feat(config): add configurable packet channel buffer size
- Add PacketBufferSize field to api.Config struct - Add DefaultPacketBuffer constant (1000 packets) - Add JA4SENTINEL_PACKET_BUFFER_SIZE environment variable support - Update mergeConfigs to handle PacketBufferSize override - Update main.go to use configurable buffer size with fallback - Update config.yml.example with packet_buffer_size option Allows tuning for high-traffic environments by increasing buffer size via config file or environment variable Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
This commit is contained in:
Jacquin Antoine
32
api/types.go
32
api/types.go
@ -13,10 +13,11 @@ type ServiceLog struct {
|
|||||||
|
|
||||||
// Config holds basic network and TLS configuration
|
// Config holds basic network and TLS configuration
|
||||||
type Config struct {
|
type Config struct {
|
||||||
Interface string `json:"interface"`
|
Interface string `json:"interface"`
|
||||||
ListenPorts []uint16 `json:"listen_ports"`
|
ListenPorts []uint16 `json:"listen_ports"`
|
||||||
BPFFilter string `json:"bpf_filter,omitempty"`
|
BPFFilter string `json:"bpf_filter,omitempty"`
|
||||||
FlowTimeoutSec int `json:"flow_timeout_sec,omitempty"` // Timeout for TLS handshake extraction (default: 30)
|
FlowTimeoutSec int `json:"flow_timeout_sec,omitempty"` // Timeout for TLS handshake extraction (default: 30)
|
||||||
|
PacketBufferSize int `json:"packet_buffer_size,omitempty"` // Buffer size for packet channel (default: 1000)
|
||||||
}
|
}
|
||||||
|
|
||||||
// IPMeta contains IP metadata for stack fingerprinting
|
// IPMeta contains IP metadata for stack fingerprinting
|
||||||
@ -238,10 +239,11 @@ func joinStringSlice(slice []string, sep string) string {
|
|||||||
// Default values and constants
|
// Default values and constants
|
||||||
|
|
||||||
const (
|
const (
|
||||||
DefaultInterface = "eth0"
|
DefaultInterface = "eth0"
|
||||||
DefaultPort = 443
|
DefaultPort = 443
|
||||||
DefaultBPFFilter = ""
|
DefaultBPFFilter = ""
|
||||||
DefaultFlowTimeout = 30 // seconds
|
DefaultFlowTimeout = 30 // seconds
|
||||||
|
DefaultPacketBuffer = 1000 // packet channel buffer size
|
||||||
|
|
||||||
// Logging levels
|
// Logging levels
|
||||||
LogLevelDebug = "DEBUG"
|
LogLevelDebug = "DEBUG"
|
||||||
@ -252,15 +254,17 @@ const (
|
|||||||
|
|
||||||
// DefaultConfig returns an AppConfig with sensible default values.
|
// DefaultConfig returns an AppConfig with sensible default values.
|
||||||
// Uses eth0 as the default interface, port 443 for monitoring,
|
// Uses eth0 as the default interface, port 443 for monitoring,
|
||||||
// no BPF filter, and a 30-second flow timeout. Returns an empty
|
// no BPF filter, a 30-second flow timeout, and a 1000-packet
|
||||||
// outputs slice (caller must configure outputs explicitly).
|
// channel buffer. Returns an empty outputs slice (caller must
|
||||||
|
// configure outputs explicitly).
|
||||||
func DefaultConfig() AppConfig {
|
func DefaultConfig() AppConfig {
|
||||||
return AppConfig{
|
return AppConfig{
|
||||||
Core: Config{
|
Core: Config{
|
||||||
Interface: DefaultInterface,
|
Interface: DefaultInterface,
|
||||||
ListenPorts: []uint16{DefaultPort},
|
ListenPorts: []uint16{DefaultPort},
|
||||||
BPFFilter: DefaultBPFFilter,
|
BPFFilter: DefaultBPFFilter,
|
||||||
FlowTimeoutSec: DefaultFlowTimeout,
|
FlowTimeoutSec: DefaultFlowTimeout,
|
||||||
|
PacketBufferSize: DefaultPacketBuffer,
|
||||||
},
|
},
|
||||||
Outputs: []OutputConfig{},
|
Outputs: []OutputConfig{},
|
||||||
}
|
}
|
||||||
|
|||||||
@ -84,8 +84,12 @@ func main() {
|
|||||||
os.Exit(1)
|
os.Exit(1)
|
||||||
}
|
}
|
||||||
|
|
||||||
// Create channel for raw packets
|
// Create channel for raw packets (configurable buffer size)
|
||||||
packetChan := make(chan api.RawPacket, 1000)
|
bufferSize := appConfig.Core.PacketBufferSize
|
||||||
|
if bufferSize <= 0 {
|
||||||
|
bufferSize = 1000 // Default fallback
|
||||||
|
}
|
||||||
|
packetChan := make(chan api.RawPacket, bufferSize)
|
||||||
|
|
||||||
// Start capture goroutine
|
// Start capture goroutine
|
||||||
captureErrChan := make(chan error, 1)
|
captureErrChan := make(chan error, 1)
|
||||||
|
|||||||
@ -13,6 +13,12 @@ core:
|
|||||||
# Optional BPF filter (leave empty for auto-generated filter based on listen_ports)
|
# Optional BPF filter (leave empty for auto-generated filter based on listen_ports)
|
||||||
bpf_filter: ""
|
bpf_filter: ""
|
||||||
|
|
||||||
|
# Timeout in seconds for TLS handshake extraction (default: 30)
|
||||||
|
flow_timeout_sec: 30
|
||||||
|
|
||||||
|
# Buffer size for packet channel (default: 1000, increase for high-traffic environments)
|
||||||
|
packet_buffer_size: 1000
|
||||||
|
|
||||||
outputs:
|
outputs:
|
||||||
# Output to stdout (JSON lines)
|
# Output to stdout (JSON lines)
|
||||||
- type: stdout
|
- type: stdout
|
||||||
|
|||||||
@ -97,6 +97,13 @@ func (l *LoaderImpl) loadFromEnv(config api.AppConfig) api.AppConfig {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// JA4SENTINEL_PACKET_BUFFER_SIZE
|
||||||
|
if val := os.Getenv("JA4SENTINEL_PACKET_BUFFER_SIZE"); val != "" {
|
||||||
|
if size, err := strconv.Atoi(val); err == nil && size > 0 {
|
||||||
|
config.Core.PacketBufferSize = size
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
return config
|
return config
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -144,6 +151,10 @@ func mergeConfigs(base, override api.AppConfig) api.AppConfig {
|
|||||||
result.Core.FlowTimeoutSec = override.Core.FlowTimeoutSec
|
result.Core.FlowTimeoutSec = override.Core.FlowTimeoutSec
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if override.Core.PacketBufferSize > 0 {
|
||||||
|
result.Core.PacketBufferSize = override.Core.PacketBufferSize
|
||||||
|
}
|
||||||
|
|
||||||
if len(override.Outputs) > 0 {
|
if len(override.Outputs) > 0 {
|
||||||
result.Outputs = override.Outputs
|
result.Outputs = override.Outputs
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user