support filter by ip6 address #26

duanjiong · 2021-10-21T12:48:37Z

ipv6 is a bit tricky to parse out the transport layer protocols, so we don't support transport layer filtering for now.
rename filter_mark to filter_meta, other metadata should be supported later

Signed-off-by: Duan Jiong [email protected]

duanjiong · 2021-10-21T12:49:24Z

fix #6

1. assume that there are no other ipv6 extension headers and the default is to handle layer 4 protocols directly. 2. rename filter_mark to filter_meta, other metadata should be supported later Signed-off-by: Duan Jiong <[email protected]>

brb

Thanks! A few things.

brb · 2021-10-24T13:08:20Z

bpf/kprobe_pwru.c

-	u8 proto;
-	u8 pad[7];
+	u8 l4_proto;
+	u16 l3_proto;


The tuple sizes don't match in C and Go. In Go it's 42 bytes, in C - 40 bytes. To make it 40 bytes in both, you need to swap l4_proto with l3_proto.

Because of that the event_t doesn't match with Event.

You can use the following to validate offsets and size (until #28 has been fixed):

$ clang -O2 -g -I./headers -target bpf -c kprobe_pwru.c -o foo.o $ pahole foo.o | less # meanwhile in Go add the following function: func init() { fmt.Println("tuple", reflect.TypeOf(Tuple{}).Size()) fmt.Println("meta", reflect.TypeOf(Meta{}).Size()) fmt.Println("event", reflect.TypeOf(Event{}).Size()) }

Understood, thank you.

brb · 2021-10-24T13:15:16Z

bpf/kprobe_pwru.c

+		}
+	} else if (ip_vsn == 6) {
+		/*
+		 * The transport layer protocol is represented in ipv6 by the next header type, but there are other


I think it's fine to assume that IPv6 packets with extension headers can be ignored if the filter {s,d}port is set. So you can expect that the next header type will be pointing to the L4.

brb · 2021-10-24T13:15:52Z

internal/pwru/output.go

-			u32ToNetIPv4(event.Tuple.Saddr), byteorder.NetworkToHost16(event.Tuple.Sport),
-			u32ToNetIPv4(event.Tuple.Daddr), byteorder.NetworkToHost16(event.Tuple.Dport),
-			protoToStr(event.Tuple.Proto))
+		fmt.Printf(" [%s]:%d->[%s]:%d(%s)",


Let's use the square brackets only for the IPv6 type addrs.

brb · 2021-10-24T13:16:50Z

bpf/kprobe_pwru.c

+	return true;
+}
+
+//Should we introduce builtin memcmp etc., like bpf in cilium


Let's instead create a GH issue to track this.

duanjiong · 2021-10-25T03:07:06Z

It was reworked as suggested.

brb

Thanks 🚀

brb · 2023-07-03T07:52:31Z

@duanjiong Hi, could you ACK #190?

support filter by ip6 address

2ed5b6b

1. assume that there are no other ipv6 extension headers and the default is to handle layer 4 protocols directly. 2. rename filter_mark to filter_meta, other metadata should be supported later Signed-off-by: Duan Jiong <[email protected]>

brb requested changes Oct 24, 2021

View reviewed changes

duanjiong force-pushed the support-ipv6 branch from da6ca33 to 2ed5b6b Compare October 25, 2021 03:05

brb approved these changes Oct 25, 2021

View reviewed changes

brb merged commit e35029e into cilium:master Oct 25, 2021

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

support filter by ip6 address #26

support filter by ip6 address #26

duanjiong commented Oct 21, 2021

duanjiong commented Oct 21, 2021

brb left a comment

brb Oct 24, 2021

duanjiong Oct 25, 2021

brb Oct 24, 2021

brb Oct 24, 2021

brb Oct 24, 2021

duanjiong commented Oct 25, 2021

brb left a comment

brb commented Jul 3, 2023

support filter by ip6 address #26

support filter by ip6 address #26

Conversation

duanjiong commented Oct 21, 2021

duanjiong commented Oct 21, 2021

brb left a comment

Choose a reason for hiding this comment

brb Oct 24, 2021

Choose a reason for hiding this comment

duanjiong Oct 25, 2021

Choose a reason for hiding this comment

brb Oct 24, 2021

Choose a reason for hiding this comment

brb Oct 24, 2021

Choose a reason for hiding this comment

brb Oct 24, 2021

Choose a reason for hiding this comment

duanjiong commented Oct 25, 2021

brb left a comment

Choose a reason for hiding this comment

brb commented Jul 3, 2023