Fix reported bytes (#14)

Mario Macias · web-flow · commit 9c2d07bed594 · 2022-04-13T17:14:38.000+02:00
diff --git a/Dockerfile b/Dockerfile
@@ -16,6 +16,7 @@ WORKDIR /opt/app-root/src
 # END OF LINES TO REMOVE
 
 # Copy the go manifests and source
+COPY .git/ .git/
 COPY bpf/ bpf/
 COPY cmd/ cmd/
 COPY pkg/ pkg/
diff --git a/README.md b/README.md
@@ -36,3 +36,10 @@ make generate
 ```
 
 Tested in Fedora 35 and Red Hat Enterprise Linux 8.
+
+## Known issues
+
+## Extrenal Traffic in Openshift (OVN-Kubernetes CNI)
+
+For egress traffic, you can see the source Pod metadata. For ingress traffic (e.g. an HTTP response),
+you see the destination **Host** metadata.
diff --git a/bpf/flow.h b/bpf/flow.h
@@ -14,22 +14,22 @@ typedef __u64 u64;
 struct data_link {
     u8 src_mac[ETH_ALEN];
     u8 dst_mac[ETH_ALEN];
-};
+} __attribute__((packed));
 
 // L3 network layer
 struct network {
     // todo: add protocol
     // todo: support ipv6
     u32 src_ip;
     u32 dst_ip;
-};
+} __attribute__((packed));
 
 // L4 transport layer
 struct transport {
     u16 src_port;
     u16 dst_port;
     u8 protocol;
-};
+} __attribute__((packed));
 
 // TODO: L5 session layer to bound flows to connections?
 
diff --git a/examples/performance/deployment.yml b/examples/performance/deployment.yml
@@ -67,8 +67,10 @@ spec:
           value: call_error,cares_resolver,dns_resolver
         - name: GRPC_DNS_RESOLVER
           value: "ares"
-        - name: FLOWS_TARGET
-          value: "packet-counter:9999"
+        - name: FLOWS_TARGET_HOST
+          value: "packet-counter"
+        - name: FLOWS_TARGET_PORT
+          value: "9999"
 #      resources:
 #        limits:
 #          cpu: "1000m"
diff --git a/pkg/ebpf/bpf_bpfeb.o b/pkg/ebpf/bpf_bpfeb.o
diff --git a/pkg/ebpf/bpf_bpfel.o b/pkg/ebpf/bpf_bpfel.o
diff --git a/pkg/flow/record_test.go b/pkg/flow/record_test.go
@@ -0,0 +1,50 @@
+package flow
+
+import (
+	"bytes"
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
+)
+
+func TestRecordBinaryEncoding(t *testing.T) {
+	// Makes sure that we read the C *packed* flow structure according
+	// to the order defined in bpf/flow.h
+	fr, err := ReadFrom(bytes.NewReader([]byte{
+		0x01, 0x02, // u16 protocol
+		0x03,                               // u16 direction
+		0x04, 0x05, 0x06, 0x07, 0x08, 0x09, // data_link: u8[6] src_mac
+		0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, // data_link: u8[6] dst_mac
+		0x06, 0x07, 0x08, 0x09, // network: u32 src_ip
+		0x0a, 0x0b, 0x0c, 0x0d, // network: u32 dst_ip
+		0x0e, 0x0f, // transport: u16 src_port
+		0x10, 0x11, // transport: u16 dst_port
+		0x12,                                           // transport: u8protocol
+		0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, // u64 bytes
+	}))
+	require.NoError(t, err)
+
+	assert.Equal(t, Record{
+		rawRecord: rawRecord{
+			key: key{
+				Protocol:  0x0201,
+				Direction: 0x03,
+				DataLink: DataLink{
+					SrcMac: MacAddr{0x04, 0x05, 0x06, 0x07, 0x08, 0x09},
+					DstMac: MacAddr{0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f},
+				},
+				Network: Network{
+					SrcAddr: 0x09080706,
+					DstAddr: 0x0d0c0b0a,
+				},
+				Transport: Transport{
+					SrcPort:  0x0f0e,
+					DstPort:  0x1110,
+					Protocol: 0x12,
+				},
+			},
+			Bytes: 0x1a19181716151413,
+		},
+	}, *fr)
+}
