Add filter logging.
This commit is contained in:
Christian Deacon
@@ -20,4 +20,8 @@
|
||||
// If uncommented, rate limits for clients are determined using the source IP, port, and protocol instead of just the source IP.
|
||||
// This allows for more precise rate limits (connection-specific instead of a single source IP).
|
||||
// I decided not to include the destination IP/port because the source IP, port, and protocol should be represent a unique connection.
|
||||
#define USE_FLOW_RL
|
||||
#define USE_FLOW_RL
|
||||
|
||||
// Enables filter logging through XDP.
|
||||
// If performance is a concerned, it is best to disable this feature by commenting out the below line with //.
|
||||
#define ENABLE_FILTER_LOGGING
|
||||
@@ -64,6 +64,8 @@ struct filter
|
||||
{
|
||||
u8 id;
|
||||
|
||||
unsigned int log : 1;
|
||||
|
||||
unsigned int enabled : 1;
|
||||
|
||||
u8 action;
|
||||
@@ -131,4 +133,15 @@ struct flow6
|
||||
u128 ip;
|
||||
u16 port;
|
||||
u8 protocol;
|
||||
} typedef flow6_t;
|
||||
} typedef flow6_t;
|
||||
|
||||
struct filter_log_event
|
||||
{
|
||||
u64 ts;
|
||||
int filter_id;
|
||||
u32 src_ip;
|
||||
u32 src_ip6[4];
|
||||
u16 src_port;
|
||||
u64 pps;
|
||||
u64 bps;
|
||||
} typedef filter_log_event_t;
|
||||
Reference in New Issue
Block a user