Add bidirectional packet capture #6882
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
@hangyan please let me know what you think about this |
antoninbas
reviewed
Dec 23, 2024
|
Hey @hangyan @antoninbas, I made the changes in the bpf code according to the one generated by tcpdump. When I try to test the bidirectional packet capture, it fails with this log Could you please take a look and help me identify what might be going wrong? Also, golangci-lint is giving me this error even though I have changed the |
this error was reported by golangci on windows, we have a |
hangyan
reviewed
Jan 2, 2025
|
I’ve added the Please let me know if any adjustments are needed or if there's anything else I should update or add. Captured packetsICMP (SourceToDestination) ICMP (DestinationToSource) ICMP (Both) TCP (SourceToDestination) TCP (DestinationToSource) TCP (Both) |
hangyan
reviewed
Jan 8, 2025
antoninbas
reviewed
Jan 8, 2025
AryanBakliwal
force-pushed
the
bidirection
branch
from
7b17816 to
7eb34de
Compare
|
@antoninbas @hangyan I have refactored the |
antoninbas
reviewed
Jan 21, 2025
antoninbas
reviewed
Jan 28, 2025
antoninbas
reviewed
Feb 3, 2025
hangyan
reviewed
Feb 5, 2025
|
@antoninbas @hangyan Changed the function and param name, and added some comments. Please let me know if there’s anything else I should take care of. |
antoninbas
added
the
action/release-note
|
Hi @AryanBakliwal please re-base to the latest main branch and squash all your changes into one commit. Thanks. |
AryanBakliwal
force-pushed
the
bidirection
branch
2 times, most recently
from
474a382 to
4044b23
Compare
AryanBakliwal
force-pushed
the
bidirection
branch
from
4044b23 to
2df63b1
Compare
antoninbas
added
the
area/ops/packetcapture
antoninbas
reviewed
Feb 25, 2025
| // we need to check if the packet is a response (from destination to source). In this case, we skip to the instruction where we compare the | ||
| // loaded source IP with the destination IP from the packet spec. The skipRequestCheck flag indicates whether we need to call calculateSkipFalse | ||
| // to determine how many instructions to skip before checking for response packets or just skip to the last instruction (drop packet). | ||
| if skipRequestCheck { |
There was a problem hiding this comment.
is there a better name than skipRequestCheck? Even after reading the comment, the name still doesn't make sense to me.
There was a problem hiding this comment.
@antoninbas Since it tells if we need to jump to return traffic check part of the filter, how about checkIfResponse or jumpToResponseCheck ?
There was a problem hiding this comment.
IMO the current variable name is the "opposite" of what it should be almost.
Maybe I would go with needsOtherTrafficDirectionCheck as a drop-in replacement for skipRequestCheck?
There was a problem hiding this comment.
needsOtherTrafficDirectionCheck makes sense. Or maybe needsReturnTrafficDirectionCheck to be more specific?
There was a problem hiding this comment.
I wouldn't assume that we check one direction before the other. That's why I would recommend sticking with "other direction".
There was a problem hiding this comment.
Changed the name and also rephrased the comment to better reflect its purpose.
antoninbas
reviewed
Feb 27, 2025
| // we need to check if the packet is a response (from destination to source). In this case, we skip to the instruction where we compare the | ||
| // loaded source IP with the destination IP from the packet spec. The skipRequestCheck flag indicates whether we need to call calculateSkipFalse | ||
| // to determine how many instructions to skip before checking for response packets or just skip to the last instruction (drop packet). | ||
| if skipRequestCheck { |
There was a problem hiding this comment.
IMO the current variable name is the "opposite" of what it should be almost.
Maybe I would go with needsOtherTrafficDirectionCheck as a drop-in replacement for skipRequestCheck?
Signed-off-by: Aryan Bakliwal <aryanbakliwal12345@gmail.com>
AryanBakliwal
force-pushed
the
bidirection
branch
from
2df63b1 to
d71b417
Compare
antoninbas
approved these changes
Mar 6, 2025
There was a problem hiding this comment.
LGTM, thanks for this great contribution and for your patience during the review process
@hangyan do you want to take another look?
|
@AryanBakliwal I just started the Github workflows, let's see if there is any test or linting failure |
sure. will do it now and give my feedback soon |
|
LGTM. Thanks @AryanBakliwal |
|
Thank you @antoninbas and @hangyan for guiding me through this. Your support made it much easier :) |
|
/test-all |
|
@AryanBakliwal One if your new e2e tests has failed in CI. I'm copying the logs below for convenience. PTAL. Logs for failed test |
I'll look into it. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
fixes: #6862
Added
bidirectionalfield in packet capture CR spec.For testing, I created two pods and pinged one from the other.
Screenshot of the
.pcapngoutput file.