yanguangshaonian
/
aya
mirror of https://github.com/aya-rs/aya
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
2,072 Commits
7 Branches
39 Tags
28 MiB
create-pull-request/codegen
create-pull-request/public-api
main
crabby-token
fix-verifier-blixt
linker-bindep
gh-pages
aya-v0.13.1
aya-obj-v0.2.1
aya-log-v0.2.1
aya-log-common-v0.1.15
aya-ebpf-bindings-v0.1.1
aya-ebpf-cty-v0.2.2
aya-v0.13.0
aya-obj-v0.2.0
aya-log-ebpf-v0.1.0
aya-log-ebpf-macros-v0.1.0
aya-log-parser-v0.1.13
aya-ebpf-v0.1.0
aya-ebpf-macros-v0.1.0
aya-ebpf-bindings-v0.1.0
aya-ebpf-cty-v0.2.1
aya-log-v0.2.0
aya-log-common-v0.1.14
aya-v0.12.0
aya-obj-v0.1.0
aya-log-common-v0.1.13
aya-log-v0.1.13
aya-log-common-v0.1.11
aya-log-v0.1.11
aya-log-common-v0.1.10
aya-log-v0.1.10
aya-v0.11.0
aya-log-common-v0.1.9
aya-log-v0.1.9
aya-v0.10.7
aya-v0.10.6
aya-log-v0.1.1
aya-v0.10.5
aya-v0.10.4
aya-v0.10.3
aya-v0.10.2
aya-v0.10.1
aya-v0.10.0
aya-ebpf-macros-v0.1.1
aya-ebpf-v0.1.1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '722d4c8d32'
${ noResults }
Commit Graph

5 Commits (722d4c8d3225b1053381346dd7d0ff273e3112b6)

Author SHA1 Message Date
Krish Sharma 722d4c8d32 feat: add comprehensive traffic log analysis and threat detection 
Analysis Script (scripts/analyze_logs.py):
- Multi-format log parser (JSON, JSONL, CSV with auto-detection)
- Comprehensive traffic analytics and statistical analysis
- Advanced threat detection and security intelligence
- Flexible export options for further analysis

Traffic Analytics:
- Traffic volume and bandwidth analysis
- Top source/destination IP identification
- Protocol distribution and temporal patterns
- Packet size analysis with percentiles
- Network flow correlation and tracking

Threat Detection Capabilities:
- Port scanning detection with configurable thresholds
- High-volume source identification using statistical analysis
- Unusual protocol detection for tunnel/VPN identification
- Suspicious traffic pattern recognition
- Repeated flow analysis for DDoS detection

Advanced Features:
- Statistical analysis with percentiles and distributions
- Temporal pattern analysis (hourly/daily trends)
- Security scoring and risk assessment
- Flow-based analysis with duration tracking
- Comprehensive reporting with multiple output formats

Export and Reporting:
- Human-readable console reports with emoji indicators
- JSON export for programmatic analysis
- CSV export for spreadsheet integration
- Detailed threat intelligence summaries

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
 3 weeks ago
Krish Sharma e6bca88295 feat: implement userspace program with integrated logging 
Main Program (main.rs):
- Command-line interface using clap with comprehensive options
- eBPF program lifecycle management (load, configure, attach)
- Integration with structured logging system
- Graceful shutdown handling with log flushing

Command-Line Options:
- Interface selection for XDP attachment
- Configuration file path for CIDR ranges
- Packet action control (log-only vs drop)
- Logging format selection (console/json/csv/jsonl)
- Output file specification and buffer size tuning
- Verbose logging for debugging

eBPF Integration:
- Automatic eBPF program loading and BTF initialization
- CIDR range configuration via eBPF maps
- Real-time event processing from ring buffers
- XDP attachment with fallback to SKB mode

Enhanced Features:
- Structured event logging with flow correlation
- Real-time statistics and periodic summaries
- Signal handling for clean shutdown
- Error handling with context preservation

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
 3 weeks ago
Krish Sharma da81c221d3 feat: add comprehensive structured logging system 
Structured Logging Module (logger.rs):
- Multiple output formats: JSON, CSV, JSONL, Console
- Configurable buffering and log rotation settings
- Thread-safe logging with Arc<Mutex<>> for concurrent access
- Rich log entries with metadata and flow correlation

Log Entry Features:
- Timestamp (Unix and ISO 8601 formats)
- Source/destination IP addresses and ports
- Protocol information (name and number)
- Packet size and action taken (LOG/DROP)
- Network interface and unique flow hash
- Structured serialization with serde

Output Format Support:
- Console: Human-readable real-time logging
- JSON: Structured array format for batch processing
- JSONL: Line-delimited JSON for streaming analytics
- CSV: Spreadsheet-compatible format with headers

Performance Optimizations:
- Buffered I/O with configurable buffer sizes
- Efficient serialization and string formatting
- Minimal allocation during high-throughput logging

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
 3 weeks ago
Krish Sharma 21bd2041e7 feat: implement core eBPF traffic monitoring functionality 
Core eBPF Program (traffic_monitor.bpf.rs):
- XDP-based packet processing for high performance
- IP header parsing and CIDR range matching
- Configurable packet dropping or logging
- Ring buffer event logging to userspace

Supporting Modules:
- config.rs: JSON configuration management for CIDR ranges
- ip_utils.rs: CIDR parsing and IP matching utilities
- event_handler.rs: Traffic event processing and statistics
- lib.rs: Module exports and shared structures

Key Features:
- Line-rate packet filtering in kernel space
- Support for up to 256 permitted CIDR ranges
- Real-time event streaming via ring buffers
- Protocol-aware logging (TCP/UDP/ICMP/etc.)

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
 3 weeks ago
Krish Sharma c590290bdf feat: initialize eBPF traffic monitor project structure 
- Add Cargo.toml with aya dependencies and project configuration
- Add build.rs with aya-build integration for eBPF compilation
- Configure workspace and example targets

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
 3 weeks ago