-
Notifications
You must be signed in to change notification settings - Fork 51
/
default.go
100 lines (78 loc) · 3.7 KB
/
default.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
package collector
import (
"encoding/binary"
"github.com/cespare/xxhash"
"go.aporeto.io/underwater/core/policy/services"
)
// DefaultCollector implements a default collector infrastructure to syslog
type DefaultCollector struct{}
// NewDefaultCollector returns a default implementation of an EventCollector
func NewDefaultCollector() EventCollector {
return &DefaultCollector{}
}
// CollectFlowEvent is part of the EventCollector interface.
func (d *DefaultCollector) CollectFlowEvent(record *FlowRecord) {}
// CollectContainerEvent is part of the EventCollector interface.
func (d *DefaultCollector) CollectContainerEvent(record *ContainerRecord) {}
// CollectUserEvent is part of the EventCollector interface.
func (d *DefaultCollector) CollectUserEvent(record *UserRecord) {}
// CollectTraceEvent collects iptables trace events
func (d *DefaultCollector) CollectTraceEvent(records []string) {}
// CollectPacketEvent collects packet events from the datapath
func (d *DefaultCollector) CollectPacketEvent(report *PacketReport) {}
// CollectCounterEvent collect counters from the datapath
func (d *DefaultCollector) CollectCounterEvent(report *CounterReport) {}
// CollectDNSRequests collect counters from the datapath
func (d *DefaultCollector) CollectDNSRequests(report *DNSRequestReport) {}
// CollectPingEvent collects ping events from the datapath
func (d *DefaultCollector) CollectPingEvent(report *PingReport) {}
// CollectConnectionExceptionReport collects the connection exception report
func (d *DefaultCollector) CollectConnectionExceptionReport(report *ConnectionExceptionReport) {}
// StatsFlowHash is a hash function to hash flows. Ignores source ports. Returns two hashes
// flowhash - minimal with SIP/DIP/Dport
// contenthash - hash with all contents to compare quickly and report when changes are observed
func StatsFlowHash(r *FlowRecord) (flowhash, contenthash uint64) {
hash := xxhash.New()
hash.Write([]byte(r.Source.ID)) // nolint errcheck
hash.Write([]byte(r.Destination.ID)) // nolint errcheck
hash.Write([]byte(r.Destination.URI)) // nolint errcheck
hash.Write([]byte(r.Source.IP)) // nolint errcheck
hash.Write([]byte(r.Destination.IP)) // nolint errcheck
port := make([]byte, 2)
binary.BigEndian.PutUint16(port, r.Destination.Port)
hash.Write(port) // nolint errcheck
flowhash = hash.Sum64()
hash.Write([]byte(r.Action.String())) // nolint errcheck
hash.Write([]byte(r.ObservedAction.String())) // nolint errcheck
hash.Write([]byte(r.DropReason)) // nolint errcheck
hash.Write([]byte(r.PolicyID)) // nolint errcheck
return flowhash, hash.Sum64()
}
// StatsFlowContentHash is a hash function to hash flows. Ignores source ports. Returns
// contenthash - hash with all contents to compare quickly and report when changes are observed
func StatsFlowContentHash(r *FlowRecord) (contenthash uint64) {
_, contenthash = StatsFlowHash(r)
return contenthash
}
// StatsUserHash is a hash function to hash user records.
func StatsUserHash(r *UserRecord) error {
hash, err := services.HashClaims(r.Claims, r.Namespace)
if err != nil {
return err
}
r.ID = hash
return nil
}
// ConnectionExceptionReportHash is a hash function to hash connection exception reports.
func ConnectionExceptionReportHash(r *ConnectionExceptionReport) uint64 {
hash := xxhash.New()
hash.Write([]byte(r.PUID)) // nolint errcheck
hash.Write([]byte(r.SourceIP)) // nolint errcheck
hash.Write([]byte(r.DestinationIP)) // nolint errcheck
hash.Write([]byte(r.Reason)) // nolint errcheck
hash.Write([]byte(r.State)) // nolint errcheck
port := make([]byte, 2)
binary.BigEndian.PutUint16(port, r.DestinationPort)
hash.Write(port) // nolint errcheck
return hash.Sum64()
}