TestNetlinkQueries tests queries to the kernel to get the inode of a connection. When using ProcFS as monitor method, we need that value to get the PID of an application. We also need it if for any reason auditd or ebpf doesn't return the PID of the application. TODO: test all the cases described in
(t *testing.T)
| 67 | // We also need it if for any reason auditd or ebpf doesn't return the PID of the application. |
| 68 | // TODO: test all the cases described in the GetSocketInfo() description. |
| 69 | func TestNetlinkTCPQueries(t *testing.T) { |
| 70 | // netlink tests disabled by default, they cause random failures on restricted |
| 71 | // environments. |
| 72 | if os.Getenv("NETLINK_TESTS") == "" { |
| 73 | t.Skip("Skipping netlink tests. Use NETLINK_TESTS=1 to launch these tests.") |
| 74 | } |
| 75 | |
| 76 | connChan := make(chan *Connection) |
| 77 | go setupConnection("tcp", connChan) |
| 78 | conn := <-connChan |
| 79 | if conn == nil { |
| 80 | t.Error("TestParseTCPConnection, conn nil") |
| 81 | } |
| 82 | |
| 83 | var inodes []int |
| 84 | uid := -1 |
| 85 | t.Run("Test GetSocketInfo", func(t *testing.T) { |
| 86 | uid, inodes = GetSocketInfo("tcp", conn.SrcIP, conn.SrcPort, conn.DstIP, conn.DstPort) |
| 87 | |
| 88 | if len(inodes) == 0 { |
| 89 | t.Error("inodes empty") |
| 90 | } |
| 91 | if uid != os.Getuid() { |
| 92 | t.Error("GetSocketInfo UID error:", uid, os.Getuid()) |
| 93 | } |
| 94 | }) |
| 95 | |
| 96 | t.Run("Test GetSocketInfoByInode", func(t *testing.T) { |
| 97 | socket, err := GetSocketInfoByInode(fmt.Sprint(inodes[0])) |
| 98 | if err != nil { |
| 99 | t.Error("GetSocketInfoByInode error:", err) |
| 100 | } |
| 101 | if socket == nil { |
| 102 | t.Error("GetSocketInfoByInode inode not found") |
| 103 | } |
| 104 | if socket.ID.SourcePort != uint16(conn.SrcPort) { |
| 105 | t.Error("GetSocketInfoByInode dstPort error:", socket) |
| 106 | } |
| 107 | if socket.ID.DestinationPort != uint16(conn.DstPort) { |
| 108 | t.Error("GetSocketInfoByInode dstPort error:", socket) |
| 109 | } |
| 110 | if socket.UID != uint32(os.Getuid()) { |
| 111 | t.Error("GetSocketInfoByInode UID error:", socket, os.Getuid()) |
| 112 | } |
| 113 | }) |
| 114 | |
| 115 | conn.Listener.Close() |
| 116 | } |
nothing calls this directly
no test coverage detected