-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathmain.go
103 lines (89 loc) · 2.47 KB
/
main.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
package main
import (
"bytes"
"encoding/binary"
"errors"
"log"
"net"
"os"
"os/signal"
"syscall"
"github.com/cilium/ebpf/link"
"github.com/cilium/ebpf/ringbuf"
"github.com/cilium/ebpf/rlimit"
)
// uint32ToIP converts a uint32 number to an IPv4 address string.
func uint32ToIP(ipUint uint32) string {
ip := make(net.IP, 4)
ip[3] = byte(ipUint >> 24)
ip[2] = byte((ipUint >> 16) & 0xFF)
ip[1] = byte((ipUint >> 8) & 0xFF)
ip[0] = byte(ipUint & 0xFF)
return ip.String()
}
func main() {
// Remove resource limits for kernels <5.11.
if err := rlimit.RemoveMemlock(); err != nil {
log.Fatal("Removing memlock:", err)
}
var objs bpfObjects
if err := loadBpfObjects(&objs, nil); err != nil {
log.Fatal("Loading eBPF objects:", err)
}
defer objs.Close()
// Open a ringbuf reader from userspace RINGBUF map described in the
// eBPF C program.
rd, err := ringbuf.NewReader(objs.Events)
if err != nil {
log.Fatalf("opening ringbuf reader: %s", err)
}
defer rd.Close()
// Attach the XDP program to the interface.
ifname := "eth0" // Change this to an interface on your machine.
iface, err := net.InterfaceByName(ifname)
if err != nil {
log.Fatalf("Getting interface %s: %s", ifname, err)
}
link, err := link.AttachXDP(link.XDPOptions{
Program: objs.XdpLoadBalancer,
Interface: iface.Index,
Flags: link.XDPGenericMode,
})
if err != nil {
log.Fatal("Attaching XDP:", err)
}
defer link.Close()
log.Printf("XDP program successfully loaded on %s\n", ifname)
quit := make(chan os.Signal, 5)
signal.Notify(quit, os.Interrupt, syscall.SIGINT, syscall.SIGTERM)
go func() {
<-quit
log.Println("Received signal, Shutting down lb...")
if err := rd.Close(); err != nil {
log.Fatalf("closing ringbuf reader: %s", err)
}
}()
log.Println("Waiting for events...")
var event bpfEvent
for {
record, err := rd.Read()
if err != nil {
if errors.Is(err, ringbuf.ErrClosed) {
log.Println("Received signal, ringbuffer closed, exiting..")
return
}
log.Printf("reading from reader: %s", err)
continue
}
// Parse the ringbuf event entry into a bpfEvent structure.
if err := binary.Read(bytes.NewBuffer(record.RawSample), binary.LittleEndian, &event); err != nil {
log.Printf("parsing ringbuf event: %s", err)
continue
}
if event.Direction == 0 {
log.Printf("incoming TCP packet from: %s\n", uint32ToIP(event.Addr))
} else if event.Direction == 1 {
log.Printf("outgoing TCP packet to: %s\n", uint32ToIP(event.Addr))
}
}
}