bpftool is a command-line utility in Linux that is used to manage and manipulate BPF (Berkeley Packet Filter) programs and maps. BPF is a powerful and flexible feature in the Linux kernel that allows you to apply custom filters to network traffic and perform various actions based on the contents of the packets.
If you encounter the below error while running the bpftool command:
bpftool: command not found
you may try installing the below package as per your choice of distribution:
Distribution | Command |
---|---|
Arch Linux | pacman -S bpftool |
CentOS | yum install bpftool |
Fedora | dnf install bpftool |
Once bpftool is installed, you can use it to manage and manipulate BPF programs and maps on your system. To list all the BPF programs and maps on your system, you can use the following command:
# bpftool prog list # bpftool map list
These commands will display a list of all the BPF programs and maps on your system, respectively.
bpftool Command Examples
1. List information about loaded `eBPF` programs:
# bpftool prog list
2. List `eBPF` program attachments in the kernel networking subsystem:
# bpftool net list
3. List all active links:
# bpftool link list
4. List all `raw_tracepoint`, `tracepoint`, `kprobe` attachments in the system:
# bpftool perf list
5. List `BPF Type Format (BTF)` data:
# bpftool btf list
6. List information about loaded maps:
# bpftool map list
7. Probe a network device “eth0” for supported `eBPF` features:
# bpftool feature probe dev eth0
8. Run commands in batch mode from a file:
# bpftool batch file myfile