-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathnetobserv.db
executable file
·1 lines (1 loc) · 4.94 KB
/
netobserv.db
1
{"gitRepoUrl": "https://github.com/netobserv/netobserv-ebpf-agent.git", "commitId": "e33e69016583da27507af47f4b09a9ca4538e406", "humanFuncDescription": [{"filePath": "bpf/flows.c", "funcName": "set_flags", "startLine": 79, "endLine": 104, "description": "This is a void return type function and is called only for tcp packets, it takes in tcphdr and a variable flags, a pointer to unsigned short. Based on the tcp flags set in the packet, SYN/ACK/FIN/RST/PSH/URG/ECE/CWR it copies the same information to the address pointed to by the flags variable and returns.", "author": "Theophilus A. Benson", "authorEmail": "[email protected]", "date": "31-Mar-2023"}, {"filePath": "bpf/flows.c", "funcName": "fill_iphdr", "startLine": 106, "endLine": 138, "description": "This function takes in an ipv4 header ip, data end pointer, pointer to a flow_id struct id, and a pointer to an unsigned short as variable flags , it dereferences the ipv4 header and copies the src, dst ip, protocol to the pointer id. It next copies the UDP or TCP information from the packet and copies the src and dst ports. In case of tcp it also calls set_flags function on the tcp header with flags as the argument which copies the TCP information in the flags variable. If packet is incorrect it returns DISCARD else returns SUBMIT.", "author": "Theophilus A. Benson", "authorEmail": "[email protected]", "date": "31-Mar-2023"}, {"filePath": "bpf/flows.c", "funcName": "fill_ip6hdr", "startLine": 141, "endLine": 171, "description": "This function takes in an ipv6 header ip, data end pointer, pointer to a flow_id struct id, and a pointer to an unsigned short as variable flags, it dereferences the ipv6 header and copies the src, dst ip, protocol to the pointer id. It next copies the UDP or TCP information from the packet and copies the src and dst ports. In case of tcp it also calls set_flags function on the tcp header with flags as the argument which copies the TCP information in the flags variable. If packet is incorrect it returns DISCARD else returns SUBMIT.", "author": "Theophilus A. Benson", "authorEmail": "[email protected]", "date": "31-Mar-2023"}, {"filePath": "bpf/flows.c", "funcName": "fill_ethhdr", "startLine": 173, "endLine": 197, "description": "This function takes in an eth header, data_end pointer, pointer to a flow_id struct id, and a pointer to an unsigned short as variable flags. It copies the dst, src mac and protocol info from eth header to the flow repsented by id and then based on if the packet is IP or IPV6 it either calls fill_iphdr or fill_iphdr6 with the passed arguments to fill the ip header information in the flow variable. If packet is incorrect it returns DISCARD else returns SUBMIT.", "author": "Theophilus A. Benson", "authorEmail": "[email protected]", "date": "31-Mar-2023"}, {"filePath": "bpf/flows.c", "funcName": "flow_monitor", "startLine": 199, "endLine": 276, "description": "This function takes in an packet as an sk_buff skb, and a direction info which says if the packet is coming via INGRESS or EGRESS. If sampling (a global variable) is defined it checks if this packet should be sampled by calling bpf_get_prandom_u32 and taking a mod if it against the sampling global value, if its not zero it proceeds else the packet is let passed by TC_ACK_OK. The function then calls fill_ethhdr function with appropriate arguments which extracts the flow information for this packet. if the fill_ethhdr returns DISCRAD packet is let passed via TCP_ACK_OK. This function then constructs a struct id with ingress interface and direction which is used as a key to lookup in the aggregrate_flows hash map. If the map returns a valid entry then this packets info and current time extracted via bpf_ktime_get_ns is added to the value and updated in the hashmap else if the key is not present it tries to insert the entry in the hashmap if successful if passes and else the packet and its flow information is pushed on to a ring buffer called direct_flows. In any case, the function returns TC_ACK_OK.", "author": "Theophilus A. Benson", "authorEmail": "[email protected]", "date": "31-Mar-2023"}, {"filePath": "bpf/flows.c", "funcName": "ingress_flow_parse", "startLine": 278, "endLine": 280, "description": "This is a wrapper function and will call flow_monitor with the passed skb as argument and INGRESS as the direction.", "author": "Theophilus A. Benson", "authorEmail": "[email protected]", "date": "31-Mar-2023"}, {"filePath": "bpf/flows.c", "funcName": "egress_flow_parse", "startLine": 283, "endLine": 285, "description": "This is a wrapper function and will call flow_monitor with the passed skb as argument and EGRESS as the direction.", "author": "Theophilus A. Benson", "authorEmail": "[email protected]", "date": "31-Mar-2023"}, {"filePath": "bpf/headers/bpf_helpers.h", "funcName": "bpf_tail_call_static", "startLine": 98, "endLine": 123, "description": "This function performs a static tail call to another function.", "author": "Theophilus A. Benson", "authorEmail": "[email protected]", "date": "31-Mar-2023"}]}