1 | #define KBUILD_MODNAME "foo" |
2 | #include <uapi/linux/bpf.h> |
3 | #include <uapi/linux/if_ether.h> |
4 | #include <uapi/linux/if_packet.h> |
5 | #include <uapi/linux/ip.h> |
6 | #include <uapi/linux/in.h> |
7 | #include <uapi/linux/tcp.h> |
8 | #include <uapi/linux/filter.h> |
9 | #include <uapi/linux/pkt_cls.h> |
10 | #include <bpf/bpf_helpers.h> |
11 | #include "bpf_legacy.h" |
12 | |
13 | /* compiler workaround */ |
14 | #define _htonl __builtin_bswap32 |
15 | |
16 | static inline void set_dst_mac(struct __sk_buff *skb, char *mac) |
17 | { |
18 | bpf_skb_store_bytes(skb, 0, mac, ETH_ALEN, 1); |
19 | } |
20 | |
21 | #define IP_CSUM_OFF (ETH_HLEN + offsetof(struct iphdr, check)) |
22 | #define TOS_OFF (ETH_HLEN + offsetof(struct iphdr, tos)) |
23 | |
24 | static inline void set_ip_tos(struct __sk_buff *skb, __u8 new_tos) |
25 | { |
26 | __u8 old_tos = load_byte(skb, TOS_OFF); |
27 | |
28 | bpf_l3_csum_replace(skb, IP_CSUM_OFF, htons(old_tos), htons(new_tos), 2); |
29 | bpf_skb_store_bytes(skb, TOS_OFF, &new_tos, sizeof(new_tos), 0); |
30 | } |
31 | |
32 | #define TCP_CSUM_OFF (ETH_HLEN + sizeof(struct iphdr) + offsetof(struct tcphdr, check)) |
33 | #define IP_SRC_OFF (ETH_HLEN + offsetof(struct iphdr, saddr)) |
34 | |
35 | #define IS_PSEUDO 0x10 |
36 | |
37 | static inline void set_tcp_ip_src(struct __sk_buff *skb, __u32 new_ip) |
38 | { |
39 | __u32 old_ip = _htonl(load_word(skb, IP_SRC_OFF)); |
40 | |
41 | bpf_l4_csum_replace(skb, TCP_CSUM_OFF, old_ip, new_ip, IS_PSEUDO | sizeof(new_ip)); |
42 | bpf_l3_csum_replace(skb, IP_CSUM_OFF, old_ip, new_ip, sizeof(new_ip)); |
43 | bpf_skb_store_bytes(skb, IP_SRC_OFF, &new_ip, sizeof(new_ip), 0); |
44 | } |
45 | |
46 | #define TCP_DPORT_OFF (ETH_HLEN + sizeof(struct iphdr) + offsetof(struct tcphdr, dest)) |
47 | static inline void set_tcp_dest_port(struct __sk_buff *skb, __u16 new_port) |
48 | { |
49 | __u16 old_port = htons(load_half(skb, TCP_DPORT_OFF)); |
50 | |
51 | bpf_l4_csum_replace(skb, TCP_CSUM_OFF, old_port, new_port, sizeof(new_port)); |
52 | bpf_skb_store_bytes(skb, TCP_DPORT_OFF, &new_port, sizeof(new_port), 0); |
53 | } |
54 | |
55 | SEC("classifier" ) |
56 | int bpf_prog1(struct __sk_buff *skb) |
57 | { |
58 | __u8 proto = load_byte(skb, ETH_HLEN + offsetof(struct iphdr, protocol)); |
59 | long *value; |
60 | |
61 | if (proto == IPPROTO_TCP) { |
62 | set_ip_tos(skb, 8); |
63 | set_tcp_ip_src(skb, 0xA010101); |
64 | set_tcp_dest_port(skb, 5001); |
65 | } |
66 | |
67 | return 0; |
68 | } |
69 | SEC("redirect_xmit" ) |
70 | int _redirect_xmit(struct __sk_buff *skb) |
71 | { |
72 | return bpf_redirect(skb->ifindex + 1, 0); |
73 | } |
74 | SEC("redirect_recv" ) |
75 | int _redirect_recv(struct __sk_buff *skb) |
76 | { |
77 | return bpf_redirect(skb->ifindex + 1, 1); |
78 | } |
79 | SEC("clone_redirect_xmit" ) |
80 | int _clone_redirect_xmit(struct __sk_buff *skb) |
81 | { |
82 | bpf_clone_redirect(skb, skb->ifindex + 1, 0); |
83 | return TC_ACT_SHOT; |
84 | } |
85 | SEC("clone_redirect_recv" ) |
86 | int _clone_redirect_recv(struct __sk_buff *skb) |
87 | { |
88 | bpf_clone_redirect(skb, skb->ifindex + 1, 1); |
89 | return TC_ACT_SHOT; |
90 | } |
91 | char _license[] SEC("license" ) = "GPL" ; |
92 | |