From: Eric Leblond <eric@regit.org>
Date: Wed, 17 Jan 2018 02:45:01 +0000 (+0100)
Subject: unix-socket: add ebpf-bypassed-stats command
X-Git-Tag: suricata-4.1.0-beta1~180
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=276b93fb53c8b7f52ca0e1382a05aa2788e3680d;p=thirdparty%2Fsuricata.git

unix-socket: add ebpf-bypassed-stats command

This command output the count of element in IPv4 and IPv6 flow
table of interfaces using eBPF/XDP bypass.
---

diff --git a/src/unix-manager.c b/src/unix-manager.c
index 75ca92daba..b328227a76 100644
--- a/src/unix-manager.c
+++ b/src/unix-manager.c
@@ -34,6 +34,7 @@
 #include "util-privs.h"
 #include "util-debug.h"
 #include "util-device.h"
+#include "util-ebpf.h"
 #include "util-signal.h"
 #include "util-buffer.h"
 
@@ -1190,6 +1191,9 @@ void UnixManagerThreadSpawnNonRunmode(void)
                     UNIX_CMD_TAKE_ARGS);
             UnixManagerRegisterCommand("iface-list", LiveDeviceIfaceList, NULL, 0);
             UnixManagerThreadSpawn(0);
+#ifdef HAVE_PACKET_EBPF
+            UnixManagerRegisterCommand("ebpf-bypassed-stats", EBPFGetBypassedStats, NULL, 0);
+#endif
         }
     }
 }
diff --git a/src/util-ebpf.c b/src/util-ebpf.c
index 341efea07c..39a662f3d4 100644
--- a/src/util-ebpf.c
+++ b/src/util-ebpf.c
@@ -551,6 +551,42 @@ int EBPFCheckBypassedFlowTimeout(struct flows_stats *bypassstats,
     return ret;
 }
 
+#ifdef BUILD_UNIX_SOCKET
+TmEcode EBPFGetBypassedStats(json_t *cmd, json_t *answer, void *data)
+{
+    LiveDevice *ldev = NULL, *ndev;
+
+    json_t *ifaces = NULL;
+    while(LiveDeviceForEach(&ldev, &ndev)) {
+        struct bpf_maps_info *bpfdata = LiveDevGetStorageById(ldev, g_livedev_storage_id);
+        if (bpfdata) {
+            uint64_t ipv4_hash_count = SC_ATOMIC_GET(bpfdata->ipv4_hash_count);
+            uint64_t ipv6_hash_count = SC_ATOMIC_GET(bpfdata->ipv6_hash_count);
+            json_t *iface = json_object();
+            if (ifaces == NULL) {
+                ifaces = json_object();
+                if (ifaces == NULL) {
+                    json_object_set_new(answer, "message",
+                            json_string("internal error at json object creation"));
+                    return TM_ECODE_FAILED;
+                }
+            }
+            json_object_set_new(iface, "ipv4_count", json_integer(ipv4_hash_count));
+            json_object_set_new(iface, "ipv6_count", json_integer(ipv6_hash_count));
+            json_object_set_new(ifaces, ldev->dev, iface);
+        }
+    }
+    if (ifaces) {
+        json_object_set_new(answer, "message", ifaces);
+        SCReturnInt(TM_ECODE_OK);
+    }
+
+    json_object_set_new(answer, "message",
+                        json_string("No interface using eBPF bypass"));
+    SCReturnInt(TM_ECODE_FAILED);
+}
+#endif
+
 void EBPFRegisterExtension(void)
 {
     g_livedev_storage_id = LiveDevStorageRegister("bpfmap", sizeof(void *), NULL, BpfMapsInfoFree);
diff --git a/src/util-ebpf.h b/src/util-ebpf.h
index a4d167c3af..1c01ad1420 100644
--- a/src/util-ebpf.h
+++ b/src/util-ebpf.h
@@ -77,6 +77,10 @@ void EBPFBuildCPUSet(ConfNode *node, char *iface);
 int EBPFSetPeerIface(const char *iface, const char *out_iface);
 
 int EBPFUpdateFlow(Flow *f, Packet *p);
+  
+#ifdef BUILD_UNIX_SOCKET
+TmEcode EBPFGetBypassedStats(json_t *cmd, json_t *answer, void *data);
+#endif
 
 #endif