blob: fa051b3d53ee0a8f18da0b0701e04d2962c3e4b6 [file] [log] [blame]
Kyle Swenson8d8f6542021-03-15 11:02:55 -06001#include <uapi/linux/bpf.h>
2#include <uapi/linux/if_ether.h>
3#include <uapi/linux/if_packet.h>
4#include <uapi/linux/ip.h>
5#include <uapi/linux/in.h>
6#include <uapi/linux/tcp.h>
7#include <uapi/linux/filter.h>
8#include <uapi/linux/pkt_cls.h>
9#include "bpf_helpers.h"
10
11/* compiler workaround */
12#define _htonl __builtin_bswap32
13
14static inline void set_dst_mac(struct __sk_buff *skb, char *mac)
15{
16 bpf_skb_store_bytes(skb, 0, mac, ETH_ALEN, 1);
17}
18
19#define IP_CSUM_OFF (ETH_HLEN + offsetof(struct iphdr, check))
20#define TOS_OFF (ETH_HLEN + offsetof(struct iphdr, tos))
21
22static inline void set_ip_tos(struct __sk_buff *skb, __u8 new_tos)
23{
24 __u8 old_tos = load_byte(skb, TOS_OFF);
25
26 bpf_l3_csum_replace(skb, IP_CSUM_OFF, htons(old_tos), htons(new_tos), 2);
27 bpf_skb_store_bytes(skb, TOS_OFF, &new_tos, sizeof(new_tos), 0);
28}
29
30#define TCP_CSUM_OFF (ETH_HLEN + sizeof(struct iphdr) + offsetof(struct tcphdr, check))
31#define IP_SRC_OFF (ETH_HLEN + offsetof(struct iphdr, saddr))
32
33#define IS_PSEUDO 0x10
34
35static inline void set_tcp_ip_src(struct __sk_buff *skb, __u32 new_ip)
36{
37 __u32 old_ip = _htonl(load_word(skb, IP_SRC_OFF));
38
39 bpf_l4_csum_replace(skb, TCP_CSUM_OFF, old_ip, new_ip, IS_PSEUDO | sizeof(new_ip));
40 bpf_l3_csum_replace(skb, IP_CSUM_OFF, old_ip, new_ip, sizeof(new_ip));
41 bpf_skb_store_bytes(skb, IP_SRC_OFF, &new_ip, sizeof(new_ip), 0);
42}
43
44#define TCP_DPORT_OFF (ETH_HLEN + sizeof(struct iphdr) + offsetof(struct tcphdr, dest))
45static inline void set_tcp_dest_port(struct __sk_buff *skb, __u16 new_port)
46{
47 __u16 old_port = htons(load_half(skb, TCP_DPORT_OFF));
48
49 bpf_l4_csum_replace(skb, TCP_CSUM_OFF, old_port, new_port, sizeof(new_port));
50 bpf_skb_store_bytes(skb, TCP_DPORT_OFF, &new_port, sizeof(new_port), 0);
51}
52
53SEC("classifier")
54int bpf_prog1(struct __sk_buff *skb)
55{
56 __u8 proto = load_byte(skb, ETH_HLEN + offsetof(struct iphdr, protocol));
57 long *value;
58
59 if (proto == IPPROTO_TCP) {
60 set_ip_tos(skb, 8);
61 set_tcp_ip_src(skb, 0xA010101);
62 set_tcp_dest_port(skb, 5001);
63 }
64
65 return 0;
66}
67SEC("redirect_xmit")
68int _redirect_xmit(struct __sk_buff *skb)
69{
70 return bpf_redirect(skb->ifindex + 1, 0);
71}
72SEC("redirect_recv")
73int _redirect_recv(struct __sk_buff *skb)
74{
75 return bpf_redirect(skb->ifindex + 1, 1);
76}
77SEC("clone_redirect_xmit")
78int _clone_redirect_xmit(struct __sk_buff *skb)
79{
80 bpf_clone_redirect(skb, skb->ifindex + 1, 0);
81 return TC_ACT_SHOT;
82}
83SEC("clone_redirect_recv")
84int _clone_redirect_recv(struct __sk_buff *skb)
85{
86 bpf_clone_redirect(skb, skb->ifindex + 1, 1);
87 return TC_ACT_SHOT;
88}
89char _license[] SEC("license") = "GPL";