Александр Костриков akostrikov
akostrikov
/ sk_buf_ebpf_links.txt
Created
May 1, 2024 17:18
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| https://upload.wikimedia.org/wikipedia/commons/3/37/Netfilter-packet-flow.svg | |
| https://www.frozentux.net/iptables-tutorial/iptables-tutorial.html | |
| https://elixir.bootlin.com/linux/latest/source/net/netfilter/core.c#L619 | |
| https://arthurchiao.art/blog/monitoring-network-stack/#sysclassnetnicstatistics | |
| https://arthurchiao.art/blog/conntrack-design-and-implementation/ | |
| https://web.archive.org/web/20080714111103/gicl.cs.drexel.edu/people/sevy/network/Linux_network_stack_walkthrough.html | |
| https://tldp.org/LDP/nag2/ | |
| https://www.lartc.org/lartc.html | |
| https://makelinux.github.io/kernel/map/ | |
| https://ebpf.io/what-is-ebpf/ |
akostrikov
/ cap.sh
Created
March 31, 2024 13:51
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Можно без capabilities пинговать | |
| akostrikov@DESKTOP-2F6SIC8:~$ sudo setcap cap_net_raw=-ep /usr/bin/ping | |
| [sudo] password for akostrikov: | |
| akostrikov@DESKTOP-2F6SIC8:~$ getcap /usr/bin/ping | |
| /usr/bin/ping = | |
| # Причем пинг идёт с ICMP | |
| akostrikov@DESKTOP-2F6SIC8:~$ sudo tcpdump -i any host 1.1.1.1 & | |
| [1] 684 | |
| akostrikov@DESKTOP-2F6SIC8:~$ tcpdump: data link type LINUX_SLL2 |
akostrikov
/ ebpf_links.md
Created
November 14, 2023 15:56
https://www.youtube.com/watch?v=XudHNF4k_x0 - Kernel Recipes 2023 - Fast by Friday: Why Kernel Superpowers are Essential
https://andreaskaris.github.io/blog/networking/bpf-and-tcpdump/
akostrikov
/ network_links.md
Last active
January 15, 2024 00:25
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| https://elixir.bootlin.com/linux/v5.4.242/source/net/core/dev.c#L4781 | |
| https://elixir.bootlin.com/linux/latest/A/ident/kfree_skb | |
| https://elixir.bootlin.com/linux/latest/source/include/linux/skbuff.h#L736 | |
| https://elixir.bootlin.com/linux/latest/source/include/net/dropreason.h#L88 | |
| https://elixir.bootlin.com/linux/latest/source/net/core/skbuff.c#L1177 | |
| https://github.com/xdp-project/xdp-tutorial/tree/master/basic01-xdp-pass | |
| https://github.com/iovisor/bpftrace | |
| https://elixir.bootlin.com/linux/latest/source/include/net/tcp.h#L324 | |
| https://habr.com/ru/companies/intel/articles/171079/ | |
| https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.resmgmt.doc/GUID-1DAB8F35-BA86-4063-8459-55D2979B593E.html |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bpftrace | |
| //IP_ADDRESS_DST_TO_CONVERT=127.0.0.3 | |
| //IP_ADDRESS_SRC_TO_CONVERT=127.0.0.1 | |
| //DST_HTON=$(python3 -c "import ipaddress; import socket;print(socket.htonl(int(ipaddress.ip_address('$IP_ADDRESS_DST_TO_CONVERT'))))") | |
| //SRC_HTON=$(python3 -c "import ipaddress; import socket;print(socket.htonl(int(ipaddress.ip_address('$IP_ADDRESS_SRC_TO_CONVERT'))))") | |
| //sudo ./drop.bt $DST_HTON $SRC_HTON | |
| //ping 127.0.0.3 | |
| //curl 127.0.0.3 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Kernelshark Documentation | |
| http://kernelshark.org/Documentation.html | |
| What is new in KernelShark two - Steven Rostedt, VMware Inc | |
| https://www.youtube.com/watch?v=0uu0ElnjLas | |
| How to use Ftrace by using trace-cmd/KernelShark in Linux (on NVIDIA Jetson Xavier) | |
| https://www.youtube.com/watch?v=VvLTWdBmICY&t=68s | |
| LF Live Mentorship Session: Tracing with Ftrace: Critical Tooling for Linux Development | |
| https://www.youtube.com/watch?v=mlxqpNvfvEQ | |
| Ftrace with trace-cmd and kernelshark | |
| https://www.youtube.com/watch?v=o88shUcYmmw |
akostrikov
/ tcp_psh.c
Created
January 26, 2022 17:11
— forked from teknoraver/tcp_psh.c
Sample XDP/tc program, sets the TCP PSH flag on some TCP packets
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdint.h> | |
| #include <arpa/inet.h> | |
| #include <asm/byteorder.h> | |
| #include <linux/bpf.h> | |
| #include <linux/if_ether.h> | |
| #include <linux/ip.h> | |
| #include <linux/tcp.h> | |
| #include <linux/pkt_cls.h> | |
| /* |
https://getfedora.org/en/workstation/download/ sudo systemct enable --now sshd
sudo dnf update kernel
NewerOlder