a1e4c1dad5
- TC ingress hook captures TCP SYN (L3/L4) and TLS ClientHello - Uprobes on SSL_read/SSL_set_fd capture decrypted TLS data - Kprobes on accept4 correlate socket FDs to client IP:port - JA4 fingerprint computed from parsed TLS ClientHello - HTTP/2 SETTINGS and WINDOW_UPDATE extracted from decrypted streams - Session manager with sharded map (256 shards) and GC goroutine - Slowloris detection: sessions with no requests after 10s threshold - ClickHouse batch writer to ja4_logs.http_logs_raw (raw_json) - All tests pass: 17 parser + 10 correlation tests Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
35 lines
1.1 KiB
Makefile
35 lines
1.1 KiB
Makefile
# =============================================================================
|
|
# Makefile — Cibles de build, test et packaging pour ja4ebpf
|
|
# =============================================================================
|
|
|
|
BINARY := ja4ebpf
|
|
IMAGE := ja4ebpf
|
|
VERSION ?= 0.1.0
|
|
|
|
.PHONY: generate build test docker-build help
|
|
|
|
## generate: Compile les sources eBPF C → Go via bpf2go (dans Docker)
|
|
generate:
|
|
docker build --target go-builder \
|
|
--build-arg SKIP_BINARY=true \
|
|
-f Dockerfile \
|
|
-t $(IMAGE)-generated:$(VERSION) \
|
|
../../
|
|
|
|
## build: Construit l'image Docker de production complète
|
|
build: ## Construit l'image Docker finale
|
|
docker build -t $(IMAGE):$(VERSION) -f Dockerfile ../../
|
|
|
|
## test: Exécute les tests unitaires Go dans Docker
|
|
test:
|
|
docker build -f Dockerfile.tests -t $(IMAGE)-tests:$(VERSION) ../../ && \
|
|
docker run --rm $(IMAGE)-tests:$(VERSION)
|
|
|
|
## docker-build: Alias combiné generate + build
|
|
docker-build: build
|
|
|
|
## help: Affiche cette aide
|
|
help:
|
|
@grep -E '^[a-zA-Z_-]+:.*?## .*$$' $(MAKEFILE_LIST) | \
|
|
awk 'BEGIN {FS = ":.*?## "}; {printf " \033[36m%-20s\033[0m %s\n", $$1, $$2}'
|