Re: [PATCH] samples/bpf: Add sample usage for BPF_PROG_TYPE_NETFILTER

From: Alexei Starovoitov
Date: Mon Sep 04 2023 - 17:01:43 EST

Next message: Linus Torvalds: "Re: [GIT PULL] MFD for v6.6"
Previous message: Vladimir Oltean: "Re: [PATCH v3 RFC 4/4] net: dsa: hsr: Provide generic HSR ksz_hsr_{join|leave} functions"
In reply to: David Wang: "[no subject]"
Next in thread: David Wang: "Re: [PATCH] samples/bpf: Add sample usage for BPF_PROG_TYPE_NETFILTER"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Sep 4, 2023 at 3:49 AM Florian Westphal <fw@xxxxxxxxx> wrote:
>
> David Wang <00107082@xxxxxxx> wrote:
> > This sample code implements a simple ipv4
> > blacklist via the new bpf type BPF_PROG_TYPE_NETFILTER,
> > which was introduced in 6.4.
> >
> > The bpf program drops package if destination ip address
> > hits a match in the map of type BPF_MAP_TYPE_LPM_TRIE,
> >
> > The userspace code would load the bpf program,
> > attach it to netfilter's FORWARD/OUTPUT hook,
> > and then write ip patterns into the bpf map.
>
> Thanks, I think its good to have this.

Yes, but only in selftests/bpf.
samples/bpf/ are not tested and bit rot heavily.

Next message: Linus Torvalds: "Re: [GIT PULL] MFD for v6.6"
Previous message: Vladimir Oltean: "Re: [PATCH v3 RFC 4/4] net: dsa: hsr: Provide generic HSR ksz_hsr_{join|leave} functions"
In reply to: David Wang: "[no subject]"
Next in thread: David Wang: "Re: [PATCH] samples/bpf: Add sample usage for BPF_PROG_TYPE_NETFILTER"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]