func (agent *SFlowAgent) start() error {
var buf [maxDgramSize]byte
addr := net.UDPAddr{
Port: agent.Port,
IP: net.ParseIP(agent.Addr),
}
conn, err := net.ListenUDP("udp", &addr)
defer conn.Close()
if err != nil {
logging.GetLogger().Error("Unable to listen on port %d: %s", agent.Port, err.Error())
return err
}
for {
_, _, err := conn.ReadFromUDP(buf[:])
if err != nil {
continue
}
p := gopacket.NewPacket(buf[:], layers.LayerTypeSFlow, gopacket.Default)
sflowLayer := p.Layer(layers.LayerTypeSFlow)
sflowPacket, ok := sflowLayer.(*layers.SFlowDatagram)
if !ok {
continue
}
if sflowPacket.SampleCount > 0 {
for _, sample := range sflowPacket.FlowSamples {
flows := flow.FLowsFromSFlowSample(sflowPacket.AgentAddress.String(), &sample)
logging.GetLogger().Debug("%d flows captured", len(flows))
if agent.FlowMapper != nil {
agent.FlowMapper.Enhance(flows)
}
if agent.AnalyzerClient != nil {
agent.AnalyzerClient.SendFlows(flows)
}
}
}
}
return nil
}
func (probe *SFlowProbe) Start() error {
probe.wg.Add(1)
defer probe.wg.Done()
var buf [maxDgramSize]byte
addr := net.UDPAddr{
Port: probe.Port,
IP: net.ParseIP(probe.Addr),
}
conn, err := net.ListenUDP("udp", &addr)
if err != nil {
logging.GetLogger().Error("Unable to listen on port %d: %s", probe.Port, err.Error())
return err
}
defer conn.Close()
conn.SetDeadline(time.Now().Add(1 * time.Second))
// start index/mac cache updater
go probe.cacheUpdater()
flowtable := flow.NewFlowTable()
cfgFlowtable_expire, err := config.GetConfig().Section("agent").Key("flowtable_expire").Int()
if err != nil || cfgFlowtable_expire < 1 {
logging.GetLogger().Error("Config flowTable_expire invalid value ", cfgFlowtable_expire, err.Error())
return err
}
go flowtable.AsyncExpire(probe.flowExpire, time.Duration(cfgFlowtable_expire)*time.Minute)
for probe.running.Load() == true {
_, _, err := conn.ReadFromUDP(buf[:])
if err != nil {
conn.SetDeadline(time.Now().Add(1 * time.Second))
continue
}
p := gopacket.NewPacket(buf[:], layers.LayerTypeSFlow, gopacket.Default)
sflowLayer := p.Layer(layers.LayerTypeSFlow)
sflowPacket, ok := sflowLayer.(*layers.SFlowDatagram)
if !ok {
continue
}
if sflowPacket.SampleCount > 0 {
for _, sample := range sflowPacket.FlowSamples {
flows := flow.FLowsFromSFlowSample(flowtable, &sample, probe.getProbePath(sample.InputInterface))
logging.GetLogger().Debug("%d flows captured", len(flows))
flowtable.Update(flows)
if probe.FlowMappingPipeline != nil {
probe.FlowMappingPipeline.Enhance(flows)
}
if probe.AnalyzerClient != nil {
// FIX(safchain) add flow state cache in order to send only flow changes
// to not flood the analyzer
probe.AnalyzerClient.SendFlows(flows)
}
}
}
}
return nil
}
func (sfa *SFlowAgent) start() error {
sfa.wg.Add(1)
defer sfa.wg.Done()
var buf [maxDgramSize]byte
addr := net.UDPAddr{
Port: sfa.Port,
IP: net.ParseIP(sfa.Addr),
}
conn, err := net.ListenUDP("udp", &addr)
if err != nil {
logging.GetLogger().Errorf("Unable to listen on port %d: %s", sfa.Port, err.Error())
return err
}
defer conn.Close()
conn.SetDeadline(time.Now().Add(1 * time.Second))
flowtable := flow.NewFlowTable()
cfgFlowtable_expire := config.GetConfig().GetInt("agent.flowtable_expire")
go flowtable.AsyncExpire(sfa.flowExpire, time.Duration(cfgFlowtable_expire)*time.Minute)
for sfa.running.Load() == true {
_, _, err := conn.ReadFromUDP(buf[:])
if err != nil {
conn.SetDeadline(time.Now().Add(1 * time.Second))
continue
}
p := gopacket.NewPacket(buf[:], layers.LayerTypeSFlow, gopacket.Default)
sflowLayer := p.Layer(layers.LayerTypeSFlow)
sflowPacket, ok := sflowLayer.(*layers.SFlowDatagram)
if !ok {
continue
}
if sflowPacket.SampleCount > 0 {
for _, sample := range sflowPacket.FlowSamples {
var probePath string
if sfa.ProbePathGetter != nil {
probePath = sfa.ProbePathGetter.GetProbePath(int64(sample.InputInterface))
}
flows := flow.FLowsFromSFlowSample(flowtable, &sample, probePath)
logging.GetLogger().Debugf("%d flows captured at %v", len(flows), probePath)
flowtable.Update(flows)
if sfa.FlowMappingPipeline != nil {
sfa.FlowMappingPipeline.Enhance(flows)
}
if sfa.AnalyzerClient != nil {
// FIX(safchain) add flow state cache in order to send only flow changes
// to not flood the analyzer
sfa.AnalyzerClient.SendFlows(flows)
}
}
}
}
return nil
}