search

danger-dream / ebpf-firewall

eBPF Firewall 是基于 eBPF 技术的高性能网络防火墙系统,具有实时入站流量监控、规则过滤和黑名单管理等功能。主要用于在资源有限的 VPS 中进行入站流量监控和过滤。
MIT License
18 stars 5 forks source link

程序崩溃 #1

Closed yimiaoxiehou closed 3 hours ago

yimiaoxiehou commented 4 hours ago

config.yaml

# 监控的网络接口
interface: eth0 

# 汇总时间间隔
summary_time: 5 

# Web 服务端口
port: 8080 

# 启用 Web 服务
enable: true 

# 最大数据包数量
max_packet_count: 10000 

# GeoIP 数据库路径
geoip_path: /etc/ebpf-firewall/GeoLite2-City.mmdb 

# 监控规则(收集命中规则的所有数据包)
rules:
  - rule_name: "示例规则,请勿使用"
    # 支持精确端口和端口范围
    port: [22, 80, 443] 
    ip:
      - "GEOIP:!中国" # 不包含中国的所有IP流量均进行收集
    # 支持的IP协议请查看internal/enum/enum.go文件
    ip_protocol: 
      - tcp
      - udp
      - icmp
      - igmp
    # 支持的以太网协议类型请查看internal/enum/enum.go文件
    eth_type: 
      - ipv4

# 黑名单,黑名单将传输映射至内核态,仅支持精确MAC、IP
# 在 XDP 阶段进行流量阻断,性能极高
#black:
#  mac:
#    - "00:00:00:00:00:01"
#  ipv4:
#    - "1.1.1.1"
#  ipv6:
#    - "2400:da00::6666"

log

root@VM-0-12-ubuntu:~# ebpf-firewall -c /etc/ebpf-firewall/config.yaml 
2024/10/23 09:24:35 附加 XDP 程序成功,模式: driver
2024/10/23 09:24:35 Starting WebSocket server on port 8080
panic: concurrent write to websocket connection

goroutine 14 [running]:
github.com/gorilla/websocket.(*messageWriter).flushFrame(0xc000ca3230, 0x1, {0x0?, 0xc000058e08?, 0xc00185cb70?})
        github.com/gorilla/websocket@v1.5.3/conn.go:617 +0x4b8
github.com/gorilla/websocket.(*messageWriter).Close(0xc00185cb70?)
        github.com/gorilla/websocket@v1.5.3/conn.go:731 +0x35
github.com/gorilla/websocket.(*Conn).beginMessage(0xc000026580, 0xc00185cb70, 0x1)
        github.com/gorilla/websocket@v1.5.3/conn.go:480 +0x3a
github.com/gorilla/websocket.(*Conn).NextWriter(0xc000026580, 0x1)
        github.com/gorilla/websocket@v1.5.3/conn.go:520 +0x3f
github.com/gorilla/websocket.(*Conn).WriteJSON(0x812cc0?, {0x812cc0, 0xc00185cb40})
        github.com/gorilla/websocket@v1.5.3/json.go:24 +0x34
github.com/danger-dream/ebpf-firewall/internal/websocket.(*WebSocketServer).run(0xc00008c320)
        github.com/danger-dream/ebpf-firewall/internal/websocket/websocket.go:95 +0x66f
created by github.com/danger-dream/ebpf-firewall/internal/websocket.(*WebSocketServer).Start in goroutine 11
        github.com/danger-dream/ebpf-firewall/internal/websocket/websocket.go:49 +0x6c
danger-dream commented 3 hours ago

请删除或注释掉示例的监控规则

yimiaoxiehou commented 3 hours ago

请删除或注释掉示例的监控规则

其实我已经删掉了一部分了,换个机器跑倒是正常

danger-dream commented 3 hours ago

请删除或注释掉示例的监控规则

其实我已经删掉了一部分了,换个机器跑倒是正常

gorilla/websocket 库不允许并发发送,这两天暂时没空处理,最迟本周内我会修复它,谢谢你