projectcalico / calico

Cloud native networking and network security
https://docs.tigera.io/calico/latest/about/
Apache License 2.0
6.04k stars 1.35k forks source link

[release-v3.29] Auto pick #9378: use bpfutils.BTFEnabled instead of SupportsBTF() #9452: support for policy rules Log action #9460: remove TestLogActionIgnored - no longer true #9465

Closed tomastigera closed 1 week ago

tomastigera commented 1 week ago

Cherry pick of #9378 #9452 #9460 on release-v3.29.

9378: use bpfutils.BTFEnabled instead of SupportsBTF()

9452: support for policy rules Log action

9460: remove TestLogActionIgnored - no longer true

Original PR Body below

Description

It is only available for co-re objects since the printk feature is
available only since 5.13 so definitely available for kernels with co-re
support since 5.17. And supporting it for older kernels would make the
code very messy with little benefit.

v4 output

WEP-NAT1--------E: New packet at ifindex=1; mark=0

WEP-NAT1--------E: IP id=0 len=58

WEP-NAT1--------E: IP s=1.1.1.1 d=10.10.0.1

WEP-NAT1--------E: IP ihl=28 bytes

WEP-NAT1--------E: UDP; ports: s=1234 d=5678

WEP-NAT1--------E: CT: lookup from 1.1.1.1:1234

WEP-NAT1--------E: CT: lookup to   10.10.0.1:5678

WEP-NAT1--------E: CT: Miss.

WEP-NAT1--------E: CT: result: NEW.

WEP-NAT1--------E: conntrack entry flags 0x0

WEP-NAT1--------E: NAT: 1st level lookup addr=10.10.0.1 port=5678 udp

or V6 version:

IPv6 WEP-NAT1--------I: CT: lookup from [abcd:0000:0000:0000:0000:ffff:0808:0808]:666

IPv6 WEP-NAT1--------I: CT: lookup to   [ff00:0000:0000:0000:0000:0000:0000:0001]:1234

IPv6 WEP-NAT1--------I: CT: tun_ip:[0000:0000:0000:0000:0000:0000:0000:0000]

IPv6 WEP-NAT1--------I: CT: Hit! NAT REV entry at ingress to connection opener: SNAT.

Related issues/PRs

Todos

Release Note

ebpf: real IPs in bpf debug output with co-re enabled kernels

Reminder for the reviewer

Make sure that this PR has the correct labels and milestone set.

Every PR needs one docs-* label.

Every PR needs one release-note-* label.

Other optional labels: