Виртуальная машина со свежим ядром
- Рассказ про ptrace, ebpf.
- Обзор полезных ссылок
http://www.brendangregg.com/bpf-performance-tools-book.html
Александр Костриков akostrikov
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Examples for using socat (and filan) | |
| //"$" means normal user, "#" requires privileges, "//" starts a comment | |
| /////////////////////////////////////////////////////////////////////////////// | |
| // similar to netcat | |
| // connect to 10.1.1.1 on port 80 and relay to and from stdio |
akostrikov
/ kernelshark.md
Last active
October 1, 2019 10:08
https://getfedora.org/en/workstation/download/ sudo systemct enable --now sshd
sudo dnf update kernel
akostrikov
/ tcp_psh.c
Created
January 26, 2022 17:11
— forked from teknoraver/tcp_psh.c
Sample XDP/tc program, sets the TCP PSH flag on some TCP packets
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdint.h> | |
| #include <arpa/inet.h> | |
| #include <asm/byteorder.h> | |
| #include <linux/bpf.h> | |
| #include <linux/if_ether.h> | |
| #include <linux/ip.h> | |
| #include <linux/tcp.h> | |
| #include <linux/pkt_cls.h> | |
| /* |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Kernelshark Documentation | |
| http://kernelshark.org/Documentation.html | |
| What is new in KernelShark two - Steven Rostedt, VMware Inc | |
| https://www.youtube.com/watch?v=0uu0ElnjLas | |
| How to use Ftrace by using trace-cmd/KernelShark in Linux (on NVIDIA Jetson Xavier) | |
| https://www.youtube.com/watch?v=VvLTWdBmICY&t=68s | |
| LF Live Mentorship Session: Tracing with Ftrace: Critical Tooling for Linux Development | |
| https://www.youtube.com/watch?v=mlxqpNvfvEQ | |
| Ftrace with trace-cmd and kernelshark | |
| https://www.youtube.com/watch?v=o88shUcYmmw |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bpftrace | |
| //IP_ADDRESS_DST_TO_CONVERT=127.0.0.3 | |
| //IP_ADDRESS_SRC_TO_CONVERT=127.0.0.1 | |
| //DST_HTON=$(python3 -c "import ipaddress; import socket;print(socket.htonl(int(ipaddress.ip_address('$IP_ADDRESS_DST_TO_CONVERT'))))") | |
| //SRC_HTON=$(python3 -c "import ipaddress; import socket;print(socket.htonl(int(ipaddress.ip_address('$IP_ADDRESS_SRC_TO_CONVERT'))))") | |
| //sudo ./drop.bt $DST_HTON $SRC_HTON | |
| //ping 127.0.0.3 | |
| //curl 127.0.0.3 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| https://elixir.bootlin.com/linux/v5.4.242/source/net/core/dev.c#L4781 | |
| https://elixir.bootlin.com/linux/latest/A/ident/kfree_skb | |
| https://elixir.bootlin.com/linux/latest/source/include/linux/skbuff.h#L736 | |
| https://elixir.bootlin.com/linux/latest/source/include/net/dropreason.h#L88 | |
| https://elixir.bootlin.com/linux/latest/source/net/core/skbuff.c#L1177 | |
| https://github.com/xdp-project/xdp-tutorial/tree/master/basic01-xdp-pass | |
| https://github.com/iovisor/bpftrace | |
| https://elixir.bootlin.com/linux/latest/source/include/net/tcp.h#L324 | |
| https://habr.com/ru/companies/intel/articles/171079/ | |
| https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.resmgmt.doc/GUID-1DAB8F35-BA86-4063-8459-55D2979B593E.html |
akostrikov
/ network_links.md
Last active
January 15, 2024 00:25
akostrikov
/ ebpf_links.md
Created
November 14, 2023 15:56
https://www.youtube.com/watch?v=XudHNF4k_x0 - Kernel Recipes 2023 - Fast by Friday: Why Kernel Superpowers are Essential
https://andreaskaris.github.io/blog/networking/bpf-and-tcpdump/
akostrikov
/ cap.sh
Created
March 31, 2024 13:51
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Можно без capabilities пинговать | |
| akostrikov@DESKTOP-2F6SIC8:~$ sudo setcap cap_net_raw=-ep /usr/bin/ping | |
| [sudo] password for akostrikov: | |
| akostrikov@DESKTOP-2F6SIC8:~$ getcap /usr/bin/ping | |
| /usr/bin/ping = | |
| # Причем пинг идёт с ICMP | |
| akostrikov@DESKTOP-2F6SIC8:~$ sudo tcpdump -i any host 1.1.1.1 & | |
| [1] 684 | |
| akostrikov@DESKTOP-2F6SIC8:~$ tcpdump: data link type LINUX_SLL2 |
OlderNewer