Stops Working in Deny All Mode #470
Comments
|
Atiqullah Ahmadzai ***@***.***> writes:
In deny all mode, when I whitelist an IP, it works for few minutes and then it blocks all traffic, not even working for the whitelisted IP.
Here is the status command result:
CURRENT XDP-FILTER STATUS:
Aggregate per-action statistics:
XDP_ABORTED 0 pkts 0 KiB
XDP_DROP 0 pkts 0 KiB
XDP_PASS 6 pkts 0 KiB
Hmm, so this looks like xdp-filter thinks it is not, in fact, dropping
the packets. Is this the status after things stop working?
Also, could you please post the output of 'ip neigh' before and after
things stop working?
|
|
ip neigh screenshot before starting Here is the screenshot after it started when it was working ip neigh after stopped working status after stopped working |
|
Okay, so assuming those censored IP addresses are the ones you are trying to Could you please try out #474 and see if that helps? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
In deny all mode, when I whitelist an IP, it works for few minutes and then it blocks all traffic, not even working for the whitelisted IP.
Here is the status command result:
CURRENT XDP-FILTER STATUS:
Aggregate per-action statistics:
XDP_ABORTED 0 pkts 0 KiB
XDP_DROP 0 pkts 0 KiB
XDP_PASS 6 pkts 0 KiB
Loaded on interfaces:
Enabled features
xdpfilt_dny_all
eth0 (native mode) tcp,udp,ipv6,ipv4,ethernet,deny
Filtered ports:
Mode Hit counter
Filtered IP addresses:
Mode Hit counter
1.1.1.1 src,dst 0
x.x.x.x src,dst 6
x.x.x.x src,dst 0
Filtered MAC addresses:
Mode Hit counter
The text was updated successfully, but these errors were encountered: