[dnsdist] Some questions about applying for GSoC and newBPFFilter
Otto Moerbeek
otto at drijf.net
Sun Apr 10 07:02:55 UTC 2022
On Sun, Apr 10, 2022 at 06:54:03AM +0000, Y7n05h via dnsdist wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> On Sat, Apr 09, 2022 at 12:51:56PM +0000, Y7n05h via dnsdist wrote:
> > Hi!
> >
> > I spent some time this week preparing for and participating in college
> > finals (last semester's finals were postponed this week due to
> > COVID-19), so not much time on DNSDist. Fortunately, the exam is over.
> >
> > I was trying to implement https://github.com/PowerDNS/pdns/issues/9690
> > and found that typing bpf = newBPFFilter(1024, 1024, 1024) would give
> > me an error here.
> >
> > [string "bpf = newBPFFilter(1024, 1024, 1024)"]:1: Caught exception:
> > Error creating a BPF map of size 1024:
> > Operation not permitted stack traceback:
> > [C]: in function 'newBPFFilter'
> > [string "bpf = newBPFFilter(1024, 1024, 1024)"]:1: in main chunk
> >
> >
> > I had the same problem on ArchLinux and Ubuntu 21.10.
> > They all use the default kernel and run DNSDist as root.
> > I wonder why this is.
> >
> >
> > My GSoC proposal has not been submitted due to previous exams.
> > I have now submitted a draft, if possible, please suggest some
> > revisions.
> >
> > A copy of the proposal can be accessed from the link below.
> > Comments are welcome.
> >
> > https://docs.google.com/document/d/1_izkQDoEhrv4Ooa4ja4WVUDyLvsNSKE_GgnRUUJPk-g
>
> It really bothers everyone. Thanks Sukhbir Singh for the reply. Also
> thanks to ottom for helping me a lot at IRC. This problem was solved
> with the help of ottom.
>
> The reason for the error is that I failed to notice the need to use
> "addCapabilitiesToRetain(capabilities)" to add capabilities, even
> though I run dnsdist with sudo.
Well, almost. addCapabilitiesToRetain() does not add capabilities, it
prevents them to be dropped, as dnsdist does by default.
-Otto
More information about the dnsdist
mailing list