search

gamemann / XDP-Firewall

A firewall that utilizes the Linux kernel's XDP hook. The XDP hook allows for very fast network processing on Linux systems. This is great for dropping malicious traffic from a (D)DoS attack. IPv6 is supported with this firewall! I hope this helps network engineers/programmers interested in utilizing XDP!
https://deaconn.net/
MIT License
545 stars 92 forks source link

Error attaching XDP program :: Invalid argument (22) #9

Closed sleek-geek closed 2 years ago

sleek-geek commented 2 years ago

I get the following error when trying to start xdpfw:

Could not attach with DRV/native mode (Invalid argument)(-22).
Could not attach with SKB/generic mode (Invalid argument)(-22).
Error attaching XDP program :: Invalid argument (22)

uname -r

5.4.0-72-generic

journalctl -xe

Nov 20 10:23:44 hp1007 xdpfw[1706]: Could not attach with DRV/native mode (Invalid argument)(-22).
Nov 20 10:23:44 hp1007 xdpfw[1706]: Could not attach with SKB/generic mode (Invalid argument)(-22).
Nov 20 10:23:44 hp1007 xdpfw[1706]: Error attaching XDP program :: Invalid argument (22)
Nov 20 10:23:44 hp1007 systemd[1]: xdpfw.service: Main process exited, code=exited, status=1/FAILURE
Nov 20 10:23:44 hp1007 systemd[1]: xdpfw.service: Failed with result 'exit-code'.
Nov 20 10:23:45 hp1007 systemd[1]: xdpfw.service: Service hold-off time over, scheduling restart.
Nov 20 10:23:45 hp1007 systemd[1]: xdpfw.service: Scheduled restart job, restart counter is at 4.
-- Subject: Automatic restarting of a unit has been scheduled
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
-- 
-- Automatic restarting of the unit xdpfw.service has been scheduled, as the result for
-- the configured Restart= setting for the unit.
Nov 20 10:23:45 hp1007 systemd[1]: Stopped XDP Firewall tool..
-- Subject: Unit xdpfw.service has finished shutting down
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
-- 
-- Unit xdpfw.service has finished shutting down.
Nov 20 10:23:45 hp1007 systemd[1]: Started XDP Firewall tool..
-- Subject: Unit xdpfw.service has finished start-up
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
-- 
-- Unit xdpfw.service has finished starting up.
-- 
-- The start-up result is RESULT.
OpenSource03 commented 2 years ago

Hi, can you please check if you configured your interface inside /etc/xdpfw/xdpfw.conf

first line: interface = "your-interface-name";

sleek-geek commented 2 years ago

Thank you! I've surely missed that. However, there's a different error now:

libbpf: Kernel error message: underlying driver does not support XDP in native mode
Could not attach with DRV/native mode (Operation not supported)(-95).
libbpf: Kernel error message: XDP program already attached
Could not attach with SKB/generic mode (Device or resource busy)(-16).
Error attaching XDP program :: Device or resource busy (16)

journalctl -xe

-- Subject: Unit xdpfw.service has finished start-up
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
-- 
-- Unit xdpfw.service has finished starting up.
-- 
-- The start-up result is RESULT.
Nov 20 11:11:05 hp1007 xdpfw[11097]: libbpf: Kernel error message: underlying driver does not support XDP in native mode
Nov 20 11:11:05 hp1007 xdpfw[11097]: Could not attach with DRV/native mode (Operation not supported)(-95).
Nov 20 11:11:05 hp1007 xdpfw[11097]: libbpf: Kernel error message: XDP program already attached
Nov 20 11:11:05 hp1007 xdpfw[11097]: Could not attach with SKB/generic mode (Device or resource busy)(-16).
Nov 20 11:11:05 hp1007 xdpfw[11097]: Error attaching XDP program :: Device or resource busy (16)
Nov 20 11:11:05 hp1007 systemd[1]: xdpfw.service: Main process exited, code=exited, status=1/FAILURE
Nov 20 11:11:05 hp1007 systemd[1]: xdpfw.service: Failed with result 'exit-code'.
Nov 20 11:11:06 hp1007 systemd[1]: xdpfw.service: Service hold-off time over, scheduling restart.
Nov 20 11:11:06 hp1007 systemd[1]: xdpfw.service: Scheduled restart job, restart counter is at 5.
-- Subject: Automatic restarting of a unit has been scheduled
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
-- 
-- Automatic restarting of the unit xdpfw.service has been scheduled, as the result for
-- the configured Restart= setting for the unit.
Nov 20 11:11:06 hp1007 systemd[1]: Stopped XDP Firewall tool..
-- Subject: Unit xdpfw.service has finished shutting down
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
-- 
-- Unit xdpfw.service has finished shutting down.
Nov 20 11:11:06 hp1007 systemd[1]: xdpfw.service: Start request repeated too quickly.
Nov 20 11:11:06 hp1007 systemd[1]: xdpfw.service: Failed with result 'exit-code'.
Nov 20 11:11:06 hp1007 systemd[1]: Failed to start XDP Firewall tool..
-- Subject: Unit xdpfw.service has failed
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
-- 
-- Unit xdpfw.service has failed.
-- 
-- The result is RESULT.

Regarding 'libbpf: Kernel error message: XDP program already attached', I've tried stopping the service and checking if there're any hung up processes with 'xdp', but there wasn't any. Got the same error after starting again.

gamemann commented 2 years ago

Hey @sleek-geek!

Are you able to provide the output of ip a along with the name of the interface you're trying to attach the XDP program to.

With that said, since the program is attaching to the SKB hook due to the NIC driver/RX queue setup not supporting XDP DRV mode, you can use the following command to unload an XDP program.

ip link set <interface name> xdpgeneric off

I hope the above helps and thank you @OpenSource03 for helping as well!

sleek-geek commented 2 years ago

@gamemann Thanks a lot! I was able to unload it with that command. I suggest adding that to ExecStop. Great job btw man! This project is neat. I'm closing the issue now.