Example #1
0
func main() {
	cs, err := procspy.Connections(true)
	if err != nil {
		panic(err)
	}
	fmt.Printf("TCP Connections:\n")
	for c := cs.Next(); c != nil; c = cs.Next() {
		fmt.Printf(" - %+v\n", c)
	}
}
Example #2
0
// Report implements Reporter.
func (r *Reporter) Report() (report.Report, error) {
	defer func(begin time.Time) {
		SpyDuration.WithLabelValues().Observe(float64(time.Since(begin)))
	}(time.Now())

	hostNodeID := report.MakeHostNodeID(r.hostID)
	rpt := report.MakeReport()

	{
		conns, err := procspy.Connections(r.includeProcesses)
		if err != nil {
			return rpt, err
		}
		commonNodeInfo := report.MakeNode().WithMetadata(report.Metadata{
			Procspied: "true",
		})
		for conn := conns.Next(); conn != nil; conn = conns.Next() {
			var (
				localPort  = conn.LocalPort
				remotePort = conn.RemotePort
				localAddr  = conn.LocalAddress.String()
				remoteAddr = conn.RemoteAddress.String()
			)
			extraNodeInfo := commonNodeInfo.Copy()
			if conn.Proc.PID > 0 {
				extraNodeInfo = extraNodeInfo.WithMetadata(report.Metadata{
					process.PID:       strconv.FormatUint(uint64(conn.Proc.PID), 10),
					report.HostNodeID: hostNodeID,
				})
			}
			r.addConnection(&rpt, localAddr, remoteAddr, localPort, remotePort, &extraNodeInfo, &commonNodeInfo)
		}
	}

	if r.conntracker != nil {
		extraNodeInfo := report.MakeNode().WithMetadata(report.Metadata{
			Conntracked: "true",
		})
		r.conntracker.WalkFlows(func(f Flow) {
			var (
				localPort  = uint16(f.Original.Layer4.SrcPort)
				remotePort = uint16(f.Original.Layer4.DstPort)
				localAddr  = f.Original.Layer3.SrcIP
				remoteAddr = f.Original.Layer3.DstIP
			)
			r.addConnection(&rpt, localAddr, remoteAddr, localPort, remotePort, &extraNodeInfo, &extraNodeInfo)
		})
	}

	if r.natmapper != nil {
		r.natmapper.ApplyNAT(rpt, r.hostID)
	}

	return rpt, nil
}
Example #3
0
func Example() {
	lookupProcesses := true
	cs, err := procspy.Connections(lookupProcesses)
	if err != nil {
		panic(err)
	}

	fmt.Printf("TCP Connections:\n")
	for c := cs.Next(); c != nil; c = cs.Next() {
		fmt.Printf(" - %v\n", c)
	}
}
Example #4
0
func (rep *reporter) Report() (report.Report, error) {
	defer func(begin time.Time) {
		SpyDuration.WithLabelValues().Observe(float64(time.Since(begin)))
	}(time.Now())

	r := report.MakeReport()
	conns, err := procspy.Connections(rep.includeProcesses)
	if err != nil {
		return r, err
	}

	for conn := conns.Next(); conn != nil; conn = conns.Next() {
		rep.addConnection(&r, conn)
	}

	if rep.includeNAT {
		err = applyNAT(r, rep.hostID)
	}

	return r, err
}
Example #5
0
// Report implements Reporter.
func (r *Reporter) Report() (report.Report, error) {
	defer func(begin time.Time) {
		SpyDuration.WithLabelValues().Observe(float64(time.Since(begin)))
	}(time.Now())

	rpt := report.MakeReport()
	conns, err := procspy.Connections(r.includeProcesses)
	if err != nil {
		return rpt, err
	}

	for conn := conns.Next(); conn != nil; conn = conns.Next() {
		var (
			localPort  = conn.LocalPort
			remotePort = conn.RemotePort
			localAddr  = conn.LocalAddress.String()
			remoteAddr = conn.RemoteAddress.String()
		)
		r.addConnection(&rpt, localAddr, remoteAddr, localPort, remotePort, &conn.Proc)
	}

	if r.conntracker != nil {
		r.conntracker.WalkFlows(func(f Flow) {
			var (
				localPort  = f.Original.Layer4.SrcPort
				remotePort = f.Original.Layer4.DstPort
				localAddr  = f.Original.Layer3.SrcIP
				remoteAddr = f.Original.Layer3.DstIP
			)
			r.addConnection(&rpt, localAddr, remoteAddr, uint16(localPort), uint16(remotePort), nil)
		})
	}

	if r.natmapper != nil {
		r.natmapper.applyNAT(rpt, r.hostID)
	}

	return rpt, err
}