diff --git a/unit_tests/engine/test_falco_utils.cpp b/unit_tests/engine/test_falco_utils.cpp index 07f9dc3ca6a..9f9a56c0389 100644 --- a/unit_tests/engine/test_falco_utils.cpp +++ b/unit_tests/engine/test_falco_utils.cpp @@ -101,28 +101,3 @@ TEST(FalcoUtils, matches_wildcard) ASSERT_FALSE(falco::utils::matches_wildcard("*hello*world", "come on hello this world yes")); ASSERT_FALSE(falco::utils::matches_wildcard("*hello*world*", "come on hello this yes")); } - -#if defined(__linux__) and !defined(MINIMAL_BUILD) and !defined(__EMSCRIPTEN__) -TEST(FalcoUtils, ipv4addr_to_string) -{ - ASSERT_EQ(falco::utils::network::ipv4addr_to_string(0x0101A8C0), "192.168.1.1"); - ASSERT_EQ(falco::utils::network::ipv4addr_to_string(0x0100007F), "127.0.0.1"); - ASSERT_EQ(falco::utils::network::ipv4addr_to_string(0xFFFFFFFF), "255.255.255.255"); - ASSERT_EQ(falco::utils::network::ipv4addr_to_string(0x00000000), "0.0.0.0"); -} - -TEST(FalcoUtils, ipv6addr_to_string) -{ - ipv6addr addr1("2001:0db8:85a3:0000:0000:8a2e:0370:7334"); - ASSERT_EQ(falco::utils::network::ipv6addr_to_string(addr1), "2001:db8:85a3:0:0:8a2e:370:7334"); - - ipv6addr addr2("fe80:0:0:0:2aa:ff:fe9a:4ca3"); - ASSERT_EQ(falco::utils::network::ipv6addr_to_string(addr2), "fe80:0:0:0:2aa:ff:fe9a:4ca3"); - - ipv6addr addr3("0:0:0:0:0:0:0:0"); - ASSERT_EQ(falco::utils::network::ipv6addr_to_string(addr3), "0:0:0:0:0:0:0:0"); - - ipv6addr addr4("ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff"); - ASSERT_EQ(falco::utils::network::ipv6addr_to_string(addr4), "ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff"); -} -#endif diff --git a/userspace/engine/falco_utils.cpp b/userspace/engine/falco_utils.cpp index a3a83c5aa9e..17259513126 100644 --- a/userspace/engine/falco_utils.cpp +++ b/userspace/engine/falco_utils.cpp @@ -257,38 +257,6 @@ bool is_unix_scheme(const std::string& url) { return sinsp_utils::startswith(url, UNIX_SCHEME); } - -#if defined(__linux__) and !defined(MINIMAL_BUILD) and !defined(__EMSCRIPTEN__) -std::string ipv4addr_to_string(uint32_t addr) -{ - char dest[16]; - snprintf( - dest, - sizeof(dest), - "%d.%d.%d.%d", - (addr & 0xFF), - ((addr & 0xFF00) >> 8), - ((addr & 0xFF0000) >> 16), - ((addr & 0xFF000000) >> 24)); - return std::string(dest); -} - -std::string ipv6addr_to_string(const ipv6addr& addr) -{ - std::ostringstream oss; - const uint16_t* words = reinterpret_cast(addr.m_b); - for (int i = 0; i < 8; ++i) - { - if (i != 0) - { - oss << ':'; - } - oss << std::hex << ntohs(words[i]); - } - return oss.str(); -} -#endif - } // namespace network } // namespace utils } // namespace falco diff --git a/userspace/engine/falco_utils.h b/userspace/engine/falco_utils.h index 94e50e89f42..212349913ba 100644 --- a/userspace/engine/falco_utils.h +++ b/userspace/engine/falco_utils.h @@ -22,10 +22,6 @@ limitations under the License. #include #include -#if defined(__linux__) and !defined(MINIMAL_BUILD) and !defined(__EMSCRIPTEN__) -#include -#include -#endif namespace falco::utils { @@ -49,11 +45,5 @@ namespace network { static const std::string UNIX_SCHEME("unix://"); bool is_unix_scheme(const std::string& url); -#if defined(__linux__) and !defined(MINIMAL_BUILD) and !defined(__EMSCRIPTEN__) -// todo: consider extending libs and expose API for ipv4 and ipv6 to string conversion -std::string ipv4addr_to_string(uint32_t addr); -std::string ipv6addr_to_string(const ipv6addr& addr); -#endif - } // namespace network } // namespace falco::utils diff --git a/userspace/falco/falco_metrics.cpp b/userspace/falco/falco_metrics.cpp index 9422715e99d..42adb9dadb1 100644 --- a/userspace/falco/falco_metrics.cpp +++ b/userspace/falco/falco_metrics.cpp @@ -109,44 +109,39 @@ std::string falco_metrics::to_text(const falco::app::state& state) prometheus_text += prometheus_metrics_converter.convert_metric_to_text_prometheus("falco_sha256_config_files", "falcosecurity", "falco", {{"file_name", fs_path.filename().stem()}, {"sha256", item.second}}); } - static bool is_first_call = true; static std::string ifinfo_json_escaped; - if (is_first_call) + auto ipv4list = inspector->get_ifaddr_list().get_ipv4_list(); + auto ipv6list = inspector->get_ifaddr_list().get_ipv6_list(); + nlohmann::json ipv4_json; + nlohmann::json ipv6_json; + if(ipv4list) { - is_first_call = false; - auto ipv4list = inspector->get_ifaddr_list().get_ipv4_list(); - auto ipv6list = inspector->get_ifaddr_list().get_ipv6_list(); - nlohmann::json ipv4_json; - nlohmann::json ipv6_json; - if(ipv4list) + for (const auto& item : *ipv4list) { - for (const auto& item : *ipv4list) + if(item.m_name == "lo") { - if(item.m_name == "lo") - { - continue; - } - ipv4_json[item.m_name] = falco::utils::network::ipv4addr_to_string(item.m_addr); + continue; } + ipv4_json[item.m_name] = item.addr_to_string(); } + } - if(ipv6list) + if(ipv6list) + { + for (const auto& item : *ipv6list) { - for (const auto& item : *ipv6list) + if(item.m_name == "lo") { - if(item.m_name == "lo") - { - continue; - } - ipv6_json[item.m_name] = falco::utils::network::ipv6addr_to_string(item.m_net); + continue; } + ipv6_json[item.m_name] = item.addr_to_string(); } - nlohmann::json ifinfo_json; - ifinfo_json["ipv4"] = ipv4_json; - ifinfo_json["ipv6"] = ipv6_json; - ifinfo_json_escaped = ifinfo_json.dump(); } - prometheus_text += prometheus_metrics_converter.convert_metric_to_text_prometheus("host_ifinfo", "falcosecurity", "falco", {{"host_ifinfo", ifinfo_json_escaped}}); + nlohmann::json ifinfo_json; + ifinfo_json["ipv4"] = ipv4_json; + ifinfo_json["ipv6"] = ipv6_json; + ifinfo_json_escaped = ifinfo_json.dump(); + prometheus_text += prometheus_metrics_converter.convert_metric_to_text_prometheus("host_ifinfo_json", "falcosecurity", "falco", {{"host_ifinfo_json", ifinfo_json_escaped}}); #endif for (const std::string& source: inspector->event_sources()) diff --git a/userspace/falco/stats_writer.cpp b/userspace/falco/stats_writer.cpp index 7dfb3a26d9c..e93b26e5abb 100644 --- a/userspace/falco/stats_writer.cpp +++ b/userspace/falco/stats_writer.cpp @@ -358,11 +358,8 @@ void stats_writer::collector::get_metrics_output_fields_wrapper( output_fields[metric_name_file_sha256] = item.second; } - static bool is_first_call = true; - static std::string ifinfo_json_escaped; - if (is_first_call) + if (stats_snapshot_time_delta_sec == 0) { - is_first_call = false; auto ipv4list = inspector->get_ifaddr_list().get_ipv4_list(); auto ipv6list = inspector->get_ifaddr_list().get_ipv6_list(); nlohmann::json ipv4_json; @@ -375,7 +372,7 @@ void stats_writer::collector::get_metrics_output_fields_wrapper( { continue; } - ipv4_json[item.m_name] = falco::utils::network::ipv4addr_to_string(item.m_addr); + ipv4_json[item.m_name] = item.addr_to_string(); } } @@ -387,15 +384,15 @@ void stats_writer::collector::get_metrics_output_fields_wrapper( { continue; } - ipv6_json[item.m_name] = falco::utils::network::ipv6addr_to_string(item.m_net); + ipv6_json[item.m_name] = item.addr_to_string(); } } nlohmann::json ifinfo_json; ifinfo_json["ipv4"] = ipv4_json; ifinfo_json["ipv6"] = ipv6_json; - ifinfo_json_escaped = ifinfo_json.dump(); + m_ifinfo_json_escaped = ifinfo_json.dump(); } - output_fields["falco.host_ifinfo"] = ifinfo_json_escaped; + output_fields["falco.host_ifinfo_json"] = m_ifinfo_json_escaped; #endif output_fields["evt.source"] = src; diff --git a/userspace/falco/stats_writer.h b/userspace/falco/stats_writer.h index b25ed4dd609..f85f509bb04 100644 --- a/userspace/falco/stats_writer.h +++ b/userspace/falco/stats_writer.h @@ -80,6 +80,7 @@ class stats_writer uint64_t m_last_n_evts = 0; uint64_t m_last_n_drops = 0; uint64_t m_last_num_evts = 0; + std::string m_ifinfo_json_escaped; }; stats_writer(const stats_writer&) = delete;