search

iovisor / bcc

BCC - Tools for BPF-based Linux IO analysis, networking, monitoring, and more
Apache License 2.0
20.36k stars 3.86k forks source link

fix c_ulong type handle and decimal ip address bugs #4850

Closed singchia closed 9 months ago

singchia commented 9 months ago

which should be handled in python way

From: 

def decimal_to_human(input_value):
    input_value = int(input_value)
    hex_value = hex(input_value)[2:]
    pt3 = literal_eval((str('0x'+str(hex_value[-2:]))))
    pt2 = literal_eval((str('0x'+str(hex_value[-4:-2]))))
    pt1 = literal_eval((str('0x'+str(hex_value[-6:-4]))))
    pt0 = literal_eval((str('0x'+str(hex_value[-8:-6])))) <- BUG here
    result = str(pt0)+'.'+str(pt1)+'.'+str(pt2)+'.'+str(pt3)
    return result

try:
    while True :
        time.sleep(OUTPUT_INTERVAL)
        packet_cnt_output = packet_cnt.items()
        output_len = len(packet_cnt_output)
        print('\n')
        for i in range(0,output_len):
            if (len(str(packet_cnt_output[i][0]))) != 30: <- BUG here
                continue
            temp = int(str(packet_cnt_output[i][0])[8:-2]) # initial output omitted from the kernel space program
            temp = int(str(bin(temp))[2:]) # raw file
            src = int(str(temp)[:32],2) # part1 
            dst = int(str(temp)[32:],2)
            pkt_num = str(packet_cnt_output[i][1])[7:-1]

To:

def decimal_to_human(input_value):
    try:
        decimal_ip = int(input_value)
        ip_string = str(ipaddress.IPv4Address(decimal_ip))
        return ip_string
    except ValueError:
        return "Invalid input"

try:
    while True :
        time.sleep(OUTPUT_INTERVAL)
        packet_cnt_output = packet_cnt.items()
        output_len = len(packet_cnt_output)
        current_time = datetime.now()
        formatted_time = current_time.strftime("%Y-%m-%d %H:%M:%S")
        if output_len != 0:
            print('\ncurrent packet nums:')

        for i in range(0,output_len):
            srcdst = packet_cnt_output[i][0].value
            src = (srcdst >> 32) & 0xFFFFFFFF
            dst = srcdst & 0xFFFFFFFF
            pkt_num = packet_cnt_output[i][1].value
yonghong-song commented 9 months ago

Since you are touching this file, could you add the following check in the bpf program?

     struct ethernet_t *ethernet = cursor_advance(cursor, sizeof(*ethernet));
     struct ip_t *ip = cursor_advance(cursor, sizeof(*ip));
+    if (ip->ver != 4)
+        return 0;
+

The example assumes ipv4 so let us enforce it in the bpf program.

singchia commented 9 months ago

Since you are touching this file, could you add the following check in the bpf program?

     struct ethernet_t *ethernet = cursor_advance(cursor, sizeof(*ethernet));
     struct ip_t *ip = cursor_advance(cursor, sizeof(*ip));
+    if (ip->ver != 4)
+        return 0;
+

The example assumes ipv4 so let us enforce it in the bpf program.

sure