Add filter logging.

2025-02-26 11:13:59 -05:00
parent 3878bacb71
commit 8596997b98
10 changed files with 285 additions and 152 deletions
--- a/src/xdp/prog.c
+++ b/src/xdp/prog.c
@@ -513,6 +513,34 @@ int xdp_prog_main(struct xdp_md *ctx)
                continue;
            }
        }
+
+#ifdef ENABLE_FILTER_LOGGING
+        if (filter->log > 0)
+        {
+            filter_log_event_t* e = bpf_ringbuf_reserve(&filter_log_map, sizeof(*e), 0);
+
+            if (e)
+            {
+                e->ts = now;
+                e->filter_id = i;
+
+                if (iph)
+                {
+                    e->src_ip = iph->saddr;
+                } else if (iph6)
+                {
+                    memcpy(&e->src_ip6, iph6->saddr.in6_u.u6_addr32, 4);
+                }
+
+                e->src_port = src_port;
+
+                e->pps = pps;
+                e->bps = bps;
+
+                bpf_ringbuf_submit(e, 0);
+            }
+        }
+#endif
        
        // Matched.
        action = filter->action;
--- a/src/xdp/utils/maps.h
+++ b/src/xdp/utils/maps.h
@@ -59,4 +59,12 @@ struct
    __uint(max_entries, MAX_TRACK_IPS);
    __type(key, u128);
    __type(value, u64);
-} ip6_blacklist_map SEC(".maps");
+} ip6_blacklist_map SEC(".maps");
+
+#ifdef ENABLE_FILTER_LOGGING
+struct
+{
+    __uint(type, BPF_MAP_TYPE_RINGBUF);
+    __uint(max_entries, 1 << 16);
+} filter_log_map SEC(".maps");
+#endif