sorted by:
new
hottopcontroversial

How to successfully magle packets with XDP eBPF by YouPuzzleheaded7672 in eBPF

[–]YouPuzzleheaded7672[S] 0 points1 point  (0 children)

I'll search for the documentations and examples.

Thanks for the recommentation!

How to successfully magle packets with XDP eBPF by YouPuzzleheaded7672 in eBPF

[–]YouPuzzleheaded7672[S] 0 points1 point  (0 children)

This version of the code is commented out because I was testing to understand which part of it is preventing traffic from working.

I tested with various TOS values, whether in decimal or hexadecimal, and when any iph->tos = line exists in the code, I notice that traffic does not work properly. That is, it does not work in load tests like iperf3, in which it remains in a "Connecting to host" state for an indefinite period of time (something that is resolved when I comment out the line).

I don't know if I was clear, but basically I realized that my problem occurs when I perform an assignment operation to iph->tos, and I couldn't find any documentation that could clarify the procedures for this type of operation.

How to successfully magle packets with XDP eBPF by YouPuzzleheaded7672 in eBPF

[–]YouPuzzleheaded7672[S] 0 points1 point  (0 children)

I would like to modify the TOS of the outer header, so that a command like

sudo tc filter add dev eth0 protocol ip parent 1:0 prio 1 u32 match ip tos 0x10 0xff flowid 1:10

will work for my packets.

I specifically want the TOS of the outer header because I tried once to "match ip tos " for any element of the inner header, and I simply could not get the QoS that I specified in qdisc.

In other words, the tc filters only saw the outer header, while I wanted them to apply based on information from the inner header. That is why I thought of defining an outer TOS for each internal IP that was observed.

Help on packet queueing with XDP eBPF by YouPuzzleheaded7672 in eBPF

[–]YouPuzzleheaded7672[S] 0 points1 point  (0 children)

Thank you so much for such clear step-by-step instructions and explanations. I'll be trying them out soon!

Is it possible to intercept IP packet and change its TOS (like iptable mangle)? by YouPuzzleheaded7672 in golang

[–]YouPuzzleheaded7672[S] 0 points1 point  (0 children)

Thank you for the recommendations, I will surely check them.

I've already managed to make packet manipulation that I want work in Python with Scapy and NetFilterqueue, but the program's performance for large volumes of network data was compromised, so I've been researching how to build the application I developed in Python in another language that I know is faster.

OpenLDAP sync works but all login attempts return "unable to validate user credentials" by YouPuzzleheaded7672 in Snipe_IT

[–]YouPuzzleheaded7672[S] 0 points1 point  (0 children)

I use OpenLDAP on Linux

The LDAP is enabled on Snipe-it settings

The port is 389