Thiết kế website giá rẻ

Question

Here’s the eBPF code:

<code>void stat_traffic_impl(struct __sk_buff* skb) {

switch (skb->family) {

case AF_INET:

bpf_printk("%u -> %u", skb->local_ip4, skb->remote_ip4);

bpf_printk("%pI4h -> %pI4h", skb->local_ip4, skb->remote_ip4);

break;

default:

return;

}

SEC("cgroup/skb")

int stat_traffic(struct __sk_buff* skb) {

stat_traffic_impl(skb);

return true; // let packet pass

}

</code>

<code>void stat_traffic_impl(struct __sk_buff* skb) { switch (skb->family) { case AF_INET: bpf_printk("%u -> %u", skb->local_ip4, skb->remote_ip4); bpf_printk("%pI4h -> %pI4h", skb->local_ip4, skb->remote_ip4); break; default: return; } } SEC("cgroup/skb") int stat_traffic(struct __sk_buff* skb) { stat_traffic_impl(skb); return true; // let packet pass } </code>

void stat_traffic_impl(struct __sk_buff* skb) {
    switch (skb->family) {
    case AF_INET:
        bpf_printk("%u -> %u", skb->local_ip4, skb->remote_ip4);
        bpf_printk("%pI4h -> %pI4h", skb->local_ip4, skb->remote_ip4);
        break;
    default:
        return;
    }
}

SEC("cgroup/skb")
int stat_traffic(struct __sk_buff* skb) {
    stat_traffic_impl(skb);
    return true;  // let packet pass
}

Here’s part of the output:

<code> cat-554297 [000] ..s11 48045.305791: bpf_trace_printk: 1562355904 -> 3395707859

cat-554297 [000] ..s11 48045.305791: bpf_trace_printk: 0.0.0.0 -> 0.0.0.0

<idle>-0 [001] ..s21 48045.305824: bpf_trace_printk: 1562355904 -> 3395707859

<idle>-0 [001] ..s21 48045.305825: bpf_trace_printk: 0.0.0.0 -> 0.0.0.0

cat-554297 [000] ..s11 48045.305839: bpf_trace_printk: 1562355904 -> 3395707859

cat-554297 [000] ..s11 48045.305840: bpf_trace_printk: 0.0.0.0 -> 0.0.0.0

<idle>-0 [000] ..s21 48045.305895: bpf_trace_printk: 1562355904 -> 3563480019

<idle>-0 [000] .Ns21 48045.305898: bpf_trace_printk: 0.0.0.0 -> 0.0.0.0

<idle>-0 [001] ..s21 48045.306075: bpf_trace_printk: 1562355904 -> 3563480019

<idle>-0 [001] ..s21 48045.306079: bpf_trace_printk: 0.0.0.0 -> 0.0.0.0

<idle>-0 [000] ..s21 48045.306103: bpf_trace_printk: 1562355904 -> 3395707859

<idle>-0 [000] .Ns21 48045.306105: bpf_trace_printk: 0.0.0.0 -> 0.0.0.0

<idle>-0 [001] ..s21 48045.306126: bpf_trace_printk: 1562355904 -> 3563480019

<idle>-0 [001] ..s21 48045.306129: bpf_trace_printk: 0.0.0.0 -> 0.0.0.0

<idle>-0 [001] ..s21 48045.306131: bpf_trace_printk: 1562355904 -> 3395707859

<idle>-0 [001] ..s21 48045.306133: bpf_trace_printk: 0.0.0.0 -> 0.0.0.0

</code>

<code> cat-554297 [000] ..s11 48045.305791: bpf_trace_printk: 1562355904 -> 3395707859 cat-554297 [000] ..s11 48045.305791: bpf_trace_printk: 0.0.0.0 -> 0.0.0.0 <idle>-0 [001] ..s21 48045.305824: bpf_trace_printk: 1562355904 -> 3395707859 <idle>-0 [001] ..s21 48045.305825: bpf_trace_printk: 0.0.0.0 -> 0.0.0.0 cat-554297 [000] ..s11 48045.305839: bpf_trace_printk: 1562355904 -> 3395707859 cat-554297 [000] ..s11 48045.305840: bpf_trace_printk: 0.0.0.0 -> 0.0.0.0 <idle>-0 [000] ..s21 48045.305895: bpf_trace_printk: 1562355904 -> 3563480019 <idle>-0 [000] .Ns21 48045.305898: bpf_trace_printk: 0.0.0.0 -> 0.0.0.0 <idle>-0 [001] ..s21 48045.306075: bpf_trace_printk: 1562355904 -> 3563480019 <idle>-0 [001] ..s21 48045.306079: bpf_trace_printk: 0.0.0.0 -> 0.0.0.0 <idle>-0 [000] ..s21 48045.306103: bpf_trace_printk: 1562355904 -> 3395707859 <idle>-0 [000] .Ns21 48045.306105: bpf_trace_printk: 0.0.0.0 -> 0.0.0.0 <idle>-0 [001] ..s21 48045.306126: bpf_trace_printk: 1562355904 -> 3563480019 <idle>-0 [001] ..s21 48045.306129: bpf_trace_printk: 0.0.0.0 -> 0.0.0.0 <idle>-0 [001] ..s21 48045.306131: bpf_trace_printk: 1562355904 -> 3395707859 <idle>-0 [001] ..s21 48045.306133: bpf_trace_printk: 0.0.0.0 -> 0.0.0.0 </code>

             cat-554297  [000] ..s11 48045.305791: bpf_trace_printk: 1562355904 -> 3395707859
             cat-554297  [000] ..s11 48045.305791: bpf_trace_printk: 0.0.0.0 -> 0.0.0.0
          <idle>-0       [001] ..s21 48045.305824: bpf_trace_printk: 1562355904 -> 3395707859
          <idle>-0       [001] ..s21 48045.305825: bpf_trace_printk: 0.0.0.0 -> 0.0.0.0
             cat-554297  [000] ..s11 48045.305839: bpf_trace_printk: 1562355904 -> 3395707859
             cat-554297  [000] ..s11 48045.305840: bpf_trace_printk: 0.0.0.0 -> 0.0.0.0
          <idle>-0       [000] ..s21 48045.305895: bpf_trace_printk: 1562355904 -> 3563480019
          <idle>-0       [000] .Ns21 48045.305898: bpf_trace_printk: 0.0.0.0 -> 0.0.0.0
          <idle>-0       [001] ..s21 48045.306075: bpf_trace_printk: 1562355904 -> 3563480019
          <idle>-0       [001] ..s21 48045.306079: bpf_trace_printk: 0.0.0.0 -> 0.0.0.0
          <idle>-0       [000] ..s21 48045.306103: bpf_trace_printk: 1562355904 -> 3395707859
          <idle>-0       [000] .Ns21 48045.306105: bpf_trace_printk: 0.0.0.0 -> 0.0.0.0
          <idle>-0       [001] ..s21 48045.306126: bpf_trace_printk: 1562355904 -> 3563480019
          <idle>-0       [001] ..s21 48045.306129: bpf_trace_printk: 0.0.0.0 -> 0.0.0.0
          <idle>-0       [001] ..s21 48045.306131: bpf_trace_printk: 1562355904 -> 3395707859
          <idle>-0       [001] ..s21 48045.306133: bpf_trace_printk: 0.0.0.0 -> 0.0.0.0

I want to know:

Why %pI4h always results in 0.0.0.0?
Why is there so much network traffic from the idle process? What exactly does the idle process do here?

Thiết kế website giá rẻ

Danh mục

Why is there network traffic from the idle process in `cgroup/skb`?