Record some linux module always meet.

Commands for linux kernel module

list, enable and remove module

1
2
3
4
5
6
7
8

# show the list of currently enabled kernel modules
lsmod

# enable a kernel module, use the modprobe command followed by the name of the module
sudo modprobe br_netfilter

# disable a kernel module, you can use the rmmod command followed by the name of the module
sudo rmmod br_netfilter

show a module’s parameters

you can use the modinfo command followed by the name of the module

sudo modinfo br_netfilter

This will display information about the module, including its parameters.

To show the value of a particular parameter, you can use the sysfs virtual file system. Each module parameter has a corresponding file in the /sys/module directory. The file name is usually the same as the parameter name, and its value can be read or written using standard file I/O operations.

cat /sys/module/ahci/version

This will display the current value of the ‘version’ parameter.

Modules Explaination

br_netfilter

The Linux kernel module “br_netfilter” is used to implement packet filtering and manipulation for bridge devices. A bridge is a network device that connects multiple network segments together and forwards network traffic between them. The “br_netfilter” module provides additional functionality to the Linux bridge implementation, allowing for the filtering and manipulation of packets that pass through the bridge.

Here are some of the main features provided by the “br_netfilter” module:

  • Packet filtering: The module allows for the filtering of packets that pass through the bridge based on various criteria, such as source and destination IP address, port number, and protocol. This can be useful for implementing network security policies and blocking unwanted network traffic.
  • NAT (Network Address Translation): The module allows for the translation of source and/or destination IP addresses and port numbers in network packets that pass through the bridge. This can be useful for implementing network address translation for containerized workloads running on a host.
  • Connection tracking: The module allows for the tracking of network connections that pass through the bridge, enabling the implementation of stateful packet filtering and the enforcement of network security policies based on connection state.

The “br_netfilter” module is typically used in conjunction with other Linux kernel modules and tools to implement complex network architectures and security policies. For example, it can be used in conjunction with the iptables firewall to implement a layered approach to network security. It can also be used with the Docker container runtime to implement network address translation for container workloads.

Overall, the “br_netfilter” module provides additional flexibility and functionality for the Linux bridge implementation, allowing for the implementation of complex network architectures and security policies.

overlay

The “overlay” module is a Linux kernel module that is used to implement the overlay filesystem, which is a type of union filesystem. The overlay filesystem is used to merge two separate directory trees into a single unified directory tree, which can be used to implement containerized workloads in Linux-based operating systems.

Here are some of the main features provided by the “overlay” module:

  • Layered filesystem: The overlay filesystem allows two separate directory trees to be combined into a single directory tree, with one tree acting as the base and the other tree acting as an overlay. This allows for a layered filesystem approach where changes made to the overlay filesystem are visible on top of the base filesystem.
  • Copy-on-write: The overlay filesystem uses a copy-on-write mechanism to ensure that changes made to the overlay filesystem are not reflected in the base filesystem. When a file is modified in the overlay, a copy of the original file is made, and changes are written to the copy. This ensures that the original file in the base filesystem remains unchanged.
  • Efficient use of storage: The overlay filesystem is designed to use storage efficiently by sharing the underlying files between the base and overlay filesystems. This means that only the changes made in the overlay are stored, which reduces the overall storage requirements.

The overlay filesystem and the “overlay” kernel module are commonly used in container runtimes like Docker and Kubernetes to provide a lightweight and efficient mechanism for creating and managing containerized workloads. With the overlay filesystem, containers can share a common base image and only store the differences between each container in their own overlay filesystem, which leads to efficient use of storage and faster container startup times.

Overall, the “overlay” module provides an efficient and lightweight solution for creating layered filesystems, which is essential for containerization and other use cases that require the efficient use of storage and resource isolation.