From 3abb86ce332d0beae388430d96096cea920dded3 Mon Sep 17 00:00:00 2001
From: Simone Magnani <simonemagnani.96@gmail.com>
Date: Sat, 24 Feb 2024 13:10:50 +0100
Subject: [PATCH] simplified example by removing xdp and batch hash map delete

Signed-off-by: Simone Magnani <simonemagnani.96@gmail.com>
---
 examples/README.md                           |   4 +-
 examples/shared_xdp_tc/bpf_bpfeb.o           | Bin 7536 -> 0 bytes
 examples/shared_xdp_tc/bpf_bpfel.o           | Bin 7536 -> 0 bytes
 examples/shared_xdp_tc/main.go               | 155 -------------------
 examples/shared_xdp_tc/xdp_tcx.c             | 149 ------------------
 examples/{shared_xdp_tc => tcx}/bpf_bpfeb.go |   0
 examples/tcx/bpf_bpfeb.o                     | Bin 0 -> 7112 bytes
 examples/{shared_xdp_tc => tcx}/bpf_bpfel.go |   0
 examples/tcx/bpf_bpfel.o                     | Bin 0 -> 7112 bytes
 examples/tcx/main.go                         | 120 ++++++++++++++
 examples/tcx/tcx.c                           | 155 +++++++++++++++++++
 11 files changed, 277 insertions(+), 306 deletions(-)
 delete mode 100644 examples/shared_xdp_tc/bpf_bpfeb.o
 delete mode 100644 examples/shared_xdp_tc/bpf_bpfel.o
 delete mode 100644 examples/shared_xdp_tc/main.go
 delete mode 100644 examples/shared_xdp_tc/xdp_tcx.c
 rename examples/{shared_xdp_tc => tcx}/bpf_bpfeb.go (100%)
 create mode 100644 examples/tcx/bpf_bpfeb.o
 rename examples/{shared_xdp_tc => tcx}/bpf_bpfel.go (100%)
 create mode 100644 examples/tcx/bpf_bpfel.o
 create mode 100644 examples/tcx/main.go
 create mode 100644 examples/tcx/tcx.c

diff --git a/examples/README.md b/examples/README.md
index 12e6b73d7..444ff3cab 100644
--- a/examples/README.md
+++ b/examples/README.md
@@ -16,8 +16,8 @@
   Like kprobes, but with better performance and usability, for kernels 5.5 and later.
   * [tcp_connect](fentry/) - Trace outgoing IPv4 TCP connections.
   * [tcp_close](tcprtt/) - Log RTT of IPv4 TCP connections using eBPF CO-RE helpers.
-* TC and XDP - Attach a program to a network interface to process incoming (XDP) and outgoing (TC) packets.
-  * [shared_xdp_tc](./shared_xdp_tc/) - monitor and periodically reset the number of incoming and outgoing packets for each network flow identified with the traditional 5-tuple session identifier (IP addresses, L4 Ports, IP protocol).
+* TCx - Attach a program to Linux TC (Traffic Control) to process incoming and outgoing packets.
+  * [tcx](./tcx/) - monitor the number of incoming and outgoing packets for each network flow identified with the traditional 5-tuple session identifier (IP addresses, L4 Ports, IP protocol).
 * XDP - Attach a program to a network interface to process incoming packets.
   * [xdp](xdp/) - Print packet counts by IPv4 source address.
 * Add your use case(s) here!
diff --git a/examples/shared_xdp_tc/bpf_bpfeb.o b/examples/shared_xdp_tc/bpf_bpfeb.o
deleted file mode 100644
index 0c8e967aabc23faa5eef45114aed1d5525a3dd11..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 7536
zcmc&&U2I%O6+U;p&QB?A3Mp|)ft$1qc51ucG)mK!M(d<04ozWc(<(t!*PGpI`{MQP
zcJJN9X+<$V6_E(24<Lesz-_6B;GscCB$W_x=>q{C2vUXez=MT&Fan_nD%C1b^L_Jk
z_j+O%Ar&$5%sJmVXU_bbGjnJCx%~$p$mKjqizjb@&j?Ztn9XMuDw_6s@yc5yPgK4^
z$>iLSrj-|#{z(pWk@P}=t;kxfziwcM3=&5Lxt8?NA?X)c=h|(BT_5%5ifl!mD99$#
zb0xMSHx9|WKs?ZH&>P_A7SJ^phS8#|Eh@5WV6XV(VAMtG=(j_EGv(2++^Xm&Wh-fH
z)`4|?kQnQ{iFESCr8gD*o?c(&xuw^ME6*=oA-%AjEynjnmX?;T^lVTtZJyDb_o%4(
z%Q>z0o_cO+fhxEEg?n@d?jQUuxc=<^7{58JGshm*@2j4U(>d)X_YF-2>nf4Ox(<^5
z7x5dQeI|aluM)pr+S#}vPVWZH#*6#CQoOdX-`m9N1Jp-bbetxi*Kq(=@dH-z$;3~^
z&Bh1oRq?cObNAcb-%PwzzB>B<W!$(-F>w<cxBJ`Wn*Y#&Lw9_%q~fNG-lqBUch!;Z
z(I)xJBCKn8c66fXbKxl~C_#Pd)L|i`&3M*n(rxX)`>58(8uBajQQ55$l1YM#1db3|
zq5L+~^{6b!A;tTkyfHYxBI;d+XRh9d${ZR+-A89A*PtG7=Jc4+F<zfGI!=LOP8!{H
z;G0HAqQqvNw0j!!B&7Tls+}jpK;B2?!Q#G<{|>5gCoh2K8jGkep{_-pLH#l6^{8{G
zFLMGYyggMvGxkQ{SK*ZV$(a2L)sFoe!~39!p^_It|6ur0(7zde25#w>eP>a*al{zL
z<NDqUx)B>h*^Q`bu^<>TzYXL2;Ln2}0yX33cN!kLJYzw55&T}mkAg25eg^yz!_R^r
zGyEL*hT-SIKdE_6!>+^gA^##U{Ch?4UoreB_^*TC4EYTBZ)$nY2mfuu7eURQ<wn7q
zJ<H9&=KH|#nVSXwlHupT|HSa~;9t>v7fAlsXmEFQ`QU$N_*wAt;Nd6lqyEM4MNkuy
z{3v*q_d`E}`UZI1Ir%x%x4@$>)1#YtLEZ;t@xd2S86V1LK!r0g1u~Uy?7Wg3VM8w+
zQ{-(o_DO%+D9^DG!QI(?3kTMvyI{`4hakVp(?W`hWHY`#2DpVX7UOFxEFS9kx+=#u
zLI0S^v0K3Z)%a&(s$ny0yA5tRf23*m-_6<B1`N~ge_gNF1Ss!egW}_ebY<ipR#Ntl
z>WKuw@WT%e9|;~g@TvX5p(CaJK_GD$$5EpmOok^UE?289sj4<^Hd={PRoiSek_LLW
z@7y8ndK`_{!>X?xwhOyDqIiORV7I#?t4x$z=^)3-wRVW91eHb`^9jcdlbmRVGF6@q
z!g|t*!dN&PZ5$`%Bo3y^O_{DXgQ+T}my}flV~v8T5Td9)-ojdfXe_E%!)a+v2T!!a
zb{J?FF4tC)>9hxyHy(_&>lF?mgLiPCq%u8Nk@c-GX}9XWvZyu2qe^e@u|`z&xA*nd
z8ujr$xEa{P8TI?CC^*Z0f2iL-e19n@4L|Zo-@URvPFn3s;%D~W$BO;?{HHz(Z8YY0
zh6$4i|8~F7=kM`34&C+nPiZ6Q2KGz@Dm?y{`~0KLv0x%;)Z^a$hem=@aG=ze+NRTs
znk)K?k4H&m!tafm1ACOiN~5MaFP~0Qxw^ZoUvAT`u4ID+8qZi~FO#Hi`CwSNvQhbG
zZ0_8ljg*W#rz}*SIu=Ss3*&@|3zKB3xg!;-oQ6;jLyJ^p2Zenqv%_>|1(g#zm8AZ5
z5cuW(BU6J~qcPcT24O9n>fM$maKFC|o;XDYcniAd{aw*xJv<(0rz$1ZTi5L-vLIa9
zH3l%<`u)A72ZG^`A5j~!J_zCy^-3@nBEmtrUJY=<d$+;;z#e-9`;lVz;^@Yc!O`~E
znAF0$G$)h5oXpmw=);8NHF46!ridJ?mFvjBFvii<AgM%F%4?(9iW;pbIU)97CKYoe
zD@SFb98U-Ym0B6sP*v*XW)y&qm8YWG32B8>4Xie5?vz@iQm!d374AxfyR4<UuC%FQ
z6YTy}Q;tWiFyNBL<3<pN<FRI<Cqo&lHIDQ0i-lX<K}gVDJ3H4HPrJ`X;z?y0H!733
zz|@tat_O92B=6vzQRw#%?F)wY9ST12;D3yxy;F4@)ukH*wWt!-<4^_>wOA|?^Y+EJ
zLX}(5qISK8x@cth4teG~qa^Rc_huZN`BbUj6!;!18+;>KyzQvFB)7W=!2TBV8-(|h
z!e15dr+ioS8vH|%Gk9~!?hIZ7Tr~I+o?CqLj$|<Pcuy&R_)Yy9zkQ<_Onp=1oG-G#
z&*n@9^D}+g;JZZ@`L;Zh!TfZeH~4Y!Zl?ZX22+oDas0H*8~x|S8|7Pk!QdCgo4|WV
zt{D6a@v6j&2LDOCXE8r+EB)o(67Ll8I*q$Fi}xks4F(U0H$&`eoHOHjy+%JG-fMVM
zc}0UyiFX<M;gt;jmU#0$;72tUQ@m-T|CxBN<N4v8G5Af%U5odJcUEH+U+kaC1@(JV
z%ey}#xe~^-aaZ{N5%&o_pET~x3})O<8f@c!I)fQkv+kUY`+1`$rhZOiaJtMJy&HEM
z=PO1}%)D4M*yKeTcVhk&*|6N7*Q0Tljq8xXHm)NE+qfRq*vw8mv;Hm{*IBLa{<-Ax
zjH_9%iWm3iZ3_|ue^-^4Au)31Nm{<vk;{B475PC%j{Qvwf2&ykmr|+7FFSH?HY2C8
zdh=&x;D3Z_<Xm4`zTA;7o6idwdDfo4X|4Y`@V2}H#`-^Pg`f}OBC_*0Vs8%2R{WS<
zX9Sk`U>=9P^>5@J_v0SeuQdWom^&yu=YsQZ?_r+XWw^(|h<{d}=f1K(V$YIaK(m1i
z5lTNQlhWdkfahE+E;;&92Xnk^{}~5A>)=@jpLOt@gD*LF-oaOvV@@SIAN3nQGe6IF
z^g|9VI=JNEQ3p32JmcVJ9X#vcvksnf@FfS&JNU|Std4YMy}1pJ-goejgGYcf@y{K0
z@Pvbzk6HVZ4nFPRGY&rQ;EN8v?BE3lFD}Pj>m1zU;9dvscJPRU4?B3m!P5>t>EP22
zKI7o?4!-E%%MM;}@ZxfuUuW^A%{TSPU=mIzGS~`hgL@A>FsOif8dAjHzUglj8LZWg
zP4Ra^3qSYqyTCpkX^BU!{juG7`Cj!D9>njOq<mBc;}cVgnqlSO-o1t3ZjvEQ3c+rT
z6e$FEX{1OYDD2QsQ{aNZ1+49zD0Mh-?rrO~=l6#Dt(6$6E|v^$G2foqQp|!3Z|_rz
z@Lsd`xvbLPo1<Z-Fs`=n|M>hL7)w#LX|s{}#^R&$-nZ+t{dpgZpsq51`y^1`C77kf
z_NU-})YZmkKC}3!9N&KLY=4f=Z;Tz^&JQA%F5BOH|FjgXwWomZbBo>n7ioavtG3hF
z@hSNNs_oygP+Zr77F_cWN0E)+)6lK9{>!GH56bmhJ3Btt&)+wzjDOu9p+m{{XqvX!
z@p<1`zs1x-F&h^(?wSYX_#BHRJAQv->7d%T8KufLJ$C-t@o12p?=fJTDA~^7`O}WY
NJIw~w#?g-7^KZASz?}d9

diff --git a/examples/shared_xdp_tc/bpf_bpfel.o b/examples/shared_xdp_tc/bpf_bpfel.o
deleted file mode 100644
index 3dcbae5bb3acd73ea02e2c3239df6d88caca9b85..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 7536
zcmcgxU2I%O6+XLb$2N&w+li@@mU8n`XYJaKH;tS$CDG=Wq)lPfI8{<nU2pDQdoR1*
z-R`}c*sXx&PedZ1Jb*A#1r`w^f`<kn5hEeu(gy-O5TpqCfd>omU<5)DRH{`<!*}Lq
z_wIB<EAeyWx#xW6oS8E-XJ+o)^=FQqIv$NgNK=H~q&m`CqU)RMa#Dy%dH|m3-WGw<
zJ<@(7Cb_f!?RzXa`_}}&xl!udVDExBvVE6OcpEneekL|T?U2HL+l1ecu-}kj=*5i>
zO57?K^~KhU{`SRMiMwznwu9Dz-`phaZKyX6ab(9<p=c%9!LXepjO_T3uzQ<!NZ!ZM
ziF`GVbnhbqr+c;to_qc+F|OQGa(vE~H{^JS?#l6gN4Qa2l<4lgd-wW{N&O<stU5z-
z{9!xmU*59Xw4Iw*Rl69*YLj;LJaPL7O|9ZdbOViYyRUc4iM*lgUk7JO_ogK8IVJe}
z&*QN0ujg^-K6%_J{B-{MVx30bw%;djmZ*3Cyge-A_sV?bhGagxUYW<-kjzs(k1~Ib
z%2T>W=2hqK=KIdudJ$L8>;EoaA`Ef9m~_65R?>OvnUfQ{KAMsVlji$Azy0S3^(*T#
zmH?Oayip`Yc~|iIV8$!NszJG7crCG>ebm;|e$WVt)|+dr)2%(QBzceXQGzyFSpO(W
z2MW_;C@fnj2^5~;B+6bT^9ntH(up#Oas&m`{sBBr3bEFAdQReY-d&$iHXZ}V%t_qN
z=TJ$?;soTrDT=b+r%_O+h4q(FbU!%<x}OkvURo^hZ=t9;q^pp5o{}i9qO_q@QGSH-
z0Ll`|Pf$Qzd~WG_5Tkr_y^ezUY~h^!3Ps2Mjgl?!WhE!U|Dfba@V_a!3eE%Lx(g^w
zfSqC<An=jA2^@bL`h-<Hq8xJogR&5R5%L&h9e<CKVWR^|PC`Dc<VnaWC08MzQ}P1j
zDJ3sKE-HBi@=HqQj_7e%kUy{VNyuMT@+9Q1LFP47h5QYrw=k$zv_E7$XOocioK+!z
zPx&lBepSg!kbkV?709nCnOE_zA@hl0LH?bR7a*@F9}E01N=}07oJ>MydI+To`Arl)
zX_mm>K@szb1=5DXvc-#qIZ6_8x6)UY9%@9DzNk)hb)%kbOqiNhvDe@zPe`f9Gs<te
z?Xm%0mXwfk`-dU#m2!mZCQ+DlTTj8ZRjTwex((7Zp|;on|JoYkxAk+dL$_f&<iD!+
zf%!ebj7f~`Q3%|B-rs+heq95Q+3BCM4c<D`%MXx+62m5eUFhW-M%E{<5Rh#jdiL2v
z=j_ubpFd_#oJ$?EZSq~;_lgBO=gyIz&Sc7z5l_EVEC-Yk&r-P<6j8hK_-?8cd~dqo
zW-QrYB{5!C`B|<5zkPL`lTDXvK`x~86&GExoni(3ai^6K%#~c4NzdADAt-yUPuv^n
z><8(<w`bBNn$48#nGCuYq{Rcy64^5@R9<1ajIr3>lvl{Ovs9k7U#z$l*Ot(2v^v3T
ztp<iSZBJDS4u_!8T^uNIW=9?BD7!(WT(E>kzBuhU@%V+Jm$8Nh<N0D?dJxTw9ONDi
zTlX<=FNdwMVe9PCl$|<s`t;zF)Zqu^iW69&xwkN4>wxw0r(pG_ta=zX$XbtCi9ze2
z#c{Z~LF;Ad1l!2LtS!=GZ9QO}FHPCmpjhzZ$0knLDf?t<u;yFqo>ywxo`2B`oU9f1
zN+SnFgHACoDmQi~aNb>=IvRZ{nPxs1plTW8jPoKHYz&5x3m>uml+WY4rIXO{%n1*%
zP7M#CV-M8`FI>0;Go{@%rC8HY$}sFvGwGo4ujzD{daqzIQYRLvH3WusdH%6d?R>GA
ztCVav@6N;rY72PS8bC|jMNaTmRFU)Bw8esZ(Uy&hCDEaqu9UC}+~!RqfT}iZ9Zns$
z4}I*Mn2-+J_U8(YJ>??9cDj(UvBTp7Xny3N-h#teVozf0`Z@c2WonA@Zh=a<z*al6
zoFloJFuW3W8tElM7xL)>R-o%+>q-zfp4RfQQ7U`IvKP#e-k5=-wxn~OvS~j{P&oNC
zj-d<{(k0IZpGwbo`8g`PGewNnEA63t(MjipR8x-El;he{99Pm+hyiAQrbHLLvTO5@
zrv0MryVJfDyq8>>$`>#4;pY=iaUEfSj_;`-W4zlfevqFNo_^8E;Q$jyjyN8~0TTQd
z&y2*dHF3l~bY#N*_|xy1M}4NsJc>itw)39j7JQdRku{$*BEI|byMk$lDtGY4Srcy^
z@gAZ9yhQLP=!1Ap%lD1IT!-(2?8EO!rXk4VD9L?M@x7z*PGG)2G5!il-%leHSNI3O
z8?O=V3*mLZNri92z8)8@6Cu0~IHmC0u=m~}nhfD}z<h`0coyz1U8}fngm4siUg0NT
z-?T=AkiwsF8!$o$`~uq_j?k?TZUerpFqohfJUQNH;omtKA%qb4yTA`+BXn2cUog%@
z2qA?1PrzMQP!WGz{~gAcBh;?&X5^#m3lZv8c!Y5kxl>rjiz|Er_DAkSD5>ye;C0Ip
zI;-$Ef%{h?gf5AA=!PIPDe%u=kG&D0>k7XG+_E7`iwbjoqsS+(1^MfMtoKRaWU8Kb
z#yf%g(fa>0?^zX3=RLd*IPaH~UFUs1ggNim6xMlP3}MdulEPquR`6_=cb(^O-aA8i
z*Xx4RyfW@YQgohmUimi=ZeQnhOktf@ooAibl(Ng-Q7z9puk*_ObL6L`B}xklbH1X;
z*LzV+UP~L?<TqPPtdX$cs{+JmC9H(}eWmBQ4bv+E#KhhT>wl^A*U(p!V&PlAGX7BT
zRx!4)|Cf}0C9H&eRp~kRVUoWqw2GXE^{)xgN>_~jJPmzsXnt-f`!?u%#EB?du_U7x
zz<WdezpniEL*FC5j-?~t{h8v*&Wyj)dCxLw%xfi#v78$4ZT^q|G2{BHA>0itf3=c!
zuKE!aCU)bGq7(xVW42GCFlo$tjY;FGKy`e@zzYVxZr~*Y-!|}yf$thvbP_t<pKdiD
z8e0Y)GjP(tDFaU$xMbj}fv*^N!NAuIyky|p23|4nT?3Qa&U(Dv2Ie!8N!!N^d?JK7
z|7Q)HHSnx~FBy2=z}F1CXy980UN-Qmf!7S&j&~OmkB|G`Z{WCr_ZgVaTqa%rtbwxz
zo;C0#1J4`ynt>M$e9OSg23|Grnt|K7<DvdPxOq!IjRx*)K%-?hKYDoL_^1HlYRD@7
z_N{%Z&}cq?VTQjG%J|&JcY(e<vL`ON`eVC(^L^J<cog3?LHaz6`g1datFUzH@Zp60
z1hX;8681ic1WVX^B@!%QCw5CHIdDQ@{z>#drUF_}Q`gYe@B1bEZG*OcC)R4-c3kkY
zO9LevP#vhW)D-+1*uSf<-y^z0yA~AZ-{Sc9vZTVA&8z?SSW3ZXK95t^?^gN~;LYN<
ztNo<UCFNeLukld`&EhXMiH~bWt-g-W?-`D7=0NWU{r-cCAodLthiO({?;k7d3|Ws~
zt3L<9Y?EzzfBl1hOb?NnKmJX;+4z^6jGz5<d_8{tO}|<EKXSrA{YF3oinFa*{52JS
zMNKR>$Fa=#{N9h9x>p3NqSR<vt$#C~+1CrGp_WRmt`OA!H~G%V#Ef&P<E!TBUo&;H
AlK=n!

diff --git a/examples/shared_xdp_tc/main.go b/examples/shared_xdp_tc/main.go
deleted file mode 100644
index ec95b83c4..000000000
--- a/examples/shared_xdp_tc/main.go
+++ /dev/null
@@ -1,155 +0,0 @@
-// This program demonstrates attaching an eBPF program to a network interface
-// with XDP (eXpress Data Path). The program parses the IPv4 source address
-// from packets and writes the packet count by IP to an LRU hash map.
-// The userspace program (Go code in this file) prints the contents
-// of the map to stdout every second.
-// It is possible to modify the XDP program to drop or redirect packets
-// as well -- give it a try!
-// This example depends on bpf_link, available in Linux kernel version 5.7 or newer.
-package main
-
-import (
-	"encoding/binary"
-	"fmt"
-	"log"
-	"net"
-	"net/netip"
-	"os"
-	"strings"
-	"time"
-
-	"github.com/cilium/ebpf"
-	"github.com/cilium/ebpf/link"
-)
-
-// erase content of the map after this iterations
-const eraseEvery = 5
-
-// mapping between integer value and L4 protocol string
-var (
-	currIter = 0
-	protoMap = map[uint8]string{
-		1:  "ICMP",
-		6:  "TCP",
-		17: "UDP",
-	}
-)
-
-//go:generate go run github.com/cilium/ebpf/cmd/bpf2go bpf xdp_tcx.c -- -I../headers
-
-func main() {
-	if len(os.Args) < 2 {
-		log.Fatalf("Please specify a network interface")
-	}
-
-	// Look up the network interface by name.
-	ifaceName := os.Args[1]
-	iface, err := net.InterfaceByName(ifaceName)
-	if err != nil {
-		log.Fatalf("lookup network iface %q: %s", ifaceName, err)
-	}
-
-	// Load pre-compiled programs into the kernel.
-	objs := bpfObjects{}
-	if err := loadBpfObjects(&objs, nil); err != nil {
-		log.Fatalf("loading objects: %s", err)
-	}
-	defer objs.Close()
-
-	// Attach the program to Ingress XDP.
-	l, err := link.AttachXDP(link.XDPOptions{
-		Interface: iface.Index,
-		Program:   objs.IngressProgFunc,
-	})
-	if err != nil {
-		log.Fatalf("could not attach TCx program: %s", err)
-	}
-	defer l.Close()
-
-	log.Printf("Attached XDP program to INGRESS iface %q (index %d)", iface.Name, iface.Index)
-
-	// Attach the program to Egress TC.
-	l2, err := link.AttachTCX(link.TCXOptions{
-		Interface: iface.Index,
-		Program:   objs.EgressProgFunc,
-		Attach:    ebpf.AttachTCXEgress,
-	})
-	if err != nil {
-		log.Fatalf("could not attach TCx program: %s", err)
-	}
-	defer l2.Close()
-
-	log.Printf("Attached TCx program to EGRESS iface %q (index %d)", iface.Name, iface.Index)
-	log.Printf("Press Ctrl-C to exit and remove the program")
-
-	// Print the contents of the BPF hash map.
-	ticker := time.NewTicker(1 * time.Second)
-	defer ticker.Stop()
-	for range ticker.C {
-		handleMapContents(objs.StatsMap)
-	}
-}
-
-// handleMapContents prints the content of the map into a string.
-// For each entry (if any), a row is formatted with the following content:
-// <src_addr>:<src_port> <dst_addr>:<dst_port> Proto:<l4_proto> => Ingress:<in_packets> Egress:<eg_packets>
-// Every nth calls to this function, the entire content of the Hash map is erased
-// (lru map would automatically remove old keys, but can also remove additional keys
-// so we use hash map to keep constant behaviour)
-func handleMapContents(m *ebpf.Map) {
-	var (
-		sb   strings.Builder
-		key  bpfSessionKey
-		val  bpfSessionValue
-		keys []bpfSessionKey
-	)
-	currIter++
-	needsErase := currIter%eraseEvery == 0
-
-	if needsErase {
-		keys = make([]bpfSessionKey, 0)
-	}
-
-	iter := m.Iterate()
-	for iter.Next(&key, &val) {
-		sb.WriteString(fmt.Sprintf("\t%s:%d - %s:%d Proto:%s => Ingress:%d Egress:%d\n",
-			intToIp(key.Saddr), portToLE(key.Sport), intToIp(key.Daddr), portToLE(key.Dport),
-			protoMap[key.Proto], val.InCount, val.EgCount))
-		if needsErase {
-			keys = append(keys, key)
-		}
-	}
-	if iter.Err() != nil {
-		log.Printf("Error reading map: %s", iter.Err())
-		return
-	}
-
-	log.Printf("Map contents:\n%s", sb.String())
-
-	if !needsErase {
-		return
-	}
-
-	n, err := m.BatchDelete(keys, nil)
-	if err != nil {
-		log.Printf("Error erasing map: %s", err)
-		return
-	}
-	log.Printf("Successfully Erased Map content (%d elements) at Iteration n. %d\n", n, currIter)
-}
-
-// intToIp convert an int32 value retrieved from the network
-// traffic (big endian) into a netip.Addr
-func intToIp(val uint32) netip.Addr {
-	a4 := [4]byte{}
-	binary.LittleEndian.PutUint32(a4[:], val)
-	return netip.AddrFrom4(a4)
-}
-
-// portToLE convert a uint16 value retrieved from the network
-// traffic (big endian) into a little endian
-func portToLE(val uint16) uint16 {
-	p2 := [2]byte{}
-	binary.LittleEndian.PutUint16(p2[:], val)
-	return binary.LittleEndian.Uint16(p2[:])
-}
diff --git a/examples/shared_xdp_tc/xdp_tcx.c b/examples/shared_xdp_tc/xdp_tcx.c
deleted file mode 100644
index eacdf2d6e..000000000
--- a/examples/shared_xdp_tc/xdp_tcx.c
+++ /dev/null
@@ -1,149 +0,0 @@
-//go:build ignore
-
-#include "common.h"
-
-char __license[] SEC("license") = "Dual MIT/GPL";
-
-// Session identifier
-struct session_key {
-	__u32 saddr; // IP source address
-	__u32 daddr; // IP dest address
-	__u16 sport; // Source port (if ICMP then 0)
-	__u16 dport; // Dest port (if ICMP then 0)
-	__u8 proto; // Protocol ID
-};
-
-// Session value
-struct session_value {
-	__u32 in_count;
-	__u32 eg_count;
-};
-
-#define MAX_MAP_ENTRIES 16
-
-/*
-Define an Hash map for storing packet Ingress and Egress count by 5-tuple session identifier
-User-space logic is responsible for cleaning the map, if potentially new entries needs to be monitored.
-*/
-struct {
-	__uint(type, BPF_MAP_TYPE_HASH);
-	__uint(max_entries, MAX_MAP_ENTRIES);
-	__type(key, struct session_key);
-	__type(value, struct session_value);
-} stats_map SEC(".maps");
-
-/*
-Attempt to parse the 5-tuple session identifierfrom the packet.
-Returns 0 if there is no IPv4 header field or if L4 is not a UDP, TCP or ICMP packet; otherwise returns non-zero.
-*/
-static __always_inline int parse_session_identifier(void *data, void *data_end, struct session_key *key, __u8 is_ingress) {
-	// First, parse the ethernet header.
-	struct ethhdr *eth = data;
-	if ((void *)(eth + 1) > data_end) {
-		return 0;
-	}
-
-	if (eth->h_proto != bpf_htons(ETH_P_IP)) {
-		// The protocol is not IPv4, so we can't parse an IPv4 source address.
-		return 0;
-	}
-
-	// Then parse the IP header.
-	struct iphdr *ip = (void *)(eth + 1);
-	if ((void *)(ip + 1) > data_end) {
-		return 0;
-	}
-
-	// Then parse the L4 header.
-	switch (ip->protocol) {
-	case IPPROTO_TCP: {
-		// TCP protocol carried, parse TCP header.
-		struct tcphdr *tcp = (void *)(ip + 1);
-		if ((void *)(tcp + 1) > data_end)
-			return 0;
-		key->sport = (__u16)(tcp->source);
-		key->dport = (__u16)(tcp->dest);
-		break;
-	}
-	case IPPROTO_UDP: {
-		// UDP protocol carried, parse TCP header.
-		struct udphdr *udp = (void *)(ip + 1);
-		if ((void *)(udp + 1) > data_end)
-			return 0;
-		key->sport = (__u16)(udp->source);
-		key->dport = (__u16)(udp->dest);
-		break;
-	}
-	case IPPROTO_ICMP: {
-		// ICMP protocol carried, no source/dest port.
-		break;
-	}
-	// Unchecked protocols, ignore them
-	default: {
-		return 0;
-	}
-	}
-
-	// Fill session key with IP header data
-	key->proto = (__u8)(ip->protocol);
-	key->saddr = (__u32)(ip->saddr);
-	key->daddr = (__u32)(ip->daddr);
-
-	// In case the function is called from Egress hook, swap IP addresses and L4 ports before
-	// doing the map lookup
-	if (!is_ingress) {
-		__u32 tmp  = key->saddr;
-		key->saddr = key->daddr;
-		key->daddr = tmp;
-		__u16 tmp2 = key->sport;
-		key->sport = key->dport;
-		key->dport = tmp2;
-	}
-	return 1;
-}
-
-/*
-Main program logic shared by either XDP and TC hook. The function attempts to update the entry
-in the LRU map corresponding to the 5-tuple identifier; it increases either the ingress or egress
-packet counter value. In case of a non IP, TCP, UDP, ICMP packet, the program ignores the packet.
-*/
-static __always_inline int prog_logic(void *data, void *data_end, __u8 is_ingress, int ret_code) {
-	struct session_key key = {};
-	if (!parse_session_identifier(data, data_end, &key, is_ingress)) {
-		// Not an IPv4 packet, so don't count it.
-		goto done;
-	}
-
-	struct session_value *val = bpf_map_lookup_elem(&stats_map, &key);
-	if (!val) {
-		// No entry in the map for this 5-tuple identifier yet, so set the initial value to 1.
-		struct session_value new_val = {};
-		if (is_ingress)
-			new_val.in_count = 1;
-		else
-			new_val.eg_count = 1;
-		bpf_map_update_elem(&stats_map, &key, &new_val, BPF_ANY);
-	} else {
-		// Entry already exists for this 5-tuple identifier, so increment it atomically using an LLVM built-in.
-		if (is_ingress)
-			__sync_fetch_and_add(&val->in_count, 1);
-		else
-			__sync_fetch_and_add(&val->eg_count, 1);
-	}
-
-done:
-	// Return code corresponds to the OK action within either XDP or TC
-	return ret_code;
-}
-
-// XDP Ingress hook
-SEC("xdp")
-int ingress_prog_func(struct xdp_md *ctx) {
-	return prog_logic((void *)(long)ctx->data, (void *)(long)ctx->data_end, 0, XDP_PASS);
-}
-
-// TC Egress hook
-SEC("tc")
-int egress_prog_func(struct __sk_buff *ctx) {
-	return prog_logic((void *)(long)ctx->data, (void *)(long)ctx->data_end, 1, TC_ACT_OK);
-}
diff --git a/examples/shared_xdp_tc/bpf_bpfeb.go b/examples/tcx/bpf_bpfeb.go
similarity index 100%
rename from examples/shared_xdp_tc/bpf_bpfeb.go
rename to examples/tcx/bpf_bpfeb.go
diff --git a/examples/tcx/bpf_bpfeb.o b/examples/tcx/bpf_bpfeb.o
new file mode 100644
index 0000000000000000000000000000000000000000..9e23b089d261edc9777524a92e3e0eb059828417
GIT binary patch
literal 7112
zcmcIoZ)_Y#6@R;TZjwSu(tmMFp_?>~&S`wjrBP~V8(q>QBvL@8I4D7t)|d0zxA=T_
zz1>TkhEji_%7-Eq2_#Fcz)7eus1ku9;v%F3`o%~f6(l4JD9uMpfRqnWu}~%R`_0Vm
zt*3So5<F?<z2AFp-u!tpvvc?2;p0bK*O8PQ`6uLzBDFy1y`WIp)EmXAY?VQx%4RuE
zeswo%k@J_Am&mV`Sc|OF`aAmfNI!8{l8=+0*e#EUthfEP!LLC3b0yhAe$Q^%2<CwI
zfNw^-?cldvJAfLruB_O;{)4iW5}b16mVGDepQ1k8D%;4%FX?dtGam83$fL{4ACO~y
z_mfvIE#FjlvwT|Ni_5pjukB=w{ymZ9<>i~bn-ol|Z)nLmA$q=+-8p}8d66!5oNJ%e
z4Y_WJyJ)qOt7UCB@m<W<rRJ*c-+9|)@Tzu`?-;&TzN%)vtK_T5rkQ;0S|eY5^h?H-
z<n8JpwJLuf1Iy;`A>h^W=RyBb`Fnu&@PN)&_(h#ZJ73t3Do^9z*ZHkp)cG5KUFR41
z{BQHe@u%zif6QB6^}`C3<n2(WQujW8Z0OO?4XSgdt!vkR`<~hWz1kx`DZ<k8Yhtxg
z^!aeiHpzo~w5dZwLA!A*bm>X_AbTiDjN2%$(njq<)6aUi+=oEeqC)+{C>u~nIQvTW
zz<E<}jms#H8=1T3DHNXlVU(vC40JonF>6d;Ha6ZX&l($tz&^)~?GDH-V<S^)Gfw(_
z9pfaV{$-S8oJ<2{4@Ka^b)o!S6cbJ^L*^XIC_hG7hcbooCdwyJuA{ug0f086sCK6B
zyMf<EP!D_#<##Aa-@iAq2mU7`m%-mN@-X;6j64PYzL96p1yjQ~*CBIVDBpn0I~6jA
z;CQGggFCy8T!uVg<YCAMAm0N%g>p#iT@UgxBbOl$8F?7;DI-roK5gU~$X_+`b;!>d
z`3B^#X_>=yUP5&*c9jSDTSlIN{3>LOGf({wj9iBNQzH+9lQ6gZ6!gD@jJrF39rD|d
z(U$3Perse8oP_(NrwsicA=76HJiDi%Q~74&)%4s8jLgNvzH$Bv-b)?H<o7=47r7xc
zIq#eO_(|wLU_%g9WeVL`F87W4UQusi;a+p^?8Z`ugCSsc5l`*{e-O#0?m-kD9?PD8
z&)B!3x7TR|@h(uqVipWN1kU*(M9+`R-rWui*PfqYaHgr;Y5YCtf05BYZ1fu?Y{cUG
z2cCK6z$yPr$G&pdA38O7*!Lw0q9|-O{PEzNM3s?|wv4DcYBk%jjHtTRZpKZt?mV_f
zI*lkCYXl>n4%jK}>#Cv}+rV$2tE<*3?X;6Km3k+@Q2c7MgYg7oMu^X~0-2~x`avUZ
zhe0G9jdqUWN*wtUl@{Vg<NoQ+=&00#hP1|G-!yBF%X6Ke6VR&_HpWDax7w`BnR=z+
zx7tC3xEjROFwt^Ot#;UKhw(X#X$)?WAC88Nkzi619#?&>sGgQuC8`M&)p`YMHiCtU
zE2_e<N2F0{g+8>Sm5H!^PTIjlGY<T)wO8uRYNf8ERJkuz?n^w?N^4iW^oZ_H1n45h
z8cek0Y}gKbPJJwD`cW_zX(4<*kkNYcEHfC%>DH*<MM%ZIz1>{Yn~gD#l|<vpGip}H
zA)ijCkChwqM>~xw<|)NTi;u?D$zoMDoN0z5-cC-KbM>C`3R=@wV7NYn=-;1MpUAp<
zq&3~)8pZ8SHTE*w(8EN~<opY;hNE5~?J9_C-XmVA&)e@Mef4?gwG(Xp`)kNGvg&Pp
z%HulJ;$|Z%93DFA5BkRj`%>RDVAxtUUUW8$t2M6>w)*!cTS+xuIh?rq;pVborB7#M
zH6KjSMCQ`)y!5T?3^P|g>OdNw$M$F^rRz&P)M2$el#U+O+NuNP?F2&uE)dR(UvD<Y
zJ1sw`2NQ)I>0#UD?Z5ySgBjS0CVBx@jo1jz`a0<OVsf_8Lx~C8ko41OA!otr{h&7!
zW0!Yu@Q8ol3#ZsM4*a=B)gKLz4ZqSD@o_N~cA%&J{Yf{wupOR|7jToP)7#y?T)(2a
z!?^tj)K!M4%D^iwH4qqsa-t!gXzfXKi8FLit-h++HAt?tWDP!I9*L`-hq^0$zaCbD
zMifX9`H3V!BIZqrJ6;jr;V8K`Q09#e-w(G0*?g+R!zbbj@HP~@uawRFvT^qU?-yrk
z2W)IdJb|YGF}|M)Pm6N_?+(UM_~#<8;rk|dr=<8cV7yfn{<Fvx^M*_@?MJmehtK9b
zzf~tQnD$|V@gDsPKXbJV=3J%>J|yyYzSUmIV19~c46cc@iFVAH{pW~jpVJtUrUhev
zS)3t!TjhqqSHwBVZ}?&c(|*(7KZx@z?MoTV&%0T_oQdabGWJ{IyoUFJQ_wg+AkGZt
z>y!;XEY55%u$gcEtT=Dr^Y2U>`<voi$NZfcgWnZr0pEP)RIM-acWVdmoWaQ7P2zcj
zk-rc4ZhXgJlRxK126H@%2AljjX1*>l?a6#i{@nH2U*!{a7jsbSZSv<9G8p4`%LbeL
zxq}&unC`H_CVy@#gK3}CSPZ!rjNPoa`-;IPf9|xwCSUH1#`&A#ddQbMt8vc;aUUSQ
zV(>O`3&e8<?-O@B@w~=Ke%*Hrz9sH%z6TdIMt<GBT#qG<dya|wWH0uiXY6OiEhE3V
zL1RBJ?hw`|chcD36}OK3el#(_Djq+9&gi*cQhEte;=hn;MJ{FZGa3E2Gy1uV{#RYS
zgY{17hh07Ak<yD@J@b{)s~P=psulTWMn9R+ztz>}j%M^v<047sWz_1fyMHtO*U0!$
z^iWQ8{goe7JU6lj{&@1QAmp6HbF6;*nw;>QW-<3c7BkOToNpPN2M6W34*X4Fu<U}&
z*a^m+wE}a#Sv%J^i#eVw=DKAu`^(~K3(s1Z>yh=JxA2067cIQB67ycn#&dctT(Izf
zg^ybJq=jo1p0w}<3r|~k*1~fZp11IVg%>Tnv=Z~4%+8<p<O*D{@PLJnTKJ@eYZjig
z@C6G`TX@#Oa~7Vr@PdUGExfc6=hj=e*TMx04_Nr9g-=?zX5mQ-U$F4Bg=Z~1XW@AZ
zFC_Th-ut#lF%BkUDYk=p@!-&rq5|s8mcFB<Sg)U%;KQ|zpUwCQo4n@O2tTospPk)@
z>xW*lMZCG=%4sP^=Oz?4-O2HT2TT5E$aZU1@&`0htmHqgkzyskv`0hDflCJSz4*VN
zQ3SE><0R}B{uf00jb>@hyCxyZ3AXR=a^ht1<ldyZjPf7a<2|^N)@R_8kojK|sjTX>
zx{LdUR7SyHH|ac+_WVvHcQ?e;P8pP&)m(iWjHp;LUV^((5^Swwj{B12sk&Pw{ZsQi
zO47dTp`;x5E$H@VG*9d7`kjGxt@)ews(;QOZ!$$m|C~SH{cH4p2fuTm+@j`bo$a47
z*Xn;sx5!-wXa9*`w*T$T<>PAIrr@xWwj}G9?T;?m@iu_nmF*IAXRnr=DR8#o7)VL~
Gz5fQ29g&6r

literal 0
HcmV?d00001

diff --git a/examples/shared_xdp_tc/bpf_bpfel.go b/examples/tcx/bpf_bpfel.go
similarity index 100%
rename from examples/shared_xdp_tc/bpf_bpfel.go
rename to examples/tcx/bpf_bpfel.go
diff --git a/examples/tcx/bpf_bpfel.o b/examples/tcx/bpf_bpfel.o
new file mode 100644
index 0000000000000000000000000000000000000000..314606148bef7e2929085d27997321d8aa36ef01
GIT binary patch
literal 7112
zcmcIpZ)hCH6@PbUOLA>Fwrt0WohEBraV1$gTaHmwCl+VNcBJAK;mSo0fz|1>(rtCR
zJKyfvQq(l}r9mH3aG?c3LMswVl@h4ilv*tTtMwNZ+7B%hME}Jf1#Q6}Oe%`O{k@qt
zr`6<?Qc54pzV~~7=FQBT+1=ZF{lcY-@mP!u#ps{3j*OOQws~DnDKSNj@Ju%iD3soP
zN%7kW#c1aA+9Q_k?9sR$`kfFvk8~)7zh{TyR}$^i04eHsSowWU*{|){ulT+MXCvB|
z*h;&>uOyC89r&HS%1rfJh`J$mwm3?$mGnTO_I71|QrZ0`&O$WNuE*&&wFv%~8h3E|
zq2lSL14^H1zpwG`r!+qBK+o?T1*twxbpO$#N6psaeFJ7zU7_vD@iqYCnFFge<L|ty
z+=$m}wMKupF;6D$7b$70x)Paw@9ttNux9if;hWVdBlC=|zpm496}eug&Q0pXtBQOw
zE>o}DTa_C1+HTdYWs|xcQUROS?X$}6@6~nk_v!lCbxKQpCcdESnmM5BHu18qYo`6b
zt()Gb(YpSB>!%meuHX4`I_G?`fAIKA1Nxxp<=yo9y}!lC9N8&!$?aEC69mQibnrZw
zaYm;K^}*r2#d`LUFyjY}qBx&FA$8bHjBG(R#rbSMfrdV|u>KjeZD>r#&{%fRy3qK9
zq|lxdneQxT&>GQ((OyIYHGBq_ekE4NPG8Zufvfe3*myjgb3)?=-q%Gft2-W#O(@QO
zUq?gC7S_LsX2!{9$cz&rugew({JUtfhV(9EUZ)h=kI?GTDrg^|J%+Y~_H#7QPQHJc
zIEZn+h22GS(C;GnZ_!Nd--!$x{ZZr;_(viSga1S13i!t&&x0qBg!@@S+adBj$ooa+
zK{z5aKOu4oyhr3=@Uv+95LW>|FM0<H)h}`i@}S7WkgtkdfjlDeJmjy6yaf50$oC+B
zO=RAAZ$N$=xg5yf5_ul-TjJwj@qZw43i3}x9)`@sPm2oV525Ef_Y&m0;=={{jmQoc
z3&c-@6y!gMz9M?4kyWoBcfGFOsF$>a@U6UW{tCgIJB|m%dH=6M58`b>A8WbcAmoQy
zj&W=XjR`8%*JD^4eb>`^T;u%oX@VZ4`eFh8jjTF|3qNk328V9P(`*FU_Kz@VwjYA+
z`+8#LJV32T&HV^Oo*$pTA8NmyEs)vir@-L6wW*0OAP4Oi5&bi)1aUn1`H)=q?B&a6
zuex9EfBAwtcy-`{>r&tafnUhG6W%lh>Cw>=jjC%<ER;eTRo7yv5Ec+!e)c4l^MOB}
z_eLGvVY#b&T@_?G27W#3x=c1*swTOf&Xqk3#myAT7>_qDLO5OYXfi$Jdik*Adjaui
zv~v)q!@!+P7twDp;f|EY#wh3IsW=h35>}d^Yh|zOu~*U0kCPg2rjVoSxpdwwmb?J{
zY7l08qvbgjOMao`htn9-INSo)AM^90-V_-gW?Zevj8HZmWC@B)E{!!C#X^N?b-}Pl
zDW5L-F0^CmNk2DDC2z72dahqQMY%#Iol{a(*<Dq38&9>;+Ep(-dUq#1qzJJFlSR7W
zmpqrJJ{}a@z#9*=;J@n8Sgvq`D;Us7am-yuC`I?F^;+Z#`EiFY6ig`3ppcn>JW`!L
zR&LxKE9WzqCnb+3kB6D5WQMj~FZiQQJ5QMB>YQ;}wWh6=yK6%ioxR5TeAL}x+SDDc
zL0BqhLMO5f9ZUovGq1twk2$T?R9={MjyYXzPOoEfwK+4|3AWDOENYFaI)~0Uybjs0
zkPlif4EDJLZvQ}A)wkNAU#!_*aKjHXS*O)6cJ`XBq=GjNC(L{@oVIQBDUa6j!33pe
zUK&0xZ5xwe=E_GMNb!00q;^ueHshfVtL33|>|w2~I#5nK7y@{Ka9-S8p)gS{x?awk
zY&}{%Y#q)~41oLK3LHX+UVxfC=Di!P?sO(;&Nec1aRIlPJmn&4=GD%FY|=-Eb8g_G
zd-h9LIW-RabUx#bd8me)&X2mdF|{5=rp{iIrUTpId3p_Z5_Njlw=b_>Qr*LN`!P_r
zGW4npe2c3Z7>GeRu_2r+o-{h+3>{RpS2el@=C)?m;8W&dT=hKEz0!4ae#XlO9wkwq
zfD9tycS?uv<sg1;a(f?7ie>e*z>67h7oI)*EMjud7VwZb49@RYY&#9kbP94W+R;i(
z#W9{_jF$m^elngz+c&FoGX5Fbp11LyB6h}gz&(Qh1iby0evYy~<2v9zvGZ@Lre&g`
z2(AMj7JLl$oqs0EMsOUsBKSP)d;d;!GlJ`Z=LKikzAHvZsm9N^9(YkOn4%S2d3<le
z-iQ~cdxCEP9~_F&Y6Ld|-xvIQw!adiwFqtmZonEx`$I~FAHe^qw`0^QxCamOy7`!T
zw`2bcz|APou-I<^C*F_IO~D@k$CqL>C-^VGv6YyrDaWh&J-~d$uIhI`MhH>)Rs9~u
zXj!nSAG%O>Q@?wHP5o9QnCpiwmA|PUZ!pf!nCrJou&JLD!Cb!{!KQwF5zO@)5^U<1
zjbN@{Q81QWQAMz+->hI$zng+hy?7mXy!WwwjTqd#;B9zUYJ4(I3xW?bZjI9|!QG5o
z;<O~#<XaZ3>U$zi_XMl@BGH=Qe#AGw5LfTgoL|*96{i8L8{-++<AZS;60GW*gW*3=
zLcaoU@cOYr3AI<EhBrjddp=6<D3GA}s1owGMbBp@O21SfL9^HkQF>4GJclT~F8Yc!
zowr2KHILFaMbEX4lK#z>pgybr7va<tSqB^=Mf{s%xB9}Nv7;Hj|7d^X$7h7;B--xC
zuM73A3>~(eB4(@`wlMDjCS!MGd<GY>*O-`b{A>jCOM3?z6RSDq6a$dKeHvErkcIgk
z$z=SeG_2xT3(r}2!NR8AroUy&zGC533$IzYLDtLk*KFZd3-?&K&%#3%&RTfN!m}2h
zv+#n27cIPO;S~$7T6oRE4YEI~^S3Z=Gm4D8$HILUHs{6oXD$1bg=Z~1XW<14FIsrn
z!YdYDweXsS8{|Bg@itqy)xtd%Hs{^MoBNBwS<8RQ!m}2hv+#n27cIPO;S~!%-u%RV
zN`~H4NXe3yOP(9Nm{dT$vsK@tDVfV%pX3+U5`H%0C#-p!;~@ORGCw=lUtB-&CY!`N
zcbFcbWH3FcxTK>?=gxJxpJ#SLvo5zsBgMMh=QL8R%k4U;q2|C{g89?m|4d`(L6&Gk
zUmx-ZA<(Zit6t@}Y{0Cmt7^26vao@?52BO;__TPlUrbDc5rn@0&fn@%f(@IK|4)p5
z2Mjz<6TeFw`TouM?KLp_%sf}bUHKZBIe&w!6>s*X!%h)0`HkvT2pn&d*|(SZqiuxj
z^}7yRt@*FW{2htq`SXV_li$prza7`g-@zY!L95on*!j87TKU%`|B}RWe)hBTw?LP;
p^r!$<L95cD>_0o7J=Q!T<Q7(qWuaL<u2m#}8IQr_Z)PXZzX6=-gbn}z

literal 0
HcmV?d00001

diff --git a/examples/tcx/main.go b/examples/tcx/main.go
new file mode 100644
index 000000000..70814946f
--- /dev/null
+++ b/examples/tcx/main.go
@@ -0,0 +1,120 @@
+// This program demonstrates attaching an eBPF program to a network interface
+// with Linux TC. The program parses the IPv4 source address
+// from packets and writes the Ingress and Egress packet count to an Hash map.
+// The userspace program (Go code in this file) prints the content of the map to stdout.
+package main
+
+import (
+	"encoding/binary"
+	"fmt"
+	"log"
+	"net"
+	"net/netip"
+	"os"
+	"strings"
+	"time"
+
+	"github.com/cilium/ebpf"
+	"github.com/cilium/ebpf/link"
+)
+
+// mapping between integer value and L4 protocol string
+var protoMap = map[uint8]string{
+	1:  "ICMP",
+	6:  "TCP",
+	17: "UDP",
+}
+
+//go:generate go run github.com/cilium/ebpf/cmd/bpf2go bpf tcx.c -- -I../headers
+func main() {
+	if len(os.Args) < 2 {
+		log.Fatalf("Please specify a network interface")
+	}
+
+	// Look up the network interface by name.
+	ifaceName := os.Args[1]
+	iface, err := net.InterfaceByName(ifaceName)
+	if err != nil {
+		log.Fatalf("lookup network iface %q: %s", ifaceName, err)
+	}
+
+	// Load pre-compiled programs into the kernel.
+	objs := bpfObjects{}
+	if err := loadBpfObjects(&objs, nil); err != nil {
+		log.Fatalf("loading objects: %s", err)
+	}
+	defer objs.Close()
+
+	// Attach the program to Ingress TC.
+	l, err := link.AttachTCX(link.TCXOptions{
+		Interface: iface.Index,
+		Program:   objs.IngressProgFunc,
+		Attach:    ebpf.AttachTCXIngress,
+	})
+	if err != nil {
+		log.Fatalf("could not attach TCx program: %s", err)
+	}
+	defer l.Close()
+
+	log.Printf("Attached TCx program to INGRESS iface %q (index %d)", iface.Name, iface.Index)
+
+	// Attach the program to Egress TC.
+	l2, err := link.AttachTCX(link.TCXOptions{
+		Interface: iface.Index,
+		Program:   objs.EgressProgFunc,
+		Attach:    ebpf.AttachTCXEgress,
+	})
+	if err != nil {
+		log.Fatalf("could not attach TCx program: %s", err)
+	}
+	defer l2.Close()
+
+	log.Printf("Attached TCx program to EGRESS iface %q (index %d)", iface.Name, iface.Index)
+	log.Printf("Press Ctrl-C to exit and remove the program")
+
+	// Print the contents of the BPF hash map.
+	ticker := time.NewTicker(1 * time.Second)
+	defer ticker.Stop()
+	for range ticker.C {
+		s, err := formatMapContent(objs.StatsMap)
+		if err != nil {
+			log.Printf("Error reading map: %s", err)
+			continue
+		}
+
+		log.Printf("Map contents:\n%s", s)
+	}
+}
+
+// formatMapContent prints the content of the map into a string.
+func formatMapContent(m *ebpf.Map) (string, error) {
+	var (
+		sb  strings.Builder
+		key bpfSessionKey
+		val bpfSessionValue
+	)
+
+	iter := m.Iterate()
+	for iter.Next(&key, &val) {
+		sb.WriteString(fmt.Sprintf("\t%15s:%5d - %15s:%5d Proto:%4s => Ingress:%10d Egress:%10d\n",
+			intToIp(key.Saddr), portToLittleEndian(key.Sport),
+			intToIp(key.Daddr), portToLittleEndian(key.Dport),
+			protoMap[key.Proto], val.InCount, val.EgCount))
+	}
+
+	return sb.String(), iter.Err()
+}
+
+// intToIp convert an int32 value retrieved from the network traffic (big endian) into a netip.Addr
+func intToIp(val uint32) netip.Addr {
+	a4 := [4]byte{}
+	binary.LittleEndian.PutUint32(a4[:], val)
+	return netip.AddrFrom4(a4)
+}
+
+// portToLittleEndian convert a uint16 value retrieved from the network traffic (big endian) into a little endian
+func portToLittleEndian(val uint16) uint16 {
+	p2 := [2]byte{}
+	binary.LittleEndian.PutUint16(p2[:], val)
+	return binary.LittleEndian.Uint16(p2[:])
+}
diff --git a/examples/tcx/tcx.c b/examples/tcx/tcx.c
new file mode 100644
index 000000000..d6b00c117
--- /dev/null
+++ b/examples/tcx/tcx.c
@@ -0,0 +1,155 @@
+//go:build ignore
+
+#include "common.h"
+#include "bpf_endian.h"
+
+char __license[] SEC("license") = "Dual MIT/GPL";
+
+// Session identifier
+struct session_key {
+	__u32 saddr; // IP source address
+	__u32 daddr; // IP dest address
+	__u16 sport; // Source port (set to 0 if ICMP)
+	__u16 dport; // Dest port (set to 0 if ICMP)
+	__u8 proto; // Protocol ID
+};
+
+// Session value
+struct session_value {
+	__u32 in_count; // Ingress packet count
+	__u32 eg_count; // Egress packet count
+};
+
+#define MAX_MAP_ENTRIES 16
+
+// Define an Hash map for storing packet Ingress and Egress count by 5-tuple session identifier
+// User-space logic is responsible for cleaning the map, if potentially new entries needs to be monitored.
+struct {
+	__uint(type, BPF_MAP_TYPE_HASH);
+	__uint(max_entries, MAX_MAP_ENTRIES);
+	__type(key, struct session_key);
+	__type(value, struct session_value);
+} stats_map SEC(".maps");
+
+// Attempt to parse the 5-tuple session identifier from the packet.
+// Returns 0 if the operation failed, i.e. not IPv4 packet or not UDP, TCP or ICMP.
+static __always_inline int parse_session_identifier(void *data, void *data_end, struct session_key *key) {
+	// First, parse the ethernet header.
+	struct ethhdr *eth = data;
+	if ((void *)(eth + 1) > data_end) {
+		return 0;
+	}
+
+	// Check for IPv4 packet.
+	if (eth->h_proto != bpf_htons(ETH_P_IP)) {
+		return 0;
+	}
+
+	// Then parse the IP header.
+	struct iphdr *ip = (void *)(eth + 1);
+	if ((void *)(ip + 1) > data_end) {
+		return 0;
+	}
+
+	// Then parse the L4 header.
+	switch (ip->protocol) {
+	case IPPROTO_TCP: {
+		// TCP protocol carried, parse TCP header.
+		struct tcphdr *tcp = (void *)(ip + 1);
+		if ((void *)(tcp + 1) > data_end)
+			return 0;
+		key->sport = (__u16)(tcp->source);
+		key->dport = (__u16)(tcp->dest);
+		break;
+	}
+	case IPPROTO_UDP: {
+		// UDP protocol carried, parse UDP header.
+		struct udphdr *udp = (void *)(ip + 1);
+		if ((void *)(udp + 1) > data_end)
+			return 0;
+		key->sport = (__u16)(udp->source);
+		key->dport = (__u16)(udp->dest);
+		break;
+	}
+	case IPPROTO_ICMP: {
+		// ICMP protocol carried, no source/dest port.
+		break;
+	}
+	// Unchecked protocols, ignore packet and return.
+	default: {
+		return 0;
+	}
+	}
+
+	// Fill session key with IP header data
+	key->proto = (__u8)(ip->protocol);
+	key->saddr = (__u32)(ip->saddr);
+	key->daddr = (__u32)(ip->daddr);
+
+	return 1;
+}
+
+// TC Ingress hook, to monitoring TCP/UDP/ICMP network connections and count packets.
+SEC("tc")
+int ingress_prog_func(struct __sk_buff *skb) {
+	void *data     = (void *)(long)skb->data;
+	void *data_end = (void *)(long)skb->data_end;
+
+	struct session_key key = {};
+	if (!parse_session_identifier(data, data_end, &key)) {
+		goto ingress_done;
+	}
+
+	struct session_value *val = bpf_map_lookup_elem(&stats_map, &key);
+	if (!val) {
+		// No entry in the map for this 5-tuple identifier yet, so set the initial value to 1.
+		struct session_value new_val = {.in_count = 1};
+		bpf_map_update_elem(&stats_map, &key, &new_val, BPF_ANY);
+		goto ingress_done;
+	}
+
+	// Entry already exists for this 5-tuple identifier, so increment it atomically using an LLVM built-in.
+	__sync_fetch_and_add(&val->in_count, 1);
+
+ingress_done:
+
+	// Return code corresponds to the PASS action in TC
+	return TC_ACT_OK;
+}
+
+// TC Egress hook, same as Ingress but with IPs and Ports inverted in the key.
+// This way, the connections match the same entry for the Ingress in the bpf map.
+SEC("tc")
+int egress_prog_func(struct __sk_buff *skb) {
+	void *data     = (void *)(long)skb->data;
+	void *data_end = (void *)(long)skb->data_end;
+
+	struct session_key key = {};
+	if (!parse_session_identifier(data, data_end, &key)) {
+		goto egress_done;
+	}
+
+	// Swap addresses and L4 port before doing the map lookup.
+	__u32 tmp  = key.saddr;
+	__u16 tmp2 = key.sport;
+	key.saddr  = key.daddr;
+	key.sport  = key.dport;
+	key.daddr  = tmp;
+	key.dport  = tmp2;
+
+	struct session_value *val = bpf_map_lookup_elem(&stats_map, &key);
+	if (!val) {
+		// No entry in the map for this 5-tuple identifier yet, so set the initial value to 1.
+		struct session_value new_val = {.eg_count = 1};
+		bpf_map_update_elem(&stats_map, &key, &new_val, BPF_ANY);
+		goto egress_done;
+	}
+
+	// Entry already exists for this 5-tuple identifier, so increment it atomically using an LLVM built-in.
+	__sync_fetch_and_add(&val->eg_count, 1);
+
+egress_done:
+
+	// Return code corresponds to the PASS action in TC
+	return TC_ACT_OK;
+}