tools: add option --cgroupmap to tcp tools
List of tcp tools updated: tcpaccept, tcpconnect, tcptracer
diff --git a/tools/tcpconnect.py b/tools/tcpconnect.py
index eb12667..67f2cef 100755
--- a/tools/tcpconnect.py
+++ b/tools/tcpconnect.py
@@ -37,6 +37,7 @@
./tcpconnect -U # include UID
./tcpconnect -u 1000 # only trace UID 1000
./tcpconnect -c # count connects per src ip and dest ip/port
+ ./tcpconnect --cgroupmap ./mappath # only trace cgroups in this BPF map
"""
parser = argparse.ArgumentParser(
description="Trace TCP connects",
@@ -54,6 +55,8 @@
help="trace this UID only")
parser.add_argument("-c", "--count", action="store_true",
help="count connects per src ip and dest ip/port")
+parser.add_argument("--cgroupmap",
+ help="trace cgroups in this BPF map only")
parser.add_argument("--ebpf", action="store_true",
help=argparse.SUPPRESS)
args = parser.parse_args()
@@ -67,6 +70,10 @@
BPF_HASH(currsock, u32, struct sock *);
+#if CGROUPSET
+BPF_TABLE_PINNED("hash", u64, u64, cgroupset, 1024, "CGROUPPATH");
+#endif
+
// separate data structs for ipv4 and ipv6
struct ipv4_data_t {
u64 ts_us;
@@ -109,6 +116,13 @@
int trace_connect_entry(struct pt_regs *ctx, struct sock *sk)
{
+#if CGROUPSET
+ u64 cgroupid = bpf_get_current_cgroup_id();
+ if (cgroupset.lookup(&cgroupid) == NULL) {
+ return 0;
+ }
+#endif
+
u64 pid_tgid = bpf_get_current_pid_tgid();
u32 pid = pid_tgid >> 32;
u32 tid = pid_tgid;
@@ -234,6 +248,11 @@
if args.uid:
bpf_text = bpf_text.replace('FILTER_UID',
'if (uid != %s) { return 0; }' % args.uid)
+if args.cgroupmap:
+ bpf_text = bpf_text.replace('CGROUPSET', '1')
+ bpf_text = bpf_text.replace('CGROUPPATH', args.cgroupmap)
+else:
+ bpf_text = bpf_text.replace('CGROUPSET', '0')
bpf_text = bpf_text.replace('FILTER_PID', '')
bpf_text = bpf_text.replace('FILTER_PORT', '')