我正在附加三个不同的 BPF 程序作为入口过滤器,如下所示:
tc filter add dev eth0 parent ffff: bpf direct-action obj bpf1.o sec classifier flowid ffff:1
tc filter add dev eth0 parent ffff: bpf direct-action obj bpf2.o sec classifier flowid ffff:2
tc filter add dev eth0 parent ffff: bpf direct-action obj bpf3.o sec classifier flowid ffff:3
我正在尝试找到一种使用 tc filter remove 命令删除特定过滤器的方法,但我无法这样做。例如,我想删除带有 flowid ffff:3 的过滤器。
请问有什么建议吗?
谢谢。
【问题讨论】:
标签: linux-kernel bpf ebpf
我认为您无法匹配flowid 或目标文件的名称。我发现最好的是你可以传递一个preference,它似乎用于对过滤器进行排序。
# tc filter show dev eth0 ingress
filter protocol all pref 49150 bpf chain 0
filter protocol all pref 49150 bpf chain 0 handle 0x1 flowid ffff:3 sample_ret0.o...
filter protocol all pref 49151 bpf chain 0
filter protocol all pref 49151 bpf chain 0 handle 0x1 flowid ffff:2 sample_ret0.o...
filter protocol all pref 49152 bpf chain 0
filter protocol all pref 49152 bpf chain 0 handle 0x1 flowid ffff:1 sample_ret0.o...
# tc filter del dev eth0 ingress pref 49151
# tc filter show dev eth0 ingress
filter protocol all pref 49150 bpf chain 0
filter protocol all pref 49150 bpf chain 0 handle 0x1 flowid ffff:3 sample_ret0.o...
filter protocol all pref 49152 bpf chain 0
filter protocol all pref 49152 bpf chain 0 handle 0x1 flowid ffff:1 sample_ret0.o...
您可以通过调用tc filter show 获得偏好,例如:
# tc -j filter show dev eth0 ingress | jq '.[]|select(.options.flowid == "ffff:2").pref'
49151
不起作用:您可以在创建过滤器时为其设置自定义 handle 整数,但之后显然无法将其删除:
# tc filter del dev eth0 ingress protocol all handle 42 bpf
Error: Cannot flush filters with protocol, handle or kind set.
We have an error talking to the kernel
【讨论】: