diff --git a/Dockerfile b/Dockerfile
index 2f871aaf2a140279a630ed5481c7f0660d0090a8..d2260fe6a661b3db4a551bdb9d586a8390e56e54 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -16,6 +16,7 @@ WORKDIR /opt/app-root/src
# END OF LINES TO REMOVE
# Copy the go manifests and source
+COPY .git/ .git/
COPY bpf/ bpf/
COPY cmd/ cmd/
COPY pkg/ pkg/
diff --git a/README.md b/README.md
index 242a05907584a0180cb6603ddab5b18e448ff947..3c35017714c8c1540cc5a4a144ccbc2d3ca38079 100644
--- a/README.md
+++ b/README.md
@@ -36,3 +36,10 @@ make generate
```
Tested in Fedora 35 and Red Hat Enterprise Linux 8.
+
+## Known issues
+
+## Extrenal Traffic in Openshift (OVN-Kubernetes CNI)
+
+For egress traffic, you can see the source Pod metadata. For ingress traffic (e.g. an HTTP response),
+you see the destination **Host** metadata.
\ No newline at end of file
diff --git a/bpf/flow.h b/bpf/flow.h
index 7a5dc10effb0d3e13c82e7af80c229ef85697829..587aadee2b38c4e86087e9ddac0c14575317ce4f 100644
--- a/bpf/flow.h
+++ b/bpf/flow.h
@@ -14,7 +14,7 @@ typedef __u64 u64;
struct data_link {
u8 src_mac[ETH_ALEN];
u8 dst_mac[ETH_ALEN];
-};
+} __attribute__((packed));
// L3 network layer
struct network {
@@ -22,14 +22,14 @@ struct network {
// todo: support ipv6
u32 src_ip;
u32 dst_ip;
-};
+} __attribute__((packed));
// L4 transport layer
struct transport {
u16 src_port;
u16 dst_port;
u8 protocol;
-};
+} __attribute__((packed));
// TODO: L5 session layer to bound flows to connections?
diff --git a/examples/performance/deployment.yml b/examples/performance/deployment.yml
index 202d5eaa7257008dfa61c90aa229993762a03a05..de1a327c6f65860cc1c87eef8ee26ed514cad448 100644
--- a/examples/performance/deployment.yml
+++ b/examples/performance/deployment.yml
@@ -67,8 +67,10 @@ spec:
value: call_error,cares_resolver,dns_resolver
- name: GRPC_DNS_RESOLVER
value: "ares"
- - name: FLOWS_TARGET
- value: "packet-counter:9999"
+ - name: FLOWS_TARGET_HOST
+ value: "packet-counter"
+ - name: FLOWS_TARGET_PORT
+ value: "9999"
# resources:
# limits:
# cpu: "1000m"
diff --git a/pkg/ebpf/bpf_bpfeb.o b/pkg/ebpf/bpf_bpfeb.o
index 53ffac65f0eeff01e237d83e7ba76d63ab7aee29..208ca53bf2294b8a1b30f720307c32dcf618b0bb 100644
Binary files a/pkg/ebpf/bpf_bpfeb.o and b/pkg/ebpf/bpf_bpfeb.o differ
diff --git a/pkg/ebpf/bpf_bpfel.o b/pkg/ebpf/bpf_bpfel.o
index b41750c4e22049a6f60acb6c04610004a7976d09..81252eea91e8758f00fa67fa5bed397f718cd129 100644
Binary files a/pkg/ebpf/bpf_bpfel.o and b/pkg/ebpf/bpf_bpfel.o differ
diff --git a/pkg/flow/record_test.go b/pkg/flow/record_test.go
new file mode 100644
index 0000000000000000000000000000000000000000..5e75aa0a26c523e38b72bcb6b60b5cc4080090cf
--- /dev/null
+++ b/pkg/flow/record_test.go
@@ -0,0 +1,50 @@
+package flow
+
+import (
+ "bytes"
+ "testing"
+
+ "github.com/stretchr/testify/assert"
+ "github.com/stretchr/testify/require"
+)
+
+func TestRecordBinaryEncoding(t *testing.T) {
+ // Makes sure that we read the C *packed* flow structure according
+ // to the order defined in bpf/flow.h
+ fr, err := ReadFrom(bytes.NewReader([]byte{
+ 0x01, 0x02, // u16 protocol
+ 0x03, // u16 direction
+ 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, // data_link: u8[6] src_mac
+ 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, // data_link: u8[6] dst_mac
+ 0x06, 0x07, 0x08, 0x09, // network: u32 src_ip
+ 0x0a, 0x0b, 0x0c, 0x0d, // network: u32 dst_ip
+ 0x0e, 0x0f, // transport: u16 src_port
+ 0x10, 0x11, // transport: u16 dst_port
+ 0x12, // transport: u8protocol
+ 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, // u64 bytes
+ }))
+ require.NoError(t, err)
+
+ assert.Equal(t, Record{
+ rawRecord: rawRecord{
+ key: key{
+ Protocol: 0x0201,
+ Direction: 0x03,
+ DataLink: DataLink{
+ SrcMac: MacAddr{0x04, 0x05, 0x06, 0x07, 0x08, 0x09},
+ DstMac: MacAddr{0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f},
+ },
+ Network: Network{
+ SrcAddr: 0x09080706,
+ DstAddr: 0x0d0c0b0a,
+ },
+ Transport: Transport{
+ SrcPort: 0x0f0e,
+ DstPort: 0x1110,
+ Protocol: 0x12,
+ },
+ },
+ Bytes: 0x1a19181716151413,
+ },
+ }, *fr)
+}