Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support icmp traffic #54

Merged
merged 7 commits into from
Aug 5, 2024
Merged

Support icmp traffic #54

merged 7 commits into from
Aug 5, 2024

Conversation

mielverkerken
Copy link
Member

@mielverkerken mielverkerken commented Jul 10, 2024
edited
Loading

Add support for icmp traffic. Might be interesting to finish icmp flows on reply after requst.

github-advanced-security[bot]
github-advanced-security bot found potential problems Jul 10, 2024
View reviewed changes
rustiflow/src/main.rs Fixed Show fixed Hide fixed
rustiflow/src/main.rs Fixed Show fixed Hide fixed
rustiflow/src/main.rs Fixed Show fixed Hide fixed
rustiflow/src/main.rs Fixed Show fixed Hide fixed
@mielverkerken mielverkerken requested a review from Str-Gen July 10, 2024 12:30
@mielverkerken mielverkerken removed the request for review from matissecallewaert July 10, 2024 12:50
@matissecallewaert matissecallewaert changed the base branch from main to bug/pcap-flow-expiration July 10, 2024 13:59
matissecallewaert
matissecallewaert reviewed Jul 10, 2024
View reviewed changes
Copy link
Collaborator

@matissecallewaert matissecallewaert left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For this to work in real-time mode, the eBPF need adapting. I also changed the base of this PR for better reviewing 😄

rustiflow/src/main.rs Outdated Show resolved Hide resolved
mielverkerken
mielverkerken commented Jul 11, 2024
View reviewed changes
rustiflow/src/main.rs
let icmp_type = icmp_packet.get_icmp_type();
let icmp_code = icmp_packet.get_icmp_code();
// let icmp_type = icmp_packet.get_icmp_type();
// let icmp_code = icmp_packet.get_icmp_code();
source_port = 0; // ICMPv6 does not have ports
destination_port = 0;
data_length = icmp_packet.payload().len() as u16;
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we remove the hard coded header_length of 8 for udp and icmp in the Rustiflow code and extract the header length from both the realtime and pcap?

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For the realtime, this is possible but it is pointer work to get the header length.

Base automatically changed from bug/pcap-flow-expiration to main July 11, 2024 08:15
matissecallewaert
matissecallewaert approved these changes Jul 22, 2024
View reviewed changes
Copy link
Collaborator

@matissecallewaert matissecallewaert left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me! For the hard coded header lengths, maybe another pull request that looks into ways to get the header length straight from the packet?

rustiflow/src/main.rs
let icmp_type = icmp_packet.get_icmp_type();
let icmp_code = icmp_packet.get_icmp_code();
// let icmp_type = icmp_packet.get_icmp_type();
// let icmp_code = icmp_packet.get_icmp_code();
source_port = 0; // ICMPv6 does not have ports
destination_port = 0;
data_length = icmp_packet.payload().len() as u16;
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For the realtime, this is possible but it is pointer work to get the header length.

@matissecallewaert matissecallewaert merged commit d844c9f into main Aug 5, 2024
3 checks passed
@matissecallewaert matissecallewaert deleted the bug/icmp-traffic branch August 5, 2024 18:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Str-Gen Str-Gen Str-Gen approved these changes

@matissecallewaert matissecallewaert matissecallewaert approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@mielverkerken @Str-Gen @matissecallewaert