Skip to content

ugwis/ebpf-http-parser

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

14 Commits

cilium-ebpf @ 0d43986

cilium-ebpf @ 0d43986

 
 

.gitmodules

.gitmodules

 
 

LICENSE

LICENSE

 
 

Makefile

Makefile

 
 

README.md

README.md

 
 

go.mod

go.mod

 
 

go.sum

go.sum

 
 

kprobe.c

kprobe.c

 
 

main.go

main.go

 
 

Repository files navigation

eBPF HTTP Parser

Installation (self-build)

requirements

  • LLVM Clang 9
  • Go runtime
$ make
$ ./parser

https://github.com/cilium/ebpf/blob/0d439865ca157accbc60cc6f3cbeb028fa7901cb/testdata/docker/Dockerfile The Dockerfile of cilium/ebpf will be a reference for building environment.

Supported hooks

  • HTTP with sys_send() / sys_recv()
  • HTTP with sys_sendto() / sys_recvfrom()
  • HTTP with sys_write() / sys_read()

Unsupported hooks (ToDo)

  • HTTPS with Golang net/http Library
  • HTTPS with OpenSSL
  • HTTPS with LibreSSL
  • HTTPS with GnuSSL
  • HTTPS with BoringSSL
  • HTTP/2 with nghttp2

About

Parse HTTP(S) requests by eBPF hooks without APM

Topics

ebpf cilium-ebpf

Resources

Readme

License

Apache-2.0 license
Activity

Stars

2 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages