kandi background
Explore Kits

pkts | Pure java based pcap library capable of reading and writing | Learning library

 by   aboutsip Java Version: Current License: MIT

 by   aboutsip Java Version: Current License: MIT

Download this library from

kandi X-RAY | pkts Summary

pkts is a Java library typically used in Tutorial, Learning, Kafka applications. pkts has no vulnerabilities, it has build file available, it has a Permissive License and it has low support. However pkts has 33 bugs. You can download it from GitHub, Maven.
pkts.io is a pure java library for reading and writing pcaps. It's primary purpose is to manipulate/analyze existing pcaps, allowing you to build various tools around pcaps. For full documentation, please see aboutsip.com.
Support
Support
Quality
Quality
Security
Security
License
License
Reuse
Reuse

kandi-support Support

  • pkts has a low active ecosystem.
  • It has 150 star(s) with 75 fork(s). There are 16 watchers for this library.
  • It had no major release in the last 12 months.
  • There are 21 open issues and 19 have been closed. On average issues are closed in 131 days. There are no pull requests.
  • It has a neutral sentiment in the developer community.
  • The latest version of pkts is current.
pkts Support
Best in #Learning
Average in #Learning
pkts Support
Best in #Learning
Average in #Learning

quality kandi Quality

  • pkts has 33 bugs (1 blocker, 2 critical, 17 major, 13 minor) and 966 code smells.
pkts Quality
Best in #Learning
Average in #Learning
pkts Quality
Best in #Learning
Average in #Learning

securitySecurity

  • pkts has no vulnerabilities reported, and its dependent libraries have no vulnerabilities reported.
  • pkts code analysis shows 0 unresolved vulnerabilities.
  • There are 89 security hotspots that need review.
pkts Security
Best in #Learning
Average in #Learning
pkts Security
Best in #Learning
Average in #Learning

license License

  • pkts is licensed under the MIT License. This license is Permissive.
  • Permissive licenses have the least restrictions, and you can use them in most projects.
pkts License
Best in #Learning
Average in #Learning
pkts License
Best in #Learning
Average in #Learning

buildReuse

  • pkts releases are not available. You will need to build from source code and install.
  • Deployable package is available in Maven.
  • Build file is available. You can build the component from source.
  • Installation instructions are not available. Examples and code snippets are available.
  • It has 25202 lines of code, 2895 functions and 269 files.
  • It has medium code complexity. Code complexity directly impacts maintainability of the code.
pkts Reuse
Best in #Learning
Average in #Learning
pkts Reuse
Best in #Learning
Average in #Learning
Top functions reviewed by kandi - BETA

kandi has reviewed pkts and discovered the below as its top functions. This is intended to give you an instant insight into pkts implemented functionality, and help decide if they suit your requirements.

  • Reads a SIP message from a buffer
  • Compares two URIs .
  • Returns the phone URI
  • Parse this buffer to an integer value .
  • Build a SIP message .
  • Main entry point for running SIP .
  • Gets quotiter into buf .
  • Internal utility method to compare two buffers .
  • Is SDP .
  • Intro example for introspection

pkts Key Features

Pure java based pcap library capable of reading and writing to/from pcaps.

Define a new Protocol

copy iconCopydownload iconDownload
ICMP("icmp"), IGMP("igmp"), TCP("tcp"), UDP("udp"), SCTP("sctp"), SIP("sip"), SDP("sdp"), ETHERNET_II("eth"), SLL("sll"), IPv4( "ip"), PCAP("pcap"), RTP("rtp"), UNKNOWN("unknown");

Create a new Framer

copy iconCopydownload iconDownload
package com.aboutsip.yajpcap.framer.layer7;

public final class RTPFramer implements Layer7Framer {

    private final FramerManager framerManager;

    public RTPFramer(final FramerManager framerManager) {
        this.framerManager = framerManager;
    }

    @Override
    public Protocol getProtocol() {
        return Protocol.RTP;
    }

    @Override
    public boolean accept(final Buffer data) throws IOException {
        return false;
    }

    @Override
    public Layer7Frame frame(final Layer4Frame parent, final Buffer buffer) throws IOException {
        return null;
    }
}

eBPF: 'bpf_map_update()' returns the 'invalid indirect read from stack' error

copy iconCopydownload iconDownload
struct client_port_addr {
    __u32 client_ip;
    __u8 dmac[6];
    __u16 pad[3];
};

struct client_port_addr val;
[...]
val.client_ip = iph->saddr;                                  // val.client_ip
memcpy (val.dmac, eth->h_source, 6 * sizeof(__u8));          // val.dmac
                                                             // val.pad where??
bpf_map_update_elem(&client_addrs, &key, &val, BPF_ANY);
struct client_port_addr val = {0};
struct client_port_addr val;

memset(&val, 0, sizeof(val));
-----------------------
struct client_port_addr {
    __u32 client_ip;
    __u8 dmac[6];
    __u16 pad[3];
};

struct client_port_addr val;
[...]
val.client_ip = iph->saddr;                                  // val.client_ip
memcpy (val.dmac, eth->h_source, 6 * sizeof(__u8));          // val.dmac
                                                             // val.pad where??
bpf_map_update_elem(&client_addrs, &key, &val, BPF_ANY);
struct client_port_addr val = {0};
struct client_port_addr val;

memset(&val, 0, sizeof(val));
-----------------------
struct client_port_addr {
    __u32 client_ip;
    __u8 dmac[6];
    __u16 pad[3];
};

struct client_port_addr val;
[...]
val.client_ip = iph->saddr;                                  // val.client_ip
memcpy (val.dmac, eth->h_source, 6 * sizeof(__u8));          // val.dmac
                                                             // val.pad where??
bpf_map_update_elem(&client_addrs, &key, &val, BPF_ANY);
struct client_port_addr val = {0};
struct client_port_addr val;

memset(&val, 0, sizeof(val));

How to modify scapy packet payload

copy iconCopydownload iconDownload
for pkt in pkts:
    payload = pkt.lastlayer()
    payload.load = b"\xde\xad\xbe\xef" + payload.load[4:] # or payload.load[:-4] + b"\xde\xad\xbe\xef"

pktgen cannot send packet in ovs dpdk scenario

copy iconCopydownload iconDownload
DPDK Pktgen (net_vhost) <==> OVS-DPDK port-1 (virtio_user) {Rule to forward} OVS-DPDK port-2 (virtio_user) <==> DPDK Pktgen (net_vhost) 

scrape docker metrics from inside container

copy iconCopydownload iconDownload
sudo iptables -A INPUT -i docker0 -j ACCEPT
sudo iptables -A INPUT -i docker_gwbridge -j ACCEPT
docker run --rm curlimages/curl -I -m 10 172.17.0.1:4999/metrics
HTTP/1.1 200 OK
Content-Type: text/plain; version=0.0.4; charset=utf-8
Date: Sat, 03 Apr 2021 10:53:12 GMT
-----------------------
sudo iptables -A INPUT -i docker0 -j ACCEPT
sudo iptables -A INPUT -i docker_gwbridge -j ACCEPT
docker run --rm curlimages/curl -I -m 10 172.17.0.1:4999/metrics
HTTP/1.1 200 OK
Content-Type: text/plain; version=0.0.4; charset=utf-8
Date: Sat, 03 Apr 2021 10:53:12 GMT

SOLVED: Nginx proxy_bind failing

copy iconCopydownload iconDownload
                                                                                 (192.168.0.2:12345) OUTPUT ==>
    (192.168.0.154:$port) PREROUTING ==>                                   (100.64.8.236:12345) POSTROUTING ==>
Windows Client (192.168.0.154:$port) ==> Nginx Master (192.168.0.2:443) | Nginx Worker (100.64.8.236:12345) ==> Upstream Desination Server (104.27.161.206:443)
                                     <== POSTROUTING (192.168.0.2:443)                                      <== PREROUTING (104.27.161.206:443)
# iptables -t mangle -I OUTPUT -o vlan2 -p tcp -m multiport --sport 12345 -j MARK --set-mark 0x2000/0x2000
-----------------------
                                                                                 (192.168.0.2:12345) OUTPUT ==>
    (192.168.0.154:$port) PREROUTING ==>                                   (100.64.8.236:12345) POSTROUTING ==>
Windows Client (192.168.0.154:$port) ==> Nginx Master (192.168.0.2:443) | Nginx Worker (100.64.8.236:12345) ==> Upstream Desination Server (104.27.161.206:443)
                                     <== POSTROUTING (192.168.0.2:443)                                      <== PREROUTING (104.27.161.206:443)
# iptables -t mangle -I OUTPUT -o vlan2 -p tcp -m multiport --sport 12345 -j MARK --set-mark 0x2000/0x2000

Python3 run multiple functions in parallel

copy iconCopydownload iconDownload
import threading

# the names are not required but can be useful for debugging if needed
# if the targets have arguments you can specify with the 'arg' argument
t_capture = threading.Thread(target=packet_capture, name="capture")
t_test = threading.Thread(target=test_thread, name="test")

# start the threads
t_capture.start()
t_thread.start()

# wait for them to finish with optional timeout in seconds
t_capture.join()
t_test.join()
-----------------------
import threading
import time

threadRunning = True

def test_thread1():
  while threadRunning:
    for i in range(1,5):
      print("test thread 1: " + str(i))
      time.sleep(0.5)

def test_thread2():
  while threadRunning:
    for i in range(1,5):
      print("test thread 2: " + str(i))
      time.sleep(0.33)


x = threading.Thread(target=test_thread1, args=())
x.start()
y = threading.Thread(target=test_thread2)
y.start()
time.sleep(10)
threadRunning = False
print("Stop it!")
time.sleep(2)

reading Pcap and writing it to csv file python

copy iconCopydownload iconDownload
pkts = rdpcap('example.pcap')

with open("Pcap/test.csv", "w") as f:
    for pkt in pkts:

        if IP in pkt:
            ip_src=pkt[IP].src
            ip_dst=pkt[IP].dst
        if TCP in pkt:
            tcp_dport=pkt[TCP].dport

        if ip_src == '10.116.206.114' and ip_dst == '10.236.138.184':
            print (str(ip_src) + str(ip_dst) + str(tcp_dport)) 

            csv_header = "IP_src,IP_drc,dst_port\n"

            s = ""
            for scr in str(ip_src):
                s+=str(scr)
            csv_header += s + ','

            s_ = ''
            for dst in str(ip_dst) :
                s_+=str(dst)
            csv_header += s_ + ','

            s_1 = ''
            for dst_tcp in str(tcp_dport):
                s_1 += str(dst_tcp)
            csv_header += s_1

            f.write(csv_header)

Selectively remove unnecessary column whitespace from 'iptables -nvL' command output?

copy iconCopydownload iconDownload
align -e '!/^Chain/' -g 4 < file.txt
Chain INPUT (policy DROP 2525 packets, 130K bytes)
target                      prot    opt    in    out    source       destination
ufw-before-logging-input    all     --     *     *      0.0.0.0/0    0.0.0.0/0
ufw-before-input            all     --     *     *      0.0.0.0/0    0.0.0.0/0
ufw-after-input             all     --     *     *      0.0.0.0/0    0.0.0.0/0
ufw-after-logging-input     all     --     *     *      0.0.0.0/0    0.0.0.0/0
ufw-reject-input            all     --     *     *      0.0.0.0/0    0.0.0.0/0
ufw-track-input             all     --     *     *      0.0.0.0/0    0.0.0.0/0
align -e '!/^Chain/' -a r4dr < file.txt 
Chain INPUT (policy DROP 2525 packets, 130K bytes)
                  target prot opt in out    source destination
ufw-before-logging-input all  --  *  *   0.0.0.0/0   0.0.0.0/0
        ufw-before-input all  --  *  *   0.0.0.0/0   0.0.0.0/0
         ufw-after-input all  --  *  *   0.0.0.0/0   0.0.0.0/0
 ufw-after-logging-input all  --  *  *   0.0.0.0/0   0.0.0.0/0
        ufw-reject-input all  --  *  *   0.0.0.0/0   0.0.0.0/0
         ufw-track-input all  --  *  *   0.0.0.0/0   0.0.0.0/0
-----------------------
align -e '!/^Chain/' -g 4 < file.txt
Chain INPUT (policy DROP 2525 packets, 130K bytes)
target                      prot    opt    in    out    source       destination
ufw-before-logging-input    all     --     *     *      0.0.0.0/0    0.0.0.0/0
ufw-before-input            all     --     *     *      0.0.0.0/0    0.0.0.0/0
ufw-after-input             all     --     *     *      0.0.0.0/0    0.0.0.0/0
ufw-after-logging-input     all     --     *     *      0.0.0.0/0    0.0.0.0/0
ufw-reject-input            all     --     *     *      0.0.0.0/0    0.0.0.0/0
ufw-track-input             all     --     *     *      0.0.0.0/0    0.0.0.0/0
align -e '!/^Chain/' -a r4dr < file.txt 
Chain INPUT (policy DROP 2525 packets, 130K bytes)
                  target prot opt in out    source destination
ufw-before-logging-input all  --  *  *   0.0.0.0/0   0.0.0.0/0
        ufw-before-input all  --  *  *   0.0.0.0/0   0.0.0.0/0
         ufw-after-input all  --  *  *   0.0.0.0/0   0.0.0.0/0
 ufw-after-logging-input all  --  *  *   0.0.0.0/0   0.0.0.0/0
        ufw-reject-input all  --  *  *   0.0.0.0/0   0.0.0.0/0
         ufw-track-input all  --  *  *   0.0.0.0/0   0.0.0.0/0
-----------------------
align -e '!/^Chain/' -g 4 < file.txt
Chain INPUT (policy DROP 2525 packets, 130K bytes)
target                      prot    opt    in    out    source       destination
ufw-before-logging-input    all     --     *     *      0.0.0.0/0    0.0.0.0/0
ufw-before-input            all     --     *     *      0.0.0.0/0    0.0.0.0/0
ufw-after-input             all     --     *     *      0.0.0.0/0    0.0.0.0/0
ufw-after-logging-input     all     --     *     *      0.0.0.0/0    0.0.0.0/0
ufw-reject-input            all     --     *     *      0.0.0.0/0    0.0.0.0/0
ufw-track-input             all     --     *     *      0.0.0.0/0    0.0.0.0/0
align -e '!/^Chain/' -a r4dr < file.txt 
Chain INPUT (policy DROP 2525 packets, 130K bytes)
                  target prot opt in out    source destination
ufw-before-logging-input all  --  *  *   0.0.0.0/0   0.0.0.0/0
        ufw-before-input all  --  *  *   0.0.0.0/0   0.0.0.0/0
         ufw-after-input all  --  *  *   0.0.0.0/0   0.0.0.0/0
 ufw-after-logging-input all  --  *  *   0.0.0.0/0   0.0.0.0/0
        ufw-reject-input all  --  *  *   0.0.0.0/0   0.0.0.0/0
         ufw-track-input all  --  *  *   0.0.0.0/0   0.0.0.0/0
-----------------------
align -e '!/^Chain/' -g 4 < file.txt
Chain INPUT (policy DROP 2525 packets, 130K bytes)
target                      prot    opt    in    out    source       destination
ufw-before-logging-input    all     --     *     *      0.0.0.0/0    0.0.0.0/0
ufw-before-input            all     --     *     *      0.0.0.0/0    0.0.0.0/0
ufw-after-input             all     --     *     *      0.0.0.0/0    0.0.0.0/0
ufw-after-logging-input     all     --     *     *      0.0.0.0/0    0.0.0.0/0
ufw-reject-input            all     --     *     *      0.0.0.0/0    0.0.0.0/0
ufw-track-input             all     --     *     *      0.0.0.0/0    0.0.0.0/0
align -e '!/^Chain/' -a r4dr < file.txt 
Chain INPUT (policy DROP 2525 packets, 130K bytes)
                  target prot opt in out    source destination
ufw-before-logging-input all  --  *  *   0.0.0.0/0   0.0.0.0/0
        ufw-before-input all  --  *  *   0.0.0.0/0   0.0.0.0/0
         ufw-after-input all  --  *  *   0.0.0.0/0   0.0.0.0/0
 ufw-after-logging-input all  --  *  *   0.0.0.0/0   0.0.0.0/0
        ufw-reject-input all  --  *  *   0.0.0.0/0   0.0.0.0/0
         ufw-track-input all  --  *  *   0.0.0.0/0   0.0.0.0/0
-----------------------
$ cat tst.awk
BEGIN { nf = split("0 0 27 7 6 5 5 20 20",w) }
NF && !/^Chain/ {
    for (i=3; i<=nf; i++) {
        printf "%-*s", w[i], $i
    }
    sub("^([[:space:]]*[^[:space:]]+){"nf"}[[:space:]]*","")
}
{ print }
$ cat file | awk -f tst.awk
Chain ufw-after-input (1 references)
target                     prot   opt   in   out  source              destination
ufw-skip-to-policy-input   udp    --    *    *    0.0.0.0/0           0.0.0.0/0           udp dpt:137
ufw-skip-to-policy-input   udp    --    *    *    0.0.0.0/0           0.0.0.0/0           udp dpt:138
ufw-skip-to-policy-input   tcp    --    *    *    0.0.0.0/0           0.0.0.0/0           tcp dpt:139
ufw-skip-to-policy-input   tcp    --    *    *    0.0.0.0/0           0.0.0.0/0           tcp dpt:445
ufw-skip-to-policy-input   udp    --    *    *    0.0.0.0/0           0.0.0.0/0           udp dpt:67
ufw-skip-to-policy-input   udp    --    *    *    0.0.0.0/0           0.0.0.0/0           udp dpt:68
ufw-skip-to-policy-input   all    --    *    *    xxx.xxx.xxx.xxx/yy  xxx.xxx.xxx.xxx/yy  ADDRTYPE match dst-type BROADCAST

Chain ufw-after-logging-forward (1 references)
target                     prot   opt   in   out  source              destination
LOG                        all    --    *    *    xxx.xxx.xxx.xxx/yy  xxx.xxx.xxx.xxx/yy  limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] "
$ awk -f tst.awk file
Chain INPUT (policy DROP 35 packets, 1771 bytes)
target                     prot   opt   in   out  source              destination
ufw-before-logging-input   all    --    *    *    0.0.0.0/0           0.0.0.0/0
ufw-before-input           all    --    *    *    0.0.0.0/0           0.0.0.0/0
ufw-after-input            all    --    *    *    0.0.0.0/0           0.0.0.0/0
ufw-after-logging-input    all    --    *    *    0.0.0.0/0           0.0.0.0/0
ufw-reject-input           all    --    *    *    0.0.0.0/0           0.0.0.0/0
ufw-track-input            all    --    *    *    0.0.0.0/0           0.0.0.0/0

Chain FORWARD (policy DROP 0 packets, 0 bytes)
target                     prot   opt   in   out  source              destination
ufw-before-logging-forward all    --    *    *    0.0.0.0/0           0.0.0.0/0
ufw-before-forward         all    --    *    *    0.0.0.0/0           0.0.0.0/0
ufw-after-forward          all    --    *    *    0.0.0.0/0           0.0.0.0/0
ufw-after-logging-forward  all    --    *    *    0.0.0.0/0           0.0.0.0/0
ufw-reject-forward         all    --    *    *    0.0.0.0/0           0.0.0.0/0
ufw-track-forward          all    --    *    *    0.0.0.0/0           0.0.0.0/0

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
target                     prot   opt   in   out  source              destination
ufw-before-logging-output  all    --    *    *    0.0.0.0/0           0.0.0.0/0
ufw-before-output          all    --    *    *    0.0.0.0/0           0.0.0.0/0
ufw-after-output           all    --    *    *    0.0.0.0/0           0.0.0.0/0
ufw-after-logging-output   all    --    *    *    0.0.0.0/0           0.0.0.0/0
ufw-reject-output          all    --    *    *    0.0.0.0/0           0.0.0.0/0
ufw-track-output           all    --    *    *    0.0.0.0/0           0.0.0.0/0

Chain ufw-after-forward (1 references)
target                     prot   opt   in   out  source              destination

Chain ufw-after-input (1 references)
target                     prot   opt   in   out  source              destination
ufw-skip-to-policy-input   udp    --    *    *    0.0.0.0/0           0.0.0.0/0           udp dpt:137
ufw-skip-to-policy-input   udp    --    *    *    0.0.0.0/0           0.0.0.0/0           udp dpt:138
ufw-skip-to-policy-input   tcp    --    *    *    0.0.0.0/0           0.0.0.0/0           tcp dpt:139
ufw-skip-to-policy-input   tcp    --    *    *    0.0.0.0/0           0.0.0.0/0           tcp dpt:445
ufw-skip-to-policy-input   udp    --    *    *    0.0.0.0/0           0.0.0.0/0           udp dpt:67
ufw-skip-to-policy-input   udp    --    *    *    0.0.0.0/0           0.0.0.0/0           udp dpt:68
ufw-skip-to-policy-input   all    --    *    *    0.0.0.0/0           0.0.0.0/0           ADDRTYPE match dst-type BROADCAST

Chain ufw-after-logging-forward (1 references)
target                     prot   opt   in   out  source              destination
LOG                        all    --    *    *    0.0.0.0/0           0.0.0.0/0           limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] "

Chain ufw-after-logging-input (1 references)
target                     prot   opt   in   out  source              destination
LOG                        all    --    *    *    0.0.0.0/0           0.0.0.0/0           limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] "

Chain ufw-after-logging-output (1 references)
target                     prot   opt   in   out  source              destination

Chain ufw-after-output (1 references)
target                     prot   opt   in   out  source              destination

Chain ufw-before-forward (1 references)
target                     prot   opt   in   out  source              destination
ACCEPT                     all    --    *    *    0.0.0.0/0           0.0.0.0/0           ctstate RELATED,ESTABLISHED
ACCEPT                     all    --    wg0  *    0.0.0.0/0           0.0.0.0/0
ACCEPT                     icmp   --    *    *    0.0.0.0/0           0.0.0.0/0           icmptype 3
ACCEPT                     icmp   --    *    *    0.0.0.0/0           0.0.0.0/0           icmptype 11
ACCEPT                     icmp   --    *    *    0.0.0.0/0           0.0.0.0/0           icmptype 12
ACCEPT                     icmp   --    *    *    0.0.0.0/0           0.0.0.0/0           icmptype 8
ufw-user-forward           all    --    *    *    0.0.0.0/0           0.0.0.0/0

Chain ufw-before-input (1 references)
target                     prot   opt   in   out  source              destination
ACCEPT                     all    --    lo   *    0.0.0.0/0           0.0.0.0/0
ACCEPT                     all    --    *    *    0.0.0.0/0           0.0.0.0/0           ctstate RELATED,ESTABLISHED
ufw-logging-deny           all    --    *    *    0.0.0.0/0           0.0.0.0/0           ctstate INVALID
DROP                       all    --    *    *    0.0.0.0/0           0.0.0.0/0           ctstate INVALID
ACCEPT                     icmp   --    *    *    xxx.xxx.xxx.xxx/yy  0.0.0.0/0           icmptype 8
ACCEPT                     icmp   --    *    *    xxx.xxx.xxx.xxx/yy  0.0.0.0/0           icmptype 8
ACCEPT                     icmp   --    *    *    xxx.xxx.xxx.xxx/yy  0.0.0.0/0           icmptype 8
DROP                       icmp   --    *    *    0.0.0.0/0           0.0.0.0/0           icmptype 3
DROP                       icmp   --    *    *    0.0.0.0/0           0.0.0.0/0           icmptype 11
DROP                       icmp   --    *    *    0.0.0.0/0           0.0.0.0/0           icmptype 12
DROP                       icmp   --    *    *    0.0.0.0/0           0.0.0.0/0           icmptype 8
DROP                       udp    --    *    *    0.0.0.0/0           0.0.0.0/0           udp spt:67 dpt:68
ufw-not-local              all    --    *    *    0.0.0.0/0           0.0.0.0/0
DROP                       udp    --    *    *    0.0.0.0/0           224.0.0.251         udp dpt:5353
DROP                       udp    --    *    *    0.0.0.0/0           239.255.255.250     udp dpt:1900
ufw-user-input             all    --    *    *    0.0.0.0/0           0.0.0.0/0

Chain ufw-before-logging-forward (1 references)
target                     prot   opt   in   out  source              destination

Chain ufw-before-logging-input (1 references)
target                     prot   opt   in   out  source              destination

Chain ufw-before-logging-output (1 references)
target                     prot   opt   in   out  source              destination

Chain ufw-before-output (1 references)
target                     prot   opt   in   out  source              destination
ACCEPT                     all    --    *    lo   0.0.0.0/0           0.0.0.0/0
ACCEPT                     all    --    *    *    0.0.0.0/0           0.0.0.0/0           ctstate RELATED,ESTABLISHED
-----------------------
$ cat tst.awk
BEGIN { nf = split("0 0 27 7 6 5 5 20 20",w) }
NF && !/^Chain/ {
    for (i=3; i<=nf; i++) {
        printf "%-*s", w[i], $i
    }
    sub("^([[:space:]]*[^[:space:]]+){"nf"}[[:space:]]*","")
}
{ print }
$ cat file | awk -f tst.awk
Chain ufw-after-input (1 references)
target                     prot   opt   in   out  source              destination
ufw-skip-to-policy-input   udp    --    *    *    0.0.0.0/0           0.0.0.0/0           udp dpt:137
ufw-skip-to-policy-input   udp    --    *    *    0.0.0.0/0           0.0.0.0/0           udp dpt:138
ufw-skip-to-policy-input   tcp    --    *    *    0.0.0.0/0           0.0.0.0/0           tcp dpt:139
ufw-skip-to-policy-input   tcp    --    *    *    0.0.0.0/0           0.0.0.0/0           tcp dpt:445
ufw-skip-to-policy-input   udp    --    *    *    0.0.0.0/0           0.0.0.0/0           udp dpt:67
ufw-skip-to-policy-input   udp    --    *    *    0.0.0.0/0           0.0.0.0/0           udp dpt:68
ufw-skip-to-policy-input   all    --    *    *    xxx.xxx.xxx.xxx/yy  xxx.xxx.xxx.xxx/yy  ADDRTYPE match dst-type BROADCAST

Chain ufw-after-logging-forward (1 references)
target                     prot   opt   in   out  source              destination
LOG                        all    --    *    *    xxx.xxx.xxx.xxx/yy  xxx.xxx.xxx.xxx/yy  limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] "
$ awk -f tst.awk file
Chain INPUT (policy DROP 35 packets, 1771 bytes)
target                     prot   opt   in   out  source              destination
ufw-before-logging-input   all    --    *    *    0.0.0.0/0           0.0.0.0/0
ufw-before-input           all    --    *    *    0.0.0.0/0           0.0.0.0/0
ufw-after-input            all    --    *    *    0.0.0.0/0           0.0.0.0/0
ufw-after-logging-input    all    --    *    *    0.0.0.0/0           0.0.0.0/0
ufw-reject-input           all    --    *    *    0.0.0.0/0           0.0.0.0/0
ufw-track-input            all    --    *    *    0.0.0.0/0           0.0.0.0/0

Chain FORWARD (policy DROP 0 packets, 0 bytes)
target                     prot   opt   in   out  source              destination
ufw-before-logging-forward all    --    *    *    0.0.0.0/0           0.0.0.0/0
ufw-before-forward         all    --    *    *    0.0.0.0/0           0.0.0.0/0
ufw-after-forward          all    --    *    *    0.0.0.0/0           0.0.0.0/0
ufw-after-logging-forward  all    --    *    *    0.0.0.0/0           0.0.0.0/0
ufw-reject-forward         all    --    *    *    0.0.0.0/0           0.0.0.0/0
ufw-track-forward          all    --    *    *    0.0.0.0/0           0.0.0.0/0

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
target                     prot   opt   in   out  source              destination
ufw-before-logging-output  all    --    *    *    0.0.0.0/0           0.0.0.0/0
ufw-before-output          all    --    *    *    0.0.0.0/0           0.0.0.0/0
ufw-after-output           all    --    *    *    0.0.0.0/0           0.0.0.0/0
ufw-after-logging-output   all    --    *    *    0.0.0.0/0           0.0.0.0/0
ufw-reject-output          all    --    *    *    0.0.0.0/0           0.0.0.0/0
ufw-track-output           all    --    *    *    0.0.0.0/0           0.0.0.0/0

Chain ufw-after-forward (1 references)
target                     prot   opt   in   out  source              destination

Chain ufw-after-input (1 references)
target                     prot   opt   in   out  source              destination
ufw-skip-to-policy-input   udp    --    *    *    0.0.0.0/0           0.0.0.0/0           udp dpt:137
ufw-skip-to-policy-input   udp    --    *    *    0.0.0.0/0           0.0.0.0/0           udp dpt:138
ufw-skip-to-policy-input   tcp    --    *    *    0.0.0.0/0           0.0.0.0/0           tcp dpt:139
ufw-skip-to-policy-input   tcp    --    *    *    0.0.0.0/0           0.0.0.0/0           tcp dpt:445
ufw-skip-to-policy-input   udp    --    *    *    0.0.0.0/0           0.0.0.0/0           udp dpt:67
ufw-skip-to-policy-input   udp    --    *    *    0.0.0.0/0           0.0.0.0/0           udp dpt:68
ufw-skip-to-policy-input   all    --    *    *    0.0.0.0/0           0.0.0.0/0           ADDRTYPE match dst-type BROADCAST

Chain ufw-after-logging-forward (1 references)
target                     prot   opt   in   out  source              destination
LOG                        all    --    *    *    0.0.0.0/0           0.0.0.0/0           limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] "

Chain ufw-after-logging-input (1 references)
target                     prot   opt   in   out  source              destination
LOG                        all    --    *    *    0.0.0.0/0           0.0.0.0/0           limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] "

Chain ufw-after-logging-output (1 references)
target                     prot   opt   in   out  source              destination

Chain ufw-after-output (1 references)
target                     prot   opt   in   out  source              destination

Chain ufw-before-forward (1 references)
target                     prot   opt   in   out  source              destination
ACCEPT                     all    --    *    *    0.0.0.0/0           0.0.0.0/0           ctstate RELATED,ESTABLISHED
ACCEPT                     all    --    wg0  *    0.0.0.0/0           0.0.0.0/0
ACCEPT                     icmp   --    *    *    0.0.0.0/0           0.0.0.0/0           icmptype 3
ACCEPT                     icmp   --    *    *    0.0.0.0/0           0.0.0.0/0           icmptype 11
ACCEPT                     icmp   --    *    *    0.0.0.0/0           0.0.0.0/0           icmptype 12
ACCEPT                     icmp   --    *    *    0.0.0.0/0           0.0.0.0/0           icmptype 8
ufw-user-forward           all    --    *    *    0.0.0.0/0           0.0.0.0/0

Chain ufw-before-input (1 references)
target                     prot   opt   in   out  source              destination
ACCEPT                     all    --    lo   *    0.0.0.0/0           0.0.0.0/0
ACCEPT                     all    --    *    *    0.0.0.0/0           0.0.0.0/0           ctstate RELATED,ESTABLISHED
ufw-logging-deny           all    --    *    *    0.0.0.0/0           0.0.0.0/0           ctstate INVALID
DROP                       all    --    *    *    0.0.0.0/0           0.0.0.0/0           ctstate INVALID
ACCEPT                     icmp   --    *    *    xxx.xxx.xxx.xxx/yy  0.0.0.0/0           icmptype 8
ACCEPT                     icmp   --    *    *    xxx.xxx.xxx.xxx/yy  0.0.0.0/0           icmptype 8
ACCEPT                     icmp   --    *    *    xxx.xxx.xxx.xxx/yy  0.0.0.0/0           icmptype 8
DROP                       icmp   --    *    *    0.0.0.0/0           0.0.0.0/0           icmptype 3
DROP                       icmp   --    *    *    0.0.0.0/0           0.0.0.0/0           icmptype 11
DROP                       icmp   --    *    *    0.0.0.0/0           0.0.0.0/0           icmptype 12
DROP                       icmp   --    *    *    0.0.0.0/0           0.0.0.0/0           icmptype 8
DROP                       udp    --    *    *    0.0.0.0/0           0.0.0.0/0           udp spt:67 dpt:68
ufw-not-local              all    --    *    *    0.0.0.0/0           0.0.0.0/0
DROP                       udp    --    *    *    0.0.0.0/0           224.0.0.251         udp dpt:5353
DROP                       udp    --    *    *    0.0.0.0/0           239.255.255.250     udp dpt:1900
ufw-user-input             all    --    *    *    0.0.0.0/0           0.0.0.0/0

Chain ufw-before-logging-forward (1 references)
target                     prot   opt   in   out  source              destination

Chain ufw-before-logging-input (1 references)
target                     prot   opt   in   out  source              destination

Chain ufw-before-logging-output (1 references)
target                     prot   opt   in   out  source              destination

Chain ufw-before-output (1 references)
target                     prot   opt   in   out  source              destination
ACCEPT                     all    --    *    lo   0.0.0.0/0           0.0.0.0/0
ACCEPT                     all    --    *    *    0.0.0.0/0           0.0.0.0/0           ctstate RELATED,ESTABLISHED
-----------------------
$ cat tst.awk
BEGIN { nf = split("0 0 27 7 6 5 5 20 20",w) }
NF && !/^Chain/ {
    for (i=3; i<=nf; i++) {
        printf "%-*s", w[i], $i
    }
    sub("^([[:space:]]*[^[:space:]]+){"nf"}[[:space:]]*","")
}
{ print }
$ cat file | awk -f tst.awk
Chain ufw-after-input (1 references)
target                     prot   opt   in   out  source              destination
ufw-skip-to-policy-input   udp    --    *    *    0.0.0.0/0           0.0.0.0/0           udp dpt:137
ufw-skip-to-policy-input   udp    --    *    *    0.0.0.0/0           0.0.0.0/0           udp dpt:138
ufw-skip-to-policy-input   tcp    --    *    *    0.0.0.0/0           0.0.0.0/0           tcp dpt:139
ufw-skip-to-policy-input   tcp    --    *    *    0.0.0.0/0           0.0.0.0/0           tcp dpt:445
ufw-skip-to-policy-input   udp    --    *    *    0.0.0.0/0           0.0.0.0/0           udp dpt:67
ufw-skip-to-policy-input   udp    --    *    *    0.0.0.0/0           0.0.0.0/0           udp dpt:68
ufw-skip-to-policy-input   all    --    *    *    xxx.xxx.xxx.xxx/yy  xxx.xxx.xxx.xxx/yy  ADDRTYPE match dst-type BROADCAST

Chain ufw-after-logging-forward (1 references)
target                     prot   opt   in   out  source              destination
LOG                        all    --    *    *    xxx.xxx.xxx.xxx/yy  xxx.xxx.xxx.xxx/yy  limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] "
$ awk -f tst.awk file
Chain INPUT (policy DROP 35 packets, 1771 bytes)
target                     prot   opt   in   out  source              destination
ufw-before-logging-input   all    --    *    *    0.0.0.0/0           0.0.0.0/0
ufw-before-input           all    --    *    *    0.0.0.0/0           0.0.0.0/0
ufw-after-input            all    --    *    *    0.0.0.0/0           0.0.0.0/0
ufw-after-logging-input    all    --    *    *    0.0.0.0/0           0.0.0.0/0
ufw-reject-input           all    --    *    *    0.0.0.0/0           0.0.0.0/0
ufw-track-input            all    --    *    *    0.0.0.0/0           0.0.0.0/0

Chain FORWARD (policy DROP 0 packets, 0 bytes)
target                     prot   opt   in   out  source              destination
ufw-before-logging-forward all    --    *    *    0.0.0.0/0           0.0.0.0/0
ufw-before-forward         all    --    *    *    0.0.0.0/0           0.0.0.0/0
ufw-after-forward          all    --    *    *    0.0.0.0/0           0.0.0.0/0
ufw-after-logging-forward  all    --    *    *    0.0.0.0/0           0.0.0.0/0
ufw-reject-forward         all    --    *    *    0.0.0.0/0           0.0.0.0/0
ufw-track-forward          all    --    *    *    0.0.0.0/0           0.0.0.0/0

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
target                     prot   opt   in   out  source              destination
ufw-before-logging-output  all    --    *    *    0.0.0.0/0           0.0.0.0/0
ufw-before-output          all    --    *    *    0.0.0.0/0           0.0.0.0/0
ufw-after-output           all    --    *    *    0.0.0.0/0           0.0.0.0/0
ufw-after-logging-output   all    --    *    *    0.0.0.0/0           0.0.0.0/0
ufw-reject-output          all    --    *    *    0.0.0.0/0           0.0.0.0/0
ufw-track-output           all    --    *    *    0.0.0.0/0           0.0.0.0/0

Chain ufw-after-forward (1 references)
target                     prot   opt   in   out  source              destination

Chain ufw-after-input (1 references)
target                     prot   opt   in   out  source              destination
ufw-skip-to-policy-input   udp    --    *    *    0.0.0.0/0           0.0.0.0/0           udp dpt:137
ufw-skip-to-policy-input   udp    --    *    *    0.0.0.0/0           0.0.0.0/0           udp dpt:138
ufw-skip-to-policy-input   tcp    --    *    *    0.0.0.0/0           0.0.0.0/0           tcp dpt:139
ufw-skip-to-policy-input   tcp    --    *    *    0.0.0.0/0           0.0.0.0/0           tcp dpt:445
ufw-skip-to-policy-input   udp    --    *    *    0.0.0.0/0           0.0.0.0/0           udp dpt:67
ufw-skip-to-policy-input   udp    --    *    *    0.0.0.0/0           0.0.0.0/0           udp dpt:68
ufw-skip-to-policy-input   all    --    *    *    0.0.0.0/0           0.0.0.0/0           ADDRTYPE match dst-type BROADCAST

Chain ufw-after-logging-forward (1 references)
target                     prot   opt   in   out  source              destination
LOG                        all    --    *    *    0.0.0.0/0           0.0.0.0/0           limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] "

Chain ufw-after-logging-input (1 references)
target                     prot   opt   in   out  source              destination
LOG                        all    --    *    *    0.0.0.0/0           0.0.0.0/0           limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] "

Chain ufw-after-logging-output (1 references)
target                     prot   opt   in   out  source              destination

Chain ufw-after-output (1 references)
target                     prot   opt   in   out  source              destination

Chain ufw-before-forward (1 references)
target                     prot   opt   in   out  source              destination
ACCEPT                     all    --    *    *    0.0.0.0/0           0.0.0.0/0           ctstate RELATED,ESTABLISHED
ACCEPT                     all    --    wg0  *    0.0.0.0/0           0.0.0.0/0
ACCEPT                     icmp   --    *    *    0.0.0.0/0           0.0.0.0/0           icmptype 3
ACCEPT                     icmp   --    *    *    0.0.0.0/0           0.0.0.0/0           icmptype 11
ACCEPT                     icmp   --    *    *    0.0.0.0/0           0.0.0.0/0           icmptype 12
ACCEPT                     icmp   --    *    *    0.0.0.0/0           0.0.0.0/0           icmptype 8
ufw-user-forward           all    --    *    *    0.0.0.0/0           0.0.0.0/0

Chain ufw-before-input (1 references)
target                     prot   opt   in   out  source              destination
ACCEPT                     all    --    lo   *    0.0.0.0/0           0.0.0.0/0
ACCEPT                     all    --    *    *    0.0.0.0/0           0.0.0.0/0           ctstate RELATED,ESTABLISHED
ufw-logging-deny           all    --    *    *    0.0.0.0/0           0.0.0.0/0           ctstate INVALID
DROP                       all    --    *    *    0.0.0.0/0           0.0.0.0/0           ctstate INVALID
ACCEPT                     icmp   --    *    *    xxx.xxx.xxx.xxx/yy  0.0.0.0/0           icmptype 8
ACCEPT                     icmp   --    *    *    xxx.xxx.xxx.xxx/yy  0.0.0.0/0           icmptype 8
ACCEPT                     icmp   --    *    *    xxx.xxx.xxx.xxx/yy  0.0.0.0/0           icmptype 8
DROP                       icmp   --    *    *    0.0.0.0/0           0.0.0.0/0           icmptype 3
DROP                       icmp   --    *    *    0.0.0.0/0           0.0.0.0/0           icmptype 11
DROP                       icmp   --    *    *    0.0.0.0/0           0.0.0.0/0           icmptype 12
DROP                       icmp   --    *    *    0.0.0.0/0           0.0.0.0/0           icmptype 8
DROP                       udp    --    *    *    0.0.0.0/0           0.0.0.0/0           udp spt:67 dpt:68
ufw-not-local              all    --    *    *    0.0.0.0/0           0.0.0.0/0
DROP                       udp    --    *    *    0.0.0.0/0           224.0.0.251         udp dpt:5353
DROP                       udp    --    *    *    0.0.0.0/0           239.255.255.250     udp dpt:1900
ufw-user-input             all    --    *    *    0.0.0.0/0           0.0.0.0/0

Chain ufw-before-logging-forward (1 references)
target                     prot   opt   in   out  source              destination

Chain ufw-before-logging-input (1 references)
target                     prot   opt   in   out  source              destination

Chain ufw-before-logging-output (1 references)
target                     prot   opt   in   out  source              destination

Chain ufw-before-output (1 references)
target                     prot   opt   in   out  source              destination
ACCEPT                     all    --    *    lo   0.0.0.0/0           0.0.0.0/0
ACCEPT                     all    --    *    *    0.0.0.0/0           0.0.0.0/0           ctstate RELATED,ESTABLISHED
-----------------------
#!/usr/bin/env bash

#
# Pretty-print iptables(8) output.
#
# source:
# https://gitlab.com/johnnyutahh/swmisc/-/blob/master/sysadmin/networking/iptables/iptables-list-pretty.sh
#
# (The following script was Ubuntu-18.04 tested on 2020-05-17.)
#

# Derivered from
# https://www.reddit.com/r/bash/comments/gl61yb/selectively_remove_unnecessary_column_whitespace/fqw19tv

# Adjust these values to resize column widths
column_widths=(0 0 27 5 4 8 8 17 17)

iptables_align()
{
  while read line; do
    if [[ $line =~ Chain ]]; then
      echo "$line"
    else
      line=${line//\*/\\\*}
      array=($line)
      for n in {2..8}; do
        w=${column_widths[$n]}
         printf "%-${w}s" "${array[$n]}"
      done
      lastcol_with_spaces_in_content=("${array[@]:9}")
      printf "%s" "${lastcol_with_spaces_in_content[*]}"
      echo
    fi
  done
}

iptables -nvL | iptables_align | sed -s 's|\\\*|* |g' | less

Reacting accuracy: 0.0000e+00 in Keras Model

copy iconCopydownload iconDownload
x_train = (x_train - np.max(x_train))/(np.max(x_train) - np.min(x_train))
y_train = np.array(y_train, dtype = 'float32')
df.loc[(df.Label == "ddos"), "Label"] = 1.
df.loc[(df.Label == "Benign"), "Label"] = 0.
-----------------------
x_train = (x_train - np.max(x_train))/(np.max(x_train) - np.min(x_train))
y_train = np.array(y_train, dtype = 'float32')
df.loc[(df.Label == "ddos"), "Label"] = 1.
df.loc[(df.Label == "Benign"), "Label"] = 0.

write columns of data in a txt file in a row/line

copy iconCopydownload iconDownload
In [1038]: with open(filename, 'r') as f: 
      ...:     lines = f.readlines() 
      ...:                            

In [1039]: lines                                                                                                                                                                                            
Out[1039]: ['2\n', '1\n', '0\n', '0\n', '2\n', '0\n', '1\n', '2\n', '1\n']

In [1040]: lines = [item.strip() for item in lines] 

In [1038]: with open(filename_to_write, 'w') as f: 
      ...:     f.write(','.join(lines))
      ...:                            
with open(infile, mode='r') as in_file, \
     open(outfile, mode='w') as out_file:

    lines = infile.readlines() 
    lines = [item.strip() for item in lines] 
    out_file.write(','.join(lines))
-----------------------
In [1038]: with open(filename, 'r') as f: 
      ...:     lines = f.readlines() 
      ...:                            

In [1039]: lines                                                                                                                                                                                            
Out[1039]: ['2\n', '1\n', '0\n', '0\n', '2\n', '0\n', '1\n', '2\n', '1\n']

In [1040]: lines = [item.strip() for item in lines] 

In [1038]: with open(filename_to_write, 'w') as f: 
      ...:     f.write(','.join(lines))
      ...:                            
with open(infile, mode='r') as in_file, \
     open(outfile, mode='w') as out_file:

    lines = infile.readlines() 
    lines = [item.strip() for item in lines] 
    out_file.write(','.join(lines))

Community Discussions

Trending Discussions on pkts
  • eBPF: 'bpf_map_update()' returns the 'invalid indirect read from stack' error
  • Fail to curl webserver on port 80 (using Nginx)
  • Cannot use testpmd to send pkts to VM in qemu process though virtio
  • How to modify scapy packet payload
  • Running F-stack DPDK executable - Unsupported Rx multi queue mode 1
  • pktgen cannot send packet in ovs dpdk scenario
  • DPDK 20.11 - IPv4 Fragmentation - indirect pool gets exhausted
  • Is there a way to configure Docker's embedded DNS server's upstream nameserver's port?
  • scrape docker metrics from inside container
  • dpdk testpmd packet forwarding huge amount of packet drop with fm10420 NIC (fm10k)
Trending Discussions on pkts

QUESTION

eBPF: 'bpf_map_update()' returns the 'invalid indirect read from stack' error

Asked 2022-Mar-22 at 22:28

I have an eBPF program with the following map definitions:

struct bpf_map_def SEC("maps") servers = {
    .type = BPF_MAP_TYPE_HASH,
    .key_size = sizeof(struct ip_key),
    .value_size = sizeof(struct dest_info),
    .max_entries = MAX_SERVERS,
};

struct bpf_map_def SEC("maps") client_addrs = {
    .type = BPF_MAP_TYPE_HASH,
    .key_size = sizeof(struct port_key),
    .value_size = sizeof(struct client_port_addr),
    .max_entries = MAX_CLIENTS,
};

where the struct definitions are as below:

struct port_key {
    __u16 port;
    __u16 pad[3];
};

struct ip_key {
    __u32 key;
    __u32 pad;
};

struct dest_info {
    __u32 saddr;
    __u32 daddr;
    __u64 bytes;
    __u64 pkts;
    __u8 dmac[6];
    __u16 pad;
};

struct client_port_addr {
    __u32 client_ip;
    __u8 dmac[6];
    __u16 pad[3];
};

The program itself, after the pointer verifications and initial checks, is shown below.

struct port_key key = {0};
struct client_port_addr val;
key.port = udp->source;
val.client_ip = iph->saddr;
memcpy (val.dmac, eth->h_source, 6 * sizeof(__u8));
bpf_map_update_elem(&client_addrs, &key, &val, BPF_ANY);
iph->saddr = IP_ADDRESS(BALANCER);
iph->daddr = dest_tnl->daddr;
memcpy (eth->h_source, eth->h_dest, 6 * sizeof(__u8));
memcpy (eth->h_dest, dest_tnl->dmac, 6 * sizeof(__u8));

So, the problem is that I use bpf_map_update() in my code, but while using it, I get the invalid indirect read from the stack error as shown below.

libbpf: 
0: (bf) r6 = r1
1: (61) r9 = *(u32 *)(r6 +4)
2: (61) r7 = *(u32 *)(r6 +0)
3: (18) r1 = 0xffffa59ac00b6000
5: (b7) r2 = 24
6: (85) call bpf_trace_printk#6
 R1_w=map_value(id=0,off=0,ks=4,vs=50,imm=0) R2_w=inv24 R6_w=ctx(id=0,off=0,imm=0) R7_w=pkt(id=0,off=0,r=0,imm=0) R9_w=pkt_end(id=0,off=0,imm=0) R10=fp0
last_idx 6 first_idx 0
regs=4 stack=0 before 5: (b7) r2 = 24
7: (b7) r8 = 1
8: (bf) r1 = r7
9: (07) r1 += 14
10: (2d) if r1 > r9 goto pc+130
 R0_w=inv(id=0) R1_w=pkt(id=0,off=14,r=14,imm=0) R6_w=ctx(id=0,off=0,imm=0) R7_w=pkt(id=0,off=0,r=14,imm=0) R8_w=inv1 R9_w=pkt_end(id=0,off=0,imm=0) R10=fp0
11: (71) r1 = *(u8 *)(r7 +12)
12: (71) r2 = *(u8 *)(r7 +13)
13: (67) r2 <<= 8
14: (4f) r2 |= r1
15: (b7) r8 = 2
16: (55) if r2 != 0x8 goto pc+124
 R0=inv(id=0) R1=inv(id=0,umax_value=255,var_off=(0x0; 0xff)) R2=inv8 R6=ctx(id=0,off=0,imm=0) R7=pkt(id=0,off=0,r=14,imm=0) R8=inv2 R9=pkt_end(id=0,off=0,imm=0) R10=fp0
17: (61) r7 = *(u32 *)(r6 +4)
18: (61) r9 = *(u32 *)(r6 +0)
19: (bf) r6 = r9
20: (07) r6 += 14
21: (b7) r8 = 1
22: (2d) if r6 > r7 goto pc+118
 R0=inv(id=0) R1=inv(id=0,umax_value=255,var_off=(0x0; 0xff)) R2=inv8 R6_w=pkt(id=0,off=14,r=14,imm=0) R7_w=pkt_end(id=0,off=0,imm=0) R8_w=inv1 R9_w=pkt(id=0,off=0,r=14,imm=0) R10=fp0
23: (bf) r1 = r9
24: (07) r1 += 34
25: (b7) r8 = 1
26: (2d) if r1 > r7 goto pc+114
 R0=inv(id=0) R1=pkt(id=0,off=34,r=34,imm=0) R2=inv8 R6=pkt(id=0,off=14,r=34,imm=0) R7=pkt_end(id=0,off=0,imm=0) R8=inv1 R9=pkt(id=0,off=0,r=34,imm=0) R10=fp0
27: (71) r1 = *(u8 *)(r6 +0)
28: (57) r1 &= 15
29: (b7) r8 = 1
30: (55) if r1 != 0x5 goto pc+110
 R0=inv(id=0) R1_w=inv5 R2=inv8 R6=pkt(id=0,off=14,r=34,imm=0) R7=pkt_end(id=0,off=0,imm=0) R8_w=inv1 R9=pkt(id=0,off=0,r=34,imm=0) R10=fp0
31: (61) r3 = *(u32 *)(r9 +26)
32: (18) r1 = 0xffffa59ac00b6018
34: (b7) r2 = 26
35: (85) call bpf_trace_printk#6
 R0=inv(id=0) R1_w=map_value(id=0,off=24,ks=4,vs=50,imm=0) R2_w=inv26 R3_w=inv(id=0,umax_value=4294967295,var_off=(0x0; 0xffffffff)) R6=pkt(id=0,off=14,r=34,imm=0) R7=pkt_end(id=0,off=0,imm=0) R8_w=inv1 R9=pkt(id=0,off=0,r=34,imm=0) R10=fp0
last_idx 35 first_idx 26
regs=4 stack=0 before 34: (b7) r2 = 26
36: (69) r1 = *(u16 *)(r9 +20)
37: (57) r1 &= 65343
38: (b7) r8 = 1
39: (55) if r1 != 0x0 goto pc+101
 R0=inv(id=0) R1_w=inv0 R6=pkt(id=0,off=14,r=34,imm=0) R7=pkt_end(id=0,off=0,imm=0) R8_w=inv1 R9=pkt(id=0,off=0,r=34,imm=0) R10=fp0
40: (71) r1 = *(u8 *)(r9 +23)
41: (b7) r8 = 2
42: (55) if r1 != 0x11 goto pc+98
 R0=inv(id=0) R1_w=inv17 R6=pkt(id=0,off=14,r=34,imm=0) R7=pkt_end(id=0,off=0,imm=0) R8_w=inv2 R9=pkt(id=0,off=0,r=34,imm=0) R10=fp0
43: (bf) r1 = r9
44: (07) r1 += 42
45: (b7) r8 = 1
46: (2d) if r1 > r7 goto pc+94
 R0=inv(id=0) R1=pkt(id=0,off=42,r=42,imm=0) R6=pkt(id=0,off=14,r=42,imm=0) R7=pkt_end(id=0,off=0,imm=0) R8=inv1 R9=pkt(id=0,off=0,r=42,imm=0) R10=fp0
47: (b7) r8 = 0
48: (7b) *(u64 *)(r10 -8) = r8
last_idx 48 first_idx 46
regs=100 stack=0 before 47: (b7) r8 = 0
49: (bf) r2 = r10
50: (07) r2 += -8
51: (18) r1 = 0xffff9a7bed1bc000
53: (85) call bpf_map_lookup_elem#1
54: (bf) r7 = r0
55: (15) if r7 == 0x0 goto pc+85
 R0=map_value(id=0,off=0,ks=8,vs=32,imm=0) R6=pkt(id=0,off=14,r=42,imm=0) R7=map_value(id=0,off=0,ks=8,vs=32,imm=0) R8=invP0 R9=pkt(id=0,off=0,r=42,imm=0) R10=fp0 fp-8=mmmmmmmm
56: (b7) r8 = 0
57: (7b) *(u64 *)(r10 -16) = r8
last_idx 57 first_idx 55
regs=100 stack=0 before 56: (b7) r8 = 0
58: (69) r1 = *(u16 *)(r9 +34)
59: (6b) *(u16 *)(r10 -16) = r1
60: (61) r1 = *(u32 *)(r9 +26)
61: (63) *(u32 *)(r10 -32) = r1
62: (71) r1 = *(u8 *)(r9 +11)
63: (73) *(u8 *)(r10 -23) = r1
64: (71) r1 = *(u8 *)(r9 +10)
65: (73) *(u8 *)(r10 -24) = r1
66: (71) r1 = *(u8 *)(r9 +7)
67: (67) r1 <<= 8
68: (71) r2 = *(u8 *)(r9 +6)
69: (4f) r1 |= r2
70: (71) r2 = *(u8 *)(r9 +9)
71: (67) r2 <<= 8
72: (71) r3 = *(u8 *)(r9 +8)
73: (4f) r2 |= r3
74: (67) r2 <<= 16
75: (4f) r2 |= r1
76: (63) *(u32 *)(r10 -28) = r2
77: (bf) r2 = r10
78: (07) r2 += -16
79: (bf) r3 = r10
80: (07) r3 += -32
81: (18) r1 = 0xffff9a7bed1bf400
83: (b7) r4 = 0
84: (85) call bpf_map_update_elem#2
invalid indirect read from stack R3 off -32+10 size 16
processed 81 insns (limit 1000000) max_states_per_insn 0 total_states 5 peak_states 5 mark_read 2

libbpf: -- END LOG --
libbpf: failed to load program 'loadbal'

All of the defined structs for keys and values are padded to their next multiple of 8 bytes. Since I could not find any useful and descriptive explanation on my issue, explanations of this topic and maybe even a bit of detail are much appreciated.

Please let me know if you need more information.

ANSWER

Answered 2022-Mar-22 at 22:28

The verifier complains because your code is trying to read uninitialised data from the stack, in particular in your variable val.

If we look at your code:

struct client_port_addr {
    __u32 client_ip;
    __u8 dmac[6];
    __u16 pad[3];
};

struct client_port_addr val;
[...]
val.client_ip = iph->saddr;                                  // val.client_ip
memcpy (val.dmac, eth->h_source, 6 * sizeof(__u8));          // val.dmac
                                                             // val.pad where??
bpf_map_update_elem(&client_addrs, &key, &val, BPF_ANY);

You initialised val.client_ip, and val.dmac, but val.pad is never initialised. When you pass val to bpf_map_update_elem(), the eBPF verifier realises that the helper function might read this variable which contains uninitialised memory from kernel space. This is a security risk, therefore, the verifier rejects the program.

To fix the issue, make sure you initialise the memory before using it. You have at least three ways to do so:

  • You could initialise val when declaring it, like for your key:
struct client_port_addr val = {0};
This should work in your case, but is not generally recommended, because this will set all fields to 0 but if your struct contains padding that was not explicitely added, it may remain uninitialised.
  • In your case, you could fill val.pad with zeroes with memcpy(). Same as the first option, this won't help if the compiler pads your struct.
  • The safest option would be to memset() the struct after declaring it:
  • struct client_port_addr val;
    
    memset(&val, 0, sizeof(val));
    
    Then you can fill the relevant fields of the struct, and pass it to the map update helper.

    Source https://stackoverflow.com/questions/71529801

    Community Discussions, Code Snippets contain sources that include Stack Exchange Network

    Vulnerabilities

    No vulnerabilities reported

    Install pkts

    You can download it from GitHub, Maven.
    You can use pkts like any standard Java library. Please include the the jar files in your classpath. You can also use any IDE and you can run and debug the pkts component as you would do with any other Java program. Best practice is to use a build tool that supports dependency management such as Maven or Gradle. For Maven installation, please refer maven.apache.org. For Gradle installation, please refer gradle.org .

    Support

    For any new features, suggestions and bugs create an issue on GitHub. If you have any questions check and ask questions on community page Stack Overflow .

    DOWNLOAD this Library from

    Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from
    over 430 million Knowledge Items
    Find more libraries
    Reuse Solution Kits and Libraries Curated by Popular Use Cases

    Save this library and start creating your kit

    Explore Related Topics

    Share this Page

    share link
    Try Top Libraries by aboutsip
    Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from
    over 430 million Knowledge Items
    Find more libraries
    Reuse Solution Kits and Libraries Curated by Popular Use Cases

    Save this library and start creating your kit

    • © 2022 Open Weaver Inc.