Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/adamlahbib/pingkiller

Simple eBPF program that drops ICMP packets. It is written in C and uses the eBPF library and XDP to load the program into the kernel then outputs stats in the userspace program based on Cilium-ebpf.
https://github.com/adamlahbib/pingkiller

cilium ebpf kernel network xdp

Last synced: 11 days ago
JSON representation

Simple eBPF program that drops ICMP packets. It is written in C and uses the eBPF library and XDP to load the program into the kernel then outputs stats in the userspace program based on Cilium-ebpf.

Host: GitHub
URL: https://github.com/adamlahbib/pingkiller
Owner: adamlahbib
Created: 2023-08-27T12:11:59.000Z (over 1 year ago)
Default Branch: main
Last Pushed: 2023-08-27T13:01:49.000Z (over 1 year ago)
Last Synced: 2023-08-27T14:40:56.095Z (over 1 year ago)
Topics: cilium, ebpf, kernel, network, xdp
Language: Go
Homepage: https://admida0ui.tech/2023/08/11/ebpf/
Size: 4.88 KB
Stars: 0
Watchers: 1
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

README

# Description
simple eBPF program that drops ICMP packets. It is written in C and uses the eBPF library and XDP to load the program into the kernel then outputs stats in the userspace program based on cilium-ebpf.

### Some details:

XDP allows for early packet interception at the network interface driver level.

The XDP eBPF program, implemented in C, hooks into the Linux kernel’s networking stack at an early stage to intercept packets and decide their fate.

The accompanying Golang application interacts with the XDP eBPF program, providing a user-friendly interface to monitor the packet drop behavior and visualize performance statistics.

Check out our blog for explanation, installation guide, and environment setup at [https://admida0ui.tech](https://admida0ui.tech/)

### Prerequisites:
Clang and LLVM:
```
sudo apt update
sudo apt install clang llvm
```

bpftool:
```
git clone --recurse-submodules https://github.com/libbpf/bpftool.git
cd src
make
sudo make install
```
Golang:
```
sudo apt install golang
```

### How to run:

Compile the XDP program using the following command:

```bash
clang -S \
-g \
-target bpf \
-I../../libbpf/src\
-Wall \
-Werror \
-O2 -emit-llvm -c -o dicmp_kern.ll dicmp_kern.c
```

Which will generate the LLVM IR file dicmp_kern.ll, then use the llc tool to compile the LLVM IR file to BPF bytecode, as follows:
```
llc -march=bpf -filetype=obj -O2 -o dicmp_kern.o dicmp_kern.ll
```

Run the userspace program:
```
go mod init dicmp
go mod tidy
CGO_ENABLED=0 go build .
sudo ./dicmp

```