This repository has been archived by the owner on Sep 28, 2024. It is now read-only.
forked from Netronome/bpf-samples
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathxdpdump_kern.c
271 lines (226 loc) · 6.06 KB
/
xdpdump_kern.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
// SPDX-License-Identifier: (GPL-2.0 OR BSD-2-Clause)
// Copyright (c) 2018 Netronome Systems, Inc.
#include <stdbool.h>
#include <stddef.h>
#include <linux/bpf.h>
#include <linux/if_ether.h>
#include <linux/in.h>
#include <linux/ip.h>
#include <linux/ipv6.h>
#include <linux/string.h>
#include <linux/tcp.h>
#include <linux/udp.h>
#include "bpf_endian.h"
#include "bpf_helpers.h"
#include "xdpdump_common.h"
struct bpf_map_def SEC("maps") perf_map = {
.type = BPF_MAP_TYPE_PERF_EVENT_ARRAY,
.key_size = sizeof(__u32),
.value_size = sizeof(__u32),
.max_entries = MAX_CPU,
};
static __always_inline bool parse_udp(void *data, __u64 off, void *data_end,
struct pkt_meta *pkt)
{
struct udphdr *udp;
udp = data + off;
if (udp + 1 > data_end)
return false;
pkt->port16[0] = udp->source;
pkt->port16[1] = udp->dest;
return true;
}
static __always_inline bool parse_tcp(void *data, __u64 off, void *data_end,
struct pkt_meta *pkt)
{
struct tcphdr *tcp;
tcp = data + off;
if (tcp + 1 > data_end)
return false;
pkt->port16[0] = tcp->source;
pkt->port16[1] = tcp->dest;
pkt->seq = tcp->seq;
return true;
}
static __always_inline bool parse_ip4(void *data, __u64 off, void *data_end,
struct pkt_meta *pkt)
{
struct iphdr *iph;
iph = data + off;
if (iph + 1 > data_end)
return false;
if (iph->ihl != 5)
return false;
pkt->src = iph->saddr;
pkt->dst = iph->daddr;
pkt->l4_proto = iph->protocol;
return true;
}
static __always_inline bool parse_ip6(void *data, __u64 off, void *data_end,
struct pkt_meta *pkt)
{
struct ipv6hdr *ip6h;
ip6h = data + off;
if (ip6h + 1 > data_end)
return false;
memcpy(pkt->srcv6, ip6h->saddr.s6_addr32, 16);
memcpy(pkt->dstv6, ip6h->daddr.s6_addr32, 16);
pkt->l4_proto = ip6h->nexthdr;
return true;
}
#if defined(__ACTION_TX__) || defined(__TX_FWD__)
static __always_inline void ip_csum(struct iphdr *iph)
{
int i;
__u32 csum = 0;
iph->check = 0;
for (i = 0; i < (int)sizeof(*iph) >> 1; i++)
csum += ((__u16 *)iph)[i];
iph->check = ~((csum & 0xffff) + (csum >> 16));
}
struct icmphdr {
__u8 type;
__u8 code;
__sum16 checksum;
union {
struct {
__be16 id;
__be16 sequence;
} echo;
__be32 gateway;
struct {
__be16 __unused;
__be16 mtu;
} frag;
__u8 reserved[4];
} un;
};
#endif
#ifdef __ACTION_TX__
static __always_inline void swap_mem(void *a, void *b, int len)
{
int i;
char c;
for (i = 0; i < len; i++) {
c = ((char *)a)[i];
((char *)a)[i] = ((char *)b)[i];
((char *)b)[i] = c;
}
}
static __always_inline int ping_reply(struct xdp_md *ctx)
{
void *data_end = (void *)(long)ctx->data_end;
void *data = (void *)(long)ctx->data;
struct ethhdr *eth = data;
struct iphdr *iph = (struct iphdr *)(eth + 1);
struct icmphdr *icmph = (struct icmphdr *)(iph + 1);
if (icmph + 1 > data_end || icmph->type == 0)
return XDP_PASS;
swap_mem(eth->h_dest, eth->h_source, ETH_ALEN);
iph->id = 0;
iph->frag_off = 0;
swap_mem(&iph->saddr, &iph->daddr, 4);
ip_csum(iph);
icmph->type = 0;
icmph->checksum += 8;
return XDP_TX;
}
#endif
#ifdef __TX_FWD__
static __always_inline int udp_forward(struct xdp_md *ctx)
{
void *data_end = (void *)(long)ctx->data_end;
void *data = (void *)(long)ctx->data;
struct ethhdr *eth = data;
struct iphdr *iph = (struct iphdr *)(eth + 1);
struct udphdr *udph = (struct udphdr *)(iph + 1);
//configure forwarding setup
unsigned char newethsrc [] = { 0x00, 0x22, 0x48, 0x4c, 0xc4, 0x4d };
unsigned char newethdest [] = { 0x00, 0x22, 0x48, 0x4c, 0xc0, 0xfd };
__u8 newsrc [] = { 10, 0, 1, 5 };
__u8 newdest [] = { 10, 0, 1, 4 };
__u16 source_port = 40956;
__u16 dest_port = 9999;
if (udph + 1 > data_end)
return XDP_PASS;
memcpy(eth->h_source,newethsrc,ETH_ALEN);
memcpy(eth->h_dest,newethdest,ETH_ALEN);
iph->id = 0;
iph->frag_off = 0;
memcpy(&iph->daddr,newdest,4);
memcpy(&iph->saddr,newsrc,4);
ip_csum(iph);
//Convert big endian to little endian
udph->source = (source_port>>8) | (source_port<<8);
udph->dest = (dest_port>>8) | (dest_port<<8);
udph->check = 0;
return XDP_TX;
}
#endif
SEC("xdp")
int process_packet(struct xdp_md *ctx)
{
void *data_end = (void *)(long)ctx->data_end;
void *data = (void *)(long)ctx->data;
struct ethhdr *eth = data;
struct pkt_meta pkt = {};
__u32 off;
/* parse packet for IP Addresses and Ports */
off = sizeof(struct ethhdr);
if (data + off > data_end)
return XDP_PASS;
pkt.l3_proto = bpf_htons(eth->h_proto);
if (pkt.l3_proto == ETH_P_IP) {
if (!parse_ip4(data, off, data_end, &pkt))
return XDP_PASS;
off += sizeof(struct iphdr);
} else if (pkt.l3_proto == ETH_P_IPV6) {
if (!parse_ip6(data, off, data_end, &pkt))
return XDP_PASS;
off += sizeof(struct ipv6hdr);
}
if (data + off > data_end)
return XDP_PASS;
/* obtain port numbers for UDP and TCP traffic */
if (pkt.l4_proto == IPPROTO_TCP) {
if (!parse_tcp(data, off, data_end, &pkt))
return XDP_PASS;
off += sizeof(struct tcphdr);
} else if (pkt.l4_proto == IPPROTO_UDP) {
if (!parse_udp(data, off, data_end, &pkt))
return XDP_PASS;
off += sizeof(struct udphdr);
} else {
pkt.port16[0] = 0;
pkt.port16[1] = 0;
}
pkt.pkt_len = data_end - data;
pkt.data_len = data_end - data - off;
#ifndef __PERF__
bpf_perf_event_output(ctx, &perf_map,
(__u64)pkt.pkt_len << 32 | BPF_F_CURRENT_CPU,
&pkt, sizeof(pkt));
#endif
#ifdef __PERF_DROP__
if (pkt.l3_proto == ETH_P_IP && pkt.l4_proto == IPPROTO_UDP)
return XDP_DROP;
#endif
#ifdef __ACTION_DROP__
if (pkt.l3_proto == ETH_P_IP && pkt.l4_proto == IPPROTO_ICMP)
return XDP_DROP;
#endif
#ifdef __ACTION_ABORTED__
if (pkt.l3_proto == ETH_P_IP && pkt.l4_proto == IPPROTO_ICMP)
return XDP_ABORTED;
#endif
#ifdef __ACTION_TX__
if (pkt.l3_proto == ETH_P_IP && pkt.l4_proto == IPPROTO_ICMP)
return ping_reply(ctx);
#endif
#ifdef __TX_FWD__
if (pkt.l3_proto == ETH_P_IP && pkt.l4_proto == IPPROTO_UDP)
return udp_forward(ctx);
#endif
return XDP_PASS;
}
char _license[] SEC("license") = "Dual BSD/GPL";