Write documents of the program.

Add README.md on the design of the whole program, and how its every
part(listener, filter) works, finally how to compile and use them.

Besides, notes.md records the things and technology learned in this
program, such as how to read kernel src, how the pthread_create/fork/
clone syscall works on processes and threads, the techs used to make
docker container works well, and books to be read. Good good study,
day day up.

1 files changed, 14 insertions, 6 deletions

diff --git a/listener/global.go b/listener/global.go
index b782284..49d6e94 100644
--- a/listener/global.go
+++ b/listener/global.go
@@ -44,12 +44,6 @@ type Event struct {
         destPath         string
 }
 
-var wg sync.WaitGroup        // 掌管协程
-var rawChan chan interface{} // 从接收到整理的管道
-var cookedChan chan Event    // 整理好的信息的管道
-var syscallTable [500]string //记录一下系统调用
-var containerdPid int
-
 // 插入到数据库的结构
 type Exec struct {
         Timestamp time.Time `bson:"timestamp"`
@@ -84,3 +78,17 @@ type File struct {
         Written        []time.Time `bson:"written"`
         CloseTimestamp time.Time   `bson:"close_timestamp"`
 }
+
+const (
+        dbName      string = "test"
+        pidColName  string = "pids"
+        fdColName   string = "fds"
+        fileColName string = "files"
+)
+
+var wg sync.WaitGroup                  // 掌管协程
+var rawChan chan interface{}           // 从接收到整理的管道
+var cookedChan chan Event              // 整理好的信息的管道
+var syscallTable [500]string           //记录一下系统调用
+var containerdPid int                  // 容器守护进程进程号
+var pidCol, fdCol, fileCol mongoClient // 数据库集合