diff --git a/src/loader/prog.c b/src/loader/prog.c index 2913fea..38e2e2e 100644 --- a/src/loader/prog.c +++ b/src/loader/prog.c @@ -155,49 +155,49 @@ int main(int argc, char *argv[]) LogMsg(&cfg, 2, 0, "Retrieving BPF map FDs..."); // Retrieve BPF maps. - int filters_map = FindMapFd(prog, "filters_map"); + int map_filters = FindMapFd(prog, "map_filters"); // Check for valid maps. - if (filters_map < 0) + if (map_filters < 0) { - LogMsg(&cfg, 0, 1, "[ERROR] Failed to find 'filters_map' BPF map.\n"); + LogMsg(&cfg, 0, 1, "[ERROR] Failed to find 'map_filters' BPF map.\n"); return EXIT_FAILURE; } - LogMsg(&cfg, 3, 0, "filters_map FD => %d.", filters_map); + LogMsg(&cfg, 3, 0, "map_filters FD => %d.", map_filters); - int stats_map = FindMapFd(prog, "stats_map"); + int map_stats = FindMapFd(prog, "map_stats"); - if (stats_map < 0) + if (map_stats < 0) { - LogMsg(&cfg, 0, 1, "[ERROR] Failed to find 'stats_map' BPF map.\n"); + LogMsg(&cfg, 0, 1, "[ERROR] Failed to find 'map_stats' BPF map.\n"); return EXIT_FAILURE; } #ifdef ENABLE_FILTER_LOGGING - int filter_log_map = FindMapFd(prog, "filter_log_map"); + int map_filter_log = FindMapFd(prog, "map_filter_log"); struct ring_buffer* rb = NULL; - if (filter_log_map < 0) + if (map_filter_log < 0) { - LogMsg(&cfg, 1, 0, "[WARNING] Failed to find 'filter_log_map' BPF map. Filter logging will be disabled..."); + LogMsg(&cfg, 1, 0, "[WARNING] Failed to find 'map_filter_log' BPF map. Filter logging will be disabled..."); } else { - LogMsg(&cfg, 3, 0, "filter_log_map FD => %d.", filter_log_map); + LogMsg(&cfg, 3, 0, "map_filter_log FD => %d.", map_filter_log); - rb = ring_buffer__new(filter_log_map, HandleRbEvent, &cfg, NULL); + rb = ring_buffer__new(map_filter_log, HandleRbEvent, &cfg, NULL); } #endif - LogMsg(&cfg, 3, 0, "stats_map FD => %d.", stats_map); + LogMsg(&cfg, 3, 0, "map_stats FD => %d.", map_stats); LogMsg(&cfg, 2, 0, "Updating filters..."); // Update BPF maps. - UpdateFilters(filters_map, &cfg); + UpdateFilters(map_filters, &cfg); // Signal. signal(SIGINT, SignalHndl); @@ -247,7 +247,7 @@ int main(int argc, char *argv[]) } // Update BPF maps. - UpdateFilters(filters_map, &cfg); + UpdateFilters(map_filters, &cfg); // Update timer last_config_check = time(NULL); @@ -266,9 +266,9 @@ int main(int argc, char *argv[]) // Calculate and display stats if enabled. if (!cfg.no_stats) { - if (CalculateStats(stats_map, cpus, cfg.stats_per_second)) + if (CalculateStats(map_stats, cpus, cfg.stats_per_second)) { - LogMsg(&cfg, 1, 0, "[WARNING] Failed to calculate packet stats. Stats map FD => %d...\n", stats_map); + LogMsg(&cfg, 1, 0, "[WARNING] Failed to calculate packet stats. Stats map FD => %d...\n", map_stats); } } diff --git a/src/loader/utils/config.c b/src/loader/utils/config.c index 85d8374..b5a8486 100644 --- a/src/loader/utils/config.c +++ b/src/loader/utils/config.c @@ -305,7 +305,7 @@ int ReadCfg(config__t *cfg, config_overrides_t* overrides) } } - // Read filters in filters_map structure. + // Read filters in map_filters structure. setting = config_lookup(&conf, "filters"); // Check if filters map is valid. If not, not a biggie since they aren't required. diff --git a/src/loader/utils/stats.c b/src/loader/utils/stats.c index 7b788fb..c62fdbb 100644 --- a/src/loader/utils/stats.c +++ b/src/loader/utils/stats.c @@ -9,13 +9,13 @@ u64 last_passed = 0; /** * Calculates and displays packet counters/stats. * - * @param stats_map The stats map BPF FD. + * @param map_stats The stats map BPF FD. * @param cpus The amount of CPUs the host has. * @param per_second Calculate packet counters per second (PPS). * * @return 0 on success or 1 on failure. */ -int CalculateStats(int stats_map, int cpus, int per_second) +int CalculateStats(int map_stats, int cpus, int per_second) { u32 key = 0; @@ -26,7 +26,7 @@ int CalculateStats(int stats_map, int cpus, int per_second) u64 dropped = 0; u64 passed = 0; - if (bpf_map_lookup_elem(stats_map, &key, stats) != 0) + if (bpf_map_lookup_elem(map_stats, &key, stats) != 0) { return EXIT_FAILURE; } diff --git a/src/loader/utils/stats.h b/src/loader/utils/stats.h index c750570..25d4112 100644 --- a/src/loader/utils/stats.h +++ b/src/loader/utils/stats.h @@ -10,4 +10,4 @@ #include -int CalculateStats(int stats_map, int cpus, int per_second); \ No newline at end of file +int CalculateStats(int map_stats, int cpus, int per_second); \ No newline at end of file diff --git a/src/loader/utils/xdp.c b/src/loader/utils/xdp.c index aca7d0a..c9bc935 100644 --- a/src/loader/utils/xdp.c +++ b/src/loader/utils/xdp.c @@ -179,12 +179,12 @@ int AttachXdp(struct xdp_program *prog, char** mode, int ifidx, u8 detach, cmdli /** * Updates the filter's BPF map with current config settings. * - * @param filters_map The filter's BPF map FD. + * @param map_filters The filter's BPF map FD. * @param cfg A pointer to the config structure. * * @return Void */ -void UpdateFilters(int filters_map, config__t *cfg) +void UpdateFilters(int map_filters, config__t *cfg) { int ret; int cur_idx = 0; @@ -198,7 +198,7 @@ void UpdateFilters(int filters_map, config__t *cfg) // We do this in the case rules were edited and were put out of order since the key doesn't uniquely map to a specific rule. u32 key = i; - bpf_map_delete_elem(filters_map, &key); + bpf_map_delete_elem(map_filters, &key); // Only insert set and enabled filters. if (!filter->set || !filter->enabled) @@ -216,7 +216,7 @@ void UpdateFilters(int filters_map, config__t *cfg) } // Attempt to update BPF map. - if ((ret = bpf_map_update_elem(filters_map, &cur_idx, &filter_cpus, BPF_ANY)) != 0) + if ((ret = bpf_map_update_elem(map_filters, &cur_idx, &filter_cpus, BPF_ANY)) != 0) { fprintf(stderr, "[WARNING] Failed to update filter #%d due to BPF update error (%d)...\n", i, ret); } diff --git a/src/loader/utils/xdp.h b/src/loader/utils/xdp.h index 038af45..77d46ff 100644 --- a/src/loader/utils/xdp.h +++ b/src/loader/utils/xdp.h @@ -14,4 +14,4 @@ int FindMapFd(struct xdp_program *prog, const char *map_name); void SetLibBPFLogMode(int silent); struct xdp_program *LoadBpfObj(const char *file_name); int AttachXdp(struct xdp_program *prog, char** mode, int ifidx, u8 detach, cmdline_t *cmd); -void UpdateFilters(int filters_map, config__t *cfg); \ No newline at end of file +void UpdateFilters(int map_filters, config__t *cfg); \ No newline at end of file diff --git a/src/xdp/prog.c b/src/xdp/prog.c index 243be49..6425b91 100644 --- a/src/xdp/prog.c +++ b/src/xdp/prog.c @@ -82,7 +82,7 @@ int xdp_prog_main(struct xdp_md *ctx) // Get stats map. u32 key = 0; - stats_t*stats = bpf_map_lookup_elem(&stats_map, &key); + stats_t*stats = bpf_map_lookup_elem(&map_stats, &key); u64 now = bpf_ktime_get_ns(); @@ -91,11 +91,11 @@ int xdp_prog_main(struct xdp_md *ctx) if (iph6) { - blocked = bpf_map_lookup_elem(&ip6_blacklist_map, &src_ip6); + blocked = bpf_map_lookup_elem(&map_ip6_blacklist, &src_ip6); } else if (iph) { - blocked = bpf_map_lookup_elem(&ip_blacklist_map, &iph->saddr); + blocked = bpf_map_lookup_elem(&map_ip_blacklist, &iph->saddr); } if (blocked != NULL && *blocked > 0) @@ -105,11 +105,11 @@ int xdp_prog_main(struct xdp_md *ctx) // Remove element from map. if (iph6) { - bpf_map_delete_elem(&ip6_blacklist_map, &src_ip6); + bpf_map_delete_elem(&map_ip6_blacklist, &src_ip6); } else if (iph) { - bpf_map_delete_elem(&ip_blacklist_map, &iph->saddr); + bpf_map_delete_elem(&map_ip_blacklist, &iph->saddr); } } else @@ -272,7 +272,7 @@ int xdp_prog_main(struct xdp_md *ctx) { u32 key = i; - filter_t *filter = bpf_map_lookup_elem(&filters_map, &key); + filter_t *filter = bpf_map_lookup_elem(&map_filters, &key); // Check if ID is above 0 (if 0, it's an invalid rule). if (!filter || !filter->set) @@ -561,11 +561,11 @@ int xdp_prog_main(struct xdp_md *ctx) if (iph6) { - bpf_map_update_elem(&ip6_blacklist_map, &src_ip6, &new_time, BPF_ANY); + bpf_map_update_elem(&map_ip6_blacklist, &src_ip6, &new_time, BPF_ANY); } else if (iph) { - bpf_map_update_elem(&ip_blacklist_map, &iph->saddr, &new_time, BPF_ANY); + bpf_map_update_elem(&map_ip_blacklist, &iph->saddr, &new_time, BPF_ANY); } } diff --git a/src/xdp/utils/logging.c b/src/xdp/utils/logging.c index a7dc02b..0268ebf 100644 --- a/src/xdp/utils/logging.c +++ b/src/xdp/utils/logging.c @@ -21,7 +21,7 @@ */ static __always_inline int LogFilterMsg(struct iphdr* iph, struct ipv6hdr* iph6, u16 src_port, u16 dst_port, u8 protocol, u64 now, u64 pps, u64 bps, int filter_id) { - filter_log_event_t* e = bpf_ringbuf_reserve(&filter_log_map, sizeof(*e), 0); + filter_log_event_t* e = bpf_ringbuf_reserve(&map_filter_log, sizeof(*e), 0); if (e) { diff --git a/src/xdp/utils/maps.h b/src/xdp/utils/maps.h index fdb5475..f48b225 100644 --- a/src/xdp/utils/maps.h +++ b/src/xdp/utils/maps.h @@ -11,7 +11,7 @@ struct __uint(max_entries, MAX_FILTERS); __type(key, u32); __type(value, filter_t); -} filters_map SEC(".maps"); +} map_filters SEC(".maps"); struct { @@ -19,7 +19,7 @@ struct __uint(max_entries, 1); __type(key, u32); __type(value, stats_t); -} stats_map SEC(".maps"); +} map_stats SEC(".maps"); struct { @@ -31,7 +31,7 @@ struct __type(key, u32); #endif __type(value, ip_stats_t); -} ip_stats_map SEC(".maps"); +} map_ip_stats SEC(".maps"); struct { @@ -39,7 +39,7 @@ struct __uint(max_entries, MAX_TRACK_IPS); __type(key, u32); __type(value, u64); -} ip_blacklist_map SEC(".maps"); +} map_ip_blacklist SEC(".maps"); struct { @@ -51,7 +51,7 @@ struct __type(key, u128); #endif __type(value, ip_stats_t); -} ip6_stats_map SEC(".maps"); +} map_ip6_stats SEC(".maps"); struct { @@ -59,12 +59,12 @@ struct __uint(max_entries, MAX_TRACK_IPS); __type(key, u128); __type(value, u64); -} ip6_blacklist_map SEC(".maps"); +} map_ip6_blacklist SEC(".maps"); #ifdef ENABLE_FILTER_LOGGING struct { __uint(type, BPF_MAP_TYPE_RINGBUF); __uint(max_entries, 1 << 16); -} filter_log_map SEC(".maps"); +} map_filter_log SEC(".maps"); #endif \ No newline at end of file diff --git a/src/xdp/utils/rl.c b/src/xdp/utils/rl.c index fa6d777..f02f0aa 100644 --- a/src/xdp/utils/rl.c +++ b/src/xdp/utils/rl.c @@ -21,9 +21,9 @@ static __always_inline void UpdateIpStats(u64 *pps, u64 *bps, u32 ip, u16 port, key.port = port; key.protocol = protocol; - ip_stats_t *ip_stats = bpf_map_lookup_elem(&ip_stats_map, &key); + ip_stats_t *ip_stats = bpf_map_lookup_elem(&map_ip_stats, &key); #else - ip_stats_t *ip_stats = bpf_map_lookup_elem(&ip_stats_map, &ip); + ip_stats_t *ip_stats = bpf_map_lookup_elem(&map_ip_stats, &ip); #endif if (ip_stats) @@ -58,9 +58,9 @@ static __always_inline void UpdateIpStats(u64 *pps, u64 *bps, u32 ip, u16 port, *bps = new.bps; #ifdef USE_FLOW_RL - bpf_map_update_elem(&ip_stats_map, &key, &new, BPF_ANY); + bpf_map_update_elem(&map_ip_stats, &key, &new, BPF_ANY); #else - bpf_map_update_elem(&ip_stats_map, &ip, &new, BPF_ANY); + bpf_map_update_elem(&map_ip_stats, &ip, &new, BPF_ANY); #endif } } @@ -86,9 +86,9 @@ static __always_inline void UpdateIp6Stats(u64 *pps, u64 *bps, u128 *ip, u16 por key.port = port; key.protocol = protocol; - ip_stats_t *ip_stats = bpf_map_lookup_elem(&ip_stats_map, &key); + ip_stats_t *ip_stats = bpf_map_lookup_elem(&map_ip6_stats, &key); #else - ip_stats_t *ip_stats = bpf_map_lookup_elem(&ip_stats_map, ip); + ip_stats_t *ip_stats = bpf_map_lookup_elem(&map_ip6_stats, ip); #endif if (ip_stats) @@ -123,9 +123,9 @@ static __always_inline void UpdateIp6Stats(u64 *pps, u64 *bps, u128 *ip, u16 por *bps = new.bps; #ifdef USE_FLOW_RL - bpf_map_update_elem(&ip_stats_map, &key, &new, BPF_ANY); + bpf_map_update_elem(&map_ip6_stats, &key, &new, BPF_ANY); #else - bpf_map_update_elem(&ip_stats_map, ip, &new, BPF_ANY); + bpf_map_update_elem(&map_ip6_stats, ip, &new, BPF_ANY); #endif } } \ No newline at end of file