Linux network filter base on ebpf tc
./tc-filter --help
Usage of ./tc-filter:
-drop-skb
drop filtered skb
-filter-dst-ip string
filter destination IP addr
-filter-dst-port value
filter destination port
-filter-if string
filter net interface
-filter-port value
filter either destination or source port
-filter-proto string
filter L4 protocol (tcp, udp, icmp)
-filter-src-ip string
filter source IP addr
-filter-src-port value
filter source port
-kernel-btf string
specify kernel BTF filetc-filter requires >= 5.8 kernel to run.
install bpf2go
go install github.com/cilium/ebpf/cmd/bpf2go@latestmount kernel debug folder
mount -t debugfs debugfs /sys/kernel/debugre-generate bpf header files
ebpf/headers/update.sh
re-generate go file
make
run program
sudo ./tc-filter