bro-common 2.5-1 / usr / share / bro / policy / misc / load-balancing.bro

This file is indexed.

/usr/share/bro/policy/misc/load-balancing.bro is in bro-common 2.5-1.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below. 

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
##! This script implements the "Bro side" of several load balancing
##! approaches for Bro clusters.

@load base/frameworks/cluster
@load base/frameworks/packet-filter

module LoadBalancing;

export {

	type Method: enum {
		## Apply BPF filters to each worker in a way that causes them to
		## automatically flow balance traffic between them.
		AUTO_BPF,
		# Load balance traffic across the workers by making each one apply
		# a restrict filter to only listen to a single MAC address.  This
		# is a somewhat common deployment option for sites doing network
		# based load balancing with MAC address rewriting and passing the
		# traffic to a single interface.  Multiple MAC addresses will show
		# up on the same interface and need filtered to a single address.
		#MAC_ADDR_BPF,
	};

	## Defines the method of load balancing to use.
	const method = AUTO_BPF &redef;

	# Configure the cluster framework to enable the load balancing filter configuration.
	#global send_filter: event(for_node: string, filter: string);
	#global confirm_filter_installation: event(success: bool);

	redef record Cluster::Node += {
		## A BPF filter for load balancing traffic sniffed on a single
		## interface across a number of processes.  In normal uses, this
		## will be assigned dynamically by the manager and installed by
		## the workers.
		lb_filter: string &optional;
	};
}

#redef Cluster::manager2worker_events += /LoadBalancing::send_filter/;
#redef Cluster::worker2manager_events += /LoadBalancing::confirm_filter_installation/;

@if ( Cluster::is_enabled() )

@if ( Cluster::local_node_type() == Cluster::MANAGER )

event bro_init() &priority=5
	{
	if ( method != AUTO_BPF )
		return;

	local worker_ip_interface: table[addr, string] of count = table();
	for ( n in Cluster::nodes )
		{
		local this_node = Cluster::nodes[n];

		# Only workers!
		if ( this_node$node_type != Cluster::WORKER ||
		     ! this_node?$interface )
			next;

		if ( [this_node$ip, this_node$interface] !in worker_ip_interface )
			worker_ip_interface[this_node$ip, this_node$interface] = 0;
		++worker_ip_interface[this_node$ip, this_node$interface];
		}

	# Now that we've counted up how many processes are running on an interface
	# let's create the filters for each worker.
	local lb_proc_track: table[addr, string] of count = table();
	for ( no in Cluster::nodes )
		{
		local that_node = Cluster::nodes[no];
		if ( that_node$node_type == Cluster::WORKER &&
		     that_node?$interface && [that_node$ip, that_node$interface] in worker_ip_interface )
			{
			if ( [that_node$ip, that_node$interface] !in lb_proc_track )
				lb_proc_track[that_node$ip, that_node$interface] = 0;

			local this_lb_proc = lb_proc_track[that_node$ip, that_node$interface];
			local total_lb_procs = worker_ip_interface[that_node$ip, that_node$interface];

			++lb_proc_track[that_node$ip, that_node$interface];
			if ( total_lb_procs > 1 )
				{
				that_node$lb_filter = PacketFilter::sampling_filter(total_lb_procs, this_lb_proc);
				Communication::nodes[no]$capture_filter = that_node$lb_filter;
				}
			}
		}
	}

#event remote_connection_established(p: event_peer) &priority=-5
#	{
#	if ( is_remote_event() )
#		return;
#
#	local for_node = p$descr;
#	# Send the filter to the peer.
#	if ( for_node in Cluster::nodes &&
#	     Cluster::nodes[for_node]?$lb_filter )
#		{
#		local filter = Cluster::nodes[for_node]$lb_filter;
#		event LoadBalancing::send_filter(for_node, filter);
#		}
#	}

#event LoadBalancing::confirm_filter_installation(success: bool)
#	{
#	# This doesn't really matter yet since we aren't getting back a meaningful success response.
#	}

@endif


@if ( Cluster::local_node_type() == Cluster::WORKER )

#event LoadBalancing::send_filter(for_node: string, filter: string)
event remote_capture_filter(p: event_peer, filter: string)
	{
	#if ( for_node !in Cluster::nodes )
	#	return;
	#
	#if ( Cluster::node == for_node )
	#	{
		restrict_filters["lb_filter"] = filter;
		PacketFilter::install();
		#event LoadBalancing::confirm_filter_installation(T);
	#	}
	}

@endif

@endif

APT Browse - Built by Thomas Orozco.