MCPcopy
hub / github.com/evilsocket/opensnitch / onConnection

Method onConnection

daemon/statistics/stats.go:195–234  ·  view source on GitHub ↗
(con *conman.Connection, match *rule.Rule, wasMissed bool)

Source from the content-addressed store, hash-verified

193}
194
195func (s *Statistics) onConnection(con *conman.Connection, match *rule.Rule, wasMissed bool) {
196 s.Lock()
197 defer s.Unlock()
198
199 s.Connections++
200
201 if wasMissed {
202 s.RuleMisses++
203 } else {
204 s.RuleHits++
205 }
206
207 if wasMissed == false && match.Action == rule.Allow {
208 s.Accepted++
209 } else {
210 s.Dropped++
211 }
212
213 s.incMap(&s.ByProto, con.Protocol)
214 s.incMap(&s.ByAddress, con.DstIP.String())
215 if con.DstHost != "" {
216 s.incMap(&s.ByHost, con.DstHost)
217 }
218 s.incMap(&s.ByPort, strconv.FormatUint(uint64(con.DstPort), 10))
219 s.incMap(&s.ByUID, strconv.Itoa(con.Entry.UserId))
220 s.incMap(&s.ByExecutable, con.Process.Path)
221
222 // if we reached the limit, shift everything back
223 // by one position
224 nEvents := len(s.Events)
225 if nEvents == s.maxEvents {
226 s.Events = s.Events[1:]
227 }
228 if wasMissed {
229 return
230 }
231 s.Events = append(s.Events, NewEvent(con, match))
232
233 s.newEvents = true
234}
235
236func (s *Statistics) serializeEvents() []*protocol.Event {
237 nEvents := len(s.Events)

Callers 1

eventWorkerMethod · 0.95

Calls 5

incMapMethod · 0.95
NewEventFunction · 0.85
LockMethod · 0.80
UnlockMethod · 0.80
StringMethod · 0.45

Tested by

no test coverage detected