ctx->sport; - s_reset.dport = ctx->dport; - s_reset.family = family; - s_reset.proto = proto; - - bpf_printk("BPF detected TCP send reset %d %d", s_reset.sport, s_reset.dport); - bpf_map_update_elem(&tcp_reset_stats, &keys, &s_reset, BPF_ANY); - return 0; -}