Skip to content

Handle L3 devices

Handle L3 devices #42

Workflow file for this run

name: Build and Test
on:
push:
branches: [ main ]
pull_request:
branches: [ main ]
jobs:
build:
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
- name: Set up Go
uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe
with:
go-version: 1.21.0
- name: Check module vendoring
run: |
go mod tidy
go mod verify
go generate ./...
test -z "$(git status --porcelain)" || (echo "please run 'go mod tidy && go mod vendor', and submit your changes"; exit 1)
- name: Generate and build
run: |
go mod download
sudo apt-get install -y curl unzip gcc flex bison make
curl https://github.com/the-tcpdump-group/libpcap/archive/refs/tags/libpcap-1.10.4.zip -OL
unzip libpcap-1.10.4.zip
sh -c 'cd libpcap-libpcap-1.10.4/ && ./configure --enable-dbus=no && make && sudo make install'
go build
- name: Store executable
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32
with:
name: skbdump
path: skbdump
test:
runs-on: ubuntu-latest
name: Test
needs: build
strategy:
fail-fast: false
matrix:
kernel: [ '5.10-v0.3', '5.15-v0.3', '6.3-main', 'bpf-next-20231030.012704' ]
timeout-minutes: 10
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
- name: Retrieve stored skbdump executable
uses: actions/download-artifact@v3
with:
name: skbdump
path: skbdump
- name: Provision LVH VMs
uses: cilium/little-vm-helper@908ab1ff8a596a03cd5221a1f8602dc44c3f906d # v0.0.12
with:
test-name: skbdump-test
image-version: ${{ matrix.kernel }}
host-mount: ./
dns-resolver: '1.1.1.1'
install-dependencies: 'true'
cmd: |
chmod +x /host/skbdump/skbdump
- name: Test
uses: cilium/little-vm-helper@908ab1ff8a596a03cd5221a1f8602dc44c3f906d # v0.0.12
with:
provision: 'false'
cmd: |
set -ex
iptables -t nat -I POSTROUTING 1 -d 1.1.1.1/32 -p tcp --dport 80 -o enp0s2 -j SNAT --to 10.0.0.6:23333
/host/skbdump/skbdump --oneshot -i any -f nf_hook_slow -o mark 'dst host 1.1.1.1 and tcp[tcpflags] = tcp-syn' 2>&1 1>/tmp/log | (read _; curl --local-port 8888 1.1.1.1 &>/dev/null || true)
cat /tmp/log
cat /tmp/log | grep 'mark='
cat /tmp/log | grep 'out@'
cat /tmp/log | grep -P 'nf_hook_slow\+\d@.*8888>80'
cat /tmp/log | grep -P 'nf_hook_slow\+\d@\S+ rv=1 .*23333>80'
apt update && apt install -y tcpdump
tcpdump -nr ./skbdump.pcap
tcpdump -nr ./skbdump.pcap | grep -F '8888 > 1.1.1.1.80'
tcpdump -nr ./skbdump.pcap | grep -F '23333 > 1.1.1.1.80'