Skip to content

3.0.7 #8

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 8 commits into from
Sep 1, 2020
Merged

3.0.7 #8

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
ad222fa
layout
weyrick May 4, 2020
e733edf
move to parsing dns resources only in deep sample (needs upstream com…
weyrick May 4, 2020
595b5b3
edns parse
weyrick Jun 12, 2020
16c7a54
back out initial csubnet, fix version
weyrick Jul 29, 2020
bd6e30e
Merge branch 'master' into 3.0.7
weyrick Aug 27, 2020
9f889d2
fix tests
weyrick Aug 27, 2020
a399a20
add -l to specify metrics web server bind host
weyrick Aug 27, 2020
a98e3df
fix runtime image
weyrick Sep 1, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
FROM ubuntu:disco AS build
FROM debian:buster-slim AS build

ENV BUILD_DEPS "g++ cmake make git libpcap-dev pkgconf golang ca-certificates libmaxminddb-dev jq"

Expand Down Expand Up @@ -32,7 +32,7 @@ RUN \
go get github.com/docopt/docopt-go && \
go build /src/cmd/pktvisor/pktvisor.go

FROM ubuntu:disco AS runtime
FROM debian:buster-slim AS runtime

ENV RUNTIME_DEPS "curl libpcap0.8 libmaxminddb0"

Expand Down
4 changes: 2 additions & 2 deletions src/config.h.in
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
#pragma once

#cmakedefine MMDB_ENABLE
#cmakedefine PKTVISOR_VERSION_NUM "@PROJECT_VERSION@"
#cmakedefine PKTVISOR_VERSION "@FLAME_VERSION@"
#cmakedefine PKTVISOR_VERSION_NUM "@PKTVISOR_VERSION_NUM@"
#cmakedefine PKTVISOR_VERSION "@PKTVISOR_VERSION@"
17 changes: 11 additions & 6 deletions src/main.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@
static const char USAGE[] =
R"(pktvisord.
Usage:
pktvisord [-b BPF] [-p PORT] [-H HOSTSPEC] [--periods P] [--summary] [--geo-city FILE] [--geo-asn FILE]
pktvisord [-b BPF] [-l HOST] [-p PORT] [-H HOSTSPEC] [--periods P] [--summary] [--geo-city FILE] [--geo-asn FILE]
[--max-deep-sample N]
TARGET
pktvisord (-h | --help)
Expand All @@ -34,7 +34,8 @@ static const char USAGE[] =
TARGET is either a network interface, an IP address (4 or 6) or a pcap file (ending in .pcap or .cap)
Options:
-p PORT Run metrics webserver on the given localhost port [default: 10853]
-l HOST Run metrics webserver on the given host or IP [default: localhost]
-p PORT Run metrics webserver on the given port [default: 10853]
-b BPF Filter packets using the given BPF string
--geo-city FILE GeoLite2 City database to use for IP to Geo mapping (if enabled)
--geo-asn FILE GeoLite2 ASN database to use for IP to ASN mapping (if enabled)
Expand Down Expand Up @@ -429,11 +430,11 @@ int main(int argc, char *argv[])
openPcap(args["TARGET"].asString(), tcpDnsReassembly, bpf);
if (args["--summary"].asBool()) {
// in summary mode we output a single summary of stats
std::cout << metricsManager->getMetrics() << std::endl;
std::cout << std::endl << metricsManager->getMetrics() << std::endl;
}
else {
// otherwise, merge the max time window available
std::cout << metricsManager->getMetricsMerged(periods) << std::endl;
std::cout << std::endl << metricsManager->getMetricsMerged(periods) << std::endl;
}
} catch (const std::exception &e) {
std::cerr << e.what() << std::endl;
Expand Down Expand Up @@ -465,9 +466,13 @@ int main(int argc, char *argv[])
}
httplib::Server svr;
setupRoutes(svr);
auto host = args["-l"].asString();
auto port = args["-p"].asLong();
std::thread httpThread([&svr, port] {
svr.listen("localhost", port);
std::thread httpThread([&svr, host, port] {
std::cerr << "Metrics web server listening on " << host << ":" << port << std::endl;
if (!svr.listen(host.c_str(), port)) {
throw std::runtime_error("unable to listen");
}
});
try {
std::cerr << "Interface " << dev->getName() << std::endl;
Expand Down
2 changes: 2 additions & 0 deletions src/metrics.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -133,6 +133,8 @@ void Metrics::newDNSPacket(pcpp::DnsLayer *dns, Direction dir, pcpp::ProtocolTyp
return;
}

dns->parseResources();

// lock for write
std::unique_lock lock(_sketchMutex);

Expand Down
2 changes: 2 additions & 0 deletions tests/test_parse_pcap.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@ TEST_CASE("Parse DNS UDP IPv4 tests", "[pcap][ipv4][udp][dns]")
numUDP++;
if (dnsRequest.isPacketOfType(pcpp::DNS)) {
pcpp::DnsLayer *dnsLayer = dnsRequest.getLayerOfType<pcpp::DnsLayer>();
dnsLayer->parseResources();
if (numDNS == 0) {
CHECK(dnsLayer->getFirstQuery()->getName() == "utadwnME.POJwOc9R.KtfO.test.com");
CHECK(dnsLayer->getFirstQuery()->getDnsType() == pcpp::DNS_TYPE_AAAA);
Expand Down Expand Up @@ -107,6 +108,7 @@ TEST_CASE("Parse DNS UDP IPv6 tests", "[pcap][ipv6][udp][dns]")
numUDP++;
if (dnsRequest.isPacketOfType(pcpp::DNS)) {
pcpp::DnsLayer *dnsLayer = dnsRequest.getLayerOfType<pcpp::DnsLayer>();
dnsLayer->parseResources();
if (numDNS == 0) {
CHECK(dnsLayer->getFirstQuery()->getName() == "LOJ5Pq2._EmpLuAPR.PPLIop.1F8J2R1.eMVq5.test.com");
CHECK(dnsLayer->getFirstQuery()->getDnsType() == pcpp::DNS_TYPE_AAAA);
Expand Down