Track and print rule source in drop prints

author Matt Corallo <git@bluematt.me>

Sun, 4 Apr 2021 20:55:30 +0000 (16:55 -0400)

committer Matt Corallo <git@bluematt.me>

Sun, 4 Apr 2021 20:58:49 +0000 (16:58 -0400)
author Matt Corallo <git@bluematt.me>
Sun, 4 Apr 2021 20:55:30 +0000 (16:55 -0400)
committer Matt Corallo <git@bluematt.me>
Sun, 4 Apr 2021 20:58:49 +0000 (16:58 -0400)
diff --git a/dropcount.sh b/dropcount.sh

index 9864be80aa1be6a68eaa0ba71a8ff7eb040d4a29..4d5a74e2651284cb37fde23053c3c6a5dc26025d 100755 (executable)
--- a/dropcount.sh
+++ b/dropcount.sh
@@ -1,16 +1,17 @@
  #!/bin/bash
  function PRINTCNT() {
  if [ "$KEY" != "" ]; then
-       if [ "$KEY" = "0x00000000" ]; then
-               echo "Invalid packet length: $CNT"
-       elif [ "$KEY" = "0x00000001" ]; then
-               echo "Invalid VLAN tag: $CNT"
-       elif [ "$KEY" = "0x00000002" ]; then
-               echo "Invalid/rejected IHL IPv4 field: $CNT"
-       elif [ "$KEY" = "0x00000003" ]; then
-               echo "Rejected IPv6 fragments: $CNT"
+       if [ "$KEY" = "0" ]; then
+               echo -e "$CNT:\tInvalid packet length"
+       elif [ "$KEY" = "1" ]; then
+               echo -e "$CNT:\tInvalid VLAN tag"
+       elif [ "$KEY" = "2" ]; then
+               echo -e "$CNT:\tInvalid/rejected IHL IPv4 field"
+       elif [ "$KEY" = "3" ]; then
+               echo -e "$CNT:\tRejected IPv6 fragments"
         else
-               echo "$KEY: $CNT"
+               echo -en "$CNT:\t"
+               cat "$(dirname ${BASH_SOURCE[0]})/installed-rules.txt" | head -n $(( $KEY - 3 )) | tail -n1
         fi
  fi
  CNT=0
@@ -28,7 +29,7 @@ bpftool map show | grep drop_cnt_map | awk '{ print $1 }' | tr -d ':' | while re
                                 "Found "*) ;;
                                 *)
                                         PRINTCNT
-                                       KEY=$(echo "$LINE" | awk '{ print "0x" $4 $3 $2 $1 }')
+                                       KEY=$((16#$(echo "$LINE" | awk '{ print $4 $3 $2 $1 }')))
                                         ;;
                         esac
                 done
diff --git a/install.sh b/install.sh

index be3ead3d23e9b59f01ea2bd71fa768c2827f9ffd..97df120917ada357672add6216fd7587d595b62d 100755 (executable)
--- a/install.sh
+++ b/install.sh
@@ -18,3 +18,4 @@ ip link set "$1" xdpoffload obj xdp sec xdp_drop || (
                 echo "Failed to install in driver, using generic..." && ip link set "$1" xdpgeneric obj xdp sec xdp_drop
         )
  )
+echo "$RULES" | grep "^flow. {" > installed-rules.txt
author	Matt Corallo <git@bluematt.me>
	Sun, 4 Apr 2021 20:55:30 +0000 (16:55 -0400)
committer	Matt Corallo <git@bluematt.me>
	Sun, 4 Apr 2021 20:58:49 +0000 (16:58 -0400)
dropcount.sh		patch \| blob \| history
install.sh		patch \| blob \| history