mirrors/opensnitch
1
0
Fork 0
mirror of https://github.com/evilsocket/opensnitch.git synced 2025-03-04 08:34:40 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

moved some Debug msgs to Trace
Some checks are pending
Build status / Build (push) Waiting to run
Details

Browse source
This commit is contained in:
Gustavo Iñiguez Goia 2025-03-03 21:35:31 +01:00
parent dcb1157365
commit 8d1a7de0cc
Failed to generate hash of commit
3 changed files with 14 additions and 14 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
daemon/main.go
View file

@ -277,7 +277,7 @@ func worker(id int) {
default: default:
pkt, ok := <-wrkChan pkt, ok := <-wrkChan
if !ok { if !ok {
log.Debug("worker channel closed %d", id) log.Trace("worker channel closed %d", id)
goto Exit goto Exit
} }
onPacket(pkt) onPacket(pkt)
@ -346,21 +346,21 @@ func initSystemdResolvedMonitor() {
continue continue
} }
/*for i, q := range response.Question { /*for i, q := range response.Question {
log.Debug("%d SYSTEMD RESPONSE Q: %s", i, q.Name) log.Trace("[DNS] %d systemd response, question: %s", i, q.Name)
}*/ }*/
for i, a := range response.Answer { for i, a := range response.Answer {
if a.RR.Key.Type != systemd.DNSTypeA && if a.RR.Key.Type != systemd.DNSTypeA &&
a.RR.Key.Type != systemd.DNSTypeAAAA && a.RR.Key.Type != systemd.DNSTypeAAAA &&
a.RR.Key.Type != systemd.DNSTypeCNAME { a.RR.Key.Type != systemd.DNSTypeCNAME {
log.Debug("systemd-resolved, excluding answer: %#v", a) log.Trace("systemd-resolved, excluding answer: %#v", a)
continue continue
} }
ip = net.IP(a.RR.Address)
log.Debug("%d systemd-resolved monitor response: %s -> %s", i, a.RR.Key.Name, ip)
if a.RR.Key.Type == systemd.DNSTypeCNAME { if a.RR.Key.Type == systemd.DNSTypeCNAME {
log.Debug("systemd-resolved CNAME >> %s -> %s", a.RR.Name, a.RR.Key.Name) log.Debug("systemd-resolved CNAME >> %s -> %s", a.RR.Name, a.RR.Key.Name)
dns.Track(a.RR.Name, a.RR.Key.Name /*domain*/) dns.Track(a.RR.Name, a.RR.Key.Name /*domain*/)
} else { } else {
ip = net.IP(a.RR.Address)
log.Debug("%d systemd-resolved monitor response: %s -> %s", i, a.RR.Key.Name, ip)
dns.Track(ip.String(), a.RR.Key.Name /*domain*/) dns.Track(ip.String(), a.RR.Key.Name /*domain*/)
} }
} }

14
daemon/procmon/cache_events.go
View file

@ -91,12 +91,12 @@ func (e *EventsStore) Add(proc *Process) {
e.UpdateItem(proc) e.UpdateItem(proc)
} }
} }
log.Debug("[cache] EventsStore.Add() finished %s, %s", proc.Path, proc.Tree) log.Debug("[cache] EventsStore.Add() finished %d, %s, %s", proc.ID, proc.Path, proc.Tree)
} }
// UpdateItem updates a cache item // UpdateItem updates a cache item
func (e *EventsStore) UpdateItem(proc *Process) { func (e *EventsStore) UpdateItem(proc *Process) {
log.Debug("[cache] updateItem() updating events store (total: %d), pid: %d, path: %s, %v", e.Len(), proc.ID, proc.Path, proc.Tree) log.Trace("[cache] updateItem() updating events store (total: %d), pid: %d, path: %s, %v", e.Len(), proc.ID, proc.Path, proc.Tree)
if proc.Path == "" { if proc.Path == "" {
return return
} }
@ -111,7 +111,7 @@ func (e *EventsStore) UpdateItem(proc *Process) {
// ReplaceItem replaces an existing process with a new one. // ReplaceItem replaces an existing process with a new one.
func (e *EventsStore) ReplaceItem(oldProc, newProc *Process) { func (e *EventsStore) ReplaceItem(oldProc, newProc *Process) {
log.Debug("[event inCache, replacement] new: %d, %s -> inCache: %d -> %s - Trees: %s, %s", newProc.ID, newProc.Path, oldProc.ID, oldProc.Path, oldProc.Tree, newProc.Tree) log.Trace("[event inCache, replacement] new: %d, %s -> inCache: %d -> %s - Trees: %s, %s", newProc.ID, newProc.Path, oldProc.ID, oldProc.Path, oldProc.Tree, newProc.Tree)
// Note: in rare occasions, the process being replaced is the older one. // Note: in rare occasions, the process being replaced is the older one.
// if oldProc.Starttime > newProc.Starttime {} // if oldProc.Starttime > newProc.Starttime {}
// //
@ -165,11 +165,11 @@ func (e *EventsStore) Update(oldProc, proc *Process) {
} }
if updateOld { if updateOld {
log.Debug("[cache] Update end, updating oldProc: %d, %s, %v", oldProc.ID, oldProc.Path, oldProc.Tree) log.Trace("[cache] Update end, updating oldProc: %d, %s, %v", oldProc.ID, oldProc.Path, oldProc.Tree)
e.UpdateItem(oldProc) e.UpdateItem(oldProc)
} }
if update { if update {
log.Debug("[cache] Update end, updating newProc: %d, %s, %v", proc.ID, proc.Path, proc.Tree) log.Trace("[cache] Update end, updating newProc: %d, %s, %v", proc.ID, proc.Path, proc.Tree)
e.UpdateItem(proc) e.UpdateItem(proc)
} }
} }
@ -263,7 +263,7 @@ func (e *EventsStore) Delete(key int) {
e.mu.Lock() e.mu.Lock()
defer e.mu.Unlock() defer e.mu.Unlock()
if !ev.Proc.IsAlive() { if !ev.Proc.IsAlive() {
log.Debug("[cache delete] deleted %d: %s", key, ev.Proc.Path) log.Trace("[cache delete] deleted %d: %s", key, ev.Proc.Path)
delete(e.eventByPID, key) delete(e.eventByPID, key)
} }
}) })
@ -280,7 +280,7 @@ func (e *EventsStore) DeleteOldItems() {
log.Debug("[cache] deleting old events, total byPID: %d", len(e.eventByPID)) log.Debug("[cache] deleting old events, total byPID: %d", len(e.eventByPID))
for k, item := range e.eventByPID { for k, item := range e.eventByPID {
if !item.isValid() && !item.Proc.IsAlive() { if !item.isValid() && !item.Proc.IsAlive() {
log.Debug("[cache] deleting old item: %d", k) log.Trace("[cache] deleting old item: %d", k)
delete(e.eventByPID, k) delete(e.eventByPID, k)
} }
} }

4
daemon/procmon/ebpf/utils.go
View file

@ -59,7 +59,7 @@ func byteArrayToString(arr []byte) string {
func deleteEbpfEntry(proto string, key unsafe.Pointer) bool { func deleteEbpfEntry(proto string, key unsafe.Pointer) bool {
if err := m.DeleteElement(ebpfMaps[proto].bpfmap, key); err != nil { if err := m.DeleteElement(ebpfMaps[proto].bpfmap, key); err != nil {
log.Debug("error deleting ebpf entry: %s", err) log.Trace("error deleting ebpf entry: %s", err)
return false return false
} }
return true return true
@ -88,7 +88,7 @@ func getItems(proto string, isIPv6 bool) (items uint) {
ok, err := m.LookupNextElement(mp.bpfmap, unsafe.Pointer(&lookupKey[0]), ok, err := m.LookupNextElement(mp.bpfmap, unsafe.Pointer(&lookupKey[0]),
unsafe.Pointer(&nextKey[0]), unsafe.Pointer(&value)) unsafe.Pointer(&nextKey[0]), unsafe.Pointer(&value))
if !ok || err != nil { //reached end of map if !ok || err != nil { //reached end of map
log.Debug("[ebpf] %s map: %d active items", proto, items) log.Trace("[ebpf] %s map: %d active items", proto, items)
return return
} }
if firstrun { if firstrun {