From 1394b5d76cdbaff5a08dd586864209647c1a59f8 Mon Sep 17 00:00:00 2001 From: Guillermo Roche Date: Mon, 26 May 2025 20:45:07 +0200 Subject: [PATCH] base commit --- .gitignore | 9 + Cargo.lock | 2142 +++++++++++++++++++++ Cargo.toml | 3 + README.md | 41 + net-logger-common/Cargo.toml | 15 + net-logger-common/src/lib.rs | 18 + net-logger-ebpf/.cargo/config.toml | 6 + net-logger-ebpf/.helix/config.toml | 2 + net-logger-ebpf/.vim/coc-settings.json | 4 + net-logger-ebpf/.vscode/settings.json | 4 + net-logger-ebpf/Cargo.lock | 197 ++ net-logger-ebpf/Cargo.toml | 34 + net-logger-ebpf/rust-toolchain.toml | 13 + net-logger-ebpf/src/main.rs | 23 + net-logger-ebpf/src/stract_data.rs | 113 ++ net-logger/Cargo.toml | 32 + net-logger/src/clasificator/ip_group.rs | 252 +++ net-logger/src/clasificator/ip_wrapper.rs | 50 + net-logger/src/clasificator/mod.rs | 3 + net-logger/src/clasificator/store.rs | 96 + net-logger/src/elk/elasticsearch.rs | 71 + net-logger/src/elk/mod.rs | 1 + net-logger/src/main.rs | 159 ++ net-logger/src/utils/ip.rs | 154 ++ net-logger/src/utils/mod.rs | 1 + xtask/Cargo.toml | 8 + xtask/src/build.rs | 42 + xtask/src/build_ebpf.rs | 67 + xtask/src/main.rs | 36 + xtask/src/run.rs | 55 + 30 files changed, 3651 insertions(+) create mode 100644 .gitignore create mode 100644 Cargo.lock create mode 100644 Cargo.toml create mode 100644 README.md create mode 100644 net-logger-common/Cargo.toml create mode 100644 net-logger-common/src/lib.rs create mode 100644 net-logger-ebpf/.cargo/config.toml create mode 100644 net-logger-ebpf/.helix/config.toml create mode 100644 net-logger-ebpf/.vim/coc-settings.json create mode 100644 net-logger-ebpf/.vscode/settings.json create mode 100644 net-logger-ebpf/Cargo.lock create mode 100644 net-logger-ebpf/Cargo.toml create mode 100644 net-logger-ebpf/rust-toolchain.toml create mode 100644 net-logger-ebpf/src/main.rs create mode 100644 net-logger-ebpf/src/stract_data.rs create mode 100644 net-logger/Cargo.toml create mode 100644 net-logger/src/clasificator/ip_group.rs create mode 100644 net-logger/src/clasificator/ip_wrapper.rs create mode 100644 net-logger/src/clasificator/mod.rs create mode 100644 net-logger/src/clasificator/store.rs create mode 100644 net-logger/src/elk/elasticsearch.rs create mode 100644 net-logger/src/elk/mod.rs create mode 100644 net-logger/src/main.rs create mode 100644 net-logger/src/utils/ip.rs create mode 100644 net-logger/src/utils/mod.rs create mode 100644 xtask/Cargo.toml create mode 100644 xtask/src/build.rs create mode 100644 xtask/src/build_ebpf.rs create mode 100644 xtask/src/main.rs create mode 100644 xtask/src/run.rs diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..9db7029 --- /dev/null +++ b/.gitignore @@ -0,0 +1,9 @@ +### https://raw.github.com/github/gitignore/master/Rust.gitignore + +# Generated by Cargo +# will have compiled files and executables +debug/ +target/ + +# These are backup files generated by rustfmt +**/*.rs.bk diff --git a/Cargo.lock b/Cargo.lock new file mode 100644 index 0000000..762790e --- /dev/null +++ b/Cargo.lock @@ -0,0 +1,2142 @@ +# This file is automatically @generated by Cargo. +# It is not intended for manual editing. +version = 4 + +[[package]] +name = "addr2line" +version = "0.22.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6e4503c46a5c0c7844e948c9a4d6acd9f50cccb4de1c48eb9e291ea17470c678" +dependencies = [ + "gimli", +] + +[[package]] +name = "adler" +version = "1.0.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f26201604c87b1e01bd3d98f8d5d9a8fcbb815e8cedb41ffccbeb4bf593a35fe" + +[[package]] +name = "adler2" +version = "2.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "512761e0bb2578dd7380c6baaa0f4ce03e84f95e960231d1dec8bf4d7d6e2627" + +[[package]] +name = "ahash" +version = "0.8.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e89da841a80418a9b391ebaea17f5c112ffaaa96f621d2c285b5174da76b9011" +dependencies = [ + "cfg-if", + "once_cell", + "version_check", + "zerocopy", +] + +[[package]] +name = "aho-corasick" +version = "1.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8e60d3430d3a69478ad0993f19238d2df97c507009a52b3c10addcd7f6bcb916" +dependencies = [ + "memchr", +] + +[[package]] +name = "allocator-api2" +version = "0.2.18" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5c6cb57a04249c6480766f7f7cef5467412af1490f8d1e243141daddada3264f" + +[[package]] +name = "android-tzdata" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e999941b234f3131b00bc13c22d06e8c5ff726d1b6318ac7eb276997bbb4fef0" + +[[package]] +name = "android_system_properties" +version = "0.1.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "819e7219dbd41043ac279b19830f2efc897156490d7fd6ea916720117ee66311" +dependencies = [ + "libc", +] + +[[package]] +name = "anstream" +version = "0.6.15" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "64e15c1ab1f89faffbf04a634d5e1962e9074f2741eef6d97f3c4e322426d526" +dependencies = [ + "anstyle", + "anstyle-parse", + "anstyle-query", + "anstyle-wincon", + "colorchoice", + "is_terminal_polyfill", + "utf8parse", +] + +[[package]] +name = "anstyle" +version = "1.0.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1bec1de6f59aedf83baf9ff929c98f2ad654b97c9510f4e70cf6f661d49fd5b1" + +[[package]] +name = "anstyle-parse" +version = "0.2.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "eb47de1e80c2b463c735db5b217a0ddc39d612e7ac9e2e96a5aed1f57616c1cb" +dependencies = [ + "utf8parse", +] + +[[package]] +name = "anstyle-query" +version = "1.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6d36fc52c7f6c869915e99412912f22093507da8d9e942ceaf66fe4b7c14422a" +dependencies = [ + "windows-sys 0.52.0", +] + +[[package]] +name = "anstyle-wincon" +version = "3.0.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5bf74e1b6e971609db8ca7a9ce79fd5768ab6ae46441c572e46cf596f59e57f8" +dependencies = [ + "anstyle", + "windows-sys 0.52.0", +] + +[[package]] +name = "anyhow" +version = "1.0.86" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b3d1d046238990b9cf5bcde22a3fb3584ee5cf65fb2765f454ed428c7a0063da" + +[[package]] +name = "assert_matches" +version = "1.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9b34d609dfbaf33d6889b2b7106d3ca345eacad44200913df5ba02bfd31d2ba9" + +[[package]] +name = "async-compression" +version = "0.4.21" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c0cf008e5e1a9e9e22a7d3c9a4992e21a350290069e36d8fb72304ed17e8f2d2" +dependencies = [ + "flate2", + "futures-core", + "memchr", + "pin-project-lite", + "tokio", +] + +[[package]] +name = "autocfg" +version = "1.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ace50bade8e6234aa140d9a2f552bbee1db4d353f69b8217bc503490fc1a9f26" + +[[package]] +name = "aya" +version = "0.12.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "90eea657cc8028447cbda5068f4e10c4fadba0131624f4f7dd1a9c46ffc8d81f" +dependencies = [ + "assert_matches", + "aya-obj", + "bitflags", + "bytes", + "lazy_static", + "libc", + "log", + "object 0.32.2", + "thiserror", + "tokio", +] + +[[package]] +name = "aya-log" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1f11a92f305b983e9f53433457dede617a4ad0aa22e4702220092f39e844c1a2" +dependencies = [ + "aya", + "aya-log-common", + "bytes", + "log", + "thiserror", + "tokio", +] + +[[package]] +name = "aya-log-common" +version = "0.1.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b6d38a351ee2d5dc24e04cac6184b1b39408642d9a8b585892c99146f8dd4edb" +dependencies = [ + "num_enum", +] + +[[package]] +name = "aya-obj" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2c02024a307161cf3d1f052161958fd13b1a33e3e038083e58082c0700fdab85" +dependencies = [ + "bytes", + "core-error", + "hashbrown 0.14.5", + "log", + "object 0.32.2", + "thiserror", +] + +[[package]] +name = "backtrace" +version = "0.3.73" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5cc23269a4f8976d0a4d2e7109211a419fe30e8d88d677cd60b6bc79c5732e0a" +dependencies = [ + "addr2line", + "cc", + "cfg-if", + "libc", + "miniz_oxide 0.7.4", + "object 0.36.3", + "rustc-demangle", +] + +[[package]] +name = "base64" +version = "0.22.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "72b3254f16251a8381aa12e40e3c4d2f0199f8c6508fbecb9d91f575e0fbb8c6" + +[[package]] +name = "bitflags" +version = "2.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b048fb63fd8b5923fc5aa7b340d8e156aec7ec02f0c78fa8a6ddc2613f6f71de" + +[[package]] +name = "bumpalo" +version = "3.17.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1628fb46dfa0b37568d12e5edd512553eccf6a22a78e8bde00bb4aed84d5bdbf" + +[[package]] +name = "bytes" +version = "1.7.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8318a53db07bb3f8dca91a600466bdb3f2eaadeedfdbcf02e1accbad9271ba50" + +[[package]] +name = "cc" +version = "1.1.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "504bdec147f2cc13c8b57ed9401fd8a147cc66b67ad5cb241394244f2c947549" + +[[package]] +name = "cfg-if" +version = "1.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" + +[[package]] +name = "chrono" +version = "0.4.40" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1a7964611d71df112cb1730f2ee67324fcf4d0fc6606acbbe9bfe06df124637c" +dependencies = [ + "android-tzdata", + "iana-time-zone", + "js-sys", + "num-traits", + "serde", + "wasm-bindgen", + "windows-link", +] + +[[package]] +name = "clap" +version = "4.5.15" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "11d8838454fda655dafd3accb2b6e2bea645b9e4078abe84a22ceb947235c5cc" +dependencies = [ + "clap_builder", + "clap_derive", +] + +[[package]] +name = "clap_builder" +version = "4.5.15" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "216aec2b177652e3846684cbfe25c9964d18ec45234f0f5da5157b207ed1aab6" +dependencies = [ + "anstream", + "anstyle", + "clap_lex", + "strsim", +] + +[[package]] +name = "clap_derive" +version = "4.5.13" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "501d359d5f3dcaf6ecdeee48833ae73ec6e42723a1e52419c79abf9507eec0a0" +dependencies = [ + "heck", + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "clap_lex" +version = "0.7.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1462739cb27611015575c0c11df5df7601141071f07518d56fcc1be504cbec97" + +[[package]] +name = "colorchoice" +version = "1.0.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d3fd119d74b830634cea2a0f58bbd0d54540518a14397557951e79340abc28c0" + +[[package]] +name = "core-error" +version = "0.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "efcdb2972eb64230b4c50646d8498ff73f5128d196a90c7236eec4cbe8619b8f" +dependencies = [ + "version_check", +] + +[[package]] +name = "core-foundation" +version = "0.9.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "91e195e091a93c46f7102ec7818a2aa394e1e1771c3ab4825963fa03e45afb8f" +dependencies = [ + "core-foundation-sys", + "libc", +] + +[[package]] +name = "core-foundation-sys" +version = "0.8.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "773648b94d0e5d620f64f280777445740e61fe701025087ec8b57f45c791888b" + +[[package]] +name = "crc32fast" +version = "1.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a97769d94ddab943e4510d138150169a2758b5ef3eb191a9ee688de3e23ef7b3" +dependencies = [ + "cfg-if", +] + +[[package]] +name = "darling" +version = "0.20.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6f63b86c8a8826a49b8c21f08a2d07338eec8d900540f8630dc76284be802989" +dependencies = [ + "darling_core", + "darling_macro", +] + +[[package]] +name = "darling_core" +version = "0.20.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "95133861a8032aaea082871032f5815eb9e98cef03fa916ab4500513994df9e5" +dependencies = [ + "fnv", + "ident_case", + "proc-macro2", + "quote", + "strsim", + "syn", +] + +[[package]] +name = "darling_macro" +version = "0.20.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d336a2a514f6ccccaa3e09b02d41d35330c07ddf03a62165fcec10bb561c7806" +dependencies = [ + "darling_core", + "quote", + "syn", +] + +[[package]] +name = "deranged" +version = "0.3.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b42b6fa04a440b495c8b04d0e71b707c585f83cb9cb28cf8cd0d976c315e31b4" +dependencies = [ + "powerfmt", + "serde", +] + +[[package]] +name = "displaydoc" +version = "0.2.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "97369cbbc041bc366949bc74d34658d6cda5621039731c6310521892a3a20ae0" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "dyn-clone" +version = "1.0.19" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1c7a8fb8a9fbf66c1f703fe16184d10ca0ee9d23be5b4436400408ba54a95005" + +[[package]] +name = "elasticsearch" +version = "8.17.0-alpha.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "52be486463ef0b89e45191803db146387d5f594c26a0c8790807bb3e988ec5f6" +dependencies = [ + "base64", + "bytes", + "dyn-clone", + "flate2", + "lazy_static", + "percent-encoding", + "reqwest", + "rustc_version", + "serde", + "serde_json", + "serde_with", + "tokio", + "url", + "void", +] + +[[package]] +name = "env_logger" +version = "0.10.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4cd405aab171cb85d6735e5c8d9db038c17d3ca007a4d2c25f337935c3d90580" +dependencies = [ + "humantime", + "is-terminal", + "log", + "regex", + "termcolor", +] + +[[package]] +name = "equivalent" +version = "1.0.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "877a4ace8713b0bcf2a4e7eec82529c029f1d0619886d18145fea96c3ffe5c0f" + +[[package]] +name = "errno" +version = "0.3.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "33d852cb9b869c2a9b3df2f71a3074817f01e1844f839a144f5fcef059a4eb5d" +dependencies = [ + "libc", + "windows-sys 0.59.0", +] + +[[package]] +name = "fastrand" +version = "2.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "37909eebbb50d72f9059c3b6d82c0463f2ff062c9e95845c43a6c9c0355411be" + +[[package]] +name = "flate2" +version = "1.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "11faaf5a5236997af9848be0bef4db95824b1d534ebc64d0f0c6cf3e67bd38dc" +dependencies = [ + "crc32fast", + "miniz_oxide 0.8.5", +] + +[[package]] +name = "fnv" +version = "1.0.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3f9eec918d3f24069decb9af1554cad7c880e2da24a9afd88aca000531ab82c1" + +[[package]] +name = "foreign-types" +version = "0.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f6f339eb8adc052cd2ca78910fda869aefa38d22d5cb648e6485e4d3fc06f3b1" +dependencies = [ + "foreign-types-shared", +] + +[[package]] +name = "foreign-types-shared" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "00b0228411908ca8685dba7fc2cdd70ec9990a6e753e89b6ac91a84c40fbaf4b" + +[[package]] +name = "form_urlencoded" +version = "1.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e13624c2627564efccf4934284bdd98cbaa14e79b0b5a141218e507b3a823456" +dependencies = [ + "percent-encoding", +] + +[[package]] +name = "futures-channel" +version = "0.3.31" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2dff15bf788c671c1934e366d07e30c1814a8ef514e1af724a602e8a2fbe1b10" +dependencies = [ + "futures-core", +] + +[[package]] +name = "futures-core" +version = "0.3.31" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "05f29059c0c2090612e8d742178b0580d2dc940c837851ad723096f87af6663e" + +[[package]] +name = "futures-sink" +version = "0.3.31" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e575fab7d1e0dcb8d0c7bcf9a63ee213816ab51902e6d244a95819acacf1d4f7" + +[[package]] +name = "futures-task" +version = "0.3.31" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f90f7dce0722e95104fcb095585910c0977252f286e354b5e3bd38902cd99988" + +[[package]] +name = "futures-util" +version = "0.3.31" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9fa08315bb612088cc391249efdc3bc77536f16c91f6cf495e6fbe85b20a4a81" +dependencies = [ + "futures-core", + "futures-task", + "pin-project-lite", + "pin-utils", +] + +[[package]] +name = "gimli" +version = "0.29.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "40ecd4077b5ae9fd2e9e169b102c6c330d0605168eb0e8bf79952b256dbefffd" + +[[package]] +name = "hashbrown" +version = "0.12.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8a9ee70c43aaf417c914396645a0fa852624801b24ebb7ae78fe8272889ac888" + +[[package]] +name = "hashbrown" +version = "0.14.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e5274423e17b7c9fc20b6e7e208532f9b19825d82dfd615708b70edd83df41f1" +dependencies = [ + "ahash", + "allocator-api2", +] + +[[package]] +name = "hashbrown" +version = "0.15.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bf151400ff0baff5465007dd2f3e717f3fe502074ca563069ce3a6629d07b289" + +[[package]] +name = "heck" +version = "0.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2304e00983f87ffb38b55b444b5e3b60a884b5d30c0fca7d82fe33449bbe55ea" + +[[package]] +name = "hermit-abi" +version = "0.3.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d231dfb89cfffdbc30e7fc41579ed6066ad03abda9e567ccafae602b97ec5024" + +[[package]] +name = "hex" +version = "0.4.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7f24254aa9a54b5c858eaee2f5bccdb46aaf0e486a595ed5fd8f86ba55232a70" + +[[package]] +name = "http" +version = "1.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f4a85d31aea989eead29a3aaf9e1115a180df8282431156e533de47660892565" +dependencies = [ + "bytes", + "fnv", + "itoa", +] + +[[package]] +name = "http-body" +version = "1.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1efedce1fb8e6913f23e0c92de8e62cd5b772a67e7b3946df930a62566c93184" +dependencies = [ + "bytes", + "http", +] + +[[package]] +name = "http-body-util" +version = "0.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b021d93e26becf5dc7e1b75b1bed1fd93124b374ceb73f43d4d4eafec896a64a" +dependencies = [ + "bytes", + "futures-core", + "http", + "http-body", + "pin-project-lite", +] + +[[package]] +name = "httparse" +version = "1.10.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6dbf3de79e51f3d586ab4cb9d5c3e2c14aa28ed23d180cf89b4df0454a69cc87" + +[[package]] +name = "humantime" +version = "2.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9a3a5bfb195931eeb336b2a7b4d761daec841b97f947d34394601737a7bba5e4" + +[[package]] +name = "hyper" +version = "1.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cc2b571658e38e0c01b1fdca3bbbe93c00d3d71693ff2770043f8c29bc7d6f80" +dependencies = [ + "bytes", + "futures-channel", + "futures-util", + "http", + "http-body", + "httparse", + "itoa", + "pin-project-lite", + "smallvec", + "tokio", + "want", +] + +[[package]] +name = "hyper-tls" +version = "0.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "70206fc6890eaca9fde8a0bf71caa2ddfc9fe045ac9e5c70df101a7dbde866e0" +dependencies = [ + "bytes", + "http-body-util", + "hyper", + "hyper-util", + "native-tls", + "tokio", + "tokio-native-tls", + "tower-service", +] + +[[package]] +name = "hyper-util" +version = "0.1.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "df2dcfbe0677734ab2f3ffa7fa7bfd4706bfdc1ef393f2ee30184aed67e631b4" +dependencies = [ + "bytes", + "futures-channel", + "futures-util", + "http", + "http-body", + "hyper", + "pin-project-lite", + "socket2", + "tokio", + "tower-service", + "tracing", +] + +[[package]] +name = "iana-time-zone" +version = "0.1.61" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "235e081f3925a06703c2d0117ea8b91f042756fd6e7a6e5d901e8ca1a996b220" +dependencies = [ + "android_system_properties", + "core-foundation-sys", + "iana-time-zone-haiku", + "js-sys", + "wasm-bindgen", + "windows-core", +] + +[[package]] +name = "iana-time-zone-haiku" +version = "0.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f31827a206f56af32e590ba56d5d2d085f558508192593743f16b2306495269f" +dependencies = [ + "cc", +] + +[[package]] +name = "icu_collections" +version = "1.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "db2fa452206ebee18c4b5c2274dbf1de17008e874b4dc4f0aea9d01ca79e4526" +dependencies = [ + "displaydoc", + "yoke", + "zerofrom", + "zerovec", +] + +[[package]] +name = "icu_locid" +version = "1.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "13acbb8371917fc971be86fc8057c41a64b521c184808a698c02acc242dbf637" +dependencies = [ + "displaydoc", + "litemap", + "tinystr", + "writeable", + "zerovec", +] + +[[package]] +name = "icu_locid_transform" +version = "1.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "01d11ac35de8e40fdeda00d9e1e9d92525f3f9d887cdd7aa81d727596788b54e" +dependencies = [ + "displaydoc", + "icu_locid", + "icu_locid_transform_data", + "icu_provider", + "tinystr", + "zerovec", +] + +[[package]] +name = "icu_locid_transform_data" +version = "1.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fdc8ff3388f852bede6b579ad4e978ab004f139284d7b28715f773507b946f6e" + +[[package]] +name = "icu_normalizer" +version = "1.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "19ce3e0da2ec68599d193c93d088142efd7f9c5d6fc9b803774855747dc6a84f" +dependencies = [ + "displaydoc", + "icu_collections", + "icu_normalizer_data", + "icu_properties", + "icu_provider", + "smallvec", + "utf16_iter", + "utf8_iter", + "write16", + "zerovec", +] + +[[package]] +name = "icu_normalizer_data" +version = "1.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f8cafbf7aa791e9b22bec55a167906f9e1215fd475cd22adfcf660e03e989516" + +[[package]] +name = "icu_properties" +version = "1.5.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "93d6020766cfc6302c15dbbc9c8778c37e62c14427cb7f6e601d849e092aeef5" +dependencies = [ + "displaydoc", + "icu_collections", + "icu_locid_transform", + "icu_properties_data", + "icu_provider", + "tinystr", + "zerovec", +] + +[[package]] +name = "icu_properties_data" +version = "1.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "67a8effbc3dd3e4ba1afa8ad918d5684b8868b3b26500753effea8d2eed19569" + +[[package]] +name = "icu_provider" +version = "1.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6ed421c8a8ef78d3e2dbc98a973be2f3770cb42b606e3ab18d6237c4dfde68d9" +dependencies = [ + "displaydoc", + "icu_locid", + "icu_provider_macros", + "stable_deref_trait", + "tinystr", + "writeable", + "yoke", + "zerofrom", + "zerovec", +] + +[[package]] +name = "icu_provider_macros" +version = "1.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1ec89e9337638ecdc08744df490b221a7399bf8d164eb52a665454e60e075ad6" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "ident_case" +version = "1.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b9e0384b61958566e926dc50660321d12159025e767c18e043daf26b70104c39" + +[[package]] +name = "idna" +version = "1.0.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "686f825264d630750a544639377bae737628043f20d38bbc029e8f29ea968a7e" +dependencies = [ + "idna_adapter", + "smallvec", + "utf8_iter", +] + +[[package]] +name = "idna_adapter" +version = "1.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "daca1df1c957320b2cf139ac61e7bd64fed304c5040df000a745aa1de3b4ef71" +dependencies = [ + "icu_normalizer", + "icu_properties", +] + +[[package]] +name = "indexmap" +version = "1.9.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bd070e393353796e801d209ad339e89596eb4c8d430d18ede6a1cced8fafbd99" +dependencies = [ + "autocfg", + "hashbrown 0.12.3", + "serde", +] + +[[package]] +name = "indexmap" +version = "2.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3954d50fe15b02142bf25d3b8bdadb634ec3948f103d04ffe3031bc8fe9d7058" +dependencies = [ + "equivalent", + "hashbrown 0.15.2", + "serde", +] + +[[package]] +name = "ipnet" +version = "2.11.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "469fb0b9cefa57e3ef31275ee7cacb78f2fdca44e4765491884a2b119d4eb130" + +[[package]] +name = "is-terminal" +version = "0.4.12" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f23ff5ef2b80d608d61efee834934d862cd92461afc0560dedf493e4c033738b" +dependencies = [ + "hermit-abi", + "libc", + "windows-sys 0.52.0", +] + +[[package]] +name = "is_terminal_polyfill" +version = "1.70.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7943c866cc5cd64cbc25b2e01621d07fa8eb2a1a23160ee81ce38704e97b8ecf" + +[[package]] +name = "itoa" +version = "1.0.15" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4a5f13b858c8d314ee3e8f639011f7ccefe71f97f96e50151fb991f267928e2c" + +[[package]] +name = "js-sys" +version = "0.3.77" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1cfaf33c695fc6e08064efbc1f72ec937429614f25eef83af942d0e227c3a28f" +dependencies = [ + "once_cell", + "wasm-bindgen", +] + +[[package]] +name = "lazy_static" +version = "1.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bbd2bcb4c963f2ddae06a2efc7e9f3591312473c50c6685e1f298068316e66fe" + +[[package]] +name = "libc" +version = "0.2.155" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "97b3888a4aecf77e811145cadf6eef5901f4782c53886191b2f693f24761847c" + +[[package]] +name = "linux-raw-sys" +version = "0.4.15" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d26c52dbd32dccf2d10cac7725f8eae5296885fb5703b261f7d0a0739ec807ab" + +[[package]] +name = "litemap" +version = "0.7.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "23fb14cb19457329c82206317a5663005a4d404783dc74f4252769b0d5f42856" + +[[package]] +name = "log" +version = "0.4.22" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a7a70ba024b9dc04c27ea2f0c0548feb474ec5c54bba33a7f72f873a39d07b24" + +[[package]] +name = "memchr" +version = "2.7.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "78ca9ab1a0babb1e7d5695e3530886289c18cf2f87ec19a575a0abdce112e3a3" + +[[package]] +name = "mime" +version = "0.3.17" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6877bb514081ee2a7ff5ef9de3281f14a4dd4bceac4c09388074a6b5df8a139a" + +[[package]] +name = "miniz_oxide" +version = "0.7.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b8a240ddb74feaf34a79a7add65a741f3167852fba007066dcac1ca548d89c08" +dependencies = [ + "adler", +] + +[[package]] +name = "miniz_oxide" +version = "0.8.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8e3e04debbb59698c15bacbb6d93584a8c0ca9cc3213cb423d31f760d8843ce5" +dependencies = [ + "adler2", +] + +[[package]] +name = "mio" +version = "1.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4569e456d394deccd22ce1c1913e6ea0e54519f577285001215d33557431afe4" +dependencies = [ + "hermit-abi", + "libc", + "wasi", + "windows-sys 0.52.0", +] + +[[package]] +name = "native-tls" +version = "0.2.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "87de3442987e9dbec73158d5c715e7ad9072fda936bb03d19d7fa10e00520f0e" +dependencies = [ + "libc", + "log", + "openssl", + "openssl-probe", + "openssl-sys", + "schannel", + "security-framework", + "security-framework-sys", + "tempfile", +] + +[[package]] +name = "net-logger" +version = "0.1.0" +dependencies = [ + "anyhow", + "aya", + "aya-log", + "bytes", + "chrono", + "clap", + "elasticsearch", + "env_logger", + "libc", + "log", + "net-logger-common", + "network-types", + "serde", + "serde_json", + "tokio", +] + +[[package]] +name = "net-logger-common" +version = "0.1.0" +dependencies = [ + "aya", + "network-types", +] + +[[package]] +name = "network-types" +version = "0.0.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "41b13eba62f530cd2ea031938ac4472b9b649694baa1e587c2a2fadc07844d3c" + +[[package]] +name = "num-conv" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "51d515d32fb182ee37cda2ccdcb92950d6a3c2893aa280e540671c2cd0f3b1d9" + +[[package]] +name = "num-traits" +version = "0.2.19" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "071dfc062690e90b734c0b2273ce72ad0ffa95f0c74596bc250dcfd960262841" +dependencies = [ + "autocfg", +] + +[[package]] +name = "num_enum" +version = "0.7.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4e613fc340b2220f734a8595782c551f1250e969d87d3be1ae0579e8d4065179" +dependencies = [ + "num_enum_derive", +] + +[[package]] +name = "num_enum_derive" +version = "0.7.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "af1844ef2428cc3e1cb900be36181049ef3d3193c63e43026cfe202983b27a56" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "object" +version = "0.32.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a6a622008b6e321afc04970976f62ee297fdbaa6f95318ca343e3eebb9648441" +dependencies = [ + "memchr", +] + +[[package]] +name = "object" +version = "0.36.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "27b64972346851a39438c60b341ebc01bba47464ae329e55cf343eb93964efd9" +dependencies = [ + "memchr", +] + +[[package]] +name = "once_cell" +version = "1.19.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3fdb12b2476b595f9358c5161aa467c2438859caa136dec86c26fdd2efe17b92" + +[[package]] +name = "openssl" +version = "0.10.71" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5e14130c6a98cd258fdcb0fb6d744152343ff729cbfcb28c656a9d12b999fbcd" +dependencies = [ + "bitflags", + "cfg-if", + "foreign-types", + "libc", + "once_cell", + "openssl-macros", + "openssl-sys", +] + +[[package]] +name = "openssl-macros" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a948666b637a0f465e8564c73e89d4dde00d72d4d473cc972f390fc3dcee7d9c" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "openssl-probe" +version = "0.1.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d05e27ee213611ffe7d6348b942e8f942b37114c00cc03cec254295a4a17852e" + +[[package]] +name = "openssl-sys" +version = "0.9.106" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8bb61ea9811cc39e3c2069f40b8b8e2e70d8569b361f879786cc7ed48b777cdd" +dependencies = [ + "cc", + "libc", + "pkg-config", + "vcpkg", +] + +[[package]] +name = "percent-encoding" +version = "2.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e3148f5046208a5d56bcfc03053e3ca6334e51da8dfb19b6cdc8b306fae3283e" + +[[package]] +name = "pin-project-lite" +version = "0.2.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bda66fc9667c18cb2758a2ac84d1167245054bcf85d5d1aaa6923f45801bdd02" + +[[package]] +name = "pin-utils" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8b870d8c151b6f2fb93e84a13146138f05d02ed11c7e7c54f8826aaaf7c9f184" + +[[package]] +name = "pkg-config" +version = "0.3.32" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7edddbd0b52d732b21ad9a5fab5c704c14cd949e5e9a1ec5929a24fded1b904c" + +[[package]] +name = "powerfmt" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "439ee305def115ba05938db6eb1644ff94165c5ab5e9420d1c1bcedbba909391" + +[[package]] +name = "proc-macro2" +version = "1.0.86" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5e719e8df665df0d1c8fbfd238015744736151d4445ec0836b8e628aae103b77" +dependencies = [ + "unicode-ident", +] + +[[package]] +name = "quote" +version = "1.0.36" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0fa76aaf39101c457836aec0ce2316dbdc3ab723cdda1c6bd4e6ad4208acaca7" +dependencies = [ + "proc-macro2", +] + +[[package]] +name = "regex" +version = "1.10.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4219d74c6b67a3654a9fbebc4b419e22126d13d2f3c4a07ee0cb61ff79a79619" +dependencies = [ + "aho-corasick", + "memchr", + "regex-automata", + "regex-syntax", +] + +[[package]] +name = "regex-automata" +version = "0.4.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "38caf58cc5ef2fed281f89292ef23f6365465ed9a41b7a7754eb4e26496c92df" +dependencies = [ + "aho-corasick", + "memchr", + "regex-syntax", +] + +[[package]] +name = "regex-syntax" +version = "0.8.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7a66a03ae7c801facd77a29370b4faec201768915ac14a721ba36f20bc9c209b" + +[[package]] +name = "reqwest" +version = "0.12.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "989e327e510263980e231de548a33e63d34962d29ae61b467389a1a09627a254" +dependencies = [ + "async-compression", + "base64", + "bytes", + "futures-core", + "futures-util", + "http", + "http-body", + "http-body-util", + "hyper", + "hyper-tls", + "hyper-util", + "ipnet", + "js-sys", + "log", + "mime", + "native-tls", + "once_cell", + "percent-encoding", + "pin-project-lite", + "rustls-pemfile", + "serde", + "serde_json", + "serde_urlencoded", + "sync_wrapper", + "tokio", + "tokio-native-tls", + "tokio-util", + "tower", + "tower-service", + "url", + "wasm-bindgen", + "wasm-bindgen-futures", + "web-sys", + "windows-registry", +] + +[[package]] +name = "rustc-demangle" +version = "0.1.24" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "719b953e2095829ee67db738b3bfa9fa368c94900df327b3f07fe6e794d2fe1f" + +[[package]] +name = "rustc_version" +version = "0.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cfcb3a22ef46e85b45de6ee7e79d063319ebb6594faafcf1c225ea92ab6e9b92" +dependencies = [ + "semver", +] + +[[package]] +name = "rustix" +version = "0.38.34" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "70dc5ec042f7a43c4a73241207cecc9873a06d45debb38b329f8541d85c2730f" +dependencies = [ + "bitflags", + "errno", + "libc", + "linux-raw-sys", + "windows-sys 0.52.0", +] + +[[package]] +name = "rustls-pemfile" +version = "2.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dce314e5fee3f39953d46bb63bb8a46d40c2f8fb7cc5a3b6cab2bde9721d6e50" +dependencies = [ + "rustls-pki-types", +] + +[[package]] +name = "rustls-pki-types" +version = "1.11.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "917ce264624a4b4db1c364dcc35bfca9ded014d0a958cd47ad3e960e988ea51c" + +[[package]] +name = "rustversion" +version = "1.0.20" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "eded382c5f5f786b989652c49544c4877d9f015cc22e145a5ea8ea66c2921cd2" + +[[package]] +name = "ryu" +version = "1.0.20" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "28d3b2b1366ec20994f1fd18c3c594f05c5dd4bc44d8bb0c1c632c8d6829481f" + +[[package]] +name = "schannel" +version = "0.1.27" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1f29ebaa345f945cec9fbbc532eb307f0fdad8161f281b6369539c8d84876b3d" +dependencies = [ + "windows-sys 0.59.0", +] + +[[package]] +name = "security-framework" +version = "2.11.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "897b2245f0b511c87893af39b033e5ca9cce68824c4d7e7630b5a1d339658d02" +dependencies = [ + "bitflags", + "core-foundation", + "core-foundation-sys", + "libc", + "security-framework-sys", +] + +[[package]] +name = "security-framework-sys" +version = "2.14.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "49db231d56a190491cb4aeda9527f1ad45345af50b0851622a7adb8c03b01c32" +dependencies = [ + "core-foundation-sys", + "libc", +] + +[[package]] +name = "semver" +version = "1.0.26" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "56e6fa9c48d24d85fb3de5ad847117517440f6beceb7798af16b4a87d616b8d0" + +[[package]] +name = "serde" +version = "1.0.219" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5f0e2c6ed6606019b4e29e69dbaba95b11854410e5347d525002456dbbb786b6" +dependencies = [ + "serde_derive", +] + +[[package]] +name = "serde_derive" +version = "1.0.219" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5b0276cf7f2c73365f7157c8123c21cd9a50fbbd844757af28ca1f5925fc2a00" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "serde_json" +version = "1.0.140" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "20068b6e96dc6c9bd23e01df8827e6c7e1f2fddd43c21810382803c136b99373" +dependencies = [ + "itoa", + "memchr", + "ryu", + "serde", +] + +[[package]] +name = "serde_urlencoded" +version = "0.7.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d3491c14715ca2294c4d6a88f15e84739788c1d030eed8c110436aafdaa2f3fd" +dependencies = [ + "form_urlencoded", + "itoa", + "ryu", + "serde", +] + +[[package]] +name = "serde_with" +version = "3.12.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d6b6f7f2fcb69f747921f79f3926bd1e203fce4fef62c268dd3abfb6d86029aa" +dependencies = [ + "base64", + "chrono", + "hex", + "indexmap 1.9.3", + "indexmap 2.8.0", + "serde", + "serde_derive", + "serde_json", + "serde_with_macros", + "time", +] + +[[package]] +name = "serde_with_macros" +version = "3.12.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8d00caa5193a3c8362ac2b73be6b9e768aa5a4b2f721d8f4b339600c3cb51f8e" +dependencies = [ + "darling", + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "signal-hook-registry" +version = "1.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a9e9e0b4211b72e7b8b6e85c807d36c212bdb33ea8587f7569562a84df5465b1" +dependencies = [ + "libc", +] + +[[package]] +name = "smallvec" +version = "1.14.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7fcf8323ef1faaee30a44a340193b1ac6814fd9b7b4e88e9d4519a3e4abe1cfd" + +[[package]] +name = "socket2" +version = "0.5.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ce305eb0b4296696835b71df73eb912e0f1ffd2556a501fcede6e0c50349191c" +dependencies = [ + "libc", + "windows-sys 0.52.0", +] + +[[package]] +name = "stable_deref_trait" +version = "1.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a8f112729512f8e442d81f95a8a7ddf2b7c6b8a1a6f509a95864142b30cab2d3" + +[[package]] +name = "strsim" +version = "0.11.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7da8b5736845d9f2fcb837ea5d9e2628564b3b043a70948a3f0b778838c5fb4f" + +[[package]] +name = "syn" +version = "2.0.87" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "25aa4ce346d03a6dcd68dd8b4010bcb74e54e62c90c573f394c46eae99aba32d" +dependencies = [ + "proc-macro2", + "quote", + "unicode-ident", +] + +[[package]] +name = "sync_wrapper" +version = "1.0.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0bf256ce5efdfa370213c1dabab5935a12e49f2c58d15e9eac2870d3b4f27263" +dependencies = [ + "futures-core", +] + +[[package]] +name = "synstructure" +version = "0.13.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c8af7666ab7b6390ab78131fb5b0fce11d6b7a6951602017c35fa82800708971" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "tempfile" +version = "3.12.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "04cbcdd0c794ebb0d4cf35e88edd2f7d2c4c3e9a5a6dab322839b321c6a87a64" +dependencies = [ + "cfg-if", + "fastrand", + "once_cell", + "rustix", + "windows-sys 0.59.0", +] + +[[package]] +name = "termcolor" +version = "1.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "06794f8f6c5c898b3275aebefa6b8a1cb24cd2c6c79397ab15774837a0bc5755" +dependencies = [ + "winapi-util", +] + +[[package]] +name = "thiserror" +version = "1.0.63" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c0342370b38b6a11b6cc11d6a805569958d54cfa061a29969c3b5ce2ea405724" +dependencies = [ + "thiserror-impl", +] + +[[package]] +name = "thiserror-impl" +version = "1.0.63" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a4558b58466b9ad7ca0f102865eccc95938dca1a74a856f2b57b6629050da261" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "time" +version = "0.3.39" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dad298b01a40a23aac4580b67e3dbedb7cc8402f3592d7f49469de2ea4aecdd8" +dependencies = [ + "deranged", + "itoa", + "num-conv", + "powerfmt", + "serde", + "time-core", + "time-macros", +] + +[[package]] +name = "time-core" +version = "0.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "765c97a5b985b7c11d7bc27fa927dc4fe6af3a6dfb021d28deb60d3bf51e76ef" + +[[package]] +name = "time-macros" +version = "0.2.20" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e8093bc3e81c3bc5f7879de09619d06c9a5a5e45ca44dfeeb7225bae38005c5c" +dependencies = [ + "num-conv", + "time-core", +] + +[[package]] +name = "tinystr" +version = "0.7.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9117f5d4db391c1cf6927e7bea3db74b9a1c1add8f7eda9ffd5364f40f57b82f" +dependencies = [ + "displaydoc", + "zerovec", +] + +[[package]] +name = "tokio" +version = "1.39.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "daa4fb1bc778bd6f04cbfc4bb2d06a7396a8f299dc33ea1900cedaa316f467b1" +dependencies = [ + "backtrace", + "bytes", + "libc", + "mio", + "pin-project-lite", + "signal-hook-registry", + "socket2", + "tokio-macros", + "windows-sys 0.52.0", +] + +[[package]] +name = "tokio-macros" +version = "2.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "693d596312e88961bc67d7f1f97af8a70227d9f90c31bba5806eec004978d752" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "tokio-native-tls" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bbae76ab933c85776efabc971569dd6119c580d8f5d448769dec1764bf796ef2" +dependencies = [ + "native-tls", + "tokio", +] + +[[package]] +name = "tokio-util" +version = "0.7.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6b9590b93e6fcc1739458317cccd391ad3955e2bde8913edf6f95f9e65a8f034" +dependencies = [ + "bytes", + "futures-core", + "futures-sink", + "pin-project-lite", + "tokio", +] + +[[package]] +name = "tower" +version = "0.5.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d039ad9159c98b70ecfd540b2573b97f7f52c3e8d9f8ad57a24b916a536975f9" +dependencies = [ + "futures-core", + "futures-util", + "pin-project-lite", + "sync_wrapper", + "tokio", + "tower-layer", + "tower-service", +] + +[[package]] +name = "tower-layer" +version = "0.3.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "121c2a6cda46980bb0fcd1647ffaf6cd3fc79a013de288782836f6df9c48780e" + +[[package]] +name = "tower-service" +version = "0.3.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8df9b6e13f2d32c91b9bd719c00d1958837bc7dec474d94952798cc8e69eeec3" + +[[package]] +name = "tracing" +version = "0.1.41" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "784e0ac535deb450455cbfa28a6f0df145ea1bb7ae51b821cf5e7927fdcfbdd0" +dependencies = [ + "pin-project-lite", + "tracing-core", +] + +[[package]] +name = "tracing-core" +version = "0.1.33" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e672c95779cf947c5311f83787af4fa8fffd12fb27e4993211a84bdfd9610f9c" +dependencies = [ + "once_cell", +] + +[[package]] +name = "try-lock" +version = "0.2.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e421abadd41a4225275504ea4d6566923418b7f05506fbc9c0fe86ba7396114b" + +[[package]] +name = "unicode-ident" +version = "1.0.12" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3354b9ac3fae1ff6755cb6db53683adb661634f67557942dea4facebec0fee4b" + +[[package]] +name = "url" +version = "2.5.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "32f8b686cadd1473f4bd0117a5d28d36b1ade384ea9b5069a1c40aefed7fda60" +dependencies = [ + "form_urlencoded", + "idna", + "percent-encoding", +] + +[[package]] +name = "utf16_iter" +version = "1.0.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c8232dd3cdaed5356e0f716d285e4b40b932ac434100fe9b7e0e8e935b9e6246" + +[[package]] +name = "utf8_iter" +version = "1.0.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b6c140620e7ffbb22c2dee59cafe6084a59b5ffc27a8859a5f0d494b5d52b6be" + +[[package]] +name = "utf8parse" +version = "0.2.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "06abde3611657adf66d383f00b093d7faecc7fa57071cce2578660c9f1010821" + +[[package]] +name = "vcpkg" +version = "0.2.15" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "accd4ea62f7bb7a82fe23066fb0957d48ef677f6eeb8215f372f52e48bb32426" + +[[package]] +name = "version_check" +version = "0.9.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0b928f33d975fc6ad9f86c8f283853ad26bdd5b10b7f1542aa2fa15e2289105a" + +[[package]] +name = "void" +version = "1.0.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6a02e4885ed3bc0f2de90ea6dd45ebcbb66dacffe03547fadbb0eeae2770887d" + +[[package]] +name = "want" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bfa7760aed19e106de2c7c0b581b509f2f25d3dacaf737cb82ac61bc6d760b0e" +dependencies = [ + "try-lock", +] + +[[package]] +name = "wasi" +version = "0.11.0+wasi-snapshot-preview1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423" + +[[package]] +name = "wasm-bindgen" +version = "0.2.100" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1edc8929d7499fc4e8f0be2262a241556cfc54a0bea223790e71446f2aab1ef5" +dependencies = [ + "cfg-if", + "once_cell", + "rustversion", + "wasm-bindgen-macro", +] + +[[package]] +name = "wasm-bindgen-backend" +version = "0.2.100" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2f0a0651a5c2bc21487bde11ee802ccaf4c51935d0d3d42a6101f98161700bc6" +dependencies = [ + "bumpalo", + "log", + "proc-macro2", + "quote", + "syn", + "wasm-bindgen-shared", +] + +[[package]] +name = "wasm-bindgen-futures" +version = "0.4.50" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "555d470ec0bc3bb57890405e5d4322cc9ea83cebb085523ced7be4144dac1e61" +dependencies = [ + "cfg-if", + "js-sys", + "once_cell", + "wasm-bindgen", + "web-sys", +] + +[[package]] +name = "wasm-bindgen-macro" +version = "0.2.100" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7fe63fc6d09ed3792bd0897b314f53de8e16568c2b3f7982f468c0bf9bd0b407" +dependencies = [ + "quote", + "wasm-bindgen-macro-support", +] + +[[package]] +name = "wasm-bindgen-macro-support" +version = "0.2.100" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8ae87ea40c9f689fc23f209965b6fb8a99ad69aeeb0231408be24920604395de" +dependencies = [ + "proc-macro2", + "quote", + "syn", + "wasm-bindgen-backend", + "wasm-bindgen-shared", +] + +[[package]] +name = "wasm-bindgen-shared" +version = "0.2.100" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1a05d73b933a847d6cccdda8f838a22ff101ad9bf93e33684f39c1f5f0eece3d" +dependencies = [ + "unicode-ident", +] + +[[package]] +name = "web-sys" +version = "0.3.77" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "33b6dd2ef9186f1f2072e409e99cd22a975331a6b3591b12c764e0e55c60d5d2" +dependencies = [ + "js-sys", + "wasm-bindgen", +] + +[[package]] +name = "winapi-util" +version = "0.1.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cf221c93e13a30d793f7645a0e7762c55d169dbb0a49671918a2319d289b10bb" +dependencies = [ + "windows-sys 0.59.0", +] + +[[package]] +name = "windows-core" +version = "0.52.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "33ab640c8d7e35bf8ba19b884ba838ceb4fba93a4e8c65a9059d08afcfc683d9" +dependencies = [ + "windows-targets 0.52.6", +] + +[[package]] +name = "windows-link" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6dccfd733ce2b1753b03b6d3c65edf020262ea35e20ccdf3e288043e6dd620e3" + +[[package]] +name = "windows-registry" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4286ad90ddb45071efd1a66dfa43eb02dd0dfbae1545ad6cc3c51cf34d7e8ba3" +dependencies = [ + "windows-result", + "windows-strings", + "windows-targets 0.53.0", +] + +[[package]] +name = "windows-result" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "06374efe858fab7e4f881500e6e86ec8bc28f9462c47e5a9941a0142ad86b189" +dependencies = [ + "windows-link", +] + +[[package]] +name = "windows-strings" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "87fa48cc5d406560701792be122a10132491cff9d0aeb23583cc2dcafc847319" +dependencies = [ + "windows-link", +] + +[[package]] +name = "windows-sys" +version = "0.52.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "282be5f36a8ce781fad8c8ae18fa3f9beff57ec1b52cb3de0789201425d9a33d" +dependencies = [ + "windows-targets 0.52.6", +] + +[[package]] +name = "windows-sys" +version = "0.59.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1e38bc4d79ed67fd075bcc251a1c39b32a1776bbe92e5bef1f0bf1f8c531853b" +dependencies = [ + "windows-targets 0.52.6", +] + +[[package]] +name = "windows-targets" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9b724f72796e036ab90c1021d4780d4d3d648aca59e491e6b98e725b84e99973" +dependencies = [ + "windows_aarch64_gnullvm 0.52.6", + "windows_aarch64_msvc 0.52.6", + "windows_i686_gnu 0.52.6", + "windows_i686_gnullvm 0.52.6", + "windows_i686_msvc 0.52.6", + "windows_x86_64_gnu 0.52.6", + "windows_x86_64_gnullvm 0.52.6", + "windows_x86_64_msvc 0.52.6", +] + +[[package]] +name = "windows-targets" +version = "0.53.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b1e4c7e8ceaaf9cb7d7507c974735728ab453b67ef8f18febdd7c11fe59dca8b" +dependencies = [ + "windows_aarch64_gnullvm 0.53.0", + "windows_aarch64_msvc 0.53.0", + "windows_i686_gnu 0.53.0", + "windows_i686_gnullvm 0.53.0", + "windows_i686_msvc 0.53.0", + "windows_x86_64_gnu 0.53.0", + "windows_x86_64_gnullvm 0.53.0", + "windows_x86_64_msvc 0.53.0", +] + +[[package]] +name = "windows_aarch64_gnullvm" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "32a4622180e7a0ec044bb555404c800bc9fd9ec262ec147edd5989ccd0c02cd3" + +[[package]] +name = "windows_aarch64_gnullvm" +version = "0.53.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "86b8d5f90ddd19cb4a147a5fa63ca848db3df085e25fee3cc10b39b6eebae764" + +[[package]] +name = "windows_aarch64_msvc" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "09ec2a7bb152e2252b53fa7803150007879548bc709c039df7627cabbd05d469" + +[[package]] +name = "windows_aarch64_msvc" +version = "0.53.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c7651a1f62a11b8cbd5e0d42526e55f2c99886c77e007179efff86c2b137e66c" + +[[package]] +name = "windows_i686_gnu" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8e9b5ad5ab802e97eb8e295ac6720e509ee4c243f69d781394014ebfe8bbfa0b" + +[[package]] +name = "windows_i686_gnu" +version = "0.53.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c1dc67659d35f387f5f6c479dc4e28f1d4bb90ddd1a5d3da2e5d97b42d6272c3" + +[[package]] +name = "windows_i686_gnullvm" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0eee52d38c090b3caa76c563b86c3a4bd71ef1a819287c19d586d7334ae8ed66" + +[[package]] +name = "windows_i686_gnullvm" +version = "0.53.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9ce6ccbdedbf6d6354471319e781c0dfef054c81fbc7cf83f338a4296c0cae11" + +[[package]] +name = "windows_i686_msvc" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "240948bc05c5e7c6dabba28bf89d89ffce3e303022809e73deaefe4f6ec56c66" + +[[package]] +name = "windows_i686_msvc" +version = "0.53.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "581fee95406bb13382d2f65cd4a908ca7b1e4c2f1917f143ba16efe98a589b5d" + +[[package]] +name = "windows_x86_64_gnu" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "147a5c80aabfbf0c7d901cb5895d1de30ef2907eb21fbbab29ca94c5b08b1a78" + +[[package]] +name = "windows_x86_64_gnu" +version = "0.53.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2e55b5ac9ea33f2fc1716d1742db15574fd6fc8dadc51caab1c16a3d3b4190ba" + +[[package]] +name = "windows_x86_64_gnullvm" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "24d5b23dc417412679681396f2b49f3de8c1473deb516bd34410872eff51ed0d" + +[[package]] +name = "windows_x86_64_gnullvm" +version = "0.53.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0a6e035dd0599267ce1ee132e51c27dd29437f63325753051e71dd9e42406c57" + +[[package]] +name = "windows_x86_64_msvc" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "589f6da84c646204747d1270a2a5661ea66ed1cced2631d546fdfb155959f9ec" + +[[package]] +name = "windows_x86_64_msvc" +version = "0.53.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "271414315aff87387382ec3d271b52d7ae78726f5d44ac98b4f4030c91880486" + +[[package]] +name = "write16" +version = "1.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d1890f4022759daae28ed4fe62859b1236caebfc61ede2f63ed4e695f3f6d936" + +[[package]] +name = "writeable" +version = "0.5.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1e9df38ee2d2c3c5948ea468a8406ff0db0b29ae1ffde1bcf20ef305bcc95c51" + +[[package]] +name = "xtask" +version = "0.1.0" +dependencies = [ + "anyhow", + "clap", +] + +[[package]] +name = "yoke" +version = "0.7.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "120e6aef9aa629e3d4f52dc8cc43a015c7724194c97dfaf45180d2daf2b77f40" +dependencies = [ + "serde", + "stable_deref_trait", + "yoke-derive", + "zerofrom", +] + +[[package]] +name = "yoke-derive" +version = "0.7.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2380878cad4ac9aac1e2435f3eb4020e8374b5f13c296cb75b4620ff8e229154" +dependencies = [ + "proc-macro2", + "quote", + "syn", + "synstructure", +] + +[[package]] +name = "zerocopy" +version = "0.7.35" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1b9b4fd18abc82b8136838da5d50bae7bdea537c574d8dc1a34ed098d6c166f0" +dependencies = [ + "zerocopy-derive", +] + +[[package]] +name = "zerocopy-derive" +version = "0.7.35" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fa4f8080344d4671fb4e831a13ad1e68092748387dfc4f55e356242fae12ce3e" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "zerofrom" +version = "0.1.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "50cc42e0333e05660c3587f3bf9d0478688e15d870fab3346451ce7f8c9fbea5" +dependencies = [ + "zerofrom-derive", +] + +[[package]] +name = "zerofrom-derive" +version = "0.1.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d71e5d6e06ab090c67b5e44993ec16b72dcbaabc526db883a360057678b48502" +dependencies = [ + "proc-macro2", + "quote", + "syn", + "synstructure", +] + +[[package]] +name = "zerovec" +version = "0.10.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "aa2b893d79df23bfb12d5461018d408ea19dfafe76c2c7ef6d4eba614f8ff079" +dependencies = [ + "yoke", + "zerofrom", + "zerovec-derive", +] + +[[package]] +name = "zerovec-derive" +version = "0.10.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6eafa6dfb17584ea3e2bd6e76e0cc15ad7af12b09abdd1ca55961bed9b1063c6" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] diff --git a/Cargo.toml b/Cargo.toml new file mode 100644 index 0000000..2818b35 --- /dev/null +++ b/Cargo.toml @@ -0,0 +1,3 @@ +[workspace] +resolver = "2" +members = ["xtask", "net-logger", "net-logger-common"] diff --git a/README.md b/README.md new file mode 100644 index 0000000..1a785f9 --- /dev/null +++ b/README.md @@ -0,0 +1,41 @@ +# net2elk +## network tool for generate logs in elasticsearch as tcpdump + +Project developed exclusively for educational purposes, use at your own risk + +To configure the elasticsearch acces edit the file _net-logger/src/elk/elasticsearch.rs_ + +## Prerequisites + +1. Install bpf-linker: `cargo install bpf-linker` + +## Build eBPF + +```bash +cargo xtask build-ebpf +``` + +To perform a release build you can use the `--release` flag. +You may also change the target architecture with the `--target` flag. + +## Build Userspace + +```bash +cargo build +``` + +## Build eBPF and Userspace + +```bash +cargo xtask build +``` + +## Run + +```bash +RUST_LOG=info cargo xtask run +``` + +## elasticsearch + +To configure the elasticsearch acces edit the file _net-logger/src/elk/elasticsearch.rs_ diff --git a/net-logger-common/Cargo.toml b/net-logger-common/Cargo.toml new file mode 100644 index 0000000..a5288de --- /dev/null +++ b/net-logger-common/Cargo.toml @@ -0,0 +1,15 @@ +[package] +name = "net-logger-common" +version = "0.1.0" +edition = "2021" + +[features] +default = [] +user = ["aya"] + +[dependencies] +aya = { version = "0.12", optional = true } +network-types = "0.0.6" + +[lib] +path = "src/lib.rs" diff --git a/net-logger-common/src/lib.rs b/net-logger-common/src/lib.rs new file mode 100644 index 0000000..207bde9 --- /dev/null +++ b/net-logger-common/src/lib.rs @@ -0,0 +1,18 @@ +#![no_std] +use network_types::ip::{in6_addr, IpProto}; +use network_types::eth::EtherType; +use core::net::Ipv6Addr; + +#[derive(Clone, Copy)] +#[repr(C)] +pub struct Event { + pub ipv: EtherType, + pub source_port: u16, + pub source_ipv4: u32, + pub source_ipv6: Ipv6Addr, + pub dest_port: u16, + pub dest_ipv4: u32, + pub dest_ipv6: Ipv6Addr, + pub len: u16, + pub proto: IpProto, +} diff --git a/net-logger-ebpf/.cargo/config.toml b/net-logger-ebpf/.cargo/config.toml new file mode 100644 index 0000000..4302a7f --- /dev/null +++ b/net-logger-ebpf/.cargo/config.toml @@ -0,0 +1,6 @@ +[build] +target-dir = "../target" +target = "bpfel-unknown-none" + +[unstable] +build-std = ["core"] diff --git a/net-logger-ebpf/.helix/config.toml b/net-logger-ebpf/.helix/config.toml new file mode 100644 index 0000000..da5424f --- /dev/null +++ b/net-logger-ebpf/.helix/config.toml @@ -0,0 +1,2 @@ +[editor] +workspace-lsp-roots = [] diff --git a/net-logger-ebpf/.vim/coc-settings.json b/net-logger-ebpf/.vim/coc-settings.json new file mode 100644 index 0000000..e2211a6 --- /dev/null +++ b/net-logger-ebpf/.vim/coc-settings.json @@ -0,0 +1,4 @@ +{ + "rust-analyzer.cargo.target": "bpfel-unknown-none", + "rust-analyzer.checkOnSave.allTargets": false +} diff --git a/net-logger-ebpf/.vscode/settings.json b/net-logger-ebpf/.vscode/settings.json new file mode 100644 index 0000000..e2211a6 --- /dev/null +++ b/net-logger-ebpf/.vscode/settings.json @@ -0,0 +1,4 @@ +{ + "rust-analyzer.cargo.target": "bpfel-unknown-none", + "rust-analyzer.checkOnSave.allTargets": false +} diff --git a/net-logger-ebpf/Cargo.lock b/net-logger-ebpf/Cargo.lock new file mode 100644 index 0000000..c0bc6d8 --- /dev/null +++ b/net-logger-ebpf/Cargo.lock @@ -0,0 +1,197 @@ +# This file is automatically @generated by Cargo. +# It is not intended for manual editing. +version = 3 + +[[package]] +name = "aya-ebpf" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b7318de0c49a17873182763831cb22f74fb30d04e2eb7e6d7b7e9b7d86d70ed3" +dependencies = [ + "aya-ebpf-bindings", + "aya-ebpf-cty", + "aya-ebpf-macros", + "rustversion", +] + +[[package]] +name = "aya-ebpf-bindings" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a8536b7e39b232ecd854e587f473ba15640c09afc3e08408fc28144a7404ae75" +dependencies = [ + "aya-ebpf-cty", +] + +[[package]] +name = "aya-ebpf-cty" +version = "0.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d5c130d898322b9698937465b3b749095dae85dba0da4ee648235947eb95738d" + +[[package]] +name = "aya-ebpf-macros" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ce7820cc83547582284a140ffbdd46ab527d7ee2d9d0cfedf3f184fad3f8e15c" +dependencies = [ + "proc-macro-error", + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "aya-log-common" +version = "0.1.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b6d38a351ee2d5dc24e04cac6184b1b39408642d9a8b585892c99146f8dd4edb" +dependencies = [ + "num_enum", +] + +[[package]] +name = "aya-log-ebpf" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2a10bbadd0829895a91eb1cd2bb02d7af145704087f03812bed60cb9fe65dbb3" +dependencies = [ + "aya-ebpf", + "aya-log-common", + "aya-log-ebpf-macros", +] + +[[package]] +name = "aya-log-ebpf-macros" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f6d8251a75f56077db51892041aa6b77c70ef2723845d7a210979700b2f01bc4" +dependencies = [ + "aya-log-common", + "aya-log-parser", + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "aya-log-parser" +version = "0.1.13" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "14b102eb5c88c9aa0b49102d3fbcee08ecb0dfa81014f39b373311de7a7032cb" +dependencies = [ + "aya-log-common", +] + +[[package]] +name = "net-logger-common" +version = "0.1.0" +dependencies = [ + "network-types", +] + +[[package]] +name = "net-logger-ebpf" +version = "0.1.0" +dependencies = [ + "aya-ebpf", + "aya-log-ebpf", + "net-logger-common", + "network-types", +] + +[[package]] +name = "network-types" +version = "0.0.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "41b13eba62f530cd2ea031938ac4472b9b649694baa1e587c2a2fadc07844d3c" + +[[package]] +name = "num_enum" +version = "0.7.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4e613fc340b2220f734a8595782c551f1250e969d87d3be1ae0579e8d4065179" +dependencies = [ + "num_enum_derive", +] + +[[package]] +name = "num_enum_derive" +version = "0.7.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "af1844ef2428cc3e1cb900be36181049ef3d3193c63e43026cfe202983b27a56" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "proc-macro-error" +version = "1.0.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "da25490ff9892aab3fcf7c36f08cfb902dd3e71ca0f9f9517bea02a73a5ce38c" +dependencies = [ + "proc-macro-error-attr", + "proc-macro2", + "quote", + "version_check", +] + +[[package]] +name = "proc-macro-error-attr" +version = "1.0.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a1be40180e52ecc98ad80b184934baf3d0d29f979574e439af5a55274b35f869" +dependencies = [ + "proc-macro2", + "quote", + "version_check", +] + +[[package]] +name = "proc-macro2" +version = "1.0.86" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5e719e8df665df0d1c8fbfd238015744736151d4445ec0836b8e628aae103b77" +dependencies = [ + "unicode-ident", +] + +[[package]] +name = "quote" +version = "1.0.36" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0fa76aaf39101c457836aec0ce2316dbdc3ab723cdda1c6bd4e6ad4208acaca7" +dependencies = [ + "proc-macro2", +] + +[[package]] +name = "rustversion" +version = "1.0.17" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "955d28af4278de8121b7ebeb796b6a45735dc01436d898801014aced2773a3d6" + +[[package]] +name = "syn" +version = "2.0.72" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dc4b9b9bf2add8093d3f2c0204471e951b2285580335de42f9d2534f3ae7a8af" +dependencies = [ + "proc-macro2", + "quote", + "unicode-ident", +] + +[[package]] +name = "unicode-ident" +version = "1.0.12" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3354b9ac3fae1ff6755cb6db53683adb661634f67557942dea4facebec0fee4b" + +[[package]] +name = "version_check" +version = "0.9.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0b928f33d975fc6ad9f86c8f283853ad26bdd5b10b7f1542aa2fa15e2289105a" diff --git a/net-logger-ebpf/Cargo.toml b/net-logger-ebpf/Cargo.toml new file mode 100644 index 0000000..fd94c9d --- /dev/null +++ b/net-logger-ebpf/Cargo.toml @@ -0,0 +1,34 @@ +cargo-features = ["profile-rustflags"] +[package] +name = "net-logger-ebpf" +version = "0.1.0" +edition = "2021" + +[dependencies] +aya-ebpf = "0.1.0" +aya-log-ebpf = "0.1.0" +net-logger-common = { path = "../net-logger-common" } +network-types = "0.0.6" + +[[bin]] +name = "net-logger" +path = "src/main.rs" + +[profile.dev] +opt-level = 3 +debug = false +debug-assertions = false +overflow-checks = false +lto = true +panic = "abort" +incremental = false +codegen-units = 1 +rpath = false + +[profile.release] +lto = true +panic = "abort" +codegen-units = 1 + +[workspace] +members = [] diff --git a/net-logger-ebpf/rust-toolchain.toml b/net-logger-ebpf/rust-toolchain.toml new file mode 100644 index 0000000..24ce391 --- /dev/null +++ b/net-logger-ebpf/rust-toolchain.toml @@ -0,0 +1,13 @@ +[toolchain] +channel = "nightly" +# The source code of rustc, provided by the rust-src component, is needed for +# building eBPF programs. +components = [ + "cargo", + "clippy", + "rust-docs", + "rust-src", + "rust-std", + "rustc", + "rustfmt", +] diff --git a/net-logger-ebpf/src/main.rs b/net-logger-ebpf/src/main.rs new file mode 100644 index 0000000..c88fe44 --- /dev/null +++ b/net-logger-ebpf/src/main.rs @@ -0,0 +1,23 @@ +#![no_std] +#![no_main] + +use aya_ebpf::{bindings::xdp_action, macros::xdp, programs::XdpContext}; +use aya_log_ebpf::info; +pub mod stract_data; +#[xdp] +pub fn net_logger(ctx: XdpContext) -> u32 { + match stract_data::trafic_router(ctx) { + Ok(ret) => ret, + Err(_) => xdp_action::XDP_ABORTED, + } +} + +fn try_net_logger(ctx: XdpContext) -> Result { + info!(&ctx, "received a packet"); + Ok(xdp_action::XDP_PASS) +} + +#[panic_handler] +fn panic(_info: &core::panic::PanicInfo) -> ! { + unsafe { core::hint::unreachable_unchecked() } +} diff --git a/net-logger-ebpf/src/stract_data.rs b/net-logger-ebpf/src/stract_data.rs new file mode 100644 index 0000000..72a586c --- /dev/null +++ b/net-logger-ebpf/src/stract_data.rs @@ -0,0 +1,113 @@ +use aya_ebpf::{ + bindings::xdp_action, + macros::map, + programs::XdpContext, + maps::PerfEventArray, + maps::PerCpuArray, +}; +use aya_log_ebpf::info; +use net_logger_common::Event; +use core::mem; +use network_types::{ + eth::{EthHdr, EtherType}, + ip::{IpProto, Ipv4Hdr, Ipv6Hdr, in6_addr}, + tcp::TcpHdr, + udp::UdpHdr, + icmp::IcmpHdr, +}; + +#[map] +pub static mut SCRATCH: PerCpuArray = PerCpuArray::with_max_entries(1, 0); // per-cpu + +#[map] +pub static mut EVENTS: PerfEventArray = PerfEventArray::with_max_entries(0, 0); + +#[inline(always)] // +fn ptr_at(ctx: &XdpContext, offset: usize) -> Result<*const T, ()> { + let start = ctx.data(); + let end = ctx.data_end(); + let len = mem::size_of::(); + + if start + offset + len > end { + return Err(()); + } + + Ok((start + offset) as *const T) +} + +pub fn trafic_router(ctx: XdpContext) -> Result { + let ethhdr: *const EthHdr = ptr_at(&ctx, 0)?; // + match unsafe { (*ethhdr).ether_type } { + EtherType::Ipv4 => process_v4(ctx), + EtherType::Ipv6 => process_v6(ctx), + _ => Ok(xdp_action::XDP_PASS), + } +} + +pub fn get_ports(ctx: &XdpContext, protocol: IpProto, ip_hdr_len: usize) -> Result<(u16, u16),()> { + let source_port; + let dest_port; + match protocol { + IpProto::Tcp => { + let tcphdr: *const TcpHdr = + ptr_at(ctx, EthHdr::LEN + ip_hdr_len)?; + source_port = u16::from_be(unsafe { (*tcphdr).source }); + dest_port = u16::from_be(unsafe { (*tcphdr).dest }); + } + IpProto::Udp => { + let udphdr: *const UdpHdr = + ptr_at(ctx, EthHdr::LEN + ip_hdr_len)?; + source_port = u16::from_be(unsafe { (*udphdr).source }); + dest_port = u16::from_be(unsafe { (*udphdr).dest }); + } + _ => { + source_port = 0; + dest_port = 0; + }, + }; + Ok((source_port, dest_port)) +} + +pub fn process_v6(ctx: XdpContext) -> Result { + let ipv6hdr: *const Ipv6Hdr = ptr_at(&ctx, EthHdr::LEN)?; + let source_addr = unsafe { (*ipv6hdr).src_addr() }; + let dest_addr = unsafe { (*ipv6hdr).dst_addr() }; + let protocol = unsafe { (*ipv6hdr).next_hdr }; + let pack_len = unsafe { (*ipv6hdr).payload_len }; + let ports = get_ports(&ctx, protocol, Ipv6Hdr::LEN)?; + + let mut event = unsafe { *SCRATCH.get_ptr_mut(0).ok_or(())? }; + event.ipv = EtherType::Ipv6; + event.source_port = ports.0; + event.source_ipv6 = source_addr; + event.dest_port = ports.1; + event.dest_ipv6 = dest_addr; + event.proto = protocol; + event.len = pack_len; + unsafe { EVENTS.output(&ctx, &mut event, 0); } + + Ok(xdp_action::XDP_PASS) +} + +pub fn process_v4(ctx: XdpContext) -> Result { + + let ipv4hdr: *const Ipv4Hdr = ptr_at(&ctx, EthHdr::LEN)?; + let source_addr = u32::from_be(unsafe { (*ipv4hdr).src_addr }); + let dest_addr = u32::from_be(unsafe { (*ipv4hdr).dst_addr }); + let protocol = unsafe { (*ipv4hdr).proto }; + let pack_len = unsafe { (*ipv4hdr).tot_len }; + let ports = get_ports(&ctx, protocol, Ipv4Hdr::LEN)?; + + let mut event = unsafe { *SCRATCH.get_ptr_mut(0).ok_or(())? }; + + event.ipv = EtherType::Ipv4; + event.source_port = ports.0; + event.source_ipv4 = source_addr; + event.dest_port = ports.1; + event.dest_ipv4 = dest_addr; + event.proto = protocol; + event.len = pack_len; + unsafe { EVENTS.output(&ctx, &mut event, 0); } + + Ok(xdp_action::XDP_PASS) +} diff --git a/net-logger/Cargo.toml b/net-logger/Cargo.toml new file mode 100644 index 0000000..3ffef08 --- /dev/null +++ b/net-logger/Cargo.toml @@ -0,0 +1,32 @@ +[package] +name = "net-logger" +version = "0.1.0" +edition = "2021" +publish = false + +[dependencies] +aya = "0.12" +aya-log = "0.2" +clap = { version = "4.1", features = ["derive"] } +net-logger-common = { path = "../net-logger-common", features = ["user"] } +anyhow = "1" +env_logger = "0.10" +libc = "0.2" +log = "0.4" +tokio = { version = "1.25", features = [ + "macros", + "rt", + "rt-multi-thread", + "net", + "signal", +] } +bytes = "*" +network-types = "0.0.6" +elasticsearch = "8.17.0-alpha.1" +serde_json = "*" +serde = "*" +chrono = "*" + +[[bin]] +name = "net-logger" +path = "src/main.rs" diff --git a/net-logger/src/clasificator/ip_group.rs b/net-logger/src/clasificator/ip_group.rs new file mode 100644 index 0000000..8444f89 --- /dev/null +++ b/net-logger/src/clasificator/ip_group.rs @@ -0,0 +1,252 @@ +use std::{ + collections::HashMap, + net::{Ipv4Addr, Ipv6Addr}, + time::SystemTime, +}; + +use crate::utils::ip::print_proto; +use network_types::ip::{IpProto, Ipv4Hdr}; +use serde::{Deserialize, Serialize}; +use serde_json::{json, Value}; + +#[derive(Serialize, Deserialize)] +pub struct ConectionCoreAtom { + pub len: u128, + pub ip4_list: Vec>, + pub ip6_list: Vec>, +} + +#[derive(Serialize, Deserialize)] +pub struct IpAtom { + len: u128, + ip_local: IpType, + port_local: u16, + ip_remote: IpType, + port_remote: u16, + //pub proto_len: HashMap + pub proto_len: Vec<(u8, u128)>, +} + +impl ConectionCoreAtom { + pub fn new() -> Self { + ConectionCoreAtom { + len: 0, + ip4_list: Vec::new(), + ip6_list: Vec::new(), + } + } + + pub fn addv4( + &mut self, + source_ip: u32, + dest_ip: u32, + source_port: u16, + dest_port: u16, + protocol: IpProto, + size: u16, + ) { + self.len += size as u128; + let source_ip_format = Ipv4Addr::from_bits(source_ip); + let dest_ip_format = Ipv4Addr::from_bits(dest_ip); + let local_ip; + let remote_ip; + let local_port; + let remote_port; + if source_ip_format.is_private() { + local_ip = source_ip_format; + remote_ip = dest_ip_format; + local_port = source_port; + remote_port = dest_port; + } else { + local_ip = dest_ip_format; + remote_ip = source_ip_format; + local_port = dest_port; + remote_port = dest_port; + } + match self.check_packagev4(local_ip, remote_ip, local_port, remote_port) { + Some(ip_atom) => { + ip_atom.add(protocol, size as u128); + } + None => { + let mut ip_atom = IpAtom::new_ip(local_ip, remote_ip, local_port, remote_port); + ip_atom.add(protocol, size as u128); + self.ip4_list.push(ip_atom); + } + } + } + + pub fn addv6( + &mut self, + source_ip: Ipv6Addr, + dest_ip: Ipv6Addr, + source_port: u16, + dest_port: u16, + protocol: IpProto, + size: u16, + ) { + self.len += size as u128; + let local_ip; + let remote_ip; + let local_port; + let remote_port; + if source_ip.is_unique_local() { + local_ip = source_ip; + local_port = source_port; + remote_ip = dest_ip; + remote_port = dest_port; + } else { + local_ip = dest_ip; + local_port = dest_port; + remote_ip = source_ip; + remote_port = source_port; + } + match self.check_packagev6(local_ip, remote_ip, local_port, remote_port) { + Some(ip_atom) => { + ip_atom.add(protocol, size as u128); + } + None => { + let mut ip_atom = IpAtom::new_ip(local_ip, remote_ip, local_port, remote_port); + ip_atom.add(protocol, size as u128); + self.ip6_list.push(ip_atom); + } + } + } + + fn check_packagev4( + &mut self, + local_ip: Ipv4Addr, + remote_ip: Ipv4Addr, + local_port: u16, + remote_port: u16, + ) -> Option<&mut IpAtom> { + let mut index = 0; + loop { + match self.ip4_list.get(index) { + Some(ip) => { + if ip.eq_splited(local_ip, remote_ip, local_port, remote_port) { + return self.ip4_list.get_mut(index); + } + } + None => { + return None; + } + } + index += 1; + } + } + + fn check_packagev6( + &mut self, + local_ip: Ipv6Addr, + remote_ip: Ipv6Addr, + local_port: u16, + remote_port: u16, + ) -> Option<&mut IpAtom> { + let index = 0; + loop { + match self.ip6_list.get(index) { + Some(ip) => { + if ip.eq_splited(local_ip, remote_ip, local_port, remote_port) { + return self.ip6_list.get_mut(index); + } + } + None => return None, + } + } + } + + pub fn generate_json(&self, timestamp: String) -> Value { + json!({ + "@timestamp" : timestamp, + "ips_v4" : self.ip4_list, + "ips_v6" : self.ip6_list, + }) + } + + pub fn reset(&mut self) -> Self { + let old_len = self.len; + self.len = 0; + Self { + len: old_len, + ip4_list: self.ip4_list.drain(..).collect(), + ip6_list: self.ip6_list.drain(..).collect(), + } + } + + /*fn create_ipv4(&mut self, source_ip: u32, dest_ip: u32) { + let source_ip_format = Ipv4Addr::from_bits(source_ip); + let dest_ip_format = Ipv4Addr::from_bits(dest_ip); + self.ip4_list.push(if source_ip_format.is_private() { + IpAtom::new_ip(source_ip_format, dest_ip_format) + } else { + IpAtom::new_ip(dest_ip_format, source_ip_format) + }) + } + + fn create_ipv6(&mut self, source_ip: Ipv6Addr, dest_ip: Ipv6Addr) { + self.ip6_list.push(if source_ip.is_unique_local() { + IpAtom::new_ip(source_ip, dest_ip) + } else { + IpAtom::new_ip(dest_ip, source_ip) + }); + }*/ +} + +impl IpAtom { + pub fn new_ip(local_ip: IpType, remote_ip: IpType, local_port: u16, remote_port: u16) -> Self { + IpAtom { + len: 0, + ip_local: local_ip, + port_local: local_port, + ip_remote: remote_ip, + port_remote: remote_port, + proto_len: Vec::new(), + } + } + + //hashmap can be less efficient + /*pub fn add(&mut self,protocol: IpProto, size: u128) { + self.len+=size; + match self.proto_len.get_mut(&(protocol as u8)) { + Some(l) => { + *l+=size; + }, + None => { + self.proto_len.insert(protocol as u8,size); + }, + }; + }*/ + + pub fn add(&mut self, protocol: IpProto, size: u128) { + self.len += size; + let mut index = 0; + loop { + match self.proto_len.get_mut(index) { + Some(proto) => { + if proto.0 == protocol as u8 { + proto.1 += size; + } + } + None => { + self.proto_len.push((protocol as u8, size)); + break; + } + } + + index += 1; + } + } + + pub fn eq_splited( + &self, + local_ip: IpType, + remote_ip: IpType, + local_port: u16, + remote_port: u16, + ) -> bool { + ((self.ip_local == local_ip && self.port_local == local_port) + && (self.ip_remote == remote_ip && self.port_remote == remote_port)) + || ((self.ip_local == remote_ip && self.port_local == remote_port) + && (self.ip_remote == local_ip && self.port_remote == local_port)) + } +} diff --git a/net-logger/src/clasificator/ip_wrapper.rs b/net-logger/src/clasificator/ip_wrapper.rs new file mode 100644 index 0000000..5fa4baa --- /dev/null +++ b/net-logger/src/clasificator/ip_wrapper.rs @@ -0,0 +1,50 @@ +use std::net::{Ipv4Addr, Ipv6Addr}; + +pub struct Ip4Wrapper { + raw: Ipv4Addr, +} + +pub struct Ip6Wrapper { + raw: Ipv6Addr, +} + +pub trait IpWrapper { + fn is_private(&self) -> bool; + fn get_raw(&self) -> IpType; +} + +impl Ip4Wrapper { + pub fn new(ip: u32) -> Self { + Self { + raw: Ipv4Addr::from_bits(ip), + } + } +} + +impl Ip6Wrapper { + pub fn new(ip: Ipv6Addr) -> Self { + Self { + raw: ip, + } + } +} + +impl IpWrapper for Ip4Wrapper { + fn is_private(&self) -> bool { + self.raw.is_private() + } + + fn get_raw(&self) -> Ipv4Addr { + self.raw + } +} + +impl IpWrapper for Ip6Wrapper { + fn is_private(&self) -> bool { + self.raw.is_unique_local() + } + + fn get_raw(&self) -> Ipv6Addr { + self.raw + } +} diff --git a/net-logger/src/clasificator/mod.rs b/net-logger/src/clasificator/mod.rs new file mode 100644 index 0000000..1bda55e --- /dev/null +++ b/net-logger/src/clasificator/mod.rs @@ -0,0 +1,3 @@ +pub mod ip_group; +mod ip_wrapper; +pub mod store; diff --git a/net-logger/src/clasificator/store.rs b/net-logger/src/clasificator/store.rs new file mode 100644 index 0000000..e07edbf --- /dev/null +++ b/net-logger/src/clasificator/store.rs @@ -0,0 +1,96 @@ +use network_types::ip::IpProto; + +use crate::elk::elasticsearch::ElasticConection; + +use super::ip_group::ConectionCoreAtom; +use std::{ + future::IntoFuture, + net::Ipv6Addr, + time::{Duration, SystemTime, UNIX_EPOCH}, +}; + +pub struct net_stats_storage { + connections_store: ConectionCoreAtom, + elastic_connection: ElasticConection, + old_connections: Vec, + last_insert: SystemTime, +} + +impl net_stats_storage { + pub fn new() -> Self { + Self { + connections_store: ConectionCoreAtom::new(), + elastic_connection: ElasticConection::new().unwrap(), + old_connections: Vec::new(), + last_insert: SystemTime::now(), + } + } + + pub async fn addv4( + &mut self, + source_ip: u32, + dest_ip: u32, + source_port: u16, + dest_port: u16, + protocol: IpProto, + size: u16, + ) { + self.store_or_not().await; + + self.connections_store + .addv4(source_ip, dest_ip, source_port, dest_port, protocol, size); + } + + pub async fn addv6( + &mut self, + source_ip: Ipv6Addr, + dest_ip: Ipv6Addr, + source_port: u16, + dest_port: u16, + protocol: IpProto, + size: u16, + ) { + self.store_or_not().await; + + self.connections_store + .addv6(source_ip, dest_ip, source_port, dest_port, protocol, size); + } + + pub async fn store_or_not(&mut self) { + if self + .last_insert + .duration_since(SystemTime::now()) + .unwrap_or(Duration::from_secs(2)) + .as_secs() + > 2 + || self.connections_store.len > 200000 + { + self.store_in_elastic().await; + } + } + + pub async fn store_in_elastic(&mut self) { + self.old_connections.push(self.connections_store.reset()); + self.connections_store = ConectionCoreAtom::new(); + println!("entra:{}", self.old_connections.len()); + for con in &self.old_connections { + println!( + "datos:{}", + chrono::offset::Utc::now().to_rfc3339_opts(chrono::SecondsFormat::Secs, true) + ); + match self + .elastic_connection + .send(con.generate_json( + chrono::offset::Utc::now().to_rfc3339_opts(chrono::SecondsFormat::Secs, true), + )) + .await + { + Ok(_) => continue, + Err(_) => { + println!("No va"); + break; + } + } + } + } +} diff --git a/net-logger/src/elk/elasticsearch.rs b/net-logger/src/elk/elasticsearch.rs new file mode 100644 index 0000000..1e6bd34 --- /dev/null +++ b/net-logger/src/elk/elasticsearch.rs @@ -0,0 +1,71 @@ +use elasticsearch::auth::Credentials; +use elasticsearch::http::transport::SingleNodeConnectionPool; +use elasticsearch::http::transport::TransportBuilder; +use elasticsearch::http::Url; +use elasticsearch::Elasticsearch; +use elasticsearch::IndexParts; +use serde_json::Value; +use std::fmt; + +pub struct ElasticConection { + conection: Elasticsearch, +} + +pub struct ElasticConErr { + content: String, +} + +impl ElasticConection { + pub fn new() -> Result> { + let url = Url::parse("http://elastic_ip:9200")?; + let credentials = Credentials::Basic("elastic".into(), "password".into()); + let connection_pool = SingleNodeConnectionPool::new(url); + let transport = TransportBuilder::new(connection_pool) + .auth(credentials) + .build()?; + Ok(Self { + conection: Elasticsearch::new(transport), + }) + } + + pub async fn send(&self, data: Value) -> Result<(), ElasticConErr> { + println!("aquĆ­ tambi'en entra"); + let raw_response = self + .conection + .index(IndexParts::Index("netlogger-0.1")) + .body(data) + .send() + .await; + let response = match raw_response { + Ok(r) => r, + Err(e) => { + return Err(ElasticConErr { + content: e.to_string(), + }) + } + }; + let status_code = response.status_code(); + match status_code.clone().is_success() { + true => Ok(()), + false => { + let err_ret = match response.text().await { + Ok(ret) => ret, + Err(_e) => status_code.as_str().to_string(), + }; + Err(ElasticConErr { content: err_ret }) + } + } + } +} + +impl fmt::Display for ElasticConErr { + fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result { + write!(f, "{}", self.content) + } +} + +impl fmt::Debug for ElasticConErr { + fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result { + write!(f, "{}", self.content) + } +} diff --git a/net-logger/src/elk/mod.rs b/net-logger/src/elk/mod.rs new file mode 100644 index 0000000..87888ab --- /dev/null +++ b/net-logger/src/elk/mod.rs @@ -0,0 +1 @@ +pub mod elasticsearch; diff --git a/net-logger/src/main.rs b/net-logger/src/main.rs new file mode 100644 index 0000000..0734ab8 --- /dev/null +++ b/net-logger/src/main.rs @@ -0,0 +1,159 @@ +use anyhow::Context; +use aya::maps::AsyncPerfEventArray; +use aya::programs::{Xdp, XdpFlags}; +use aya::util::online_cpus; +use aya::{include_bytes_aligned, Bpf}; +use aya_log::BpfLogger; +use aya_log::Formatter; +use bytes::BytesMut; +use clap::Parser; +use log::{debug, info, warn}; +use net_logger_common::Event; +use network_types::eth::EtherType; +use tokio::signal; +mod clasificator; +mod elk; +mod utils; + +#[derive(Debug, Parser)] +struct Opt { + #[clap(short, long, default_value = "lo")] + iface: String, +} + +#[tokio::main] +async fn main() -> Result<(), anyhow::Error> { + env_logger::init(); + + // Bump the memlock rlimit. This is needed for older kernels that don't use the + // new memcg based accounting, see https://lwn.net/Articles/837122/ + let rlim = libc::rlimit { + rlim_cur: libc::RLIM_INFINITY, + rlim_max: libc::RLIM_INFINITY, + }; + let ret = unsafe { libc::setrlimit(libc::RLIMIT_MEMLOCK, &rlim) }; + if ret != 0 { + debug!("remove limit on locked memory failed, ret is: {}", ret); + } + + if let Err(e) = load_bpf().await { + eprintln!("error: {:#}", e); + } + + Ok(()) +} + +async fn load_bpf() -> Result<(), aya::BpfError> { + // This will include your eBPF object file as raw bytes at compile-time and load it at + // runtime. This approach is recommended for most real-world use cases. If you would + // like to specify the eBPF program at runtime rather than at compile-time, you can + // reach for `Bpf::load_file` instead. + #[cfg(debug_assertions)] + let mut bpf = Bpf::load(include_bytes_aligned!( + "../../target/bpfel-unknown-none/debug/net-logger" + ))?; + #[cfg(not(debug_assertions))] + let mut bpf = Bpf::load(include_bytes_aligned!( + "../../target/bpfel-unknown-none/release/net-logger" + ))?; + if let Err(e) = BpfLogger::init(&mut bpf) { + // This can happen if you remove all log statements from your eBPF program. + warn!("failed to initialize eBPF logger: {}", e); + } + + proces_events_xdp(bpf).await +} + +async fn proces_events_xdp(mut bpf: Bpf) -> Result<(), aya::BpfError> { + let opt = Opt::parse(); + + // This will include your eBPF object file as raw bytes at compile-time and load it at + // runtime. This approach is recommended for most real-world use cases. If you would + // like to specify the eBPF program at runtime rather than at compile-time, you can + // reach for `Bpf::load_file` instead. + + //let program : &mut SockOps = bpf.program_mut("get_package_data").unwrap().try_into().unwrap(); + //program.load().unwrap(); + let program: &mut Xdp = bpf.program_mut("net_logger").unwrap().try_into().unwrap(); + program.load().unwrap(); + program.attach(&opt.iface, XdpFlags::default()) + .context("failed to attach the XDP program with default flags - try changing XdpFlags::default() to XdpFlags::SKB_MODE").unwrap(); + let cpus = online_cpus().unwrap(); + let num_cpus = cpus.len(); + //let events_raw = bpf.map_mut("EVENTS"); + let mut events: AsyncPerfEventArray<_> = bpf + .take_map("EVENTS") + .context("failed to map QUERY_RING") + .unwrap() + .try_into() + .unwrap(); + for cpu in cpus { + let mut buf = events.open(cpu, None).unwrap(); + + tokio::task::spawn(async move { + let mut buffers = (0..num_cpus) + .map(|_| BytesMut::with_capacity(10240)) + .collect::>(); + let mut con = clasificator::store::net_stats_storage::new(); + loop { + let events = buf.read_events(&mut buffers).await.unwrap(); + for i in 0..events.read { + // get timestamp + //let now = Local::now(); + + // read the event + let buf = &mut buffers[i]; + let ptr = buf.as_ptr() as *const Event; + let data = unsafe { ptr.read_unaligned() }; + // parse out the data + match data.ipv { + EtherType::Ipv4 => { + println!("source ip:{}, source port:{}, dest ip:{}, dest port:{}, proto:{}, size: {}", + aya_log::Ipv4Formatter::format(data.source_ipv4), + data.source_port, + aya_log::Ipv4Formatter::format(data.dest_ipv4), + data.dest_port, + utils::ip::print_proto(data.proto), + data.len); + con.addv4( + data.source_ipv4, + data.dest_ipv4, + data.source_port, + data.dest_port, + data.proto, + data.len, + ) + .await; + //println!("package size:{}, ips:{}", con.len, con.ip4_list.get(con.ip4_list.len()-1).unwrap().proto_len.get(0).unwrap_or(&(0,0)).1); + } + EtherType::Ipv6 => { + println!("source ip:{}, source port:{}, dest ip:{}, dest port:{}, proto:{}, size: {}", + aya_log::Ipv6Formatter::format(data.source_ipv6), + data.source_port, + aya_log::Ipv6Formatter::format(data.dest_ipv6), + data.dest_port, + utils::ip::print_proto(data.proto), + data.len); + con.addv6( + data.source_ipv6, + data.dest_ipv6, + data.source_port, + data.dest_port, + data.proto, + data.len, + ) + .await; + } + _ => println!("result not coverd"), + } + } + } + }); + } + + info!("Waiting for Ctrl-C..."); + signal::ctrl_c().await.unwrap(); + info!("Exiting..."); + + Ok(()) +} diff --git a/net-logger/src/utils/ip.rs b/net-logger/src/utils/ip.rs new file mode 100644 index 0000000..44ad09d --- /dev/null +++ b/net-logger/src/utils/ip.rs @@ -0,0 +1,154 @@ +use network_types::ip::IpProto; + +pub fn print_proto(proto: IpProto) -> String { + String::from(match proto { + IpProto::HopOpt => "HopOpt", + IpProto::Icmp => "Icmp", + IpProto::Igmp => "Igmp", + IpProto::Ggp => "Ggp", + IpProto::Ipv4 => "Ipv4", + IpProto::Stream => "Stream", + IpProto::Tcp => "Tcp", + IpProto::Cbt => "Cbt", + IpProto::Egp => "Egp", + IpProto::Igp => "Igp", + IpProto::BbnRccMon => "BbnRccMon", + IpProto::NvpII => "NvpII", + IpProto::Pup => "Pup", + IpProto::Argus => "Argus", + IpProto::Emcon => "Emcon", + IpProto::Xnet => "Xnet", + IpProto::Chaos => "Chaos", + IpProto::Udp => "Udp", + IpProto::Mux => "Mux", + IpProto::DcnMeas => "DcnMeas", + IpProto::Hmp => "Hmp", + IpProto::Prm => "Prm", + IpProto::Idp => "Idp", + IpProto::Trunk1 => "Trunk1", + IpProto::Trunk2 => "Trunk2", + IpProto::Leaf1 => "Leaf1", + IpProto::Leaf2 => "Leaf2", + IpProto::Rdp => "Rdp", + IpProto::Irtp => "Irtp", + IpProto::Tp4 => "Tp4", + IpProto::Netblt => "Netblt", + IpProto::MfeNsp => "MfeNsp", + IpProto::MeritInp => "MeritInp", + IpProto::Dccp => "Dccp", + IpProto::ThirdPartyConnect => "ThirdPartyConnect", + IpProto::Idpr => "Idpr", + IpProto::Xtp => "Xtp", + IpProto::Ddp => "Ddp", + IpProto::IdprCmtp => "IdprCmtp", + IpProto::TpPlusPlus => "TpPlusPlus", + IpProto::Il => "Il", + IpProto::Ipv6 => "Ipv6", + IpProto::Sdrp => "Sdrp", + IpProto::Ipv6Route => "Ipv6Route", + IpProto::Ipv6Frag => "Ipv6Frag", + IpProto::Idrp => "Idrp", + IpProto::Rsvp => "Rsvp", + IpProto::Gre => "Gre", + IpProto::Dsr => "Dsr", + IpProto::Bna => "Bna", + IpProto::Esp => "Esp", + IpProto::Ah => "Ah", + IpProto::Inlsp => "Inlsp", + IpProto::Swipe => "Swipe", + IpProto::Narp => "Narp", + IpProto::Mobile => "Mobile", + IpProto::Tlsp => "Tlsp", + IpProto::Skip => "Skip", + IpProto::Ipv6Icmp => "Ipv6Icmp", + IpProto::Ipv6NoNxt => "Ipv6NoNxt", + IpProto::Ipv6Opts => "Ipv6Opts", + IpProto::AnyHostInternal => "AnyHostInternal", + IpProto::Cftp => "Cftp", + IpProto::AnyLocalNetwork => "AnyLocalNetwork", + IpProto::SatExpak => "SatExpak", + IpProto::Kryptolan => "Kryptolan", + IpProto::Rvd => "Rvd", + IpProto::Ippc => "Ippc", + IpProto::AnyDistributedFileSystem => "AnyDistributedFileSystem", + IpProto::SatMon => "SatMon", + IpProto::Visa => "Visa", + IpProto::Ipcv => "Ipcv", + IpProto::Cpnx => "Cpnx", + IpProto::Cphb => "Cphb", + IpProto::Wsn => "Wsn", + IpProto::Pvp => "Pvp", + IpProto::BrSatMon => "BrSatMon", + IpProto::SunNd => "SunNd", + IpProto::WbMon => "WbMon", + IpProto::WbExpak => "WbExpak", + IpProto::IsoIp => "IsoIp", + IpProto::Vmtp => "Vmtp", + IpProto::SecureVmtp => "SecureVmtp", + IpProto::Vines => "Vines", + IpProto::Ttp => "Ttp", + IpProto::NsfnetIgp => "NsfnetIgp", + IpProto::Dgp => "Dgp", + IpProto::Tcf => "Tcf", + IpProto::Eigrp => "Eigrp", + IpProto::Ospfigp => "Ospfigp", + IpProto::SpriteRpc => "SpriteRpc", + IpProto::Larp => "Larp", + IpProto::Mtp => "Mtp", + IpProto::Ax25 => "Ax25", + IpProto::Ipip => "Ipip", + IpProto::Micp => "Micp", + IpProto::SccSp => "SccSp", + IpProto::Etherip => "Etherip", + IpProto::Encap => "Encap", + IpProto::AnyPrivateEncryptionScheme => "AnyPrivateEncryptionScheme", + IpProto::Gmtp => "Gmtp", + IpProto::Ifmp => "Ifmp", + IpProto::Pnni => "Pnni", + IpProto::Pim => "Pim", + IpProto::Aris => "Aris", + IpProto::Scps => "Scps", + IpProto::Qnx => "Qnx", + IpProto::ActiveNetworks => "ActiveNetworks", + IpProto::IpComp => "IpComp", + IpProto::Snp => "Snp", + IpProto::CompaqPeer => "CompaqPeer", + IpProto::IpxInIp => "IpxInIp", + IpProto::Vrrp => "Vrrp", + IpProto::Pgm => "Pgm", + IpProto::AnyZeroHopProtocol => "AnyZeroHopProtocol", + IpProto::L2tp => "L2tp", + IpProto::Ddx => "Ddx", + IpProto::Iatp => "Iatp", + IpProto::Stp => "Stp", + IpProto::Srp => "Srp", + IpProto::Uti => "Uti", + IpProto::Smp => "Smp", + IpProto::Sm => "Sm", + IpProto::Ptp => "Ptp", + IpProto::IsisOverIpv4 => "IsisOverIpv4", + IpProto::Fire => "Fire", + IpProto::Crtp => "Crtp", + IpProto::Crudp => "Crudp", + IpProto::Sscopmce => "Sscopmce", + IpProto::Iplt => "Iplt", + IpProto::Sps => "Sps", + IpProto::Pipe => "Pipe", + IpProto::Sctp => "Sctp", + IpProto::Fc => "Fc", + IpProto::RsvpE2eIgnore => "RsvpE2eIgnore", + IpProto::MobilityHeader => "MobilityHeader", + IpProto::UdpLite => "UdpLite", + IpProto::Mpls => "Mpls", + IpProto::Manet => "Manet", + IpProto::Hip => "Hip", + IpProto::Shim6 => "Shim6", + IpProto::Wesp => "Wesp", + IpProto::Rohc => "Rohc", + IpProto::EthernetInIpv4 => "EthernetInIpv4", + IpProto::Aggfrag => "Aggfrag", + IpProto::Test1 => "Test1", + IpProto::Test2 => "Test2", + IpProto::Reserved => "Reserved", + }) +} diff --git a/net-logger/src/utils/mod.rs b/net-logger/src/utils/mod.rs new file mode 100644 index 0000000..8c7cb66 --- /dev/null +++ b/net-logger/src/utils/mod.rs @@ -0,0 +1 @@ +pub mod ip; diff --git a/xtask/Cargo.toml b/xtask/Cargo.toml new file mode 100644 index 0000000..c4dea5d --- /dev/null +++ b/xtask/Cargo.toml @@ -0,0 +1,8 @@ +[package] +name = "xtask" +version = "0.1.0" +edition = "2021" + +[dependencies] +anyhow = "1" +clap = { version = "4.1", features = ["derive"] } diff --git a/xtask/src/build.rs b/xtask/src/build.rs new file mode 100644 index 0000000..ddeee44 --- /dev/null +++ b/xtask/src/build.rs @@ -0,0 +1,42 @@ +use std::process::Command; + +use anyhow::Context as _; +use clap::Parser; + +use crate::build_ebpf::{build_ebpf, Architecture, Options as BuildOptions}; + +#[derive(Debug, Parser)] +pub struct Options { + /// Set the endianness of the BPF target + #[clap(default_value = "bpfel-unknown-none", long)] + pub bpf_target: Architecture, + /// Build and run the release target + #[clap(long)] + pub release: bool, +} + +/// Build the project +fn build_project(opts: &Options) -> Result<(), anyhow::Error> { + let mut args = vec!["build"]; + if opts.release { + args.push("--release") + } + let status = Command::new("cargo") + .args(&args) + .status() + .expect("failed to build userspace"); + assert!(status.success()); + Ok(()) +} + +/// Build our ebpf program and the project +pub fn build(opts: Options) -> Result<(), anyhow::Error> { + // build our ebpf program followed by our application + build_ebpf(BuildOptions { + target: opts.bpf_target, + release: opts.release, + }) + .context("Error while building eBPF program")?; + build_project(&opts).context("Error while building userspace application")?; + Ok(()) +} \ No newline at end of file diff --git a/xtask/src/build_ebpf.rs b/xtask/src/build_ebpf.rs new file mode 100644 index 0000000..5d5f168 --- /dev/null +++ b/xtask/src/build_ebpf.rs @@ -0,0 +1,67 @@ +use std::{path::PathBuf, process::Command}; + +use clap::Parser; + +#[derive(Debug, Copy, Clone)] +pub enum Architecture { + BpfEl, + BpfEb, +} + +impl std::str::FromStr for Architecture { + type Err = String; + + fn from_str(s: &str) -> Result { + Ok(match s { + "bpfel-unknown-none" => Architecture::BpfEl, + "bpfeb-unknown-none" => Architecture::BpfEb, + _ => return Err("invalid target".to_owned()), + }) + } +} + +impl std::fmt::Display for Architecture { + fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result { + f.write_str(match self { + Architecture::BpfEl => "bpfel-unknown-none", + Architecture::BpfEb => "bpfeb-unknown-none", + }) + } +} + +#[derive(Debug, Parser)] +pub struct Options { + /// Set the endianness of the BPF target + #[clap(default_value = "bpfel-unknown-none", long)] + pub target: Architecture, + /// Build the release target + #[clap(long)] + pub release: bool, +} + +pub fn build_ebpf(opts: Options) -> Result<(), anyhow::Error> { + let dir = PathBuf::from("net-logger-ebpf"); + let target = format!("--target={}", opts.target); + let mut args = vec![ + "build", + target.as_str(), + "-Z", + "build-std=core", + ]; + if opts.release { + args.push("--release") + } + + // Command::new creates a child process which inherits all env variables. This means env + // vars set by the cargo xtask command are also inherited. RUSTUP_TOOLCHAIN is removed + // so the rust-toolchain.toml file in the -ebpf folder is honored. + + let status = Command::new("cargo") + .current_dir(dir) + .env_remove("RUSTUP_TOOLCHAIN") + .args(&args) + .status() + .expect("failed to build bpf program"); + assert!(status.success()); + Ok(()) +} diff --git a/xtask/src/main.rs b/xtask/src/main.rs new file mode 100644 index 0000000..5079458 --- /dev/null +++ b/xtask/src/main.rs @@ -0,0 +1,36 @@ +mod build_ebpf; +mod build; +mod run; + +use std::process::exit; + +use clap::Parser; + +#[derive(Debug, Parser)] +pub struct Options { + #[clap(subcommand)] + command: Command, +} + +#[derive(Debug, Parser)] +enum Command { + BuildEbpf(build_ebpf::Options), + Build(build::Options), + Run(run::Options), +} + +fn main() { + let opts = Options::parse(); + + use Command::*; + let ret = match opts.command { + BuildEbpf(opts) => build_ebpf::build_ebpf(opts), + Run(opts) => run::run(opts), + Build(opts) => build::build(opts), + }; + + if let Err(e) = ret { + eprintln!("{e:#}"); + exit(1); + } +} diff --git a/xtask/src/run.rs b/xtask/src/run.rs new file mode 100644 index 0000000..07b46cb --- /dev/null +++ b/xtask/src/run.rs @@ -0,0 +1,55 @@ +use std::process::Command; + +use anyhow::Context as _; +use clap::Parser; + +use crate::{build::{build, Options as BuildOptions}, build_ebpf::Architecture}; + +#[derive(Debug, Parser)] +pub struct Options { + /// Set the endianness of the BPF target + #[clap(default_value = "bpfel-unknown-none", long)] + pub bpf_target: Architecture, + /// Build and run the release target + #[clap(long)] + pub release: bool, + /// The command used to wrap your application + #[clap(short, long, default_value = "sudo -E")] + pub runner: String, + /// Arguments to pass to your application + #[clap(name = "args", last = true)] + pub run_args: Vec, +} + + +/// Build and run the project +pub fn run(opts: Options) -> Result<(), anyhow::Error> { + // Build our ebpf program and the project + build(BuildOptions{ + bpf_target: opts.bpf_target, + release: opts.release, + }).context("Error while building project")?; + + // profile we are building (release or debug) + let profile = if opts.release { "release" } else { "debug" }; + let bin_path = format!("target/{profile}/net-logger"); + + // arguments to pass to the application + let mut run_args: Vec<_> = opts.run_args.iter().map(String::as_str).collect(); + + // configure args + let mut args: Vec<_> = opts.runner.trim().split_terminator(' ').collect(); + args.push(bin_path.as_str()); + args.append(&mut run_args); + + // run the command + let status = Command::new(args.first().expect("No first argument")) + .args(args.iter().skip(1)) + .status() + .expect("failed to run the command"); + + if !status.success() { + anyhow::bail!("Failed to run `{}`", args.join(" ")); + } + Ok(()) +}