search

utoni / nDPId

Tiny nDPI based deep packet inspection daemons / toolkit.
GNU General Public License v3.0
67 stars 15 forks source link

Do you have plan support Packet acquisition via PF_RING #31

Closed triplekill closed 3 months ago

triplekill commented 1 year ago

Do you have plan support Packet acquisition via PF_RING

utoni commented 1 year ago

It was planned some time ago, but I had no use for it at that time. But times changed and if there is someone else who needs this...

I'll put this on ToDo for 1.7

outbackdingo commented 8 months ago

yupp with the higher-end 10gb capable routers coming out now, be good for nDPId w/ PF-RING to work on openwrt....

utoni commented 8 months ago

I am currently investigating PF_RING API. I am making some progress, but need a bit more time until this feature is kinda stable.

utoni commented 5 months ago

@triplekill @outbackdingo

nDPId has now experimental PF_RING support. Please checkout PR #38 and give me some feedback, bug reports, stability issues etc.

outbackdingo commented 5 months ago

Great to see, Ive looked at the code, think you can maybe sanity check the Makefile for OpenWRT ... building for ARM



PKG_NAME:=nDPId-master
PKG_VERSION:=1.5
PKG_RELEASE:=$(AUTORELEASE)

PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=git@github.com:outbackdingo/nDPId.git
PKG_SOURCE_VERSION:=7969cd632f0357adebf77aebcd2764a525e609ce
PKG_HASH:=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)

PKG_MAINTAINER:=Toni
PKG_LICENSE:=GPL-3
PKG_LICENSE_FILES:=COPYING

CMAKE_INSTALL:=1

include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/cmake.mk

define Package/nDPId-master
 TITLE:=nDPId is a tiny nDPI based daemons / toolkit (master branch)
 SECTION:=net
 CATEGORY:=Network
 DEPENDS:=@!SMALL_FLASH @!LOW_MEMORY_FOOTPRINT +libpfring +libpcap +zlib +LIBNDPI_GCRYPT:libgcrypt
 URL:=http://github.com/utoni/nDPId
endef

define Package/nDPId-master/description
  nDPId is a set of daemons and tools to capture, process and classify network flows.
  It's only dependencies (besides a half-way modern c library and POSIX threads) are libnDPI (>= 3.6.0 or current github dev branch) and libpcap.
endef

define Package/nDPId-master/config
config NDPID_MASTER_COLLECTD_SUPPORT
   bool "nDPId collectd support"
   depends on PACKAGE_nDPId-master && PACKAGE_collectd-mod-exec && !CONFIG_NDPID_COLLECTD_SUPPORT
   default n
   help
     This option enables collectd to gather nDPId statistics via plugin-exec.
     Disabled by default.
endef

CMAKE_OPTIONS += -DBUILD_EXAMPLES=ON
CMAKE_OPTIONS += -DBUILD_NDPI=OFF
CMAKE_OPTIONS += -DNDPI_NO_PKGCONFIG=ON
CMAKE_OPTIONS += -DENABLE_ZLIB=ON
CMAKE_OPTIONS += -DENABLE_PFRING=ON
CMAKE_OPTIONS += -DENABLE_SANITIZER=OFF
CMAKE_OPTIONS += -DENABLE_MEMORY_PROFILING=OFF
CMAKE_OPTIONS += -DSTATIC_LIBNDPI_INSTALLDIR="$(PKG_BUILD_DIR)/libnDPI/install"

TARGET_CFLAGS += -DLIBNDPI_STATIC=1

ifneq ($(CONFIG_LIBNDPI_GCRYPT),)
CMAKE_OPTIONS += -DNDPI_WIDTH_GCRYPT=ON
endif

ifdef NDPID_MASTER_COLLECTD_SUPPORT
define Package/nDPId-master/install-collectd-files
    $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/nDPIsrvd-collectd $(1)/usr/bin/nDPIsrvd-master-collectd
endef
endif

define Build/Prepare
    $(call Build/Prepare/Default)
    $(PKG_UNPACK)
    $(Build/Patch)
    env \
        CC="$(TARGET_CC)" \
        AR="$(TARGET_AR)" \
        RANLIB="$(TARGET_RANLIB)" \
        CFLAGS="$(TARGET_CFLAGS)" \
        CPPFLAGS="$(TARGET_CPPFLAGS)" \
        LDFLAGS="$(TARGET_LDFLAGS)" \
        MAKE_PROGRAM="$(MAKE)" \
        $(PKG_BUILD_DIR)/scripts/get-and-build-libndpi.sh
endef

define Package/nDPId-master/install
    $(INSTALL_DIR) $(1)/usr/sbin
    $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/nDPId $(1)/usr/sbin/nDPId-master

    $(INSTALL_DIR) $(1)/usr/bin
    $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/nDPId-test $(1)/usr/bin/nDPId-master-test
    $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/nDPIsrvd $(1)/usr/bin/nDPIsrvd-master
    $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/nDPIsrvd-captured $(1)/usr/bin/nDPIsrvd-master-captured
    $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/nDPIsrvd-collectd $(1)/usr/bin/nDPIsrvd-master-collectd

    $(INSTALL_DIR) $(1)/etc/init.d/
    $(INSTALL_BIN) $(PKG_NAME).init $(1)/etc/init.d/$(PKG_NAME)
    $(INSTALL_DIR) $(1)/etc/config
    $(INSTALL_CONF) $(PKG_NAME).config $(1)/etc/config/$(PKG_NAME)

    $(call Package/nDPId-master/install-collectd-files)
endef

$(eval $(call BuildPackage,nDPId-master))```
outbackdingo commented 5 months ago

coming across this with the previous Makefile

-- Check if the system supports epoll - yes
-- Looking for log2f
-- Looking for log2f - found
CMake Error at CMakeLists.txt:91 (message):
  PFRING_KERNEL_INC needs to be set to the PFRING kernel module include
  directory.

-- Configuring incomplete, errors occurred!
make[3]: *** [Makefile:105: /home/dingo/openwrt/build_dir/target-aarch64_cortex-a53_musl/nDPId-master-1.5/.configured_68b329da9893e34099c7d8ad5cb9c940] Error 1
make[3]: Leaving directory '/home/dingo/openwrt/feeds/optim/net/nDPId-master'
time: package/feeds/optim/nDPId-master/compile#129.83#24.01#161.34
    ERROR: package/feeds/optim/nDPId-master failed to build.
make[2]: *** [package/Makefile:173: package/feeds/optim/nDPId-master/compile] Error 1
utoni commented 5 months ago

That's something I need to investigate. I did not touch any OpenWrt Makefiles. In essence, what we need to do here is to set PFRING_KERNEL_INC to the kernel header directory and PFRING_INSTALLDIR to the install directory of PF_RING / libpfring. There is a better way to do this e.g. w/o any user interaction required, but need to think about it.

utoni commented 5 months ago

@outbackdingo Please take a look at packages/openwrt/net/nDPId-testing/Makefile in #38. It's now possible to build nDPId for OpenWrt with PF_RING enabled.

utoni commented 3 months ago

(Experimental) Support merged to main. See #38.