upa / af-graft Goto Github PK
View Code? Open in Web Editor NEWAF_GRAFT: Grafting sockets from containers onto host newtork stacks
af-graft's People
Contributors
Stargazers
Watchers
Forkers
anrlaf-graft's Issues
I need help with a program that can't be grafted
I tried to graft a C program which is compatible with LD_PRELOAD trick and got some error when doing, it's 3proxy:
https://github.com/z3APA3A/3proxy/blob/master/src/tcppm.c
https://github.com/z3APA3A/3proxy/blob/master/src/proxymain.c
https://github.com/z3APA3A/3proxy/blob/master/src/proxy.h
I run a iperf3 instance listening at port 8888 and forward to port 5201 with the program, so when I try to connect in this port with another instance of iperf3 an error happens:
$ iperf -s -B 127.0.0.1 -p 8888
$ LD_PRELOAD="/opt/af-graft/tools/libgraft-convert.so" GRAFT_VERBOSE="1" GRAFT_EGRESS_CONVERT="0.0.0.0/0=out4 ::/0=out6" GRAFT_INGRESS_CONVERT="127.0.0.1:5201=in4" /dev/shm/tcppm -i127.0.0.1 5201 127.0.0.1 8888
libgraft-convert.so:249:make_conv_addr(): use in4 for 127.0.0.1:5201-5201 (ingress)
libgraft-convert.so:419:make_conv_prefix(): use ep out4 for 0.0.0.0/0 (egress)
libgraft-convert.so:419:make_conv_prefix(): use ep out6 for ::/0 (egress)
libgraft-convert.so:597:socket(): overwrite family 2 with AF_GRAFT
libgraft-convert.so:708:setsockopt(): wrap setsockopt() level\=1, optname=2
libgraft-convert.so:708:setsockopt(): wrap setsockopt() level\=1, optname=15
libgraft-convert.so:691:bind(): convert bind 127.0.0.1:5201 to in4
libgraft-convert.so:597:socket(): overwrite family 2 with AF_GRAFT
libgraft-convert.so:708:setsockopt(): wrap setsockopt() level\=1, optname=13
libgraft-convert.so:683:bind(): no matched ep for fd\=5, 0.0.0.0:0. call original bind
strace with GRAFT_VERBOSE="0" shows:
$ LD_PRELOAD="/opt/af-graft/tools/libgraft-convert.so" GRAFT_VERBOSE="0" GRAFT_EGRESS_CONVERT="0.0.0.0/0=out4 ::/0=out6" GRAFT_INGRESS_CONVERT="127.0.0.1:5201=in4" strace /dev/shm/tcppm -i127.0.0.1 5201 127.0.0.1 8888
execve("/dev/shm/tcppm", ["/dev/shm/tcppm", "-i127.0.0.1", "5201", "127.0.0.1", "8888"], 0x7ffce2c99fd0 /* 26 vars */) = 0
brk(NULL) = 0x55a84362b000
openat(AT_FDCWD, "/opt/af-graft/tools/libgraft-convert.so", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\3604\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=105936, ...}) = 0
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6c6a5d0000
mmap(NULL, 59544, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f6c6a5c1000
mmap(0x7f6c6a5c4000, 28672, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x3000) = 0x7f6c6a5c4000
mmap(0x7f6c6a5cb000, 12288, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xa000) = 0x7f6c6a5cb000
mmap(0x7f6c6a5ce000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xc000) = 0x7f6c6a5ce000
close(3) = 0
access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=339806, ...}) = 0
mmap(NULL, 339806, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f6c6a56e000
close(3) = 0
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libdl.so.2", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0000\21\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=14592, ...}) = 0
mmap(NULL, 16656, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f6c6a569000
mmap(0x7f6c6a56a000, 4096, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1000) = 0x7f6c6a56a000
mmap(0x7f6c6a56b000, 4096, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x7f6c6a56b000
mmap(0x7f6c6a56c000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x7f6c6a56c000
close(3) = 0
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libpthread.so.0", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0@l\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=146968, ...}) = 0
mmap(NULL, 132288, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f6c6a548000
mmap(0x7f6c6a54e000, 61440, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x6000) = 0x7f6c6a54e000
mmap(0x7f6c6a55d000, 24576, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x15000) = 0x7f6c6a55d000
mmap(0x7f6c6a563000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1a000) = 0x7f6c6a563000
mmap(0x7f6c6a565000, 13504, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f6c6a565000
close(3) = 0
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\260A\2\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=1824496, ...}) = 0
mmap(NULL, 1837056, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f6c6a387000
mprotect(0x7f6c6a3a9000, 1658880, PROT_NONE) = 0
mmap(0x7f6c6a3a9000, 1343488, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x22000) = 0x7f6c6a3a9000
mmap(0x7f6c6a4f1000, 311296, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x16a000) = 0x7f6c6a4f1000
mmap(0x7f6c6a53e000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1b6000) = 0x7f6c6a53e000
mmap(0x7f6c6a544000, 14336, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f6c6a544000
close(3) = 0
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6c6a385000
arch_prctl(ARCH_SET_FS, 0x7f6c6a385b80) = 0
mprotect(0x7f6c6a53e000, 16384, PROT_READ) = 0
mprotect(0x7f6c6a563000, 4096, PROT_READ) = 0
mprotect(0x7f6c6a56c000, 4096, PROT_READ) = 0
mprotect(0x7f6c6a5ce000, 4096, PROT_READ) = 0
mprotect(0x55a843571000, 4096, PROT_READ) = 0
mprotect(0x7f6c6a5f9000, 4096, PROT_READ) = 0
munmap(0x7f6c6a56e000, 339806) = 0
set_tid_address(0x7f6c6a385e50) = 27824
set_robust_list(0x7f6c6a385e60, 24) = 0
rt_sigaction(SIGRTMIN, {sa_handler=0x7f6c6a54e6b0, sa_mask=[], sa_flags=SA_RESTORER|SA_SIGINFO, sa_restorer=0x7f6c6a55a730}, NULL, 8) = 0
rt_sigaction(SIGRT_1, {sa_handler=0x7f6c6a54e740, sa_mask=[], sa_flags=SA_RESTORER|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f6c6a55a730}, NULL, 8) = 0
rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
brk(NULL) = 0x55a84362b000
brk(0x55a84364c000) = 0x55a84364c000
futex(0x7f6c6a56d0c8, FUTEX_WAKE_PRIVATE, 2147483647) = 0
rt_sigaction(SIGPIPE, {sa_handler=SIG_IGN, sa_mask=[PIPE], sa_flags=SA_RESTORER|SA_RESTART, sa_restorer=0x7f6c6a3be840}, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
socket(AF_IPX, SOCK_STREAM, 6) = 3
setsockopt(3, 0xfe /* SOL_?? */, 1, [1], 4) = 0
setsockopt(3, 0xfe /* SOL_?? */, 5, [1], 4) = 0
fcntl(3, F_SETFL, O_RDONLY|O_NONBLOCK) = 0
setsockopt(3, 0xfe /* SOL_?? */, 4, "\1\0\0\0\2\0\0\0\4\0\0\0\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 128) = 0
setsockopt(3, 0xfe /* SOL_?? */, 4, "\1\0\0\0\17\0\0\0\4\0\0\0\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 128) = 0
getsockname(3, 0x7ffe2cba20a0, [128->0]) = 0
bind(3, {sa_family=AF_IPX, sipx_port=htons(26990), sipx_network=htonl(0x34000000), sipx_node=[00, 00, 00, 00, 00, 00], sipx_type=00}, 18) = 0
setsockopt(3, 0xfe /* SOL_?? */, 1, [0], 4) = 0
listen(3, 32) = 0
getpid() = 27824
poll([{fd=3, events=POLLIN}], 1, 1000) = 0 (Timeout)
poll([{fd=3, events=POLLIN}], 1, 1000) = 0 (Timeout)
poll([{fd=3, events=POLLIN}], 1, 1000) = 0 (Timeout)
poll([{fd=3, events=POLLIN}], 1, 1000) = 0 (Timeout)
poll([{fd=3, events=POLLIN}], 1, 1000) = 0 (Timeout)
poll([{fd=3, events=POLLIN}], 1, 1000) = 0 (Timeout)
poll([{fd=3, events=POLLIN}], 1, 1000) = 0 (Timeout)
poll([{fd=3, events=POLLIN}], 1, 1000) = 0 (Timeout)
poll([{fd=3, events=POLLIN}], 1, 1000) = 0 (Timeout)
=============================== When a connection is received
poll([{fd=3, events=POLLIN}], 1, 1000) = 1 ([{fd=3, revents=POLLIN}])
accept(3, {sa_family=AF_INET, sin_port=htons(58512), sin_addr=inet_addr("127.0.0.1")}, [28->16]) = 4
getsockname(4, {sa_family=AF_INET, sin_port=htons(5201), sin_addr=inet_addr("127.0.0.1")}, [28->16]) = 0
fcntl(4, F_SETFL, O_RDONLY|O_NONBLOCK) = 0
setsockopt(4, SOL_SOCKET, SO_LINGER, {l_onoff=1, l_linger=60}, 8) = 0
setsockopt(4, SOL_SOCKET, SO_OOBINLINE, [1], 4) = 0
mmap(NULL, 36864, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6c6a5b8000
mprotect(0x7f6c6a5b9000, 32768, PROT_READ|PROT_WRITE) = 0
clone(child_stack=0x7f6c6a5bffb0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tidptr=0x7f6c6a5c09d0, tls=0x7f6c6a5c0700, child_tidptr=0x7f6c6a5c09d0) = 27833
poll([{fd=3, events=POLLIN}], 1, 1000libgraft-convert.so:683:bind(): no matched ep for fd=5, 0.0.0.0:0. call original bind
) = 0 (Timeout)
poll([{fd=3, events=POLLIN}], 1, 1000) = 0 (Timeout)
poll([{fd=3, events=POLLIN}], 1, 1000) = 0 (Timeout)
poll([{fd=3, events=POLLIN}], 1, 1000) = 0 (Timeout)
poll([{fd=3, events=POLLIN}], 1, 1000) = 0 (Timeout)
poll([{fd=3, events=POLLIN}], 1, 1000^Cstrace: Process 27824 detached
<detached ...>
========================================================================
ltrace with GRAFT_VERBOSE="0" shows:
$ LD_PRELOAD="/opt/af-graft/tools/libgraft-convert.so" GRAFT_VERBOSE="0" GRAFT_EGRESS_CONVERT="0.0.0.0/0=out4 ::/0=out6" GRAFT_INGRESS_CONVERT="127.0.0.1:5201=in4" ltrace /dev/shm/tcppm -i127.0.0.1 5201 127.0.0.1 8888
signal(SIGPIPE, 0x1) = 0
time(0) = 1566206791
pthread_mutex_init(0x7ffc220a9e20, 0, 2, 2) = 0
pthread_mutex_init(0x558fa0792560, 0, 2, 0) = 0
inet_pton(2, 0x7ffc220ac7ba, 0x7ffc220a9dcc, 3) = 1
strtol(0x7ffc220ac7c4, 0, 10, 0) = 5201
strtol(0x7ffc220ac7d3, 0, 10, 0x1999999999999999) = 8888
strdup("127.0.0.1") = 0x558fa111f4f0
fcntl(3, 4, 2048, 0x7f0efb114a6a) = 0
pthread_self(3, 32, 1, 0x7f0efb1145f7) = 0x7f0efb018b80
getpid() = 27857
sprintf("Accepting connections [27857/421"..., "Accepting connections [%u/%u]", 27857, 4211182464) = 40
gettimeofday(0x7ffc220a9b20, 0x7ffc220a9b18) = 0
pthread_attr_init(0x7ffc220a9bf0, 0x7ffc220a9b20, 85, 0) = 0
pthread_attr_setstacksize(0x7ffc220a9bf0, 0x8000, 85, 0) = 0
pthread_attr_setdetachstate(0x7ffc220a9bf0, 1, 85, 0) = 0
=============================== When a connection is received
fcntl(4, 4, 2048, 0x7f0efb114597) = 0
malloc(696) = 0x558fa111f510
gettimeofday(0x7ffc220a9b20, 0x7ffc220a9b18) = 0
pthread_mutex_lock(0x7ffc220a9e20, 0x7ffc220a9b20, 146, 0) = 0
pthread_create(0x7ffc220a9bc0, 0x7ffc220a9bf0, 0x558fa078c190, 0x558fa111f510) = 0
pthread_mutex_unlock(0x7ffc220a9e20, 0, 0, 0x7f0efb253700) = 0
libgraft-convert.so:683:bind(): no matched ep for fd=5, 0.0.0.0:0. call original bind
^C--- SIGINT (Interrupt) ---
+++ killed by SIGINT +++
=======================================================
When non-grafted it runs fine
@upa, could you tell me what's wrong? Could you fix this in AF_GRAFT?
Error inserting module
After compiling the package I try to load the module but I get an error:
$ insmod kmod/af_graft.ko
insmod: ERROR: could not insert module kmod/af_graft.ko: File exists
No error found in dmesg and "journalctl -xe", but in /var/log/kern:
Oct 15 18:22:11 localhost kernel: [ 8810.983059] NET: Registered protocol family 4
Oct 15 18:22:11 localhost kernel: [ 8810.983061] af_graft: af_graft_init: sock_register failed '-17'
My system is Debian Testing with kernel 4.16.0-1-amd64, gcc version 8.2.0.
=============================
Here is strace log:
$ strace insmod kmod/af_graft.ko
execve("/sbin/insmod", ["insmod", "kmod/af_graft.ko"], 0x7ffeb30520c8 /* 23 vars /) = 0
brk(NULL) = 0x55de07883000
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=314313, ...}) = 0
mmap(NULL, 314313, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f57bf9e2000
close(3) = 0
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/liblzma.so.5", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\2200\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=154376, ...}) = 0
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f57bf9e0000
mmap(NULL, 2249360, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f57bf7ba000
mprotect(0x7f57bf7df000, 2093056, PROT_NONE) = 0
mmap(0x7f57bf9de000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x24000) = 0x7f57bf9de000
close(3) = 0
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0000,\2\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=1808440, ...}) = 0
mmap(NULL, 1821408, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f57bf5fd000
mmap(0x7f57bf61f000, 1335296, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x22000) = 0x7f57bf61f000
mmap(0x7f57bf765000, 307200, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x168000) = 0x7f57bf765000
mmap(0x7f57bf7b0000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1b2000) = 0x7f57bf7b0000
mmap(0x7f57bf7b6000, 15072, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f57bf7b6000
close(3) = 0
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libdl.so.2", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0000\21\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=14592, ...}) = 0
mmap(NULL, 16656, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f57bf5f8000
mmap(0x7f57bf5f9000, 4096, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1000) = 0x7f57bf5f9000
mmap(0x7f57bf5fa000, 4096, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x7f57bf5fa000
mmap(0x7f57bf5fb000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x7f57bf5fb000
close(3) = 0
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libpthread.so.0", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\300k\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=146312, ...}) = 0
mmap(NULL, 132224, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f57bf5d7000
mmap(0x7f57bf5dd000, 61440, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x6000) = 0x7f57bf5dd000
mmap(0x7f57bf5ec000, 24576, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x15000) = 0x7f57bf5ec000
mmap(0x7f57bf5f2000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1a000) = 0x7f57bf5f2000
mmap(0x7f57bf5f4000, 13440, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f57bf5f4000
close(3) = 0
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f57bf5d5000
arch_prctl(ARCH_SET_FS, 0x7f57bf5d5b80) = 0
mprotect(0x7f57bf7b0000, 16384, PROT_READ) = 0
mprotect(0x7f57bf5f2000, 4096, PROT_READ) = 0
mprotect(0x7f57bf5fb000, 4096, PROT_READ) = 0
mprotect(0x7f57bf9de000, 4096, PROT_READ) = 0
mprotect(0x55de0602f000, 8192, PROT_READ) = 0
mprotect(0x7f57bfa56000, 4096, PROT_READ) = 0
munmap(0x7f57bf9e2000, 314313) = 0
set_tid_address(0x7f57bf5d5e50) = 18420
set_robust_list(0x7f57bf5d5e60, 24) = 0
rt_sigaction(SIGRTMIN, {sa_handler=0x7f57bf5dd630, sa_mask=[], sa_flags=SA_RESTORER|SA_SIGINFO, sa_restorer=0x7f57bf5e98e0}, NULL, 8) = 0
rt_sigaction(SIGRT_1, {sa_handler=0x7f57bf5dd6d0, sa_mask=[], sa_flags=SA_RESTORER|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f57bf5e98e0}, NULL, 8) = 0
rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=81921024, rlim_max=RLIM64_INFINITY}) = 0
brk(NULL) = 0x55de07883000
brk(0x55de078a4000) = 0x55de078a4000
uname({sysname="Linux", nodename="localhost", ...}) = 0
openat(AT_FDCWD, "/lib/modules/4.16.0-1-amd64/modules.softdep", O_RDONLY|O_CLOEXEC) = 3
fcntl(3, F_GETFL) = 0x8000 (flags O_RDONLY|O_LARGEFILE)
fstat(3, {st_mode=S_IFREG|0644, st_size=768, ...}) = 0
read(3, "# Soft dependencies extracted fr"..., 4096) = 768
read(3, "", 4096) = 0
close(3) = 0
openat(AT_FDCWD, "/proc/cmdline", O_RDONLY|O_CLOEXEC) = 3
read(3, "BOOT_IMAGE=/vmlinuz-4.16.0-1-amd"..., 4095) = 91
read(3, "", 4004) = 0
close(3) = 0
stat(".", {st_mode=S_IFDIR|0755, st_size=154, ...}) = 0
stat("/home/user/Store/Programs/Programs/af-graft/af-graft-master", {st_mode=S_IFDIR|0755, st_size=154, ...}) = 0
stat("/home/user/Store/Programs/Programs/af-graft/af-graft-master/kmod/af_graft.ko", {st_mode=S_IFREG|0644, st_size=671800, ...}) = 0
openat(AT_FDCWD, "/home/user/Store/Programs/Programs/af-graft/af-graft-master/kmod/af_graft.ko", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1", 6) = 6
lseek(3, 0, SEEK_SET) = 0
fstat(3, {st_mode=S_IFREG|0644, st_size=671800, ...}) = 0
mmap(NULL, 671800, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f57bf530000
finit_module(3, "", 0) = -1 EEXIST (File exists)
write(2, "insmod: ERROR: could not insert "..., 69insmod: ERROR: could not insert module kmod/af_graft.ko: File exists
) = 69
munmap(0x7f57bf530000, 671800) = 0
close(3) = 0
exit_group(1) = ?
+++ exited with 1 +++
=====================
ltrace log:
$ ltrace insmod kmod/af_graft.ko
[...]
strtok_r(0x55bc46694650, 0x55bc45102b62, 0x7ffce8d9d7a8, 256) = 0x55bc46694650
strtok_r(0, 0x55bc45102b62, 0x7ffce8d9d7a8, 0) = 0x55bc46694658
strtok_r(0, 0x55bc45104599, 0x7ffce8d9d7a8, 1) = 0x55bc46694662
strlen("libcrc32c") = 9
__ctype_b_loc() = 0x7f14aea97b18
__ctype_b_loc() = 0x7f14aea97b18
__ctype_b_loc() = 0x7f14aea97b18
__ctype_b_loc() = 0x7f14aea97b18
__ctype_b_loc() = 0x7f14aea97b18
__ctype_b_loc() = 0x7f14aea97b18
__ctype_b_loc() = 0x7f14aea97b18
__ctype_b_loc() = 0x7f14aea97b18
__ctype_b_loc() = 0x7f14aea97b18
__ctype_b_loc() = 0x7f14aea97b18
__ctype_b_loc() = 0x7f14aea97b18
malloc(57) = 0x55bc46696080
memcpy(0x55bc466960a8, "libcrc32c\0", 10) = 0x55bc466960a8
__ctype_b_loc() = 0x7f14aea97b18
__ctype_b_loc() = 0x7f14aea97b18
__ctype_b_loc() = 0x7f14aea97b18
__ctype_b_loc() = 0x7f14aea97b18
__ctype_b_loc() = 0x7f14aea97b18
__ctype_b_loc() = 0x7f14aea97b18
__ctype_b_loc() = 0x7f14aea97b18
__ctype_b_loc() = 0x7f14aea97b18
__ctype_b_loc() = 0x7f14aea97b18
__ctype_b_loc() = 0x7f14aea97b18
__ctype_b_loc() = 0x7f14aea97b18
memcpy(0x55bc466960b2, "crc32c", 6) = 0x55bc466960b2
malloc(24) = 0x55bc466960d0
free(0x55bc46694650) =
malloc(256) = 0x55bc46694650
__uflow(0x55bc46694420, 0x55bc46694088, 0x55bc46694650, 256) = -1
free(0x55bc46694650) =
fclose(0x55bc46694420) = 0
free(0x55bc46694380) =
free(0x55bc466943b0) =
open("/proc/cmdline", 524288, 00) = 3
read(3, "BOOT_IMAGE=/vmlinuz-4.16.0-1-amd"..., 4095) = 91
read(3, "", 4004) = 0
close(3) = 0
calloc(1, 4120) = 0x55bc466960f0
get_current_dir_name(0x7ffce8d9edf5, 0x7ffce8d9edf5, 0x7ffce8d9e900, 0) = 0x55bc46694760
strlen("kmod/af_graft.ko") = 16
strlen("/home/user/Store/Programs/Progra"...) = 59
realloc(0x55bc46694760, 77) = 0x55bc46694760
memcpy(0x55bc4669479c, "kmod/af_graft.ko\0", 17) = 0x55bc4669479c
free(0) =
__xstat(1, "/home/user/Store/Programs/Progra"..., 0x7ffce8d9d890) = 0
basename("kmod/af_graft.ko") = "af_graft.ko"
strlen("af_graft") = 8
strlen("af_graft") = 8
malloc(113) = 0x55bc466947c0
memcpy(0x55bc46694828, "af_graft\0", 9) = 0x55bc46694828
strlen("af_graft") = 8
realloc(0, 128) = 0x55bc46694840
calloc(1, 56) = 0x55bc466948d0
open("/home/user/Store/Programs/Progra"..., 524288, 070) = 3
read(3, "\177ELF\002\001", 6) = 6
lseek(3, 0, 0) = 0
memcmp(0x7ffce8d9e8c0, 0x55bc45105290, 6, 0x7f14aeba8367) = 0xffffff82
__fxstat(1, 3, 0x7ffce8d9e810) = 0
mmap(0, 0xa4038, 1, 2) = 0x7f14ae9f2000
syscall(313, 3, 0x55bc45102a78, 0) = -1
__errno_location() = 0x7f14aea97b00
__errno_location() = 0x7f14aea97b00
strerror(17) = "File exists"
__vasprintf_chk(0x7ffce8d9e850, 1, 0x55bc45100e78, 0x7ffce8d9e858) = 54
__fprintf_chk(0x7f14aec77680, 1, 0x55bc45103906, 0x7ffce8d9edeeinsmod: ERROR: could not insert module kmod/af_graft.ko: File exists
) = 69
free(0x55bc46694910) =
strlen("af_graft") = 8
strcmp("af_graft", "af_graft") = 0
memmove(0x55bc46694840, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0", 16) = 0x55bc46694840
munmap(0x7f14ae9f2000, 0xa4038, 0, 0x55bc466960f0) = 0
close(3) = 0
free(0x55bc466948d0) =
free(0) =
free(0x55bc46694760) =
free(0x55bc466947c0) =
free(0) =
free(0) =
free(0) =
free(0) =
free(0) =
free(0) =
free(0) =
free(0) =
free(0) =
free(0x55bc46694840) =
free(0) =
[...]
If a program listens on both TCP/UDP, an error occours if tricked with libgraft-hijack.so
ip netns add ns1 && ip netns exec ns1 ip link set lo up
modprobe -r ipx
insmod /opt/af-graft/kmod/af_graft.ko
/opt/af-graft/iproute2-4.10.0/ip/ip graft add nx4 type ipv4 addr 127.0.0.1 port 53 netns ns1
/opt/af-graft/iproute2-4.10.0/ip/ip graft add nx4-out type ipv4 netns 1
LD_PRELOAD="/opt/af-graft/tools/libgrwrap.so" GRAFT_CONV_PAIRS="127.0.0.1:53=nx4" GRAFT_BBCONN="nx4-out" DNS2SOCKS 127.0.0.1:9050 1.1.1.1:53 127.0.0.1:53
Error relocating /usr/local/lib/libgrwrap.so: __cmsg_nxthdr: symbol not found
Any other program that listen only on TCP or UDP works.
Strace Log:
LD_PRELOAD="/opt/af-graft/tools/libgrwrap.so" GRAFT_CONV_PAIRS="127.0.0.1:53=nx4" GRAFT_BBCONN="nx4-out" strace DNS2SOCKS
execve("/usr/local/bin/DNS2SOCKS", ["DNS2SOCKS"], 0x7fff10261ca0 /* 25 vars */) = 0
arch_prctl(ARCH_SET_FS, 0x7fe35f821b28) = 0
set_tid_address(0x7fe35f821b68) = 9042
open("/opt/af-graft/tools/libgrwrap.so", O_RDONLY|O_CLOEXEC) = 3
fcntl(3, F_SETFD, FD_CLOEXEC) = 0
fstat(3, {st_mode=S_IFREG|0755, st_size=59816, ...}) = 0
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\240#\0\0\0\0\0\0"..., 960) = 960
mmap(NULL, 65536, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7fe35f763000
mmap(0x7fe35f765000, 20480, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED, 3, 0x2000) = 0x7fe35f765000
mmap(0x7fe35f76a000, 8192, PROT_READ, MAP_PRIVATE|MAP_FIXED, 3, 0x7000) = 0x7fe35f76a000
mmap(0x7fe35f76c000, 28672, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0x8000) = 0x7fe35f76c000
mmap(0x7fe35f76e000, 20480, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7fe35f76e000
close(3) = 0
writev(2, [{iov_base="Error relocating /opt/af-graft/tools/libgrwrap.so"..., iov_len=77}, {iov_base=NULL, iov_len=0}], 2Error relocating /opt/af-graft/tools/libgrwrap.so: __cmsg_nxthdr: symbol not found) = 77
writev(2, [{iov_base="\n", iov_len=1}, {iov_base=NULL, iov_len=0}], 2
) = 1
mprotect(0x7fe35f76c000, 4096, PROT_READ) = 0
mprotect(0x7fe35f81e000, 4096, PROT_READ) = 0
mprotect(0x5594cb367000, 4096, PROT_READ) = 0
exit_group(127) = ?
+++ exited with 127 +++
Sorry for my English
Module building fails with Kernel 5.2.13
I had using kernel 4.20 lately, when I moved to 5.x I got this error when trying to build the af-graft kernel module:
$ make
echo -I/../include/
-I/../include/
make -C /lib/modules/5.2.13-xanmod10/build M=/opt/af-graft/kmod V=0 modules
make[1]: Entering directory '/usr/src/linux-headers-5.2.13-xanmod10'
CC [M] /opt/af-graft/kmod/af_graft.o
/opt/af-graft/kmod/af_graft.c:170:4: error: ‘struct genl_ops’ has no member named ‘policy’
170 | .policy = graft_nl_policy,
| ^~~~~~
/opt/af-graft/kmod/af_graft.c:170:13: error: initialization of ‘int (*)(struct netlink_callback *)’ from incompatible pointer type ‘struct nla_policy *’ [-Werror=incompatible-pointer-types]
170 | .policy = graft_nl_policy,
| ^~~~~~~~~~~~~~~
/opt/af-graft/kmod/af_graft.c:170:13: note: (near initialization for ‘graft_nl_ops[0].start’)
/opt/af-graft/kmod/af_graft.c:176:4: error: ‘struct genl_ops’ has no member named ‘policy’
176 | .policy = graft_nl_policy,
| ^~~~~~
/opt/af-graft/kmod/af_graft.c:176:13: error: initialization of ‘int (*)(struct netlink_callback *)’ from incompatible pointer type ‘struct nla_policy *’ [-Werror=incompatible-pointer-types]
176 | .policy = graft_nl_policy,
| ^~~~~~~~~~~~~~~
/opt/af-graft/kmod/af_graft.c:176:13: note: (near initialization for ‘graft_nl_ops[1].start’)
/opt/af-graft/kmod/af_graft.c:182:4: error: ‘struct genl_ops’ has no member named ‘policy’
182 | .policy = graft_nl_policy,
| ^~~~~~
/opt/af-graft/kmod/af_graft.c:182:13: error: initialization of ‘int (*)(struct netlink_callback *)’ from incompatible pointer type ‘struct nla_policy *’ [-Werror=incompatible-pointer-types]
182 | .policy = graft_nl_policy,
| ^~~~~~~~~~~~~~~
/opt/af-graft/kmod/af_graft.c:182:13: note: (near initialization for ‘graft_nl_ops[2].done’)
cc1: some warnings being treated as errors
make[2]: *** [scripts/Makefile.build:285: /opt/af-graft/kmod/af_graft.o] Error 1
make[1]: *** [Makefile:1597: _module_/opt/af-graft/kmod] Error 2
make[1]: Leaving directory '/usr/src/linux-headers-5.2.13-xanmod10'
make: *** [Makefile:11: all] Error 2
Correct way for testing performing tests
Hi,
I am trying to test af-graft and see the performance gain myself.
I have created a VM with the graft end points and everything as mentioned in the readme.
However, when I test with iperf3, I get almost the same performance for socket grafter docker iperf3 server and non-socket grafted iperf3 server (taken from here)
I would expect the grafted one to be significantly. Note : the server is set up as per the readme in docker/
Is there something I am missing?
Thanks!
Compilation fails on Kernel 4.18
I upgraded my kernel from 4.16.0 to 4.18.0 and when I tried to recompile the .ko module and the hacked iproute2, it failed.
I use Debian, all dependencies satisfied. Everything go fine when switching back to 4.16
====================
user@localhost:/dev/shm/af-graft-master# make -C kmod/
make: Entering directory '/dev/shm/af-graft-master/kmod'
echo -I/../include/
-I/../include/
make -C /lib/modules/4.18.0-3-amd64/build M=/dev/shm/af-graft-master/kmod V=0 modules
make[1]: Entering directory '/usr/src/linux-headers-4.18.0-3-amd64'
CC [M] /dev/shm/af-graft-master/kmod/af_graft.o
/dev/shm/af-graft-master/kmod/af_graft.c: In function ‘graft_getname’:
/dev/shm/af-graft-master/kmod/af_graft.c:684:45: warning: passing argument 3 of ‘hsock->ops->getname’ makes integer from pointer without a cast [-Wint-conversion]
return hsock->ops->getname(hsock, uaddr, uaddr_len,
^~~~~~~~~
/dev/shm/af-graft-master/kmod/af_graft.c:684:45: note: expected ‘int’ but argument is of type ‘int *’
/dev/shm/af-graft-master/kmod/af_graft.c:684:11: error: too many arguments to function ‘hsock->ops->getname’
return hsock->ops->getname(hsock, uaddr, uaddr_len,
^~~~~
/dev/shm/af-graft-master/kmod/af_graft.c: At top level:
/dev/shm/af-graft-master/kmod/af_graft.c:996:13: error: initialization from incompatible pointer type [-Werror=incompatible-pointer-types]
.getname = graft_getname,
^~~~~~~~~~~~~
/dev/shm/af-graft-master/kmod/af_graft.c:996:13: note: (near initialization for ‘graft_proto_ops.getname’)
/dev/shm/af-graft-master/kmod/af_graft.c: In function ‘graft_sso_delayed_result’:
/dev/shm/af-graft-master/kmod/af_graft.c:460:3: warning: ignoring return value of ‘copy_to_user’, declared with attribute warn_unused_result [-Wunused-result]
copy_to_user(ptr, &sso->res, res_siz);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/dev/shm/af-graft-master/kmod/af_graft.c: In function ‘graft_setsockopt’:
/dev/shm/af-graft-master/kmod/af_graft.c:780:2: warning: ignoring return value of ‘copy_from_user’, declared with attribute warn_unused_result [-Wunused-result]
copy_from_user(buf, optval, optlen);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
cc1: some warnings being treated as errors
make[4]: *** [/usr/src/linux-headers-4.18.0-3-common/scripts/Makefile.build:329: /dev/shm/af-graft-master/kmod/af_graft.o] Error 1
make[3]: *** [/usr/src/linux-headers-4.18.0-3-common/Makefile:1519: module/dev/shm/af-graft-master/kmod] Error 2
make[2]: *** [Makefile:146: sub-make] Error 2
make[1]: *** [Makefile:8: all] Error 2
make[1]: Leaving directory '/usr/src/linux-headers-4.18.0-3-amd64'
make: *** [Makefile:11: all] Error 2
make: Leaving directory '/dev/shm/af-graft-master/kmod'
=================
user@localhost:/dev/shm/af-graft-master# make -C iproute2-4.10.0/
make: Entering directory '/dev/shm/af-graft-master/iproute2-4.10.0'
sh configure /usr/include
TC schedulers
ATM no
libc has setns: yes
SELinux support: yes
ELF support: no
libmnl support: no
Berkeley DB: no
docs: latex: yes
pdflatex: yes
sgml2latex: no
WARNING: no LaTeX files can be build from SGML files
sgml2html: no
WARNING: no HTML docs can be built from SGML
lib
make[1]: Entering directory '/dev/shm/af-graft-master/iproute2-4.10.0/lib'
CC libgenl.o
[...]
CC m_ematch.o
m_ematch.c: In function ‘lookup_map.constprop’:
m_ematch.c:78:5: warning: ‘strncpy’ output may be truncated copying 31 bytes from a string of length 511 [-Wstringop-truncation]
strncpy(dst, namebuf, len - 1);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
YACC emp_ematch.yacc.c
"emp_ematch.y", line 9: junk after `%%' in definition section
"emp_ematch.y", line 9: no input grammar
free(): double free detected in tcache 2
Aborted
make[1]: *** [Makefile:165: emp_ematch.yacc.c] Error 134
make[1]: Leaving directory '/dev/shm/af-graft-master/iproute2-4.10.0/tc'
make: *** [Makefile:66: all] Error 2
make: Leaving directory '/dev/shm/af-graft-master/iproute2-4.10.0'
=============
user@localhost:/dev/shm/af-graft-master# make -C iproute2-4.15.0/
make: Entering directory '/dev/shm/af-graft-master/iproute2-4.15.0'
sh configure /usr/include
TC schedulers
ATM no
libc has setns: yes
SELinux support: yes
ELF support: no
libmnl support: no
Berkeley DB: no
need for strlcpy: yes
docs: latex: yes
pdflatex: yes
sgml2latex: no
WARNING: no LaTeX files can be build from SGML files
sgml2html: no
WARNING: no HTML docs can be built from SGML
lib
CC libgenl.o
[...]
CC m_ematch.o
m_ematch.c: In function ‘lookup_map.constprop’:
m_ematch.c:77:5: warning: ‘strncpy’ output may be truncated copying 31 bytes from a string of length 511 [-Wstringop-truncation]
strncpy(dst, namebuf, len - 1);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
YACC emp_ematch.yacc.c
"emp_ematch.y", line 9: junk after `%%' in definition section
"emp_ematch.y", line 9: no input grammar
free(): double free detected in tcache 2
Aborted
make[1]: *** [Makefile:167: emp_ematch.yacc.c] Error 134
make: *** [Makefile:66: all] Error 2
make: Leaving directory '/dev/shm/af-graft-master/iproute2-4.15.0'
[Suggestion] Add support to multiple outputs with GRAFT_BBCONN in libgraft-hijack.so
If a program connects to both IPv4 and IPv6 addresses, it can't make connections of both address types if tricked with LD_PRELOAD=/.../libgraft-hijack.so. If a second GRAFT_BBCONN is passed on command line only the first is used. This can harm the functionality of webservers unless they are hacked to connect directly to AF_GRAFT sockets.
What I suggest is something like that:
ip netns add ns1
ip graft add out4 type ipv4 addr 0.0.0.0 port dynamic netns 1
ip graft add out6 type ipv4 addr :: port dynamic netns 1
ip graft add lo4 type ipv4 addr 127.0.0.1 port 1080 netns ns1
ip graft add lo6 type ipv4 addr ::1 port 1080 netns ns1
LD_PRELOAD=/.../libgraft-hijack.so GRAFT_CONV_PAIRS="127.0.0.1:1080=out4 ::1:1080=out6" GRAFT_BBCONN="out4 out6" <some_program>
/\ The program binds to the addresses 4 and 6 of loopback inside network namespace "ns1" and connects to any IPv4 and IPv6 external addresses using the two routes (out4 and out6).
Another important usage, let's suppose a program inside a network namespace connects to host network using GRAFT_BBCONN and also connects to a local port inside its network namespace (or perhaps, another one), if this feature in libgraft-hijack.so is not matched, load balancing proxies, port forwarders and others will not work with AF_GRAFT:
ip netns add ns2 && ip netns exec ns2 ip link set lo up
ip netns exec ns2 ip graft add conn-host type ipv4 addr 0.0.0.0 port dynamic netns 1
ip netns exec ns2 ip graft add conn-local type ipv4 addr 0.0.0.0 port dynamic netns ns2
ip netns exec ns2 ip graft add local type ipv4 addr 127.0.0.1 port 1080 netns ns2
ip netns exec ns2 LD_PRELOAD=/.../libgraft-hijack.so GRAFT_CONV_PAIRS="127.0.0.1:1080=local" GRAFT_BBCONN="conn-host conn-local" <some_program>
/\ The program inside the network namespace "ns2" connect to host network through "conn-host" and this own network side through "conn-local".
Can you implement this feature?
Bug: Grafted programs cannot determine TCP_MAXSEG when listening endpoint is inside a named netns
This can be reproduced with haproxy (any load balancer or port forwarder will not work too):
ip netns add nsx
ip netns exec nsx ip li set lo up
ip netns exec nsx ipgraft add in4 type ipv4 addr 127.0.0.1 port 5201 netns nsx
ip netns exec nsx ipgraft add out4 type ipv4 netns 1
ip netns exec nsx ipgraft add out6 type ipv6 netns 1
echo "global
maxconn 8192
defaults
timeout connect 50000s
timeout client 360000s
timeout server 360000s
listen blah
mode tcp
balance roundrobin
bind 127.0.0.1:5201
server server1 127.0.0.1:5201 maxconn 8192
" > /dev/shm/haproxy.conf
ip netns exec nsx sh -c "export LD_PRELOAD=\"/opt/af-graft/tools/libgraft-convert.so\" GRAFT_EGRESS_CONVERT=\"0.0.0.0/0=out4 ::/0=out6\" GRAFT_INGRESS_CONVERT=\"127.0.0.1:5201=in4\" GRAFT_VERBOSE=\"0\"; haproxy -f /dev/shm/haproxy.conf"
After haproxy running it shows this message:
[WARNING] 241/192913 (5875) : Failed to get the default value of TCP_MAXSEG
[WARNING] 241/192913 (5875) : Failed ot get the default value of TCP_MAXSEG for IPv6
iperf3 is launched in netns 1:
iperf -s -B 127.0.0.1 -p 5201
When iperf3 client is launched inside the named netns "nsx":
ip netns exec nsx iperf -c 127.0.0.1 -p 5201
connect failed: Connection refused
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.