github/kubeshark
1
0
Fork 0
mirror of https://github.com/kubeshark/kubeshark.git synced 2025-09-06 21:11:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Bring back the removed checksum, nooptcheck and ignorefsmerr flags

Browse Source
This commit is contained in:
M. Mert Yildiran
2022-04-24 15:47:39 +03:00
parent 2a21059781
commit 0c5678976c
2 changed files with 27 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
tap/api/api.go
View File

@@ -5,6 +5,7 @@ import (
"bytes" "bytes"
"encoding/json" "encoding/json"
"errors" "errors"
"flag"
"fmt" "fmt"
"io/ioutil" "io/ioutil"
"net" "net"
@@ -19,6 +20,10 @@ import (
"github.com/up9inc/mizu/tap/api/diagnose" "github.com/up9inc/mizu/tap/api/diagnose"
) )
var checksum = flag.Bool("checksum", false, "Check TCP checksum") // global
var nooptcheck = flag.Bool("nooptcheck", true, "Do not check TCP options (useful to ignore MSS on captures with TSO)") // global
var ignorefsmerr = flag.Bool("ignorefsmerr", true, "Ignore TCP FSM errors") // global
const mizuTestEnvVar = "MIZU_TEST" const mizuTestEnvVar = "MIZU_TEST"
const UNKNOWN_NAMESPACE = "" const UNKNOWN_NAMESPACE = ""

23
tap/api/tcp_stream.go
View File

@@ -45,17 +45,38 @@ func (t *TcpStream) Accept(tcp *layers.TCP, ci gopacket.CaptureInfo, dir reassem
t.fsmerr = true t.fsmerr = true
diagnose.InternalStats.RejectConnFsm++ diagnose.InternalStats.RejectConnFsm++
} }
if !*ignorefsmerr {
return false
}
} }
// Options // Options
err := t.Optchecker.Accept(tcp, ci, dir, nextSeq, start) err := t.Optchecker.Accept(tcp, ci, dir, nextSeq, start)
if err != nil { if err != nil {
diagnose.TapErrors.SilentError("OptionChecker-rejection", "%s: Packet rejected by OptionChecker: %s", t.Ident, err) diagnose.TapErrors.SilentError("OptionChecker-rejection", "%s: Packet rejected by OptionChecker: %s", t.Ident, err)
diagnose.InternalStats.RejectOpt++ diagnose.InternalStats.RejectOpt++
if !*nooptcheck {
return false
}
}
// Checksum
accept := true
if *checksum {
c, err := tcp.ComputeChecksum()
if err != nil {
diagnose.TapErrors.SilentError("ChecksumCompute", "%s: Got error computing checksum: %s", t.Ident, err)
accept = false
} else if c != 0x0 {
diagnose.TapErrors.SilentError("Checksum", "%s: Invalid checksum: 0x%x", t.Ident, c)
accept = false
}
}
if !accept {
diagnose.InternalStats.RejectOpt++
} }
*start = true *start = true
return true return accept
} }
func (t *TcpStream) ReassembledSG(sg reassembly.ScatterGather, ac reassembly.AssemblerContext) { func (t *TcpStream) ReassembledSG(sg reassembly.ScatterGather, ac reassembly.AssemblerContext) {