leodido / demo-cloud-native-ebpf-day Goto Github PK
View Code? Open in Web Editor NEWVarious eBPF programs for tracing network connections
License: GNU General Public License v3.0
demo-cloud-native-ebpf-day's Issues
restrict_connect doesn't have any effect
hi, i use your restrict_connect, but it doesn't have a effect,
i use ubuntu kernel version 6.2.0-39-generic
libbpf: loading object 'restrict_connect_bpf' from buffer
libbpf: elf: section(3) lsm/socket_connect, size 440, link 0, flags 6, type=1
libbpf: sec 'lsm/socket_connect': found program 'restrict_connect' at insn offset 0 (0 bytes), code size 55 insns (440 bytes)
libbpf: elf: section(4) .rellsm/socket_connect, size 96, link 28, flags 40, type=9
libbpf: elf: section(5) license, size 4, link 0, flags 3, type=1
libbpf: license of restrict_connect_bpf is GPL
libbpf: elf: section(6) .rodata, size 4, link 0, flags 2, type=1
libbpf: elf: section(7) .data, size 38, link 0, flags 3, type=1
libbpf: elf: section(18) .BTF, size 1698, link 0, flags 0, type=1
libbpf: elf: section(20) .BTF.ext, size 476, link 0, flags 0, type=1
libbpf: elf: section(28) .symtab, size 576, link 1, flags 0, type=2
libbpf: looking for externs among 24 symbols...
libbpf: collected 0 externs total
libbpf: map 'restrict.data' (global data): at sec_idx 7, offset 0, flags 400.
libbpf: map 0 is "restrict.data"
libbpf: map 'restrict.rodata' (global data): at sec_idx 6, offset 0, flags 480.
libbpf: map 1 is "restrict.rodata"
libbpf: sec '.rellsm/socket_connect': collecting relocation for section(3) 'lsm/socket_connect'
libbpf: sec '.rellsm/socket_connect': relo #0: insn #22 against '.data'
libbpf: prog 'restrict_connect': found data map 0 (restrict.data, sec 7, off 0) for insn 22
libbpf: sec '.rellsm/socket_connect': relo #1: insn #29 against '.data'
libbpf: prog 'restrict_connect': found data map 0 (restrict.data, sec 7, off 0) for insn 29
libbpf: sec '.rellsm/socket_connect': relo #2: insn #33 against '.data'
libbpf: prog 'restrict_connect': found data map 0 (restrict.data, sec 7, off 0) for insn 33
libbpf: sec '.rellsm/socket_connect': relo #3: insn #39 against '.data'
libbpf: prog 'restrict_connect': found data map 0 (restrict.data, sec 7, off 0) for insn 39
libbpf: sec '.rellsm/socket_connect': relo #4: insn #43 against '.data'
libbpf: prog 'restrict_connect': found data map 0 (restrict.data, sec 7, off 0) for insn 43
libbpf: sec '.rellsm/socket_connect': relo #5: insn #47 against '.data'
libbpf: prog 'restrict_connect': found data map 0 (restrict.data, sec 7, off 0) for insn 47
libbpf: loading kernel BTF '/sys/kernel/btf/vmlinux': 0
libbpf: map 'restrict.data': created successfully, fd=4
libbpf: map 'restrict.rodata': created successfully, fd=5
libbpf: sec 'lsm/socket_connect': found 4 CO-RE relocations
libbpf: prog 'restrict_connect': relo #0: kind <byte_off> (0), spec is [6] struct sockaddr.sa_family (0:0 @ offset 0)
libbpf: CO-RE relocating [0] struct sockaddr: found target candidate [2804] struct sockaddr in [vmlinux]
libbpf: prog 'restrict_connect': relo #0: matching candidate #0 [2804] struct sockaddr.sa_family (0:0 @ offset 0)
libbpf: prog 'restrict_connect': relo #0: patched insn #7 (LDX/ST/STX) off 0 -> 0
libbpf: prog 'restrict_connect': relo #1: kind <byte_off> (0), spec is [17] struct sockaddr_in.sin_addr.s_addr (0:2:0 @ offset 4)
libbpf: CO-RE relocating [0] struct sockaddr_in: found target candidate [21675] struct sockaddr_in in [vmlinux]
libbpf: prog 'restrict_connect': relo #1: matching candidate #0 [21675] struct sockaddr_in.sin_addr.s_addr (0:2:0 @ offset 4)
libbpf: prog 'restrict_connect': relo #1: patched insn #10 (LDX/ST/STX) off 4 -> 4
libbpf: prog 'restrict_connect': relo #2: kind <type_exists> (8), spec is [26] struct trace_event_raw_bpf_trace_printk___x
libbpf: CO-RE relocating [0] struct trace_event_raw_bpf_trace_printk___x: found target candidate [106230] struct trace_event_raw_bpf_trace_printk in [vmlinux]
libbpf: prog 'restrict_connect': relo #2: matching candidate #0 [106230] struct trace_event_raw_bpf_trace_printk
libbpf: prog 'restrict_connect': relo #2: patched insn #13 (ALU/ALU64) imm 1 -> 1
libbpf: prog 'restrict_connect': relo #3: kind <enumval_exists> (10), spec is [27] enum bpf_func_id___x::BPF_FUNC_snprintf___x = 42
libbpf: CO-RE relocating [0] enum bpf_func_id___x: found target candidate [11292] enum bpf_func_id in [vmlinux]
libbpf: prog 'restrict_connect': relo #3: matching candidate #0 [11292] enum bpf_func_id::BPF_FUNC_snprintf = 165
libbpf: prog 'restrict_connect': relo #3: patched insn #14 (LDIMM64) imm64 1 -> 1
BPF skeleton ok
and when i run ping 1.1.1.1, it also can ping it
i don't know how to resolve it ,can you help me? thanks
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.