func dumpCtProto(file string, ctType ctmap.CtType) { fd, err := bpf.ObjGet(file) if err != nil { fmt.Fprintf(os.Stderr, "Unable to open %s: %s\n", file, err) os.Exit(1) } m := ctmap.CtMap{Fd: fd, Type: ctType} out, err := m.Dump() if err != nil { fmt.Fprintf(os.Stderr, "Error while dumping BPF Map: %s\n", err) os.Exit(1) } fmt.Println(out) }
func runGC(e *endpoint.Endpoint, prefix string, ctType ctmap.CtType) { file := prefix + strconv.Itoa(int(e.ID)) fd, err := bpf.ObjGet(file) if err != nil { log.Warningf("Unable to open CT map %s: %s\n", file, err) e.LogStatus(endpoint.Warning, fmt.Sprintf("Unable to open CT map %s: %s", file, err)) return } f := os.NewFile(uintptr(fd), file) m := ctmap.CtMap{Fd: fd, Type: ctType} deleted := m.GC(uint16(GcInterval)) if deleted > 0 { log.Debugf("Deleted %d entries from map %s", deleted, file) } f.Close() }
func dumpMap(ctx *cli.Context) { lbl := ctx.Args().First() printIDs := ctx.Bool("id") if lbl != "" { if id := labels.GetID(lbl); id != labels.ID_UNKNOWN { lbl = "reserved_" + strconv.FormatUint(uint64(id), 10) } } else { fmt.Fprintf(os.Stderr, "Need ID or label\n") return } file := common.PolicyMapPath + lbl fd, err := bpf.ObjGet(file) if err != nil { fmt.Fprintf(os.Stderr, "%s\n", err) return } m := policymap.PolicyMap{Fd: fd} statsMap, err := m.DumpToSlice() if err != nil { fmt.Fprintf(os.Stderr, "Error while opening bpf Map: %s\n", err) return } labelsID := map[uint32]*labels.SecCtxLabel{} w := tabwriter.NewWriter(os.Stdout, 5, 0, 3, ' ', 0) const ( labelsIDTitle = "LABEL ID" labelsDesTitle = "LABELS (source:key[=value])" actionTitle = "ACTION" bytesTitle = "BYTES" packetsTitle = "PACKETS" ) for _, stat := range statsMap { if !printIDs { secCtxLbl, err := client.GetLabels(stat.ID) if err != nil { fmt.Fprintf(os.Stderr, "Was impossible to retrieve label ID %d: %s\n", stat.ID, err) } if secCtxLbl == nil { fmt.Fprintf(os.Stderr, "Label with ID %d was not found\n", stat.ID) } labelsID[stat.ID] = secCtxLbl } } if printIDs { fmt.Fprintf(w, "%s\t%s\t%s\t%s\t\n", labelsIDTitle, actionTitle, bytesTitle, packetsTitle) } else { fmt.Fprintf(w, "%s\t%s\t%s\t%s\t\n", labelsDesTitle, actionTitle, bytesTitle, packetsTitle) } for _, stat := range statsMap { act := policy.ConsumableDecision(stat.Action) if printIDs { fmt.Fprintf(w, "%d\t%s\t%d\t%d\t\n", stat.ID, act.String(), stat.Bytes, stat.Packets) } else if lbls := labelsID[stat.ID]; lbls != nil { first := true for _, lbl := range lbls.Labels { if first { fmt.Fprintf(w, "%s\t%s\t%d\t%d\t\n", lbl, act.String(), stat.Bytes, stat.Packets) first = false } else { fmt.Fprintf(w, "%s\t\t\t\t\t\n", lbl) } } } else { fmt.Fprintf(w, "%d\t%s\t%d\t%d\t\n", stat.ID, act.String(), stat.Bytes, stat.Packets) } } w.Flush() if len(statsMap) == 0 { fmt.Printf("Policy stats empty. Perhaps the policy enforcement is disabled?\n") } }