bpf-tracing 0.0.1

An eBPF tracing facility that integrates neatly into Rust's tracing

Coverage
0%
0 out of 2 items documented0 out of 1 items with examples
Size
Source code size: 36.61 kB This is the summed size of all the files inside the crates.io package for this release.
Documentation size: 627.78 kB This is the summed size of all files generated by rustdoc for all configured targets
Ø build duration
this release: 22s Average build duration of successful builds.
all releases: 42s Average build duration of successful builds in releases after 2024-10-23.
Links
lbrndnr/bpf-tracing-rs
0 0 1
crates.io
Dependencies
Versions
Owners

bpf-tracing

This is a tracing facility for eBPF that integrates neatly into the tracing crate.

Usage

Include the bpf_tracing.h header.

#include "bpf_tracing.h"

SEC("sockops")
int monitor_sockets(struct bpf_sock_ops *ops) {
    if (ops->op == BPF_SOCK_OPS_PASSIVE_ESTABLISHED_CB || ops->op == BPF_SOCK_OPS_ACTIVE_ESTABLISHED_CB) {
        bpf_start_info_span("sockops");

        bpf_info("Established socket %d", skey.local.port);

        bpf_end_span("sockops");
    }

    return SK_PASS;
}

Consult monitor.bpf.c for a more complete example.