0

I was playing with the classic BPF to filter something on a netlink socket and found that there's no simple stats available to verify if the packet has been dropped or allowed.

So I looked at https://elixir.bootlin.com/linux/latest/source/net/core/filter.c#L90 and yes, it executes the filter bpf program but does not update anything that would tell me in the user space (via /proc FS for instance) whether the filter has dropped a packet or not. This would simplify the debugging of cBPF filters.

Is it expected, or I'm missing something?

pchaigno
  • 11,313
  • 2
  • 29
  • 54
Mark
  • 6,052
  • 8
  • 61
  • 129

1 Answers1

1

As far as I can tell, you're right, there are no statistics associated with BPF programs attached to sockets. If you want such statistics, you'll have to compute them yourself, with a eBPF program and a map.

As far as I know, the XDP hook is the only hook that comes with statistics (through ethtool).

pchaigno
  • 11,313
  • 2
  • 29
  • 54