EBPF ja BCC utiliitide kasutamine: erinevus redaktsioonide vahel

Allikas: Imre kasutab arvutit
Mine navigeerimisribaleMine otsikasti
 
(ei näidata sama kasutaja 6 vahepealset redaktsiooni)
2. rida: 2. rida:
   
 
TODO
  
TODO
  +
  +
===Mõisted===
  +
  +
* BCC - BPF Compiler Collection
  +
* BPF - Berkeley Packet Filter
  +
* BTF - BPF Type Format
  +
* eBPF - extended Berkeley Packet Filter
   
 
===Tööpõhimõte===
  
===Tööpõhimõte===
219. rida: 226. rida:
 
===20260420 märkused===
  
===20260420 märkused===
   
  +
Väited
Ubuntu 24.04 paistab desktop arvutis sedasi
  
  +
  +
* bpf ja cgroups on tugevasti seotud tehnoloogiad
  +
* cgroups ehk 'control groups' üks kontrolli realiseerimise vahend on bpf programmide kasutamine
  +
* bpf programmid esinevad sõna otseses mõttes programmidena (nt device'ide puhul st kataloog /dev asjus), või programm ja andmed (nt võrgu puhul)
  +
  +
====Tarkvara====
   
 
<pre>
  
<pre>
  +
# apt-get install libbpf-tools
root@ubu2110:~# cat /home/imre/bpftool-prog-name-01.txt
  
  +
</pre>
2: tracing name hid_tail_call tag 7cc47bbf07148bfe gpl
  
  +
loaded_at 2026-04-14T10:39:18+0300 uid 0
  
  +
====cgroup ressursid====
xlated 56B jited 133B memlock 4096B map_ids 2
  
  +
btf_id 5
  
  +
cgroup ressursside nimekirja puu kujuliseks esitamiseks
91: cgroup_device name s_thunderbird_t tag 03b4eaae2f14641a gpl
  
  +
loaded_at 2026-04-14T11:27:52+0300 uid 1000
  
  +
<pre>
xlated 296B jited 164B memlock 4096B map_ids 4
  
  +
root@ph-minio-01:~# bpftool cgroup tree
95: cgroup_device name s_zoom_client_z tag 03b4eaae2f14641a gpl
  
  +
CgroupPath
loaded_at 2026-04-14T11:28:33+0300 uid 1000
  
  +
ID AttachType AttachFlags Name
xlated 296B jited 164B memlock 4096B map_ids 5
  
  +
/sys/fs/cgroup/user.slice/user-0.slice/session-205.scope
198: cgroup_device name sd_devices tag ee0e253c78993a24 gpl
  
  +
225 cgroup_inet_ingress multi sd_fw_ingress
loaded_at 2026-04-19T15:54:15+0300 uid 0
  
  +
224 cgroup_inet_egress multi sd_fw_egress
xlated 416B jited 260B memlock 4096B
  
  +
/sys/fs/cgroup/user.slice/user-0.slice/session-275.scope
199: cgroup_device name sd_devices tag e3dbd137be8d6168 gpl
  
  +
265 cgroup_inet_ingress multi sd_fw_ingress
loaded_at 2026-04-19T15:54:15+0300 uid 0
  
  +
264 cgroup_inet_egress multi sd_fw_egress
xlated 504B jited 311B memlock 4096B
  
  +
/sys/fs/cgroup/user.slice/user-0.slice/user@0.service
200: cgroup_skb name sd_fw_egress tag 6deef7357e7b4530 gpl
  
  +
223 cgroup_inet_ingress multi sd_fw_ingress
loaded_at 2026-04-19T15:54:15+0300 uid 0
  
  +
222 cgroup_inet_egress multi sd_fw_egress
xlated 64B jited 56B memlock 4096B
  
  +
/sys/fs/cgroup/user.slice/user-0.slice/user@0.service/app.slice/nginx-06.service
201: cgroup_skb name sd_fw_ingress tag 6deef7357e7b4530 gpl
  
  +
186 cgroup_inet_ingress multi sd_fw_ingress
loaded_at 2026-04-19T15:54:15+0300 uid 0
  
  +
185 cgroup_inet_egress multi sd_fw_egress
xlated 64B jited 56B memlock 4096B
  
  +
/sys/fs/cgroup/user.slice/user-0.slice/user@0.service/app.slice/nginx-06.service/libpod-payload-8f94fa187611be402880d4988b287e246e88195b9f3ff3dd1dfebe277fd0b8f9
202: cgroup_device name sd_devices tag ee0e253c78993a24 gpl
  
  +
187 cgroup_device multi
loaded_at 2026-04-19T15:54:15+0300 uid 0
  
  +
/sys/fs/cgroup/user.slice/user-1000.slice/session-92.scope
xlated 416B jited 260B memlock 4096B
  
  +
269 cgroup_inet_ingress multi sd_fw_ingress
203: cgroup_device name sd_devices tag fbee7646fdd03110 gpl
  
  +
268 cgroup_inet_egress multi sd_fw_egress
loaded_at 2026-04-19T15:54:15+0300 uid 0
  
  +
/sys/fs/cgroup/user.slice/user-1000.slice/user@1000.service
xlated 184B jited 103B memlock 4096B
  
  +
271 cgroup_inet_ingress multi sd_fw_ingress
204: cgroup_device name sd_devices tag c8b47a902f1cc68b gpl
  
  +
270 cgroup_inet_egress multi sd_fw_egress
loaded_at 2026-04-19T15:54:15+0300 uid 0
  
  +
/sys/fs/cgroup/user.slice/user-1000.slice/session-278.scope
  +
273 cgroup_inet_ingress multi sd_fw_ingress
  +
272 cgroup_inet_egress multi sd_fw_egress
  +
/sys/fs/cgroup/system.slice/systemd-udevd.service
  +
281 cgroup_inet_ingress multi sd_fw_ingress
  +
280 cgroup_inet_egress multi sd_fw_egress
  +
/sys/fs/cgroup/system.slice/systemd-journald.service
  +
285 cgroup_inet_ingress multi sd_fw_ingress
  +
284 cgroup_inet_egress multi sd_fw_egress
  +
283 cgroup_device multi sd_devices
  +
/sys/fs/cgroup/system.slice/systemd-machined.service
  +
279 cgroup_inet_ingress multi sd_fw_ingress
  +
278 cgroup_inet_egress multi sd_fw_egress
  +
/sys/fs/cgroup/system.slice/rsyslog.service
  +
282 cgroup_device multi sd_devices
  +
/sys/fs/cgroup/system.slice/systemd-timesyncd.service
  +
277 cgroup_device multi sd_devices
  +
/sys/fs/cgroup/system.slice/systemd-logind.service
  +
276 cgroup_inet_ingress multi sd_fw_ingress
  +
275 cgroup_inet_egress multi sd_fw_egress
  +
274 cgroup_device multi sd_devices
  +
root@ph-minio-01:~#
  +
</pre>
  +
  +
kus
  +
  +
* sd_devices
  +
* sd_fw_ingress
  +
* sd_fw_egress
  +
* multi - ...
  +
  +
sisu küsimiseks
  +
  +
<pre>
  +
root@pm-varundus:~# bpftool prog show id 162
  +
162: cgroup_device name sd_devices tag 654d7024997e7811 gpl run_time_ns 3666 run_cnt 12
  +
loaded_at 2026-04-20T18:23:31+0300 uid 0
 
xlated 464B jited 290B memlock 4096B
  
xlated 464B jited 290B memlock 4096B
  +
205: cgroup_skb name sd_fw_egress tag 6deef7357e7b4530 gpl
  
  +
root@pm-varundus:~# bpftool prog dump xlated id 162
loaded_at 2026-04-19T15:54:15+0300 uid 0
  
  +
0: (61) r2 = *(u32 *)(r1 +0)
xlated 64B jited 56B memlock 4096B
  
  +
1: (54) w2 &= 65535
206: cgroup_skb name sd_fw_ingress tag 6deef7357e7b4530 gpl
  
  +
2: (61) r3 = *(u32 *)(r1 +0)
loaded_at 2026-04-19T15:54:15+0300 uid 0
  
  +
3: (74) w3 >>= 16
xlated 64B jited 56B memlock 4096B
  
  +
4: (61) r4 = *(u32 *)(r1 +4)
207: cgroup_skb name sd_fw_egress tag 6deef7357e7b4530 gpl
  
  +
5: (61) r5 = *(u32 *)(r1 +8)
loaded_at 2026-04-19T15:54:15+0300 uid 0
  
  +
6: (55) if r2 != 0x2 goto pc+3
xlated 64B jited 56B memlock 4096B
  
  +
7: (55) if r4 != 0x1 goto pc+2
208: cgroup_skb name sd_fw_ingress tag 6deef7357e7b4530 gpl
  
  +
8: (55) if r5 != 0x3 goto pc+1
loaded_at 2026-04-19T15:54:15+0300 uid 0
  
  +
9: (05) goto pc+46
xlated 64B jited 56B memlock 4096B
  
  +
...
209: cgroup_device name sd_devices tag 8b9c33f36f812014 gpl
  
  +
</pre>
loaded_at 2026-04-19T15:54:15+0300 uid 0
  
  +
xlated 744B jited 449B memlock 4096B
  
  +
Sündmused toimuvad sellises järjekorras
210: cgroup_skb name sd_fw_egress tag 6deef7357e7b4530 gpl
  
  +
loaded_at 2026-04-19T15:54:15+0300 uid 0
  
  +
* namespace näitab protsessile erinevaid ressursside nimekirju
xlated 64B jited 56B memlock 4096B
  
  +
* control group takistab reaalselt tegevusi (nt ülemäära mälu kasutamine, lubamatusse kohta võrku pöördumine)
211: cgroup_skb name sd_fw_ingress tag 6deef7357e7b4530 gpl
  
  +
loaded_at 2026-04-19T15:54:15+0300 uid 0
  
  +
====map sisu muutmine====
xlated 64B jited 56B memlock 4096B
  
  +
  +
abiks skript map sisu hex -> dec teisendamiseks
  +
  +
<pre>
  +
root@ph-minio-01:~# cat bpftool-map-dump.sh
  +
#!/bin/bash
  +
  +
bpftool map dump id 138 | grep '^key' | while read -r line; do
  +
bytes=($(echo $line | cut -d: -f2))
  +
printf "Prefix: %d | IP: %d.%d.%d.%d\n" "$((16#${bytes[0]}))" "$((16#${bytes[4]}))" "$((16#${bytes[5]}))" "$((16#${bytes[6]}))" "$((16#${bytes[7]}))"
  +
done
  +
</pre>
  +
  +
sd_fw_ingress sd_fw_egress juures map sisu muutmiseks
  +
  +
<pre>
  +
root@ph-minio-01:~# ./bpftool-map-dump.sh
  +
Prefix: 32 | IP: 8.8.8.8
  +
Prefix: 32 | IP: 127.0.0.1
  +
Prefix: 24 | IP: 192.168.10.0
  +
  +
root@ph-minio-01:~# bpftool map delete id 51 key hex 20 00 00 00 08 08 08 08
  +
root@ph-minio-01:~# bpftool map update id 51 key hex 20 00 00 00 09 09 09 09 value hex 01 00 00 00 00 00 00 00
  +
  +
root@ph-minio-01:~# ./bpftool-map-dump.sh
  +
Prefix: 32 | IP: 9.9.9.9
  +
Prefix: 32 | IP: 127.0.0.1
  +
Prefix: 24 | IP: 192.168.10.0
 
</pre>
  
</pre>
   

Viimane redaktsioon: 25. aprill 2026, kell 21:37

Sissejuhatus

TODO

Mõisted

  • BCC - BPF Compiler Collection
  • BPF - Berkeley Packet Filter
  • BTF - BPF Type Format
  • eBPF - extended Berkeley Packet Filter

Tööpõhimõte

TODO

Väited

  • BCC kasutamiseks peavad olema süsteemis tuuma päised ja sellega kaasneb omajagu arendusvahendite paigaldust (gcc jms)

BCC skriptide komplektis on üldiselt kahte sorti utiliite

  • esitatakse jooksvalt mingite tüüpi sündmuste toimumise kohta infot (nt execsnoop, opensnoop)
  • esitatakse mingi aja jooksul toimunud mingit tüüpi sündmuste kohta statistikat (nt runqlen)

Paigaldamine

Ubuntu 16.04

Paigaldamist tutvustatakse aadressil https://github.com/iovisor/bcc/blob/master/INSTALL.md#ubuntu---binary 

# apt-key adv --keyserver keyserver.ubuntu.com --recv-keys D4284CDD
# echo "deb https://repo.iovisor.org/apt/xenial xenial main" | sudo tee /etc/apt/sources.list.d/iovisor.list
# apt-get update
# apt-get install bcc-tools libbcc-examples linux-headers-$(uname -r)

tulemusena

  • paigaldatakse paketid
bcc-tools libbcc libbcc-examples python-bcc
  • on /usr/share/bcc/tool kataloogitäis pyhton vms skripte

esimesel kasutamisel kirjutatakse dmesg'i 

[N mai    3 07:27:05 2018] **********************************************************
[N mai    3 07:27:05 2018] **   NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE   **
[N mai    3 07:27:05 2018] **                                                      **
[N mai    3 07:27:05 2018] ** trace_printk() being used. Allocating extra memory.  **
[N mai    3 07:27:05 2018] **                                                      **
[N mai    3 07:27:05 2018] ** This means that this is a DEBUG kernel and it is     **
[N mai    3 07:27:05 2018] ** unsafe for production use.                           **
[N mai    3 07:27:05 2018] **                                                      **
[N mai    3 07:27:05 2018] ** If you see this message and you are not debugging    **
[N mai    3 07:27:05 2018] ** the kernel, report this immediately to your vendor!  **
[N mai    3 07:27:05 2018] **                                                      **
[N mai    3 07:27:05 2018] **   NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE   **
[N mai    3 07:27:05 2018] **********************************************************

Debian v. 9 Stretch

Paigaldada sõltuvused 

# apt install linux-headers-amd64 sudo auditd build-essential cmake libllvm3.8 llvm-dev libclang-dev libelf-dev bison flex libedit-dev clang-format python python-netaddr python-pyroute2 luajit libluajit-5.1-dev arping iperf netperf ethtool devscripts zlib1g-dev libfl-dev

Kopeerida lähtetekst 

# cd /var/tmp
# git clone https://github.com/iovisor/bcc.git

kus

  • käesoleva teksti puhul tabati commiti
# git log --pretty=format:"%h - %an, %ar : %s" | head -n 4
dad0ad1 - yonghong-song, 2 days ago : Merge pull request #1729 from sandip4n/sandip4n_dev
2af81df - Sandipan Das, 2 days ago : Fix bpf_trace_printk() for big-endian targets
bd8f086 - yonghong-song, 2 days ago : Merge pull request #1727 from bobrik/runqlen-no-dup
0595f1b - Ivan Babrou, 3 days ago : Remove duplicate ebpf program load in tools/runqlen.py
...
  • debian/control faili sõltuvuste osas muudatusi teha vaja pole.
  • 2018 kevadel kohendada failis examples/networking/simulation.py, kommenteerides ns_ipdb.initdb() rea välja
         if out_ifc: out_ifc.up().commit()
        ns_ipdb.interfaces.lo.up().commit()
#        ns_ipdb.initdb()
        in_ifc = ns_ipdb.interfaces[in_ifname]
  • kopeerida üle katkine test, et sellega tegelemine vahele jääks
# cp /var/tmp/bcc/tests/python/test_tools_memleak.py /var/tmp/bcc/tests/python/test_tools_smoke.py

Kompileerida 

# debuild -b -uc -us

Tulemusena tekivad .deb paketid 

# ls -ld *deb
-rw-r--r-- 1 root root   258592 May  5 10:38 bcc-lua_0.5.0-1_all.deb
-rw-r--r-- 1 root root   233928 May  5 10:38 bcc-tools_0.5.0-1_all.deb
-rw-r--r-- 1 root root 11878912 May  5 10:39 libbcc_0.5.0-1_amd64.deb
-rw-r--r-- 1 root root 10758006 May  5 10:38 libbcc-dbgsym_0.5.0-1_amd64.deb
-rw-r--r-- 1 root root   274252 May  5 10:38 libbcc-examples_0.5.0-1_amd64.deb
-rw-r--r-- 1 root root    22058 May  5 10:38 python3-bcc_0.5.0-1_all.deb
-rw-r--r-- 1 root root    21974 May  5 10:38 python-bcc_0.5.0-1_all.deb

Paigaldamiseks sobib öelda nt 

# apt-get install ./bcc-tools_0.5.0-1_all.deb ./libbcc_0.5.0-1_amd64.deb ./python-bcc_0.5.0-1_all.deb

Paigaldamiseks arvutisse kus pole bcc tarkvara kompileeritud peab olema paigaldatud 

# apt-get install linux-headers-amd64

Kasulikud lisamaterjalid

Debian v. 10 Buster

MÄRKUS 2018 kevad: ei õnnestunud kompileerida

Paigaldada sõltuvused 

# apt install build-essential cmake libllvm4.0 llvm-dev libclang-dev libelf-dev bison flex libedit-dev clang-format python python-netaddr python-pyroute2 luajit libluajit-5.1-dev arping iperf netperf ethtool devscripts zlib1g-dev libfl-dev

muuta debian/control faili sõltuvuste osas 

..
Build-Depends: debhelper (>= 9), cmake, libllvm4.0,
    llvm-dev, libclang-dev,
    libelf-dev, bison, flex, libfl-dev, libedit-dev, zlib1g-dev, git,
    clang-format, python (>= 2.7),
    python-netaddr, python-pyroute2, luajit, libluajit-5.1-dev, arping,
    inetutils-ping | iputils-ping, iperf, netperf, ethtool, devscripts,
    python3
Homepage: https://github.com/iovisor/bcc

...

Kompileerida 

# debuild -b -uc -us

Paigaldada 

# apt install ./bcc...

Kasulikud lisamaterjalid

Kasutamine

  • filelife töötamise käigus moodustatud-kustutatud failide nimede jooksev esitamine
# /usr/share/bcc/tools/filelife
  • mysql sql käskude esitamine
# /usr/share/bcc/tools/dbslower -x /usr/sbin/mysqld mysql -m 0
Tracing database queries for application /usr/sbin/mysqld slower than 0 ms...
TIME(s)        PID          MS QUERY
10.149637      643       1.203 select 1 + 1
20.429446      643       0.889 select version()
...
  • postgresql sql käskude esitamine
TODO
  • tcplife tcp ühenduste kestuse esitamiseks
# /usr/share/bcc/tools/tcplife -D 80
PID   COMM       LADDR           LPORT RADDR           RPORT TX_KB RX_KB MS
1923  w3m        192.168.100.212 39362 217.146.71.187  80        0     0 16.80
1929  w3m        192.168.100.212 49178 85.222.234.14   80        0     2 107.51
...

Probleemid

  • Ubuntu 16.04 tuum 4.4.0 juhtub vahel nii
# /usr/share/bcc/tools/opensnoop 
Killed
root@arvuti:/var/tmp# 
Broadcast message from systemd-journald@arvuti (Tue 2018-05-08 08:59:26 EEST):

systemd[1]: Caught <SEGV>, core dump failed (child 7960, code=killed, status=11/SEGV).

Broadcast message from systemd-journald@arvuti (Tue 2018-05-08 08:59:26 EEST):

systemd[1]: Freezing execution.

^C
root@arvuti:/var/tmp# dmesg 
-bash: ../sysdeps/nptl/fork.c:156: __libc_fork: Assertion `THREAD_GETMEM (self, tid) != ppid' failed.
Connection to 10.0.65.172 closed.
root@teine-arvuti# ssh root@10.0.65.172
ssh_exchange_identification: Connection closed by remote host

ning konsoolile kirjutatakse 

Failed to send watchdog=1 notification: Connection refused

20260420 märkused

Väited

  • bpf ja cgroups on tugevasti seotud tehnoloogiad
  • cgroups ehk 'control groups' üks kontrolli realiseerimise vahend on bpf programmide kasutamine
  • bpf programmid esinevad sõna otseses mõttes programmidena (nt device'ide puhul st kataloog /dev asjus), või programm ja andmed (nt võrgu puhul)

Tarkvara

# apt-get install libbpf-tools

cgroup ressursid

cgroup ressursside nimekirja puu kujuliseks esitamiseks 

root@ph-minio-01:~# bpftool cgroup tree
CgroupPath
ID       AttachType      AttachFlags     Name
/sys/fs/cgroup/user.slice/user-0.slice/session-205.scope
    225      cgroup_inet_ingress multi           sd_fw_ingress
    224      cgroup_inet_egress multi           sd_fw_egress
/sys/fs/cgroup/user.slice/user-0.slice/session-275.scope
    265      cgroup_inet_ingress multi           sd_fw_ingress
    264      cgroup_inet_egress multi           sd_fw_egress
/sys/fs/cgroup/user.slice/user-0.slice/user@0.service
    223      cgroup_inet_ingress multi           sd_fw_ingress
    222      cgroup_inet_egress multi           sd_fw_egress
/sys/fs/cgroup/user.slice/user-0.slice/user@0.service/app.slice/nginx-06.service
    186      cgroup_inet_ingress multi           sd_fw_ingress
    185      cgroup_inet_egress multi           sd_fw_egress
/sys/fs/cgroup/user.slice/user-0.slice/user@0.service/app.slice/nginx-06.service/libpod-payload-8f94fa187611be402880d4988b287e246e88195b9f3ff3dd1dfebe277fd0b8f9
    187      cgroup_device   multi
/sys/fs/cgroup/user.slice/user-1000.slice/session-92.scope
    269      cgroup_inet_ingress multi           sd_fw_ingress
    268      cgroup_inet_egress multi           sd_fw_egress
/sys/fs/cgroup/user.slice/user-1000.slice/user@1000.service
    271      cgroup_inet_ingress multi           sd_fw_ingress
    270      cgroup_inet_egress multi           sd_fw_egress
/sys/fs/cgroup/user.slice/user-1000.slice/session-278.scope
    273      cgroup_inet_ingress multi           sd_fw_ingress
    272      cgroup_inet_egress multi           sd_fw_egress
/sys/fs/cgroup/system.slice/systemd-udevd.service
    281      cgroup_inet_ingress multi           sd_fw_ingress
    280      cgroup_inet_egress multi           sd_fw_egress
/sys/fs/cgroup/system.slice/systemd-journald.service
    285      cgroup_inet_ingress multi           sd_fw_ingress
    284      cgroup_inet_egress multi           sd_fw_egress
    283      cgroup_device   multi           sd_devices
/sys/fs/cgroup/system.slice/systemd-machined.service
    279      cgroup_inet_ingress multi           sd_fw_ingress
    278      cgroup_inet_egress multi           sd_fw_egress
/sys/fs/cgroup/system.slice/rsyslog.service
    282      cgroup_device   multi           sd_devices
/sys/fs/cgroup/system.slice/systemd-timesyncd.service
    277      cgroup_device   multi           sd_devices
/sys/fs/cgroup/system.slice/systemd-logind.service
    276      cgroup_inet_ingress multi           sd_fw_ingress
    275      cgroup_inet_egress multi           sd_fw_egress
    274      cgroup_device   multi           sd_devices
root@ph-minio-01:~#

kus

  • sd_devices
  • sd_fw_ingress
  • sd_fw_egress
  • multi - ...

sisu küsimiseks 

root@pm-varundus:~# bpftool prog show id 162
162: cgroup_device  name sd_devices  tag 654d7024997e7811  gpl run_time_ns 3666 run_cnt 12
	loaded_at 2026-04-20T18:23:31+0300  uid 0
	xlated 464B  jited 290B  memlock 4096B

root@pm-varundus:~# bpftool prog dump xlated id 162
   0: (61) r2 = *(u32 *)(r1 +0)
   1: (54) w2 &= 65535
   2: (61) r3 = *(u32 *)(r1 +0)
   3: (74) w3 >>= 16
   4: (61) r4 = *(u32 *)(r1 +4)
   5: (61) r5 = *(u32 *)(r1 +8)
   6: (55) if r2 != 0x2 goto pc+3
   7: (55) if r4 != 0x1 goto pc+2
   8: (55) if r5 != 0x3 goto pc+1
   9: (05) goto pc+46
...

Sündmused toimuvad sellises järjekorras

  • namespace näitab protsessile erinevaid ressursside nimekirju
  • control group takistab reaalselt tegevusi (nt ülemäära mälu kasutamine, lubamatusse kohta võrku pöördumine)

map sisu muutmine

abiks skript map sisu hex -> dec teisendamiseks 

root@ph-minio-01:~# cat bpftool-map-dump.sh
#!/bin/bash

bpftool map dump id 138 | grep '^key' | while read -r line; do
    bytes=($(echo $line | cut -d: -f2))
    printf "Prefix: %d | IP: %d.%d.%d.%d\n" "$((16#${bytes[0]}))" "$((16#${bytes[4]}))" "$((16#${bytes[5]}))" "$((16#${bytes[6]}))" "$((16#${bytes[7]}))"
done

sd_fw_ingress sd_fw_egress juures map sisu muutmiseks 

root@ph-minio-01:~# ./bpftool-map-dump.sh
Prefix: 32 | IP: 8.8.8.8
Prefix: 32 | IP: 127.0.0.1
Prefix: 24 | IP: 192.168.10.0

root@ph-minio-01:~# bpftool map delete id 51 key hex 20 00 00 00 08 08 08 08
root@ph-minio-01:~# bpftool map update id 51 key hex 20 00 00 00 09 09 09 09 value hex 01 00 00 00 00 00 00 00

root@ph-minio-01:~# ./bpftool-map-dump.sh
Prefix: 32 | IP: 9.9.9.9
Prefix: 32 | IP: 127.0.0.1
Prefix: 24 | IP: 192.168.10.0

Kasulikud lisamaterjalid

Pärit leheküljelt "https://www.auul.pri.ee/wiki/index.php?title=EBPF_ja_BCC_utiliitide_kasutamine&oldid=3293"