feat: multi-distro VM tests, ja4ebpf eBPF improvements, bot-detector scoring
ja4ebpf: - Refactor BPF TC capture with improved SYN offset handling and TCP option parsing - Enhance TLS uprobe SSL hooking for better key extraction - Add ClickHouse writer improvements for HTTP log materialized views - Update RPM spec for Rocky Linux 8/9/10, fix systemd service - Simplify loader with cleaner bpf2go integration bot-detector: - Add H2 SETTINGS per-parameter comparison in browser_matcher - Enhance browser signatures and scoring pipeline - Improve preprocessing and cycle detection infra: - Multi-distro Vagrantfile (centos8, rocky9, rocky10) with per-distro provisioning - New Makefile targets: vm-up-all, test-vm-matrix, test-vm-centos8/rocky10 - Add debug helpers and run-test-from-host.sh for host-driven VM testing - Update run-tests-vm.sh for cross-distro compatibility - Remove accidental binary blob (\004) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Jacquin Antoine
109
Makefile
109
Makefile
@ -37,10 +37,17 @@ help: ## Affiche cette aide
|
||||
@echo ""
|
||||
@echo " Tests VM (eBPF sur kernel réel — nécessite 'make vm-up' d'abord)"
|
||||
@echo " make vm-up Créer la VM Rocky Linux 9 (vagrant up)"
|
||||
@echo " make vm-up-all Créer les 3 VMs (centos8/rocky9/rocky10)"
|
||||
@echo " make vm-down Détruire la VM (vagrant destroy)"
|
||||
@echo " make vm-ssh Connexion SSH à la VM"
|
||||
@echo " make test-vm-nginx Test nginx dans la VM (L7 complet)"
|
||||
@echo " make test-vm-all Tous les tests dans la VM"
|
||||
@echo " make vm-reprovision Re-provisionner les 3 VMs"
|
||||
@echo " make test-vm-nginx Test nginx dans la VM Rocky 9"
|
||||
@echo " make test-vm-apache Test apache dans la VM Rocky 9"
|
||||
@echo " make test-vm-hitch-varnish Test hitch+varnish dans la VM Rocky 9"
|
||||
@echo " make test-vm-all Tous les tests (3 stacks) dans la VM Rocky 9"
|
||||
@echo " make test-vm-centos8 Tous les tests dans la VM CentOS 8"
|
||||
@echo " make test-vm-rocky10 Tous les tests dans la VM Rocky 10"
|
||||
@echo " make test-vm-matrix Matrice complète : 3 stacks × 3 distros"
|
||||
@echo ""
|
||||
@echo " Tests d'intégration (par stack, Docker — L3/L4/TLS uniquement)"
|
||||
@echo " make test-all-stacks Toutes les stacks sur Rocky Linux 9"
|
||||
@ -160,18 +167,26 @@ test-hitch-varnish:
|
||||
|
||||
# Répertoire Vagrantfile
|
||||
VM_DIR := tests/vm
|
||||
VMS := centos8 rocky9 rocky10
|
||||
STACKS := nginx apache hitch-varnish
|
||||
|
||||
vm-up: ## Créer la VM Rocky Linux 9 pour les tests eBPF
|
||||
cd $(VM_DIR) && vagrant up
|
||||
cd $(VM_DIR) && vagrant up rocky9
|
||||
|
||||
vm-up-all: ## Créer les 3 VMs (centos8, rocky9, rocky10)
|
||||
cd $(VM_DIR) && vagrant up centos8 rocky9 rocky10
|
||||
|
||||
vm-down: ## Détruire la VM
|
||||
cd $(VM_DIR) && vagrant destroy -f
|
||||
|
||||
vm-ssh: ## Connexion SSH à la VM
|
||||
cd $(VM_DIR) && vagrant ssh
|
||||
vm-down-all: ## Détruire toutes les VMs
|
||||
cd $(VM_DIR) && vagrant destroy -f
|
||||
|
||||
vm-rebuild-ja4ebpf: ## Recompiler ja4ebpf dans la VM (après modifications)
|
||||
cd $(VM_DIR) && vagrant rsync && vagrant ssh -- \
|
||||
vm-ssh: ## Connexion SSH à la VM Rocky 9
|
||||
cd $(VM_DIR) && vagrant ssh rocky9
|
||||
|
||||
vm-rebuild-ja4ebpf: ## Recompiler ja4ebpf dans la VM Rocky 9 (après modifications)
|
||||
cd $(VM_DIR) && vagrant rsync rocky9 && vagrant ssh rocky9 -- \
|
||||
'export PATH=/usr/local/go/bin:$$PATH && \
|
||||
cd /ja4-platform/services/ja4ebpf && \
|
||||
GOWORK=off go generate ./internal/loader/ && \
|
||||
@ -179,15 +194,79 @@ vm-rebuild-ja4ebpf: ## Recompiler ja4ebpf dans la VM (après modifications)
|
||||
sudo mv /tmp/ja4ebpf /usr/local/bin/ja4ebpf && \
|
||||
echo "ja4ebpf rebuilt OK"'
|
||||
|
||||
test-vm-nginx: ## Test nginx dans la VM (L3/L4/TLS/L7 HTTP complet)
|
||||
@echo "=== Test VM nginx (kernel réel) ==="
|
||||
cd $(VM_DIR) && vagrant rsync && vagrant ssh -- \
|
||||
'sudo bash /ja4-platform/tests/vm/run-tests-vm.sh nginx'
|
||||
# ── Tests VM : cibles par stack ──────────────────────────────────────────────
|
||||
|
||||
test-vm-all: ## Tous les tests dans la VM
|
||||
@echo "=== Tests VM (toutes stacks) ==="
|
||||
cd $(VM_DIR) && vagrant rsync && vagrant ssh -- \
|
||||
'sudo bash /ja4-platform/tests/vm/run-tests-vm.sh all'
|
||||
test-vm-nginx: ## Test nginx dans la VM Rocky 9 (trafic host → VM)
|
||||
bash tests/vm/run-test-from-host.sh rocky9 nginx
|
||||
|
||||
test-vm-apache: ## Test apache dans la VM Rocky 9
|
||||
bash tests/vm/run-test-from-host.sh rocky9 apache
|
||||
|
||||
test-vm-hitch-varnish: ## Test hitch+varnish dans la VM Rocky 9
|
||||
bash tests/vm/run-test-from-host.sh rocky9 hitch-varnish
|
||||
|
||||
test-vm-all: ## Tous les tests (3 stacks) dans la VM Rocky 9
|
||||
@for stack in $(STACKS); do \
|
||||
bash tests/vm/run-test-from-host.sh rocky9 $$stack || true; \
|
||||
done
|
||||
|
||||
# ── Tests VM : cibles par distro ─────────────────────────────────────────────
|
||||
|
||||
test-vm-centos8: ## Test nginx dans la VM CentOS 8
|
||||
bash tests/vm/run-test-from-host.sh centos8 nginx
|
||||
|
||||
test-vm-rocky10: ## Test nginx dans la VM Rocky 10
|
||||
bash tests/vm/run-test-from-host.sh rocky10 nginx
|
||||
|
||||
# ── Matrice complète : toutes stacks × toutes distros ────────────────────────
|
||||
|
||||
test-vm-matrix: ## Toutes stacks × toutes VMs (nginx/apache/hitch-varnish sur centos8/rocky9/rocky10)
|
||||
@echo "╔══════════════════════════════════════════════╗"
|
||||
@echo "║ Matrice VM : 3 stacks × 3 distros ║"
|
||||
@echo "╚══════════════════════════════════════════════╝"
|
||||
@TOTAL_FAIL=0; \
|
||||
for vm in $(VMS); do \
|
||||
for stack in $(STACKS); do \
|
||||
bash tests/vm/run-test-from-host.sh $$vm $$stack || TOTAL_FAIL=$$((TOTAL_FAIL + 1)); \
|
||||
done; \
|
||||
done; \
|
||||
echo ""; \
|
||||
if [ "$$TOTAL_FAIL" -eq 0 ]; then \
|
||||
echo "=== Matrice complète : SUCCÈS ==="; \
|
||||
else \
|
||||
echo "=== Matrice : $$TOTAL_FAIL combinaisons échouées ==="; \
|
||||
exit 1; \
|
||||
fi
|
||||
done; \
|
||||
echo ""; \
|
||||
if [ "$$TOTAL_FAIL" -eq 0 ]; then \
|
||||
echo "=== Matrice complète : SUCCÈS ==="; \
|
||||
else \
|
||||
echo "=== Matrice : $$TOTAL_FAIL combinaisons échouées ==="; \
|
||||
exit 1; \
|
||||
fi
|
||||
|
||||
test-vm-all-distros: ## Tests unitaires Go sur les 3 VMs (centos8 + rocky9 + rocky10)
|
||||
@echo "=== Tests unitaires multi-distro ==="
|
||||
@for vm in $(VMS); do \
|
||||
echo ""; \
|
||||
echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"; \
|
||||
echo " VM: $$vm"; \
|
||||
echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"; \
|
||||
cd $(CURDIR)/$(VM_DIR) && vagrant rsync $$vm && vagrant ssh $$vm -- \
|
||||
'export PATH=/usr/local/go/bin:$$PATH && \
|
||||
cd /ja4-platform/services/ja4ebpf && \
|
||||
GOWORK=off go generate ./internal/loader/ 2>&1 | tail -2 && \
|
||||
GOWORK=off CGO_ENABLED=0 go test ./... 2>&1 | tail -20'; \
|
||||
echo ""; \
|
||||
done
|
||||
@echo "=== Tous les tests multi-distro terminés ==="
|
||||
|
||||
vm-reprovision: ## Re-provisionner les 3 VMs (installer nouveaux paquets)
|
||||
@for vm in $(VMS); do \
|
||||
echo "Re-provision $$vm..."; \
|
||||
cd $(CURDIR)/$(VM_DIR) && vagrant rsync $$vm && vagrant provision $$vm; \
|
||||
done
|
||||
|
||||
# ── Matrice multi-distro ─────────────────────────────────────────────────────
|
||||
|
||||
|
||||
Reference in New Issue
Block a user