Skip to content

Simple project to demonstrate the loading of eBPF programs via florianl/go-tc.

License

Notifications You must be signed in to change notification settings

florianl/tc-skeleton

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

tc-skeleton

Simple project to demonstrate the loading of eBPF programs via florianl/go-tc.

  $ cd ebpf
  $ make clean
  $ make drop
  $ cd ..
  $ go run main.go

Overview

After the eBPF code is loaded from ebpf/drop the eBPF program ingress_drop is loaded into the kernel. In a next step this PoC creates a dummy interface. So it does not alter existing configurations or network interfaces. Then a qdisc and filter are attached via the netlink interface of the kernel to this dummy interface. The file descriptor of the eBPF program ingress_drop is passed as argument of the filter to the kernel. With attaching the filter to the interface the eBPF program ingress_drop will run on every packet on the interface.

Privileges

This PoC uses the netlink and eBPF interface of the kernel and therefore it requires special privileges. You can provide this privileges by adjusting the CAP_NET_ADMIN capabilities.

About

Simple project to demonstrate the loading of eBPF programs via florianl/go-tc.

Topics

Resources

License

Stars

Watchers

Forks