mirror of
https://github.com/slackhq/nebula.git
synced 2026-05-16 12:57:38 +02:00
4fb5cdb4fa
* refactor readOutsidePackets They layout of this method is confusing and relys on certain parts to return early for things to work correctly. Change the ordering of the logic so that we do this: - Handle unencrypted packets - Decrypt packet - Handle encrypted packets This way, nothing can sneak through unencrypted to where it shouldn't be. * fix comment * code review comments * check for expected type/subtype * check header version * log header * need to handle TestReply * clean roaming / connectionManager * dont need to roam here now, we do it earlier * cleanup metrics and errors * rxInvalid * debug logger checks * ErrOutOfWindow
108 lines
2.9 KiB
Go
108 lines
2.9 KiB
Go
package nebula
|
|
|
|
import (
|
|
"fmt"
|
|
|
|
"github.com/rcrowley/go-metrics"
|
|
"github.com/slackhq/nebula/header"
|
|
)
|
|
|
|
type MessageMetrics struct {
|
|
rx [][]metrics.Counter
|
|
tx [][]metrics.Counter
|
|
|
|
rxUnknown metrics.Counter
|
|
txUnknown metrics.Counter
|
|
|
|
rxInvalid metrics.Counter
|
|
}
|
|
|
|
func (m *MessageMetrics) Rx(t header.MessageType, s header.MessageSubType, i int64) {
|
|
if m != nil {
|
|
if t >= 0 && int(t) < len(m.rx) && s >= 0 && int(s) < len(m.rx[t]) {
|
|
m.rx[t][s].Inc(i)
|
|
} else if m.rxUnknown != nil {
|
|
m.rxUnknown.Inc(i)
|
|
}
|
|
}
|
|
}
|
|
func (m *MessageMetrics) Tx(t header.MessageType, s header.MessageSubType, i int64) {
|
|
if m != nil {
|
|
if t >= 0 && int(t) < len(m.tx) && s >= 0 && int(s) < len(m.tx[t]) {
|
|
m.tx[t][s].Inc(i)
|
|
} else if m.txUnknown != nil {
|
|
m.txUnknown.Inc(i)
|
|
}
|
|
}
|
|
}
|
|
func (m *MessageMetrics) RxInvalid(i int64) {
|
|
if m != nil && m.rxInvalid != nil {
|
|
m.rxInvalid.Inc(i)
|
|
}
|
|
}
|
|
|
|
func newMessageMetrics() *MessageMetrics {
|
|
gen := func(t string) [][]metrics.Counter {
|
|
return [][]metrics.Counter{
|
|
{
|
|
metrics.GetOrRegisterCounter(fmt.Sprintf("messages.%s.handshake_ixpsk0", t), nil),
|
|
},
|
|
nil,
|
|
{metrics.GetOrRegisterCounter(fmt.Sprintf("messages.%s.recv_error", t), nil)},
|
|
{metrics.GetOrRegisterCounter(fmt.Sprintf("messages.%s.lighthouse", t), nil)},
|
|
{
|
|
metrics.GetOrRegisterCounter(fmt.Sprintf("messages.%s.test_request", t), nil),
|
|
metrics.GetOrRegisterCounter(fmt.Sprintf("messages.%s.test_response", t), nil),
|
|
},
|
|
{metrics.GetOrRegisterCounter(fmt.Sprintf("messages.%s.close_tunnel", t), nil)},
|
|
}
|
|
}
|
|
return &MessageMetrics{
|
|
rx: gen("rx"),
|
|
tx: gen("tx"),
|
|
|
|
rxUnknown: metrics.GetOrRegisterCounter("messages.rx.other", nil),
|
|
txUnknown: metrics.GetOrRegisterCounter("messages.tx.other", nil),
|
|
rxInvalid: metrics.GetOrRegisterCounter("messages.rx.invalid", nil),
|
|
}
|
|
}
|
|
|
|
// Historically we only recorded recv_error, so this is backwards compat
|
|
func newMessageMetricsOnlyRecvError() *MessageMetrics {
|
|
gen := func(t string) [][]metrics.Counter {
|
|
return [][]metrics.Counter{
|
|
nil,
|
|
nil,
|
|
{metrics.GetOrRegisterCounter(fmt.Sprintf("messages.%s.recv_error", t), nil)},
|
|
}
|
|
}
|
|
return &MessageMetrics{
|
|
rx: gen("rx"),
|
|
tx: gen("tx"),
|
|
}
|
|
}
|
|
|
|
func newLighthouseMetrics() *MessageMetrics {
|
|
gen := func(t string) [][]metrics.Counter {
|
|
h := make([][]metrics.Counter, len(NebulaMeta_MessageType_name))
|
|
used := []NebulaMeta_MessageType{
|
|
NebulaMeta_HostQuery,
|
|
NebulaMeta_HostQueryReply,
|
|
NebulaMeta_HostUpdateNotification,
|
|
NebulaMeta_HostPunchNotification,
|
|
NebulaMeta_HostUpdateNotificationAck,
|
|
}
|
|
for _, i := range used {
|
|
h[i] = []metrics.Counter{metrics.GetOrRegisterCounter(fmt.Sprintf("lighthouse.%s.%s", t, i.String()), nil)}
|
|
}
|
|
return h
|
|
}
|
|
return &MessageMetrics{
|
|
rx: gen("rx"),
|
|
tx: gen("tx"),
|
|
|
|
rxUnknown: metrics.GetOrRegisterCounter("lighthouse.rx.other", nil),
|
|
txUnknown: metrics.GetOrRegisterCounter("lighthouse.tx.other", nil),
|
|
}
|
|
}
|