Complete ipv6 support #1204
Merged
Complete ipv6 support #1204
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add a new ipv6addr struct which contains the 16 bytes of the ip address as 4 uint32_ts. It also has methods for comparisons and subnet checks. Also add new PPM types PT_IPV6ADDR/PT_IPV6NET as well as a general PT_IPADDR/PT_IPNET type. The general types will be used for things like filterchecks where they operate interchangeably on ipv4/ipv6 addresses.
Fully support ipv6 addresses in sinsp_network_interfaces. When storing an ipv6 interface, use the new explicit type ipv6addr instead of 16-byte arrays. Also only save the network portion in a single ipv6 address. Add methods import_ipv6_interface, is_ipv6addr_in_local_machine, infer_ipv6_address, which are used by update_fd to update sinsp_fdinfo structs based on interface information.
Handle PT_IPV6ADDR as a type in string conversions to/from rawvals, both directly and into the lua stack. Generally it's just inet_pton/inet_ntop on the bytes in the ipv6addr struct. Also handle comparisons on PT_IPV6ADDR/PT_IPV6NET, using the equality and netmast comparison operators on the struct. To handle conversion/comparisons for PT_IPADDR/PT_IPNET, use the size of the rawval to determine if it's an ipv4 or ipv6 address and call comparison/converson method again with PT_IPV6ADDR/PT_IPV4ADDR as appropriate. For strings, infer the type based on whether the string has '.' or ':' characters. This required a change to the methods to take the param type/format instead of a filtercheck_field_info, as there are other uses that don't have a filtercheck_field_info.
mstemm
force-pushed
the
complete-ipv6-support
branch
from
86301b0 to
4a838c8
Compare
In get_thread_table_int, support SCAP_FD_IPV6 types, grabbing the right part of the sockinfo struct and doing the right conversion for the address family. Add a default column width for ipv6 addresses.
Change all fd.ip/fd.net filterchecks to work on PT_IPADDR types instead. When extracting, add tests for SCAP_FD_IPV6_* types and extract the right part of the sockinfo struct. Comparisons/conversion is already handled by the rawval_to_string changes that handle PT_IPADDR/PT_IPNET types.
Instead of simply handling ipv4 mapped ipv6 addresses, handle any ipv6 address, filling in the right part of the sockinfo struct from the event parameter. Also handle source/dest swapping when determining the client/server endpoints of a connection. Conversions that used to work simply on an ipv6 address as byte array now work on the m_b field of the ipv6addr struct.
The documentation of fd.typechar doesn't distinguish between server sockets and non-server sockets, so simplify things by simply using '4'/'6' to reflect the ipv4/ipv6 type.
In cases where a chisel's filter was specific to ipv4, also allow ipv6.
mstemm
force-pushed
the
complete-ipv6-support
branch
from
bc85317 to
d134f3a
Compare
mattpag
approved these changes
Aug 21, 2018
| // (http://en.wikipedia.org/wiki/IPv6#IPv4-mapped_IPv6_addresses) | ||
| // | ||
| uint8_t* sip = packed_data + 1; | ||
| uint8_t* dip = packed_data + 19; | ||
|
|
||
| if(!(sinsp_utils::is_ipv4_mapped_ipv6(sip) && sinsp_utils::is_ipv4_mapped_ipv6(dip))) | ||
| { | ||
| evt->m_fdinfo->m_name = evt->get_param_as_str(1, &parstr, sinsp_evt::PF_SIMPLE); |
There was a problem hiding this comment.
I suppose setting m_fdinfo->m_name is no longer needed here because we are properly setting the sockinfo, so the flow will be the same as v4 sockets?
There was a problem hiding this comment.
That's right. The name eventually gets set at line 2486, and both ipv6 and ipv4 follow the same steps of possibly swapping the client/server addresses.
Closed
mstemm
force-pushed
the
complete-ipv6-support
branch
from
c7e5ba8 to
c8db291
Compare
These were returning pointers to local string values on the stack. Replace with m_tstr, a general purpose string in the object, instead.
mstemm
force-pushed
the
complete-ipv6-support
branch
from
2941f8d to
0ea289b
Compare
|
Note the 1 new commit that fixes returning some variables from the stack. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Changes to round out ipv6 support in parsing/filterchecks. The kernel module and libscap already had the necessary components but there were some gaps in filterchecks/event parsing/etc support.
There are corresponding unit tests on the agent side for all of these changes.