From fe7df125fbad20acf7a5eb311abe90c9c18706e9 Mon Sep 17 00:00:00 2001 From: y_uuki Date: Sun, 4 Mar 2018 17:58:58 +0900 Subject: [PATCH 1/5] Change json format --- conntrack/conntrack.go | 77 +++++++++++++----------------------------- 1 file changed, 24 insertions(+), 53 deletions(-) diff --git a/conntrack/conntrack.go b/conntrack/conntrack.go index d501820..2a1e4c5 100644 --- a/conntrack/conntrack.go +++ b/conntrack/conntrack.go @@ -87,55 +87,26 @@ func (a *AddrPort) String() string { // HostFlow represents a `host flow`. type HostFlow struct { - direction FlowDirection - local *AddrPort - peer *AddrPort - stat *HostFlowStat + Direction FlowDirection `json:"direction"` + Local *AddrPort `json:"local"` + Peer *AddrPort `json:"peer"` + Stat *HostFlowStat `json:"stat"` uniqKey string } // HasDirection returns whether . func (f *HostFlow) HasDirection(dire FlowDirection) bool { - return f.direction&dire == 0 + return f.Direction&dire == 0 } // String returns the string representation of HostFlow. func (f *HostFlow) String() string { - return fmt.Sprintf("%s\t --> \t%s \t%s", f.local, f.peer, f.stat) + return fmt.Sprintf("%s\t --> \t%s \t%s", f.Local, f.Peer, f.Stat) } // ReplaceLookupedName replaces f.Addr into lookuped name. func (f *HostFlow) ReplaceLookupedName() { - f.peer.Addr = netutil.ResolveAddr(f.peer.Addr) -} - -// MarshalJSON returns local addr port and peer addr post. -func (f *HostFlow) MarshalJSON() ([]byte, error) { - type jsonHostFlow struct { - Mode FlowDirection `json:"mode"` - LocalAddrPort string `json:"local_addr_port"` - PeerAddrPort string `json:"peer_addr_port"` - Stat *HostFlowStat `json:"stat"` - } - switch f.direction { - case FlowActive: - return json.Marshal(jsonHostFlow{ - Mode: f.direction, - LocalAddrPort: f.local.String(), - PeerAddrPort: f.peer.String(), - Stat: f.stat, - }) - case FlowPassive: - return json.Marshal(jsonHostFlow{ - Mode: f.direction, - LocalAddrPort: f.local.String(), - PeerAddrPort: f.peer.String(), - Stat: f.stat, - }) - case FlowUnknown: - return json.Marshal(jsonHostFlow{}) - } - return nil, errors.New("unreachable code") + f.Peer.Addr = netutil.ResolveAddr(f.Peer.Addr) } // HostFlows represents a group of host flow by unique key. @@ -147,17 +118,17 @@ func (hf HostFlows) insert(flow *HostFlow) { hf[key] = flow return } - switch flow.direction { + switch flow.Direction { case FlowActive: - hf[key].stat.TotalInboundPackets += flow.stat.TotalInboundPackets - hf[key].stat.TotalInboundBytes += flow.stat.TotalInboundBytes - hf[key].stat.TotalOutboundPackets += flow.stat.TotalOutboundPackets - hf[key].stat.TotalOutboundBytes += flow.stat.TotalOutboundBytes + hf[key].Stat.TotalInboundPackets += flow.Stat.TotalInboundPackets + hf[key].Stat.TotalInboundBytes += flow.Stat.TotalInboundBytes + hf[key].Stat.TotalOutboundPackets += flow.Stat.TotalOutboundPackets + hf[key].Stat.TotalOutboundBytes += flow.Stat.TotalOutboundBytes case FlowPassive: - hf[key].stat.TotalInboundPackets += flow.stat.TotalInboundPackets - hf[key].stat.TotalInboundBytes += flow.stat.TotalInboundBytes - hf[key].stat.TotalOutboundPackets += flow.stat.TotalOutboundPackets - hf[key].stat.TotalOutboundBytes += flow.stat.TotalOutboundBytes + hf[key].Stat.TotalInboundPackets += flow.Stat.TotalInboundPackets + hf[key].Stat.TotalInboundBytes += flow.Stat.TotalInboundBytes + hf[key].Stat.TotalOutboundPackets += flow.Stat.TotalOutboundPackets + hf[key].Stat.TotalOutboundBytes += flow.Stat.TotalOutboundBytes } return } @@ -202,10 +173,10 @@ func (f *flow) toHostFlow(localAddrs []string, fports FilterPorts) *HostFlow { return nil case FlowActive: return &HostFlow{ - direction: FlowActive, - local: &AddrPort{Addr: "localhost", Port: "many"}, - peer: &AddrPort{Addr: addr, Port: port}, - stat: &HostFlowStat{ + Direction: FlowActive, + Local: &AddrPort{Addr: "localhost", Port: "many"}, + Peer: &AddrPort{Addr: addr, Port: port}, + Stat: &HostFlowStat{ TotalInboundPackets: f.replyPackets, TotalInboundBytes: f.replyBytes, TotalOutboundPackets: f.originalPackets, @@ -215,10 +186,10 @@ func (f *flow) toHostFlow(localAddrs []string, fports FilterPorts) *HostFlow { } case FlowPassive: return &HostFlow{ - direction: FlowPassive, - local: &AddrPort{Addr: "localhost", Port: port}, - peer: &AddrPort{Addr: addr, Port: "many"}, - stat: &HostFlowStat{ + Direction: FlowPassive, + Local: &AddrPort{Addr: "localhost", Port: port}, + Peer: &AddrPort{Addr: addr, Port: "many"}, + Stat: &HostFlowStat{ TotalInboundPackets: f.originalPackets, TotalInboundBytes: f.originalBytes, TotalOutboundPackets: f.replyPackets, From 2441929ed26c350cd5095b8d858b22b868a8186c Mon Sep 17 00:00:00 2001 From: y_uuki Date: Sun, 4 Mar 2018 18:02:34 +0900 Subject: [PATCH 2/5] Update README --- README.md | 26 +++++++++++++++++++------- 1 file changed, 19 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index 90be10b..a19a67d 100644 --- a/README.md +++ b/README.md @@ -78,9 +78,15 @@ $ cat /proc/net/nf_conntrack | lsconntrack --stdin $ lsconntrack --json | jq -r -M '.' [ { - "mode": "active", - "local_addr_port": "localhost:many", - "peer_addr_port": "10.0.100.1:3306", + "direction": "active", + "local": { + "Addr": "localhost", + "Port": "many" + }, + "peer": { + "Addr": "10.0.100.1", + "Port": "3306" + }, "stat": { "total_inbound_packets": 1491, "total_inbound_bytes": 1480239, @@ -89,15 +95,21 @@ $ lsconntrack --json | jq -r -M '.' } }, { - "mode": "passive", - "local_addr_port": "localhost:80", - "peer_addr_port": "10.0.200.1:many", + "direction": "passive", + "local": { + "Addr": "localhost", + "Port": "80" + }, + "peer": { + "Addr": "10.0.200.1", + "Port": "many" + }, "stat": { "total_inbound_packets": 1491, "total_inbound_bytes": 1480239, "total_outbound_packets": 1537, "total_outbound_bytes": 520613 - }, + } }, ... ] From 9f874e1f5f098b842797cf2530175d093f35d384 Mon Sep 17 00:00:00 2001 From: y_uuki Date: Sun, 4 Mar 2018 18:05:14 +0900 Subject: [PATCH 3/5] Use lower letter --- README.md | 12 ++++++------ conntrack/conntrack.go | 4 ++-- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index a19a67d..52f8f3c 100644 --- a/README.md +++ b/README.md @@ -84,8 +84,8 @@ $ lsconntrack --json | jq -r -M '.' "Port": "many" }, "peer": { - "Addr": "10.0.100.1", - "Port": "3306" + "addr": "10.0.100.1", + "port": "3306" }, "stat": { "total_inbound_packets": 1491, @@ -97,12 +97,12 @@ $ lsconntrack --json | jq -r -M '.' { "direction": "passive", "local": { - "Addr": "localhost", - "Port": "80" + "addr": "localhost", + "port": "80" }, "peer": { - "Addr": "10.0.200.1", - "Port": "many" + "addr": "10.0.200.1", + "port": "many" }, "stat": { "total_inbound_packets": 1491, diff --git a/conntrack/conntrack.go b/conntrack/conntrack.go index 2a1e4c5..9135488 100644 --- a/conntrack/conntrack.go +++ b/conntrack/conntrack.go @@ -76,8 +76,8 @@ func (s *HostFlowStat) String() string { // AddrPort are : type AddrPort struct { - Addr string - Port string + Addr string `json:"addr"` + Port string `json:"port"` } // String returns the string representation of the AddrPort. From 29111aadaf49bb5931d097ac07a01c0379987e70 Mon Sep 17 00:00:00 2001 From: y_uuki Date: Sun, 4 Mar 2018 18:11:13 +0900 Subject: [PATCH 4/5] Refactor uniqKey --- conntrack/conntrack.go | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/conntrack/conntrack.go b/conntrack/conntrack.go index 9135488..8bed6dd 100644 --- a/conntrack/conntrack.go +++ b/conntrack/conntrack.go @@ -91,7 +91,6 @@ type HostFlow struct { Local *AddrPort `json:"local"` Peer *AddrPort `json:"peer"` Stat *HostFlowStat `json:"stat"` - uniqKey string } // HasDirection returns whether . @@ -109,11 +108,16 @@ func (f *HostFlow) ReplaceLookupedName() { f.Peer.Addr = netutil.ResolveAddr(f.Peer.Addr) } +// UniqKey returns the unique key for connections aggregation +func (f *HostFlow) UniqKey() string { + return fmt.Sprintf("%d-%s-%s", f.Direction, f.Local, f.Peer) +} + // HostFlows represents a group of host flow by unique key. type HostFlows map[string]*HostFlow func (hf HostFlows) insert(flow *HostFlow) { - key := flow.uniqKey + key := flow.UniqKey() if _, ok := hf[key]; !ok { hf[key] = flow return @@ -167,7 +171,6 @@ func (f *flow) toHostFlow(localAddrs []string, fports FilterPorts) *HostFlow { break } } - uniqKey := fmt.Sprintf("%d-%s", direction, net.JoinHostPort(addr, port)) switch direction { case FlowUnknown: return nil @@ -182,7 +185,6 @@ func (f *flow) toHostFlow(localAddrs []string, fports FilterPorts) *HostFlow { TotalOutboundPackets: f.originalPackets, TotalOutboundBytes: f.originalBytes, }, - uniqKey: uniqKey, } case FlowPassive: return &HostFlow{ @@ -195,7 +197,6 @@ func (f *flow) toHostFlow(localAddrs []string, fports FilterPorts) *HostFlow { TotalOutboundPackets: f.replyPackets, TotalOutboundBytes: f.replyBytes, }, - uniqKey: uniqKey, } } return nil From ef757fb8de1810c51086b02e037170eb87ca41dd Mon Sep 17 00:00:00 2001 From: y_uuki Date: Sun, 4 Mar 2018 18:14:24 +0900 Subject: [PATCH 5/5] Fix dividing out direction of arrow --- conntrack/conntrack.go | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/conntrack/conntrack.go b/conntrack/conntrack.go index 8bed6dd..3686362 100644 --- a/conntrack/conntrack.go +++ b/conntrack/conntrack.go @@ -100,7 +100,13 @@ func (f *HostFlow) HasDirection(dire FlowDirection) bool { // String returns the string representation of HostFlow. func (f *HostFlow) String() string { - return fmt.Sprintf("%s\t --> \t%s \t%s", f.Local, f.Peer, f.Stat) + switch f.Direction { + case FlowActive: + return fmt.Sprintf("%s\t --> \t%s \t%s", f.Local, f.Peer, f.Stat) + case FlowPassive: + return fmt.Sprintf("%s\t <-- \t%s \t%s", f.Local, f.Peer, f.Stat) + } + return "" } // ReplaceLookupedName replaces f.Addr into lookuped name.