Closed msherif1234 closed 2 months ago
Attention: Patch coverage is 4.16667%
with 23 lines
in your changes missing coverage. Please review.
Please upload report for BASE (
main@7138dc8
). Learn more about missing BASE report. Report is 9 commits behind head on main.
Files | Patch % | Lines |
---|---|---|
pkg/ebpf/flow_filter.go | 4.34% | 22 Missing :warning: |
pkg/agent/agent.go | 0.00% | 1 Missing :warning: |
/ok-to-test
New image: quay.io/netobserv/netobserv-ebpf-agent:e714b5a
It will expire after two weeks.
To deploy this build, run from the operator repo, assuming the operator is running:
USER=netobserv VERSION=e714b5a make set-agent-image
/ok-to-test
New image: quay.io/netobserv/netobserv-ebpf-agent:6e859c2
It will expire after two weeks.
To deploy this build, run from the operator repo, assuming the operator is running:
USER=netobserv VERSION=6e859c2 make set-agent-image
/ok-to-test
New image: quay.io/netobserv/netobserv-ebpf-agent:20f17d0
It will expire after two weeks.
To deploy this build, run from the operator repo, assuming the operator is running:
USER=netobserv VERSION=20f17d0 make set-agent-image
/approve
[APPROVALNOTIFIER] This PR is APPROVED
This pull-request has been approved by: msherif1234
The full list of commands accepted by this bot can be found here.
The pull request process is described here
Description
using flow filter with TCP flags we can detect TCP syn flood
sudo TARGET_HOST=127.0.0.1 TARGET_PORT=9999 ./bin/netobserv-ebpf-agent ENABLE_FLOW_FILTER=true FILTER_TCP_FLAGS="SYN" FILTER_PROTOCOL="TCP"
HTTP
with identical length indicating TCP syn attackDependencies
n/a
Checklist
If you are not familiar with our processes or don't know what to answer in the list below, let us know in a comment: the maintainers will take care of that.