1BPFTOOL-NET(8) BPFTOOL-NET(8)
2
6 bpftool-net - tool for inspection of networking related bpf prog at‐
7 tachments
8
10 bpftool [OPTIONS] net COMMAND
11 OPTIONS := { { -j | --json } [{ -p | --pretty }] | { -d | --debug }
13 }
14 COMMANDS := { show | list | attach | detach | help }
16
18 bpftool net { show | list } [ dev NAME ]
19 bpftool net attach ATTACH_TYPE PROG dev NAME [ overwrite ]
20 bpftool net detach ATTACH_TYPE dev NAME
21 bpftool net help
22 PROG := { id PROG_ID | pinned FILE | tag PROG_TAG }
24 ATTACH_TYPE := { xdp | xdpgeneric | xdpdrv | xdpoffload }
25
28 bpftool net { show | list } [ dev NAME ]
29 List bpf program attachments in the kernel networking subsys‐
30 tem.
31 Currently, device driver xdp attachments, tcx and old-style
33 tc classifier/action attachments, flow_dissector as well as
34 netfilter attachments are implemented, i.e., for program
35 types BPF_PROG_TYPE_XDP, BPF_PROG_TYPE_SCHED_CLS,
36 BPF_PROG_TYPE_SCHED_ACT, BPF_PROG_TYPE_FLOW_DISSECTOR,
37 BPF_PROG_TYPE_NETFILTER.
38 For programs attached to a particular cgroup, e.g.,
40 BPF_PROG_TYPE_CGROUP_SKB, BPF_PROG_TYPE_CGROUP_SOCK,
41 BPF_PROG_TYPE_SOCK_OPS and BPF_PROG_TYPE_CGROUP_SOCK_ADDR,
42 users can use bpftool cgroup to dump cgroup attachments. For
43 sk_{filter, skb, msg, reuseport} and lwt/seg6 bpf programs,
44 users should consult other tools, e.g., iproute2.
45 The current output will start with all xdp program attach‐
47 ments, followed by all tcx, then tc class/qdisc bpf program
48 attachments, then flow_dissector and finally netfilter pro‐
49 grams. Both xdp programs and tcx/tc programs are ordered
50 based on ifindex number. If multiple bpf programs attached to
51 the same networking device through tc, the order will be
52 first all bpf programs attached to tcx, then tc classes, then
53 all bpf programs attached to non clsact qdiscs, and finally
54 all bpf programs attached to root and clsact qdisc.
55 bpftool net attach ATTACH_TYPE PROG dev NAME [ overwrite ]
57 Attach bpf program PROG to network interface NAME with type
58 specified by ATTACH_TYPE. Previously attached bpf program can
59 be replaced by the command used with overwrite option. Cur‐
60 rently, only XDP-related modes are supported for ATTACH_TYPE.
61 ATTACH_TYPE can be of: xdp - try native XDP and fallback to
63 generic XDP if NIC driver does not support it; xdpgeneric -
64 Generic XDP. runs at generic XDP hook when packet already en‐
65 ters receive path as skb; xdpdrv - Native XDP. runs earliest
66 point in driver's receive path; xdpoffload - Offload XDP.
67 runs directly on NIC on each packet reception;
68 bpftool net detach ATTACH_TYPE dev NAME
70 Detach bpf program attached to network interface NAME with
71 type specified by ATTACH_TYPE. To detach bpf program, same
72 ATTACH_TYPE previously used for attach must be specified.
73 Currently, only XDP-related modes are supported for AT‐
74 TACH_TYPE.
75 bpftool net help
77 Print short help message.
78
80 -h, --help
81 Print short help message (similar to bpftool help).
82 -V, --version
84 Print bpftool's version number (similar to bpftool version),
85 the number of the libbpf version in use, and optional fea‐
86 tures that were included when bpftool was compiled. Optional
87 features include linking against LLVM or libbfd to provide
88 the disassembler for JIT-ted programs (bpftool prog dump
89 jited) and usage of BPF skeletons (some features like bpftool
90 prog profile or showing pids associated to BPF objects may
91 rely on it).
92 -j, --json
94 Generate JSON output. For commands that cannot produce JSON,
95 this option has no effect.
96 -p, --pretty
98 Generate human-readable JSON output. Implies -j.
99 -d, --debug
101 Print all logs available, even debug-level information. This
102 includes logs from libbpf as well as from the verifier, when
103 attempting to load programs.
104
106 # bpftool net
107 xdp:
110 eth0(2) driver id 198
111 tc:
113 eth0(2) htb name prefix_matcher.o:[cls_prefix_matcher_htb] id 111727 act []
114 eth0(2) clsact/ingress fbflow_icmp id 130246 act []
115 eth0(2) clsact/egress prefix_matcher.o:[cls_prefix_matcher_clsact] id 111726
116 eth0(2) clsact/egress cls_fg_dscp id 108619 act []
117 eth0(2) clsact/egress fbflow_egress id 130245
118 # bpftool -jp net
120 [{
123 "xdp": [{
124 "devname": "eth0",
125 "ifindex": 2,
126 "mode": "driver",
127 "id": 198
128 }
129 ],
130 "tc": [{
131 "devname": "eth0",
132 "ifindex": 2,
133 "kind": "htb",
134 "name": "prefix_matcher.o:[cls_prefix_matcher_htb]",
135 "id": 111727,
136 "act": []
137 },{
138 "devname": "eth0",
139 "ifindex": 2,
140 "kind": "clsact/ingress",
141 "name": "fbflow_icmp",
142 "id": 130246,
143 "act": []
144 },{
145 "devname": "eth0",
146 "ifindex": 2,
147 "kind": "clsact/egress",
148 "name": "prefix_matcher.o:[cls_prefix_matcher_clsact]",
149 "id": 111726,
150 },{
151 "devname": "eth0",
152 "ifindex": 2,
153 "kind": "clsact/egress",
154 "name": "cls_fg_dscp",
155 "id": 108619,
156 "act": []
157 },{
158 "devname": "eth0",
159 "ifindex": 2,
160 "kind": "clsact/egress",
161 "name": "fbflow_egress",
162 "id": 130245,
163 }
164 ]
165 }
166 ]
167 # bpftool net attach xdpdrv id 16 dev enp6s0np0
169 # bpftool net
170 xdp:
173 enp6s0np0(4) driver id 16
174 # bpftool net attach xdpdrv id 16 dev enp6s0np0
176 # bpftool net attach xdpdrv id 20 dev enp6s0np0 overwrite
177 # bpftool net
178 xdp:
181 enp6s0np0(4) driver id 20
182 # bpftool net attach xdpdrv id 16 dev enp6s0np0
184 # bpftool net detach xdpdrv dev enp6s0np0
185 # bpftool net
186 xdp:
189
191 bpf(2), bpf-helpers(7), bpftool(8), bpftool-btf(8),
192 bpftool-cgroup(8), bpftool-feature(8), bpftool-gen(8),
193 bpftool-iter(8), bpftool-link(8), bpftool-map(8), bpftool-perf(8),
194 bpftool-prog(8), bpftool-struct_ops(8)
195 BPFTOOL-NET(8)