Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Can't collect logs on GRE tunnel #771

Open
top-secrett opened this issue Jul 9, 2024 · 7 comments
Open

Can't collect logs on GRE tunnel #771

top-secrett opened this issue Jul 9, 2024 · 7 comments
Labels
enhancement New feature or request
Milestone
v1.3.0

Comments

@top-secrett
Copy link

Describe the bug
I use anti-ddos service for ipv4 via gre tunnel and collector can't collect logs

image

multiplexer:
  collectors:
    - name: col-ipv4
      afpacket-sniffer:
        port: 53
        device: storm1099
        chan-buffer-size: 65535
      transforms:
        normalize:
          qname-lowercase: false
          quiet-text: true

    - name: col-ipv6
      afpacket-sniffer:
        port: 53
        device: ens224
        chan-buffer-size: 65535
      transforms:
        normalize:
          qname-lowercase: false
          quiet-text: true

  loggers:
    - name: log
      logfile:
        file-path: /var/log/dns/queries.log
        mode: text
        flush-interval: 1
        max-size: 100000000
        max-files: 0

  routes:
    - from: [ col-ipv4 ]
      to: [ log ]
    - from: [ col-ipv6 ]
      to: [ log ]

Additional context

  • Version 1.0.0-beta1
@dmachard dmachard added the enhancement New feature or request label Jul 9, 2024
@dmachard
Copy link
Owner

dmachard commented Jul 9, 2024
edited
Loading

GRE tunnel is not supported for sure.
I think the BPF filter need to be updated to support that.
Could you share a small tcpdump network trace ?

@top-secrett
Copy link
Author

@dmachard
tcpdump_gre.txt

@dmachard
Copy link
Owner

I confirm you, the BPF filter need to be updated to support GRE protocol
Currently only IP4 and IP6 are expected.

image

@dmachard
Copy link
Owner

@dmachard tcpdump_gre.txt

PCAP file will be more efficient
thanks

@top-secrett
Copy link
Author

@dmachard
dump.zip

@top-secrett
Copy link
Author

@dmachard Hello. Any update?

@dmachard
Copy link
Owner

@dmachard Hello. Any update?

Hi, for now, I'm enjoying my vacation :)
I'll look in a couple of weeks

@dmachard dmachard added this to the v1.1.0 milestone Oct 2, 2024
@dmachard dmachard mentioned this issue Oct 8, 2024
Open
@dmachard dmachard modified the milestones: v1.1.0, v1.2.0 Oct 13, 2024
@dmachard dmachard modified the milestones: v1.2.0, v1.3.0 Nov 13, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
v1.3.0
Development

No branches or pull requests
2 participants
@dmachard @top-secrett