leodido / demo-cloud-native-ebpf-day Goto Github PK
View Code? Open in Web Editor NEWVarious eBPF programs for tracing network connections
License: GNU General Public License v3.0
Various eBPF programs for tracing network connections
License: GNU General Public License v3.0
hi, i use your restrict_connect, but it doesn't have a effect,
i use ubuntu kernel version 6.2.0-39-generic
libbpf: loading object 'restrict_connect_bpf' from buffer
libbpf: elf: section(3) lsm/socket_connect, size 440, link 0, flags 6, type=1
libbpf: sec 'lsm/socket_connect': found program 'restrict_connect' at insn offset 0 (0 bytes), code size 55 insns (440 bytes)
libbpf: elf: section(4) .rellsm/socket_connect, size 96, link 28, flags 40, type=9
libbpf: elf: section(5) license, size 4, link 0, flags 3, type=1
libbpf: license of restrict_connect_bpf is GPL
libbpf: elf: section(6) .rodata, size 4, link 0, flags 2, type=1
libbpf: elf: section(7) .data, size 38, link 0, flags 3, type=1
libbpf: elf: section(18) .BTF, size 1698, link 0, flags 0, type=1
libbpf: elf: section(20) .BTF.ext, size 476, link 0, flags 0, type=1
libbpf: elf: section(28) .symtab, size 576, link 1, flags 0, type=2
libbpf: looking for externs among 24 symbols...
libbpf: collected 0 externs total
libbpf: map 'restrict.data' (global data): at sec_idx 7, offset 0, flags 400.
libbpf: map 0 is "restrict.data"
libbpf: map 'restrict.rodata' (global data): at sec_idx 6, offset 0, flags 480.
libbpf: map 1 is "restrict.rodata"
libbpf: sec '.rellsm/socket_connect': collecting relocation for section(3) 'lsm/socket_connect'
libbpf: sec '.rellsm/socket_connect': relo #0: insn #22 against '.data'
libbpf: prog 'restrict_connect': found data map 0 (restrict.data, sec 7, off 0) for insn 22
libbpf: sec '.rellsm/socket_connect': relo #1: insn #29 against '.data'
libbpf: prog 'restrict_connect': found data map 0 (restrict.data, sec 7, off 0) for insn 29
libbpf: sec '.rellsm/socket_connect': relo #2: insn #33 against '.data'
libbpf: prog 'restrict_connect': found data map 0 (restrict.data, sec 7, off 0) for insn 33
libbpf: sec '.rellsm/socket_connect': relo #3: insn #39 against '.data'
libbpf: prog 'restrict_connect': found data map 0 (restrict.data, sec 7, off 0) for insn 39
libbpf: sec '.rellsm/socket_connect': relo #4: insn #43 against '.data'
libbpf: prog 'restrict_connect': found data map 0 (restrict.data, sec 7, off 0) for insn 43
libbpf: sec '.rellsm/socket_connect': relo #5: insn #47 against '.data'
libbpf: prog 'restrict_connect': found data map 0 (restrict.data, sec 7, off 0) for insn 47
libbpf: loading kernel BTF '/sys/kernel/btf/vmlinux': 0
libbpf: map 'restrict.data': created successfully, fd=4
libbpf: map 'restrict.rodata': created successfully, fd=5
libbpf: sec 'lsm/socket_connect': found 4 CO-RE relocations
libbpf: prog 'restrict_connect': relo #0: kind <byte_off> (0), spec is [6] struct sockaddr.sa_family (0:0 @ offset 0)
libbpf: CO-RE relocating [0] struct sockaddr: found target candidate [2804] struct sockaddr in [vmlinux]
libbpf: prog 'restrict_connect': relo #0: matching candidate #0 [2804] struct sockaddr.sa_family (0:0 @ offset 0)
libbpf: prog 'restrict_connect': relo #0: patched insn #7 (LDX/ST/STX) off 0 -> 0
libbpf: prog 'restrict_connect': relo #1: kind <byte_off> (0), spec is [17] struct sockaddr_in.sin_addr.s_addr (0:2:0 @ offset 4)
libbpf: CO-RE relocating [0] struct sockaddr_in: found target candidate [21675] struct sockaddr_in in [vmlinux]
libbpf: prog 'restrict_connect': relo #1: matching candidate #0 [21675] struct sockaddr_in.sin_addr.s_addr (0:2:0 @ offset 4)
libbpf: prog 'restrict_connect': relo #1: patched insn #10 (LDX/ST/STX) off 4 -> 4
libbpf: prog 'restrict_connect': relo #2: kind <type_exists> (8), spec is [26] struct trace_event_raw_bpf_trace_printk___x
libbpf: CO-RE relocating [0] struct trace_event_raw_bpf_trace_printk___x: found target candidate [106230] struct trace_event_raw_bpf_trace_printk in [vmlinux]
libbpf: prog 'restrict_connect': relo #2: matching candidate #0 [106230] struct trace_event_raw_bpf_trace_printk
libbpf: prog 'restrict_connect': relo #2: patched insn #13 (ALU/ALU64) imm 1 -> 1
libbpf: prog 'restrict_connect': relo #3: kind <enumval_exists> (10), spec is [27] enum bpf_func_id___x::BPF_FUNC_snprintf___x = 42
libbpf: CO-RE relocating [0] enum bpf_func_id___x: found target candidate [11292] enum bpf_func_id in [vmlinux]
libbpf: prog 'restrict_connect': relo #3: matching candidate #0 [11292] enum bpf_func_id::BPF_FUNC_snprintf = 165
libbpf: prog 'restrict_connect': relo #3: patched insn #14 (LDIMM64) imm64 1 -> 1
BPF skeleton ok
and when i run ping 1.1.1.1, it also can ping it
i don't know how to resolve it ,can you help me? thanks
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.