diff --git a/src/xdpfw.c b/src/xdpfw.c index 2e97029..971a183 100644 --- a/src/xdpfw.c +++ b/src/xdpfw.c @@ -43,7 +43,7 @@ void signalHndl(int tmp) */ void updatefilters(struct config *cfg) { - // Loop through all filters and delete the map. + // Loop through all filters and delete the map. We do this in the case rules were edited and were put out of order since the key doesn't uniquely map to a specific rule. for (__u8 i = 0; i < MAX_FILTERS; i++) { __u32 key = i; @@ -60,8 +60,16 @@ void updatefilters(struct config *cfg) break; } + // Create value array (max CPUs in size) since we're using a per CPU map. + struct filter filter[MAX_CPUS]; + + for (int j = 0; j < MAX_CPUS; j++) + { + filter[j] = cfg->filters[i]; + } + // Attempt to update BPF map. - if (bpf_map_update_elem(filtersmap, &i, &cfg->filters[i], BPF_ANY) == -1) + if (bpf_map_update_elem(filtersmap, &i, &filter, BPF_ANY) == -1) { fprintf(stderr, "Error updating BPF item #%d\n", i); } diff --git a/src/xdpfw_kern.c b/src/xdpfw_kern.c index 24a6701..81933f1 100644 --- a/src/xdpfw_kern.c +++ b/src/xdpfw_kern.c @@ -29,7 +29,7 @@ struct struct { - __uint(type, BPF_MAP_TYPE_ARRAY); + __uint(type, BPF_MAP_TYPE_PERCPU_ARRAY); __uint(max_entries, MAX_FILTERS); __type(key, __u32); __type(value, struct filter);