feat(config): add configurable packet channel buffer size

- Add PacketBufferSize field to api.Config struct - Add DefaultPacketBuffer constant (1000 packets) - Add JA4SENTINEL_PACKET_BUFFER_SIZE environment variable support - Update mergeConfigs to handle PacketBufferSize override - Update main.go to use configurable buffer size with fallback - Update config.yml.example with packet_buffer_size option Allows tuning for high-traffic environments by increasing buffer size via config file or environment variable Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
2026-02-27 00:07:45 +01:00
parent e4b8f5ab86
commit dfd5e49dd9
4 changed files with 45 additions and 20 deletions
--- a/api/types.go
+++ b/api/types.go
@ -17,6 +17,7 @@ type Config struct {
 	ListenPorts      []uint16 `json:"listen_ports"`
 	BPFFilter        string   `json:"bpf_filter,omitempty"`
 	FlowTimeoutSec   int      `json:"flow_timeout_sec,omitempty"` // Timeout for TLS handshake extraction (default: 30)
+	PacketBufferSize int      `json:"packet_buffer_size,omitempty"` // Buffer size for packet channel (default: 1000)
 }

 // IPMeta contains IP metadata for stack fingerprinting
@ -242,6 +243,7 @@ const (
 	DefaultPort          = 443
 	DefaultBPFFilter     = ""
 	DefaultFlowTimeout   = 30 // seconds
+	DefaultPacketBuffer  = 1000 // packet channel buffer size

 	// Logging levels
 	LogLevelDebug = "DEBUG"
@ -252,8 +254,9 @@ const (

 // DefaultConfig returns an AppConfig with sensible default values.
 // Uses eth0 as the default interface, port 443 for monitoring,
-// no BPF filter, and a 30-second flow timeout. Returns an empty
-// outputs slice (caller must configure outputs explicitly).
+// no BPF filter, a 30-second flow timeout, and a 1000-packet
+// channel buffer. Returns an empty outputs slice (caller must
+// configure outputs explicitly).
 func DefaultConfig() AppConfig {
 	return AppConfig{
 		Core: Config{
@ -261,6 +264,7 @@ func DefaultConfig() AppConfig {
 			ListenPorts:      []uint16{DefaultPort},
 			BPFFilter:        DefaultBPFFilter,
 			FlowTimeoutSec:   DefaultFlowTimeout,
+			PacketBufferSize: DefaultPacketBuffer,
 		},
 		Outputs: []OutputConfig{},
 	}
--- a/cmd/ja4sentinel/main.go
+++ b/cmd/ja4sentinel/main.go
@ -84,8 +84,12 @@ func main() {
 		os.Exit(1)
 	}

-	// Create channel for raw packets
-	packetChan := make(chan api.RawPacket, 1000)
+	// Create channel for raw packets (configurable buffer size)
+	bufferSize := appConfig.Core.PacketBufferSize
+	if bufferSize <= 0 {
+		bufferSize = 1000 // Default fallback
+	}
+	packetChan := make(chan api.RawPacket, bufferSize)

 	// Start capture goroutine
 	captureErrChan := make(chan error, 1)
--- a/config.yml.example
+++ b/config.yml.example
@ -13,6 +13,12 @@ core:
  # Optional BPF filter (leave empty for auto-generated filter based on listen_ports)
  bpf_filter: ""

+  # Timeout in seconds for TLS handshake extraction (default: 30)
+  flow_timeout_sec: 30
+
+  # Buffer size for packet channel (default: 1000, increase for high-traffic environments)
+  packet_buffer_size: 1000
+
 outputs:
  # Output to stdout (JSON lines)
  - type: stdout
--- a/internal/config/loader.go
+++ b/internal/config/loader.go
@ -97,6 +97,13 @@ func (l *LoaderImpl) loadFromEnv(config api.AppConfig) api.AppConfig {
 		}
 	}

+	// JA4SENTINEL_PACKET_BUFFER_SIZE
+	if val := os.Getenv("JA4SENTINEL_PACKET_BUFFER_SIZE"); val != "" {
+		if size, err := strconv.Atoi(val); err == nil && size > 0 {
+			config.Core.PacketBufferSize = size
+		}
+	}
+
 	return config
 }

@ -144,6 +151,10 @@ func mergeConfigs(base, override api.AppConfig) api.AppConfig {
 		result.Core.FlowTimeoutSec = override.Core.FlowTimeoutSec
 	}

+	if override.Core.PacketBufferSize > 0 {
+		result.Core.PacketBufferSize = override.Core.PacketBufferSize
+	}
+
 	if len(override.Outputs) > 0 {
 		result.Outputs = override.Outputs
 	}