def print_fib(fib): trie = fib.tb_data print(fib) trie = Object(prog, 'struct trie', address=trie) print(trie) kv = trie.kv print(kv) print("key_vector %lx" % kv.address_of_()) print("key_vector %lx" % kv[0].tnode[0].value_()) print(type(kv)) for i in range(32): if IS_TRIE(kv[i]): print("kv[%d] is TRIE" % i) if IS_TNODE(kv[i]): print("kv[%d] is TNODE" % i) print(kv[i]) print("key[%d]: %x, ip: %s" % (i, kv[i].key, lib.ipv4(socket.ntohl(kv[i].key.value_())))) break if IS_LEAF(kv[i]): print("kv[%d] is LEAF" % i) for n in hlist_for_each_entry('struct fib_alias', leaf.address_of_(), 'fa_list'): print(n)
def print_flow_key(key): # MAC_PROTO_ETHERNET = 1 # mac_proto = key.mac_proto # print(mac_proto) print_eth(key.eth) proto = key.ip.proto.value_() print("proto: %d, src: %s" % (proto, lib.ipv4(socket.ntohl(key.ipv4.addr.src.value_())))) tp_dst = key.tp.dst print("tp_dst: %d" % socket.ntohs(tp_dst))
def print_nh(nh): fib_info = nh.nh_parent name = nh.nh_dev.name.string_().decode() fib_type = nh.nh_parent.fib_type.value_() fib_scope = nh.nh_scope.value_() # if fib_scope == prog['RT_SCOPE_NOWHERE'].value_(): # return # if fib_type == broadcast.value_(): # return # if name != "br" and name != "enp4s0f0": # return # print("fib_nh %lx" % nh) print("name: %10s" % name, end='') print(" saddr: %15s" % lib.ipv4(socket.ntohl(nh.nh_saddr.value_())), end='') print(" gw: %15s" % lib.ipv4(socket.ntohl(nh.nh_gw.value_())), end='') print(" weight: %4d" % nh.nh_weight.value_(), end='') print(" scope: %4d" % nh.nh_scope.value_(), end='') print(" flags: %4x" % nh.nh_flags.value_(), end='') print(" fib_info %lx" % nh.nh_parent.value_(), end='') print(" fib_type %x" % nh.nh_parent.fib_type, end='') print('')
#!/usr/local/bin/drgn -k from drgn.helpers.linux import * from drgn import Object import time import socket import sys import os libpath = os.path.dirname(os.path.realpath("__file__")) sys.path.append(libpath) import lib inet_addr_list = prog['inet_addr_lst'] size = 128 for i in range(size): for ip in hlist_for_each_entry('struct in_ifaddr', inet_addr_list[i].address_of_(), 'hash'): print("ifa_address: %15s, ifa_label: %10s, ifa_dev.dev: %lx" % \ (lib.ipv4(socket.ntohl(ip.ifa_address.value_())), ip.ifa_label.string_().decode(), ip.ifa_dev.dev))
def print_match(fte): print("fs_fte %lx" % fte.address_of_().value_()) val = fte.val # print(val) # smac = str(socket.ntohl(hex(val[0]))) print("%8x: " % fte.index.value_(), end='') smac_47_16 = socket.ntohl(val[0].value_()) smac_15_0 = socket.ntohl(val[1].value_() & 0xffff) smac_47_16 <<= 16 smac_15_0 >>= 16 smac = smac_47_16 | smac_15_0 print(" s: ", end='') print_mac(smac) dmac_47_16 = socket.ntohl(val[2].value_()) dmac_15_0 = socket.ntohl(val[3].value_() & 0xffff) dmac_47_16 <<= 16 dmac_15_0 >>= 16 dmac = dmac_47_16 | dmac_15_0 print(" d: ", end='') print_mac(dmac) ethertype = socket.ntohl(val[1].value_() & 0xffff0000) if ethertype: print(" et: %x" % ethertype, end='') # vport = socket.ntohl(val[17].value_() & 0xffff0000) # metadata_reg_c_0 vport = socket.ntohl(val[59].value_() & 0xffff0000) if vport: print(" vport: %-2d" % vport, end='') ip_protocol = val[4].value_() & 0xff if ip_protocol: print(" ip: %-2d" % ip_protocol, end='') tos = (val[4].value_() & 0xff00) >> 8 if tos: print(" tos: %-2x(dscp: %x)" % (tos, tos >> 2), end='') tcp_flags = (val[4].value_() & 0xff000000) >> 24 if tcp_flags: print(" tflags: %2x" % tcp_flags, end='') ip_version = (val[4].value_() & 0xff0000) >> 17 if ip_version: print(" ipv: %-2x" % ip_version, end='') tcp_sport = socket.ntohs(val[5].value_() & 0xffff) if tcp_sport: print(" sport: %5d" % tcp_sport, end='') tcp_dport = socket.ntohs(val[5].value_() >> 16 & 0xffff) if tcp_dport: print(" dport: %6d" % tcp_dport, end='') udp_sport = socket.ntohs(val[7].value_() & 0xffff) if udp_sport: print(" sport: %6d" % udp_sport, end='') udp_dport = socket.ntohs(val[7].value_() >> 16 & 0xffff) if udp_dport: print(" dport: %6d" % udp_dport, end='') src_ip = socket.ntohl(val[11].value_()) if src_ip: print(" src_ip: %12s" % lib.ipv4(src_ip), end='') dst_ip = socket.ntohl(val[15].value_()) if src_ip: print(" dst_ip: %12s" % lib.ipv4(dst_ip), end='') vni = socket.ntohl(val[21].value_() & 0xffffff) >> 8 if vni: print(" vni: %6d" % vni, end='') source_sqn = socket.ntohl(val[16].value_() & 0xffffff00) if source_sqn: print(" source_sqn: %6x" % source_sqn, end='') if vni: smac_47_16 = socket.ntohl(val[32].value_()) smac_15_0 = socket.ntohl(val[33].value_() & 0xffff) smac_47_16 <<= 16 smac_15_0 >>= 16 smac = smac_47_16 | smac_15_0 print("\n s: ", end='') print_mac(smac) dmac_47_16 = socket.ntohl(val[34].value_()) dmac_15_0 = socket.ntohl(val[35].value_() & 0xffff) dmac_47_16 <<= 16 dmac_15_0 >>= 16 dmac = dmac_47_16 | dmac_15_0 print(" d: ", end='') print_mac(dmac) ethertype = socket.ntohl(val[33].value_() & 0xffff0000) print(" et: %x" % ethertype, end='') ip_protocol = val[36].value_() & 0xff if ip_protocol: print(" ip: %-2d" % ip_protocol, end='') tos = (val[4].value_() & 0xff00) >> 8 if tos: print(" tos: %-2x(dscp: %x)" % (tos, tos >> 2), end='') tcp_flags = (val[36].value_() & 0xff000000) >> 24 if tcp_flags: print(" tflags: %2x" % tcp_flags, end='') ip_version = (val[36].value_() & 0xff0000) >> 17 if ip_version: print(" ipv: %-2x" % ip_version, end='') tcp_sport = socket.ntohs(val[37].value_() & 0xffff) if tcp_sport: print(" sport: %5d" % tcp_sport, end='') tcp_dport = socket.ntohs(val[37].value_() >> 16 & 0xffff) if tcp_dport: print(" dport: %6d" % tcp_dport, end='') udp_sport = socket.ntohs(val[39].value_() & 0xffff) if udp_sport: print(" sport: %6d" % udp_sport, end='') udp_dport = socket.ntohs(val[39].value_() >> 16 & 0xffff) if udp_dport: print(" dport: %6d" % udp_dport, end='') src_ip = socket.ntohl(val[43].value_()) if src_ip: print(" src_ip: %12s" % lib.ipv4(src_ip), end='') dst_ip = socket.ntohl(val[47].value_()) if src_ip: print(" dst_ip: %12s" % lib.ipv4(dst_ip), end='') print(" action %4x: " % fte.action.action.value_())