问题描述
我附加了三个不同的 BPF 程序作为入口过滤器,如下所示:
tc filter add dev eth0 parent ffff: bpf direct-action obj bpf1.o sec classifier flowid ffff:1
tc filter add dev eth0 parent ffff: bpf direct-action obj bpf2.o sec classifier flowid ffff:2
tc filter add dev eth0 parent ffff: bpf direct-action obj bpf3.o sec classifier flowid ffff:3
我正在尝试找到一种使用 tc filter remove 命令删除特定过滤器的方法,但我无法这样做。例如,我想删除 flowid ffff:3 的过滤器。
请问有什么提示吗?
谢谢。
解决方法
我认为您无法匹配 flowid 或目标文件的名称。我发现最好的是您可以传递一个 preference,它似乎用于对过滤器进行排序。
# tc filter show dev eth0 ingress
filter protocol all pref 49150 bpf chain 0
filter protocol all pref 49150 bpf chain 0 handle 0x1 flowid ffff:3 sample_ret0.o...
filter protocol all pref 49151 bpf chain 0
filter protocol all pref 49151 bpf chain 0 handle 0x1 flowid ffff:2 sample_ret0.o...
filter protocol all pref 49152 bpf chain 0
filter protocol all pref 49152 bpf chain 0 handle 0x1 flowid ffff:1 sample_ret0.o...
# tc filter del dev eth0 ingress pref 49151
# tc filter show dev eth0 ingress
filter protocol all pref 49150 bpf chain 0
filter protocol all pref 49150 bpf chain 0 handle 0x1 flowid ffff:3 sample_ret0.o...
filter protocol all pref 49152 bpf chain 0
filter protocol all pref 49152 bpf chain 0 handle 0x1 flowid ffff:1 sample_ret0.o...
您可以通过调用 tc filter show 获得偏好,例如:
# tc -j filter show dev eth0 ingress | jq '.[]|select(.options.flowid == "ffff:2").pref'
49151
不起作用:您可以在创建过滤器时为过滤器设置自定义的 handle 整数,但之后显然无法将其删除:
# tc filter del dev eth0 ingress protocol all handle 42 bpf
Error: Cannot flush filters with protocol,handle or kind set.
We have an error talking to the kernel