Differences
This shows you the differences between two versions of the page.
|
ep:labs:061:contents:tasks:ex1 [2025/02/11 23:53] cezar.craciunoiu |
ep:labs:061:contents:tasks:ex1 [2025/04/08 13:45] (current) radu.mantu |
||
|---|---|---|---|
| Line 2: | Line 2: | ||
| <note tip> | <note tip> | ||
| - | //Pro tip #1//: since you'll be using **man** a lot in this exercise, add this to your //.bashrc// or //.zshrc//: | + | //Pro tip #1//: since you'll be using **man** a lot in this exercise, |
| + | install **neovim**, and export this environment variable (in //.bashrc// | ||
| + | or //.zshrc// to change the **man** pager. **neovim** has very good | ||
| + | built-in syntax highlighting. | ||
| <code bash> | <code bash> | ||
| - | # color schemes for man pages | + | export MANPAGER='nvim +Man!' |
| - | man() { | + | |
| - | LESS_TERMCAP_mb=$'\e[1;34m' \ | + | |
| - | LESS_TERMCAP_md=$'\e[1;32m' \ | + | |
| - | LESS_TERMCAP_so=$'\e[1;33m' \ | + | |
| - | LESS_TERMCAP_us=$'\e[1;4;31m' \ | + | |
| - | LESS_TERMCAP_me=$'\e[0m' \ | + | |
| - | LESS_TERMCAP_se=$'\e[0m' \ | + | |
| - | LESS_TERMCAP_ue=$'\e[0m' \ | + | |
| - | command man "$@" | + | |
| - | } | + | |
| </code> | </code> | ||
| - | Source the file and test that it works. | + | Export the environment variable (source the shell config file) and test that it works. |
| </note> | </note> | ||
| === [20p] Task A - tcpdump === | === [20p] Task A - tcpdump === | ||
| + | |||
| + | <spoiler> | ||
| **tcpdump** is a network traffic monitoring tool. At its core, it uses **libpcap** which in turn uses a technology called **Extended Berkley Packet Filter (eBPF)**. | **tcpdump** is a network traffic monitoring tool. At its core, it uses **libpcap** which in turn uses a technology called **Extended Berkley Packet Filter (eBPF)**. | ||
| Line 29: | Line 25: | ||
| Today, **eBPF** is used heavily for system profiling by companies such as Netflix and Facebook. Linux has had a kernel VM capable of running and statically analyzing **eBPF** code since around 2006. **tcpdump** is one of the few examples that still use it for its original purpose. | Today, **eBPF** is used heavily for system profiling by companies such as Netflix and Facebook. Linux has had a kernel VM capable of running and statically analyzing **eBPF** code since around 2006. **tcpdump** is one of the few examples that still use it for its original purpose. | ||
| + | |||
| + | </spoiler> | ||
| == The Task == | == The Task == | ||
| Line 60: | Line 58: | ||
| === [20p] Task B - iptables === | === [20p] Task B - iptables === | ||
| + | |||
| + | <spoiler> | ||
| **iptables** is a configuration tool for the kernel packet filter. | **iptables** is a configuration tool for the kernel packet filter. | ||
| Line 83: | Line 83: | ||
| * provide an initialization function for the structure containing the rule parameters; this structure will end up in the kernel's rule chain. | * provide an initialization function for the structure containing the rule parameters; this structure will end up in the kernel's rule chain. | ||
| So when you want to test the efficiency of the **iptables** rule evaluation process, keep in mind that each rule may imply the invocation of multiple callbacks such as [[https://elixir.bootlin.com/linux/latest/source/net/netfilter/xt_tcpudp.c#L66|this]]. | So when you want to test the efficiency of the **iptables** rule evaluation process, keep in mind that each rule may imply the invocation of multiple callbacks such as [[https://elixir.bootlin.com/linux/latest/source/net/netfilter/xt_tcpudp.c#L66|this]]. | ||
| + | |||
| + | </spoiler> | ||
| == The Task (1) == | == The Task (1) == | ||
