Potential BUG in capturing on different interfaces:: #28
Description
I do not see data from other interfaces just from eth0
I am working on my local laptop inside wsl2
In console #1 I am running::
-==-=-=-=-=-=-=-=-=-=-
$ route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default _gateway 0.0.0.0 UG 0 0 0 eth0
172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 docker0
172.19.0.0 0.0.0.0 255.255.240.0 U 0 0 0 eth0
172.20.0.0 0.0.0.0 255.255.0.0 U 0 0 0 br-a7ad3335e9d5
192.168.50.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
$ ping 172.17.0.1
PING 172.17.0.1 (172.17.0.1) 56(84) bytes of data.
64 bytes from 172.17.0.1: icmp_seq=1 ttl=64 time=0.231 ms
64 bytes from 172.17.0.1: icmp_seq=2 ttl=64 time=0.076 ms
64 bytes from 172.17.0.1: icmp_seq=3 ttl=64 time=0.077 ms
64 bytes from 172.17.0.1: icmp_seq=4 ttl=64 time=0.078 ms
64 bytes from 172.17.0.1: icmp_seq=5 ttl=64 time=0.070 ms
64 bytes from 172.17.0.1: icmp_seq=6 ttl=64 time=0.074 ms
64 bytes from 172.17.0.1: icmp_seq=7 ttl=64 time=0.091 ms
64 bytes from 172.17.0.1: icmp_seq=8 ttl=64 time=0.086 ms
64 bytes from 172.17.0.1: icmp_seq=9 ttl=64 time=0.132 ms
64 bytes from 172.17.0.1: icmp_seq=10 ttl=64 time=0.101 ms
64 bytes from 172.17.0.1: icmp_seq=11 ttl=64 time=0.139 ms
64 bytes from 172.17.0.1: icmp_seq=12 ttl=64 time=0.124 ms
64 bytes from 172.17.0.1: icmp_seq=13 ttl=64 time=0.069 ms
64 bytes from 172.17.0.1: icmp_seq=14 ttl=64 time=0.102 ms
64 bytes from 172.17.0.1: icmp_seq=15 ttl=64 time=0.103 ms
64 bytes from 172.17.0.1: icmp_seq=16 ttl=64 time=0.135 ms
64 bytes from 172.17.0.1: icmp_seq=17 ttl=64 time=0.084 ms
64 bytes from 172.17.0.1: icmp_seq=18 ttl=64 time=0.079 ms
64 bytes from 172.17.0.1: icmp_seq=19 ttl=64 time=0.096 ms
64 bytes from 172.17.0.1: icmp_seq=20 ttl=64 time=0.141 ms
64 bytes from 172.17.0.1: icmp_seq=21 ttl=64 time=0.077 ms
64 bytes from 172.17.0.1: icmp_seq=22 ttl=64 time=0.111 ms
64 bytes from 172.17.0.1: icmp_seq=23 ttl=64 time=0.079 ms
64 bytes from 172.17.0.1: icmp_seq=24 ttl=64 time=0.108 ms
64 bytes from 172.17.0.1: icmp_seq=25 ttl=64 time=0.106 ms
64 bytes from 172.17.0.1: icmp_seq=26 ttl=64 time=0.089 ms
64 bytes from 172.17.0.1: icmp_seq=27 ttl=64 time=0.166 ms
64 bytes from 172.17.0.1: icmp_seq=28 ttl=64 time=0.100 ms
64 bytes from 172.17.0.1: icmp_seq=29 ttl=64 time=0.084 ms
64 bytes from 172.17.0.1: icmp_seq=30 ttl=64 time=0.086 ms
64 bytes from 172.17.0.1: icmp_seq=31 ttl=64 time=0.070 ms
In console #2 I am running::
-==-=-=-=-=-=-=-=-=-=-
$ sudo FLOWS_TARGET_HOST=127.0.0.1 FLOWS_TARGET_PORT=9999 ./bin/netobserv-ebpf-agent
INFO[0000] starting NetObserv eBPF Agent
INFO[0000] initializing Flows agent component=agent.Flows
INFO[0000] push CTRL+C or send SIGTERM to interrupt execution
INFO[0000] starting Flows agent component=agent.Flows
INFO[0000] Flows agent successfully started component=agent.Flows
INFO[0000] interface detected. Registering flow tracer component=agent.Flows name=bond0
INFO[0000] interface detected. Registering flow tracer component=agent.Flows name=dummy0
INFO[0000] interface detected. Registering flow tracer component=agent.Flows name=eth0
INFO[0000] interface detected. Registering flow tracer component=agent.Flows name=tunl0
INFO[0000] interface detected. Registering flow tracer component=agent.Flows name=sit0
INFO[0000] interface detected. Registering flow tracer component=agent.Flows name=br-a7ad3335e9d5
INFO[0000] interface detected. Registering flow tracer component=agent.Flows name=docker0
ERRO[0005] couldn't send flow records to collector collector="127.0.0.1:9999" component=exporter/GRPCProto error="rpc error: code = Unavailable desc = connection error: desc = \"transport: Error while dialing dial tcp 127.0.0.1:9999: connect: connection refused\""
ERRO[0010] couldn't send flow records to collector collector="127.0.0.1:9999" component=exporter/GRPCProto error="rpc error: code = Unavailable desc = connection error: desc = \"transport: Error while dialing dial tcp 127.0.0.1:9999: connect: connection refused\""
ERRO[0015] couldn't send flow records to collector collector="127.0.0.1:9999" component=exporter/GRPCProto error="rpc error: code = Unavailable desc = connection error: desc = \"transport: Error while dialing dial tcp 127.0.0.1:9999: connect: connection refused\""
ERRO[0020] couldn't send flow records to collector collector="127.0.0.1:9999" component=exporter/GRPCProto error="rpc error: code = Unavailable desc = connection error: desc = \"transport: Error while dialing dial tcp 127.0.0.1:9999: connect: connection refused\""
ERRO[0025] couldn't send flow records to collector collector="127.0.0.1:9999" component=exporter/GRPCProto error="rpc error: code = Unavailable desc = connection error: desc = \"transport: Error while dialing dial tcp 127.0.0.1:9999: connect: connection refused\""
In console #3 I see::
-==-=-=-=-=-=-=-=-=-=-
.
.
.
16:10:11.421569 eth0 IP 0.0.0.0:0 > 0.0.0.0:0: protocol: dir:0 bytes:1272 packets:6 ends: 16:10:14.431095
16:10:09.787783 eth0 IP 192.168.50.16:2221 > 192.168.50.88:59478: protocol:tcp dir:1 bytes:980 packets:10 ends: 16:10:14.295339
16:10:09.784408 eth0 IP 192.168.50.88:57549 > 192.168.50.16:2221: protocol:tcp dir:0 bytes:108 packets:2 ends: 16:10:09.828893
16:10:14.783970 eth0 IP 192.168.50.16:2221 > 192.168.50.88:57549: protocol:tcp dir:1 bytes:332 packets:2 ends: 16:10:14.784315
16:10:15.606434 eth0 IP 192.168.50.16:2221 > 192.168.50.88:63110: protocol:tcp dir:1 bytes:450 packets:5 ends: 16:10:19.766466
16:10:14.796195 eth0 IP 192.168.50.16:2221 > 192.168.50.88:59478: protocol:tcp dir:1 bytes:1088 packets:12 ends: 16:10:19.371479
16:10:14.784487 eth0 IP 192.168.50.88:57549 > 192.168.50.16:2221: protocol:tcp dir:0 bytes:54 packets:1 ends: 16:10:14.784487
16:10:18.443349 eth0 IP 0.0.0.0:0 > 0.0.0.0:0: protocol: dir:0 bytes:424 packets:2 ends: 16:10:18.444552
16:10:18.442786 eth0 IP 192.168.50.88:5353 > 224.0.0.251:5353: protocol:udp dir:0 bytes:384 packets:2 ends: 16:10:18.443906
16:10:15.648172 eth0 IP 192.168.50.88:63110 > 192.168.50.16:2221: protocol:tcp dir:0 bytes:216 packets:4 ends: 16:10:18.772084
16:10:14.851205 eth0 IP 192.168.50.88:59478 > 192.168.50.16:2221: protocol:tcp dir:0 bytes:736 packets:12 ends: 16:10:19.371424
16:10:20.806308 eth0 IP 192.168.50.16:2221 > 192.168.50.88:63110: protocol:tcp dir:1 bytes:360 packets:4 ends: 16:10:23.926596
16:10:19.804403 eth0 IP 192.168.50.16:2221 > 192.168.50.88:59478: protocol:tcp dir:1 bytes:1034 packets:11 ends: 16:10:24.312186
16:10:19.854728 eth0 IP 192.168.50.88:59478 > 192.168.50.16:2221: protocol:tcp dir:0 bytes:584 packets:10 ends: 16:10:24.355046
16:10:19.809596 eth0 IP 192.168.50.88:63110 > 192.168.50.16:2221: protocol:tcp dir:0 bytes:270 packets:5 ends: 16:10:23.977869
16:10:19.779707 eth0 IP 192.168.50.16:2221 > 192.168.50.88:57549: protocol:tcp dir:1 bytes:440 packets:4 ends: 16:10:20.298783
16:10:19.824768 eth0 IP 192.168.50.88:57549 > 192.168.50.16:2221: protocol:tcp dir:0 bytes:288 packets:4 ends: 16:10:20.354720
16:10:24.866107 eth0 IP 192.168.50.88:59478 > 192.168.50.16:2221: protocol:tcp dir:0 bytes:540 packets:10 ends: 16:10:29.372393
16:10:26.429391 eth0 IP 0.0.0.0:0 > 0.0.0.0:0: protocol: dir:0 bytes:1272 packets:6 ends: 16:10:29.449782
16:10:24.836071 eth0 IP 192.168.50.88:57549 > 192.168.50.16:2221: protocol:tcp dir:0 bytes:54 packets:1 ends: 16:10:24.836071
16:10:25.016215 eth0 IP 192.168.50.88:63110 > 192.168.50.16:2221: protocol:tcp dir:0 bytes:270 packets:5 ends: 16:10:29.177212
16:10:24.966451 eth0 IP 192.168.50.16:2221 > 192.168.50.88:63110: protocol:tcp dir:1 bytes:450 packets:5 ends: 16:10:29.126457
16:10:24.812920 eth0 IP 192.168.50.16:2221 > 192.168.50.88:59478: protocol:tcp dir:1 bytes:980 packets:10 ends: 16:10:29.320577
16:10:24.784189 eth0 IP 192.168.50.16:2221 > 192.168.50.88:57549: protocol:tcp dir:1 bytes:218 packets:1 ends: 16:10:24.784189
16:10:26.427953 eth0 IP 192.168.50.88:5353 > 224.0.0.251:5353: protocol:udp dir:0 bytes:1152 packets:6 ends: 16:10:29.449278
.
.
.