File: debug.go

package info (click to toggle)
opensnitch 1.6.9-3
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid, trixie
  • size: 5,980 kB
  • sloc: python: 12,604; ansic: 1,965; sh: 435; makefile: 239; xml: 50; sql: 3
file content (101 lines) | stat: -rw-r--r-- 2,665 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
 
package ebpf

import (
	"fmt"
	"os/exec"
	"strconv"
	"syscall"
	"unsafe"

	"github.com/evilsocket/opensnitch/daemon/log"
	daemonNetlink "github.com/evilsocket/opensnitch/daemon/netlink"
	elf "github.com/iovisor/gobpf/elf"
)

// print map contents. used only for debugging
func dumpMap(bpfmap *elf.Map, isIPv6 bool) {
	var lookupKey []byte
	var nextKey []byte
	var value []byte
	if !isIPv6 {
		lookupKey = make([]byte, 12)
		nextKey = make([]byte, 12)
	} else {
		lookupKey = make([]byte, 36)
		nextKey = make([]byte, 36)
	}
	value = make([]byte, 40)
	firstrun := true
	i := 0
	for {
		i++
		ok, err := m.LookupNextElement(bpfmap, unsafe.Pointer(&lookupKey[0]),
			unsafe.Pointer(&nextKey[0]), unsafe.Pointer(&value[0]))
		if err != nil {
			log.Error("eBPF LookupNextElement error: %v", err)
			return
		}
		if firstrun {
			// on first run lookupKey is a dummy, nothing to delete
			firstrun = false
			copy(lookupKey, nextKey)
			continue
		}
		fmt.Println("key, value", lookupKey, value)

		if !ok { //reached end of map
			break
		}
		copy(lookupKey, nextKey)
	}
}

//PrintEverything prints all the stats. used only for debugging
func PrintEverything() {
	bash, _ := exec.LookPath("bash")
	//get the number of the first map
	out, err := exec.Command(bash, "-c", "bpftool map show | head -n 1 | cut -d ':' -f1").Output()
	if err != nil {
		fmt.Println("bpftool map dump name tcpMap ", err)
	}
	i, _ := strconv.Atoi(string(out[:len(out)-1]))
	fmt.Println("i is", i)

	//dump all maps for analysis
	for j := i; j < i+14; j++ {
		_, _ = exec.Command(bash, "-c", "bpftool map dump id "+strconv.Itoa(j)+" > dump"+strconv.Itoa(j)).Output()
	}

	alreadyEstablished.RLock()
	for sock1, v := range alreadyEstablished.TCP {
		fmt.Println(*sock1, v)
	}

	fmt.Println("---------------------")
	for sock1, v := range alreadyEstablished.TCPv6 {
		fmt.Println(*sock1, v)
	}
	alreadyEstablished.RUnlock()

	fmt.Println("---------------------")
	sockets, _ := daemonNetlink.SocketsDump(syscall.AF_INET, syscall.IPPROTO_TCP)
	for idx := range sockets {
		fmt.Println("socket tcp: ", sockets[idx])
	}
	fmt.Println("---------------------")
	sockets, _ = daemonNetlink.SocketsDump(syscall.AF_INET6, syscall.IPPROTO_TCP)
	for idx := range sockets {
		fmt.Println("socket tcp6: ", sockets[idx])
	}
	fmt.Println("---------------------")
	sockets, _ = daemonNetlink.SocketsDump(syscall.AF_INET, syscall.IPPROTO_UDP)
	for idx := range sockets {
		fmt.Println("socket udp: ", sockets[idx])
	}
	fmt.Println("---------------------")
	sockets, _ = daemonNetlink.SocketsDump(syscall.AF_INET6, syscall.IPPROTO_UDP)
	for idx := range sockets {
		fmt.Println("socket udp6: ", sockets[idx])
	}

}