]> git.ipfire.org Git - people/ms/suricata.git/commit - src/source-af-packet.h
projects / people / ms / suricata.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: d212194) | patch
af-packet: add support for eBPF cluster and filter
authorEric Leblond <eric@regit.org>
Sun, 26 Nov 2017 19:27:13 +0000 (20:27 +0100)
committerEric Leblond <eric@regit.org>
Tue, 6 Feb 2018 15:57:48 +0000 (16:57 +0100)
commit91e1256b0134ebe89b89e18bf785d20679c25225
tree66ee8d90fe7c67b96e7db7da862659767649c621tree | snapshot
parentd2121945c93ea7db0454a2865c8696b940df477acommit | diff
af-packet: add support for eBPF cluster and filter

This patch introduces the ebpf cluster mode. This mode is using
an extended BPF function that is loaded into the kernel and
provide the load balancing.

An example of cluster function is provided in the ebpf
subdirectory and provide ippair load balancing function.
This is a function which uses the same method as
the one used in autofp ippair to provide a symetrical
load balancing based on IP addresses.

A simple filter example allowing to drop IPv6 is added to the
source.

This patch also prepares the infrastructure to be able to load
and use map inside eBPF files. This will be used later for flow
bypass.
15 files changed:
Makefile.am diff | blob | blame | history
configure.ac diff | blob | blame | history
ebpf/Makefile.am [new file with mode: 0644] blob
ebpf/bpf_helpers.h [new file with mode: 0644] blob
ebpf/filter.c [new file with mode: 0644] blob
ebpf/lb.c [new file with mode: 0644] blob
src/Makefile.am diff | blob | blame | history
src/runmode-af-packet.c diff | blob | blame | history
src/source-af-packet.c diff | blob | blame | history
src/source-af-packet.h diff | blob | blame | history
src/suricata-common.h diff | blob | blame | history
src/util-buffer.h diff | blob | blame | history
src/util-ebpf.c [new file with mode: 0644] blob
src/util-ebpf.h [new file with mode: 0644] blob
suricata.yaml.in diff | blob | blame | history
Michael's tree of suricata