1 | // SPDX-License-Identifier: GPL-2.0 |
2 | #include <linux/bpf.h> |
3 | #include <bpf/bpf_endian.h> |
4 | #include <bpf/bpf_helpers.h> |
5 | #include <linux/ip.h> |
6 | #include "bpf_tracing_net.h" |
7 | |
8 | /* We don't care about whether the packet can be received by network stack. |
9 | * Just care if the packet is sent to the correct device at correct direction |
10 | * and not panic the kernel. |
11 | */ |
12 | static int prepend_dummy_mac(struct __sk_buff *skb) |
13 | { |
14 | char mac[] = {0x1, 0x2, 0x3, 0x4, 0x5, 0x6, 0xf, |
15 | 0xe, 0xd, 0xc, 0xb, 0xa, 0x08, 0x00}; |
16 | |
17 | if (bpf_skb_change_head(skb, ETH_HLEN, 0)) |
18 | return -1; |
19 | |
20 | if (bpf_skb_store_bytes(skb, 0, mac, sizeof(mac), 0)) |
21 | return -1; |
22 | |
23 | return 0; |
24 | } |
25 | |
26 | /* Use the last byte of IP address to redirect the packet */ |
27 | static int get_redirect_target(struct __sk_buff *skb) |
28 | { |
29 | struct iphdr *iph = NULL; |
30 | void *start = (void *)(long)skb->data; |
31 | void *end = (void *)(long)skb->data_end; |
32 | |
33 | if (start + sizeof(*iph) > end) |
34 | return -1; |
35 | |
36 | iph = (struct iphdr *)start; |
37 | return bpf_ntohl(iph->daddr) & 0xff; |
38 | } |
39 | |
40 | SEC("redir_ingress" ) |
41 | int test_lwt_redirect_in(struct __sk_buff *skb) |
42 | { |
43 | int target = get_redirect_target(skb); |
44 | |
45 | if (target < 0) |
46 | return BPF_OK; |
47 | |
48 | if (prepend_dummy_mac(skb)) |
49 | return BPF_DROP; |
50 | |
51 | return bpf_redirect(target, BPF_F_INGRESS); |
52 | } |
53 | |
54 | SEC("redir_egress" ) |
55 | int test_lwt_redirect_out(struct __sk_buff *skb) |
56 | { |
57 | int target = get_redirect_target(skb); |
58 | |
59 | if (target < 0) |
60 | return BPF_OK; |
61 | |
62 | if (prepend_dummy_mac(skb)) |
63 | return BPF_DROP; |
64 | |
65 | return bpf_redirect(target, 0); |
66 | } |
67 | |
68 | SEC("redir_egress_nomac" ) |
69 | int test_lwt_redirect_out_nomac(struct __sk_buff *skb) |
70 | { |
71 | int target = get_redirect_target(skb); |
72 | |
73 | if (target < 0) |
74 | return BPF_OK; |
75 | |
76 | return bpf_redirect(target, 0); |
77 | } |
78 | |
79 | SEC("redir_ingress_nomac" ) |
80 | int test_lwt_redirect_in_nomac(struct __sk_buff *skb) |
81 | { |
82 | int target = get_redirect_target(skb); |
83 | |
84 | if (target < 0) |
85 | return BPF_OK; |
86 | |
87 | return bpf_redirect(target, BPF_F_INGRESS); |
88 | } |
89 | |
90 | char _license[] SEC("license" ) = "GPL" ; |
91 | |