From 9c2d07bed594a941d73a9461038b075967424058 Mon Sep 17 00:00:00 2001
From: Mario Macias <mmaciasl@redhat.com>
Date: Wed, 13 Apr 2022 17:14:38 +0200
Subject: [PATCH] Fix reported bytes (#14)

---
 Dockerfile                          |   1 +
 README.md                           |   7 ++++
 bpf/flow.h                          |   6 ++--
 examples/performance/deployment.yml |   6 ++--
 pkg/ebpf/bpf_bpfeb.o                | Bin 8400 -> 8400 bytes
 pkg/ebpf/bpf_bpfel.o                | Bin 9248 -> 9248 bytes
 pkg/flow/record_test.go             |  50 ++++++++++++++++++++++++++++
 7 files changed, 65 insertions(+), 5 deletions(-)
 create mode 100644 pkg/flow/record_test.go

diff --git a/Dockerfile b/Dockerfile
index 2f871aaf..d2260fe6 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -16,6 +16,7 @@ WORKDIR /opt/app-root/src
 # END OF LINES TO REMOVE
 
 # Copy the go manifests and source
+COPY .git/ .git/
 COPY bpf/ bpf/
 COPY cmd/ cmd/
 COPY pkg/ pkg/
diff --git a/README.md b/README.md
index 242a0590..3c350177 100644
--- a/README.md
+++ b/README.md
@@ -36,3 +36,10 @@ make generate
 ```
 
 Tested in Fedora 35 and Red Hat Enterprise Linux 8.
+
+## Known issues
+
+## Extrenal Traffic in Openshift (OVN-Kubernetes CNI)
+
+For egress traffic, you can see the source Pod metadata. For ingress traffic (e.g. an HTTP response),
+you see the destination **Host** metadata.
\ No newline at end of file
diff --git a/bpf/flow.h b/bpf/flow.h
index 7a5dc10e..587aadee 100644
--- a/bpf/flow.h
+++ b/bpf/flow.h
@@ -14,7 +14,7 @@ typedef __u64 u64;
 struct data_link {
     u8 src_mac[ETH_ALEN];
     u8 dst_mac[ETH_ALEN];
-};
+} __attribute__((packed));
 
 // L3 network layer
 struct network {
@@ -22,14 +22,14 @@ struct network {
     // todo: support ipv6
     u32 src_ip;
     u32 dst_ip;
-};
+} __attribute__((packed));
 
 // L4 transport layer
 struct transport {
     u16 src_port;
     u16 dst_port;
     u8 protocol;
-};
+} __attribute__((packed));
 
 // TODO: L5 session layer to bound flows to connections?
 
diff --git a/examples/performance/deployment.yml b/examples/performance/deployment.yml
index 202d5eaa..de1a327c 100644
--- a/examples/performance/deployment.yml
+++ b/examples/performance/deployment.yml
@@ -67,8 +67,10 @@ spec:
           value: call_error,cares_resolver,dns_resolver
         - name: GRPC_DNS_RESOLVER
           value: "ares"
-        - name: FLOWS_TARGET
-          value: "packet-counter:9999"
+        - name: FLOWS_TARGET_HOST
+          value: "packet-counter"
+        - name: FLOWS_TARGET_PORT
+          value: "9999"
 #      resources:
 #        limits:
 #          cpu: "1000m"
diff --git a/pkg/ebpf/bpf_bpfeb.o b/pkg/ebpf/bpf_bpfeb.o
index 53ffac65f0eeff01e237d83e7ba76d63ab7aee29..208ca53bf2294b8a1b30f720307c32dcf618b0bb 100644
GIT binary patch
delta 156
zcmccMc)@W(KBLOUg2PPuN(>AP4Ev2hBm+aa0hksjW@b<Xv5J`(ltFa40*GXgC}x_R
z#Vp5C%*Y@!`45}U<PFUFj4GQSFdt^JgqQ=?#lQenFHp<`HHQ&ujsVmgMh38n+XWaH
QCg(8AfKA-|hwX|a0DtKkJ^%m!

delta 162
zcmccMc)@W(KBMZ!g2POf$_xw)4Ev2hBm+aa0hksjW@b<Vv5J`(R6umO0*GXgC}v_%
z1hI-485AbpVUwA}t}%H7vp%Eh<_FA&nH(WzfmJXtK=lX|GeON_gqkG)GJ!#&m=R*u
Ob_kyVX67dL3z7h?ycu8s

diff --git a/pkg/ebpf/bpf_bpfel.o b/pkg/ebpf/bpf_bpfel.o
index b41750c4e22049a6f60acb6c04610004a7976d09..81252eea91e8758f00fa67fa5bed397f718cd129 100644
GIT binary patch
delta 200
zcmZ4BvA|<O4x`G(Twmruc?J;JuM8p?7|NL$7z7v?7>W(#zyiezGGMx#iGhIwB(5L}
z<`)Y<G!zRcLHUYMT46FbOC+Pp=2RA6=18dFLSQ)tkRf2h6`+O-Kn-Vv8ZH1ad^;mV
NJswLob90Ew008vo7JdK#

delta 160
zcmZ4BvA|<O4x{SETwi8O1qKk<uM8p?7|NL$7z7v?7>W(#!2-n!vS7NLiGhIwB(5L_
z<`)a7On%KQJ6V7wgi&>KDvK|(Bh(-vusj1u1K1!1s6hfygBYO(2|x_m&InNtHE^>4
Hhky(KW4aZ-

diff --git a/pkg/flow/record_test.go b/pkg/flow/record_test.go
new file mode 100644
index 00000000..5e75aa0a
--- /dev/null
+++ b/pkg/flow/record_test.go
@@ -0,0 +1,50 @@
+package flow
+
+import (
+	"bytes"
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
+)
+
+func TestRecordBinaryEncoding(t *testing.T) {
+	// Makes sure that we read the C *packed* flow structure according
+	// to the order defined in bpf/flow.h
+	fr, err := ReadFrom(bytes.NewReader([]byte{
+		0x01, 0x02, // u16 protocol
+		0x03,                               // u16 direction
+		0x04, 0x05, 0x06, 0x07, 0x08, 0x09, // data_link: u8[6] src_mac
+		0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, // data_link: u8[6] dst_mac
+		0x06, 0x07, 0x08, 0x09, // network: u32 src_ip
+		0x0a, 0x0b, 0x0c, 0x0d, // network: u32 dst_ip
+		0x0e, 0x0f, // transport: u16 src_port
+		0x10, 0x11, // transport: u16 dst_port
+		0x12,                                           // transport: u8protocol
+		0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, // u64 bytes
+	}))
+	require.NoError(t, err)
+
+	assert.Equal(t, Record{
+		rawRecord: rawRecord{
+			key: key{
+				Protocol:  0x0201,
+				Direction: 0x03,
+				DataLink: DataLink{
+					SrcMac: MacAddr{0x04, 0x05, 0x06, 0x07, 0x08, 0x09},
+					DstMac: MacAddr{0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f},
+				},
+				Network: Network{
+					SrcAddr: 0x09080706,
+					DstAddr: 0x0d0c0b0a,
+				},
+				Transport: Transport{
+					SrcPort:  0x0f0e,
+					DstPort:  0x1110,
+					Protocol: 0x12,
+				},
+			},
+			Bytes: 0x1a19181716151413,
+		},
+	}, *fr)
+}
-- 
GitLab