Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/terassyi/xdpcap-with-cilium
example of xdpcap with cilium/ebpf
https://github.com/terassyi/xdpcap-with-cilium
cilium ebpf linux xdp xdpcap
Last synced: about 1 month ago
JSON representation
example of xdpcap with cilium/ebpf
- Host: GitHub
- URL: https://github.com/terassyi/xdpcap-with-cilium
- Owner: terassyi
- Created: 2021-10-06T16:41:56.000Z (over 3 years ago)
- Default Branch: master
- Last Pushed: 2021-10-07T03:47:29.000Z (over 3 years ago)
- Last Synced: 2024-11-02T11:06:27.756Z (3 months ago)
- Topics: cilium, ebpf, linux, xdp, xdpcap
- Language: C
- Homepage:
- Size: 12.7 KB
- Stars: 3
- Watchers: 2
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# xdpcap with cilium
This code is an example of xdpcap using [cilium/ebpf](https://github.com/cilium/ebpf).
[cloudflare/xdpcap](https://github.com/cloudflare/xdpcap) is a tcpdump like tool for XDP.
It can capture packets and action code of XDP.
Please see each repositories for detail.
## Usage
First, you must mount bpffs and install xdpcap.
To install xdpcap, Please see [cloudflare/xdpcap](https://github.com/cloudflare/xdpcap).
Please run this command.
**We cannot run this in network namespaces.**
```shell
$ sudo mount -t bpf none /sys/fs/bpf
```
After that, we can built and run program.
```shell
$ make
$ sudo ./xdpcap-with-cilium -iface
```
To capture to a pcap file and display captured packets, you can run commands below.
```shell
$ sudo xdpcap /sys/fs/bpf/xdpcap "filter rules"
```
```shell
$ sudo xdpcap /sys/fs/bpf/xdpcap - "filter rules" | sudo tcpdump -r -
```