diff --git a/common/consts/ebpf.go b/common/consts/ebpf.go index 0c52666d3..40e0bc62a 100644 --- a/common/consts/ebpf.go +++ b/common/consts/ebpf.go @@ -155,6 +155,7 @@ var ( ProgTypeSkLookupFeatureVersion = internal.Version{5, 9, 0} SockmapFeatureVersion = internal.Version{5, 10, 0} UserspaceBatchUpdateLpmTrieFeatureVersion = internal.Version{5, 13, 0} + HelperBpfGetFuncIpVersionFeatureVersion = internal.Version{5, 15, 0} ) const ( diff --git a/control/kern/headers b/control/kern/headers index e4da1c960..79f0a7618 160000 --- a/control/kern/headers +++ b/control/kern/headers @@ -1 +1 @@ -Subproject commit e4da1c9601e1c3797d02c481a462b66588477495 +Subproject commit 79f0a7618571882eb5d8243909267e27e34c8290 diff --git a/control/kern/tproxy.c b/control/kern/tproxy.c index e234e9ce0..1b68e528c 100644 --- a/control/kern/tproxy.c +++ b/control/kern/tproxy.c @@ -1073,7 +1073,7 @@ int tproxy_lan_ingress(struct __sk_buff *skb) // Assign to control plane. control_plane: prep_redirect_to_control_plane(skb, link_h_len, &tuples, l4proto, ðh, 0, &tcph); - return bpf_redirect_peer(PARAM.dae0_ifindex, 0); + return bpf_redirect(PARAM.dae0_ifindex, 0); direct: return TC_ACT_OK; diff --git a/docs/en/README.md b/docs/en/README.md index afa6498e1..0f220e66c 100644 --- a/docs/en/README.md +++ b/docs/en/README.md @@ -27,6 +27,10 @@ This feature requires kernel version of the machine >= 5.10. Note that if you bind dae to WAN only, dae only provide network service for local programs and not impact traffic coming in from other interfaces. +`Use trace command` + +If you want to use `dae trace` command to triage network connectivity issue, the kernel version is required to be >= 5.15. + ## Kernel Configurations Usually, mainstream desktop distributions have these items turned on. But in order to reduce kernel size, some items are turned off by default on embedded device distributions like OpenWRT, Armbian, etc. diff --git a/docs/zh/README.md b/docs/zh/README.md index 524dd7c8e..1fe159f39 100644 --- a/docs/zh/README.md +++ b/docs/zh/README.md @@ -25,6 +25,10 @@ 如果你只在 `wan_interface` 中填写了接口或 `auto`,而未在 `lan_interface` 中填写内容,那么从局域网中传来的流量将无法被代理。如果你想同时代理本机和局域网流量,请同时填写 `wan_interface` 和 `lan_interface`。 +`使用 trace 命令` + +如果你想用 `dae trace` 命令来诊断网络连通性问题,所在的设备内核版本要求 >= 5.15 。 + ## 内核配置选项 通常,主流桌面发行版都会打开这些选项。但是为了减小内核大小,在嵌入式设备发行版(如 OpenWRT、Armbian 等)上这些选项可能处于关闭状态。使用以下命令在你的设备上显示内核配置选项: diff --git a/trace/kern/headers b/trace/kern/headers index e4da1c960..79f0a7618 160000 --- a/trace/kern/headers +++ b/trace/kern/headers @@ -1 +1 @@ -Subproject commit e4da1c9601e1c3797d02c481a462b66588477495 +Subproject commit 79f0a7618571882eb5d8243909267e27e34c8290 diff --git a/trace/kern/trace.c b/trace/kern/trace.c index bff1d337d..611074f29 100644 --- a/trace/kern/trace.c +++ b/trace/kern/trace.c @@ -132,7 +132,7 @@ filter_l3_and_l4(struct sk_buff *skb) static __always_inline void set_meta(struct meta *meta, struct sk_buff *skb, struct pt_regs *ctx) { - meta->pc = BPF_CORE_READ(ctx, ip); + meta->pc = bpf_get_func_ip(ctx); meta->skb = (__u64)skb; meta->second_param = PT_REGS_PARM2(ctx); meta->mark = BPF_CORE_READ(skb, mark); diff --git a/trace/trace.go b/trace/trace.go index 2ee3da23e..a1d6eaf37 100644 --- a/trace/trace.go +++ b/trace/trace.go @@ -20,6 +20,8 @@ import ( "github.com/cilium/ebpf/btf" "github.com/cilium/ebpf/link" "github.com/cilium/ebpf/ringbuf" + "github.com/daeuniverse/dae/common/consts" + internal "github.com/daeuniverse/dae/pkg/ebpf_internal" "github.com/sirupsen/logrus" ) @@ -42,6 +44,15 @@ func init() { } func StartTrace(ctx context.Context, ipVersion int, l4ProtoNo uint16, port int, outputFile string) (err error) { + kernelVersion, err := internal.KernelVersion() + if err != nil { + return fmt.Errorf("failed to get kernel version: %w", err) + } + if requirement := consts.HelperBpfGetFuncIpVersionFeatureVersion; kernelVersion.Less(requirement) { + return fmt.Errorf("your kernel version %v does not support bpf_get_func_ip; expect >=%v; upgrade your kernel and try again", + kernelVersion.String(), + requirement.String()) + } objs, err := rewriteAndLoadBpf(ipVersion, l4ProtoNo, port) if err != nil { return