Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[WIP] feat: make retina run in standalone mode #1256

Draft
wants to merge 1 commit into
base: main
Choose a base branch
from
Draft

Conversation

vakalapa
Copy link
Contributor

Description

Please provide a brief description of the changes made in this pull request.

Related Issue

If this pull request is related to any issue, please mention it here. Additionally, make sure that the issue is assigned to you before submitting this pull request.

Checklist

  • I have read the contributing documentation.
  • I signed and signed-off the commits (git commit -S -s ...). See this documentation on signing commits.
  • I have correctly attributed the author(s) of the code.
  • I have tested the changes locally.
  • I have followed the project's style guidelines.
  • I have updated the documentation, if necessary.
  • I have added tests, if applicable.

Screenshots (if applicable) or Testing Completed

Please add any relevant screenshots or GIFs to showcase the changes made.

Additional Notes

Add any additional notes or context about the pull request here.


Please refer to the CONTRIBUTING.md file for more information on how to contribute to this project.

@vakalapa vakalapa changed the title feat: make retina run in standalone mode [WIP] feat: make retina run in standalone mode Jan 22, 2025
Copy link
Member

@SRodi SRodi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Where did you test this @vakalapa? I'm on WSL2, checked out your branch and tested the packetparser plugin in isolation, which compiles fine but it fails to load with reference to unknown function bpf_get_current_pid_tgid

ts=2025-01-23T14:39:26.895Z level=error caller=packetparser/packetparser_linux.go:192 msg="Error loading objects: %w" error="field EndpointEgressFilter: program endpoint_egress_filter: load program: invalid argument: unknown func bpf_get_current_pid_tgid#14 (113 line(s) omitted)"
ts=2025-01-23T14:39:26.895Z level=error caller=packetparser/main_linux.go:101 msg="Init failed" error="field EndpointEgressFilter: program endpoint_egress_filter: load program: invalid argument: unknown func bpf_get_current_pid_tgid#14 (113 line(s) omitted)"

Copy link
Member

@SRodi SRodi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The classifier hook has limited access to process-specific information. One option could be to extract the PID via socket context but this might not be always supported and it's not ideal. Maybe it is necessary to add an additional hook to gather process-level info?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

2 participants