Kyle Swenson | 8d8f654 | 2021-03-15 11:02:55 -0600 | [diff] [blame] | 1 | #include <uapi/linux/bpf.h> |
| 2 | #include <uapi/linux/if_ether.h> |
| 3 | #include <uapi/linux/if_packet.h> |
| 4 | #include <uapi/linux/ip.h> |
| 5 | #include <uapi/linux/in.h> |
| 6 | #include <uapi/linux/tcp.h> |
| 7 | #include <uapi/linux/filter.h> |
| 8 | #include <uapi/linux/pkt_cls.h> |
| 9 | #include "bpf_helpers.h" |
| 10 | |
| 11 | /* compiler workaround */ |
| 12 | #define _htonl __builtin_bswap32 |
| 13 | |
| 14 | static inline void set_dst_mac(struct __sk_buff *skb, char *mac) |
| 15 | { |
| 16 | bpf_skb_store_bytes(skb, 0, mac, ETH_ALEN, 1); |
| 17 | } |
| 18 | |
| 19 | #define IP_CSUM_OFF (ETH_HLEN + offsetof(struct iphdr, check)) |
| 20 | #define TOS_OFF (ETH_HLEN + offsetof(struct iphdr, tos)) |
| 21 | |
| 22 | static inline void set_ip_tos(struct __sk_buff *skb, __u8 new_tos) |
| 23 | { |
| 24 | __u8 old_tos = load_byte(skb, TOS_OFF); |
| 25 | |
| 26 | bpf_l3_csum_replace(skb, IP_CSUM_OFF, htons(old_tos), htons(new_tos), 2); |
| 27 | bpf_skb_store_bytes(skb, TOS_OFF, &new_tos, sizeof(new_tos), 0); |
| 28 | } |
| 29 | |
| 30 | #define TCP_CSUM_OFF (ETH_HLEN + sizeof(struct iphdr) + offsetof(struct tcphdr, check)) |
| 31 | #define IP_SRC_OFF (ETH_HLEN + offsetof(struct iphdr, saddr)) |
| 32 | |
| 33 | #define IS_PSEUDO 0x10 |
| 34 | |
| 35 | static inline void set_tcp_ip_src(struct __sk_buff *skb, __u32 new_ip) |
| 36 | { |
| 37 | __u32 old_ip = _htonl(load_word(skb, IP_SRC_OFF)); |
| 38 | |
| 39 | bpf_l4_csum_replace(skb, TCP_CSUM_OFF, old_ip, new_ip, IS_PSEUDO | sizeof(new_ip)); |
| 40 | bpf_l3_csum_replace(skb, IP_CSUM_OFF, old_ip, new_ip, sizeof(new_ip)); |
| 41 | bpf_skb_store_bytes(skb, IP_SRC_OFF, &new_ip, sizeof(new_ip), 0); |
| 42 | } |
| 43 | |
| 44 | #define TCP_DPORT_OFF (ETH_HLEN + sizeof(struct iphdr) + offsetof(struct tcphdr, dest)) |
| 45 | static inline void set_tcp_dest_port(struct __sk_buff *skb, __u16 new_port) |
| 46 | { |
| 47 | __u16 old_port = htons(load_half(skb, TCP_DPORT_OFF)); |
| 48 | |
| 49 | bpf_l4_csum_replace(skb, TCP_CSUM_OFF, old_port, new_port, sizeof(new_port)); |
| 50 | bpf_skb_store_bytes(skb, TCP_DPORT_OFF, &new_port, sizeof(new_port), 0); |
| 51 | } |
| 52 | |
| 53 | SEC("classifier") |
| 54 | int bpf_prog1(struct __sk_buff *skb) |
| 55 | { |
| 56 | __u8 proto = load_byte(skb, ETH_HLEN + offsetof(struct iphdr, protocol)); |
| 57 | long *value; |
| 58 | |
| 59 | if (proto == IPPROTO_TCP) { |
| 60 | set_ip_tos(skb, 8); |
| 61 | set_tcp_ip_src(skb, 0xA010101); |
| 62 | set_tcp_dest_port(skb, 5001); |
| 63 | } |
| 64 | |
| 65 | return 0; |
| 66 | } |
| 67 | SEC("redirect_xmit") |
| 68 | int _redirect_xmit(struct __sk_buff *skb) |
| 69 | { |
| 70 | return bpf_redirect(skb->ifindex + 1, 0); |
| 71 | } |
| 72 | SEC("redirect_recv") |
| 73 | int _redirect_recv(struct __sk_buff *skb) |
| 74 | { |
| 75 | return bpf_redirect(skb->ifindex + 1, 1); |
| 76 | } |
| 77 | SEC("clone_redirect_xmit") |
| 78 | int _clone_redirect_xmit(struct __sk_buff *skb) |
| 79 | { |
| 80 | bpf_clone_redirect(skb, skb->ifindex + 1, 0); |
| 81 | return TC_ACT_SHOT; |
| 82 | } |
| 83 | SEC("clone_redirect_recv") |
| 84 | int _clone_redirect_recv(struct __sk_buff *skb) |
| 85 | { |
| 86 | bpf_clone_redirect(skb, skb->ifindex + 1, 1); |
| 87 | return TC_ACT_SHOT; |
| 88 | } |
| 89 | char _license[] SEC("license") = "GPL"; |