Various improvements #28
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
bf_dump_hex() will read the content of a raw data buffer and print it as hexadecimal values, 8 values in a row. Signed-off-by: Quentin Deslandes <[email protected]>
Codecov ReportAttention:
Additional details and impacted files@@ Coverage Diff @@
## main #28 +/- ##
==========================================
- Coverage 13.49% 13.02% -0.47%
==========================================
Files 33 34 +1
Lines 2283 2364 +81
==========================================
Hits 308 308
- Misses 1975 2056 +81 ☔ View full report in Codecov by Sentry. |
qdeslandes
force-pushed
the
various_improvements
branch
from
8454312
to
4d4e866
Compare
Signed-off-by: Quentin Deslandes <[email protected]>
Rename bf_list_empty() to bf_list_is_empty() and make the parameter const. Signed-off-by: Quentin Deslandes <[email protected]>
bf_response_new_raw() allocates a new response with reserved space for payload, but doesn't copy anything into the data field. The response type is set to BF_RES_SUCCESS. Signed-off-by: Quentin Deslandes <[email protected]>
Add support for XDP programs generation. Packet data is manipulated in the BPF program through a dynamic pointer, and programs are attached to the kernel using a BPF link. This commit is the first step towards full support of XDP BPF programs, with the following limitations: - Only IPv4 packets are processed. Non-IPv4 packets are passed-through to the network stack. - Only XDP_PASS and XDP_DROP actions are supported. - Program replacement is not atomic: the previous program is dettached before the new one is attached. Add a new function to ease dynamic pointer creation for XDP and SKB-based programs: bf_stub_make_ctx_xdp_dynptr() and bf_stub_make_ctx_skb_dynptr(). Introduce bf_bpf_xdp_link_create() to attach XDP programs. Signed-off-by: Quentin Deslandes <[email protected]>
Add --no-iptables command line options to prevent iptables front from running: ipt requests will be returned an error, and no cache will be restored. This change involved refactoring how fronts are serialised: every front (even the ones disabled) have they marsh function called with an allocated bf_marsh child. Disabled fronts won't have anything to add to the marsh and will just return. This simplify serialised front management as every front will be represented by a marsh object, so they can be restored sequentially. Signed-off-by: Quentin Deslandes <[email protected]>
qdeslandes
force-pushed
the
various_improvements
branch
from
4d4e866
to
ba82129
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Multiple improvements to the codebase derived from
nftablessupport:bf_dump_hex()to perform hexdump of a buffer.bf_list_empty().bf_response_new_raw().iptablesfront.