0001 #define KBUILD_MODNAME "foo"
0002 #include <uapi/linux/bpf.h>
0003 #include <uapi/linux/if_ether.h>
0004 #include <uapi/linux/if_packet.h>
0005 #include <uapi/linux/ip.h>
0006 #include <uapi/linux/in.h>
0007 #include <uapi/linux/tcp.h>
0008 #include <uapi/linux/filter.h>
0009 #include <uapi/linux/pkt_cls.h>
0010 #include <bpf/bpf_helpers.h>
0011 #include "bpf_legacy.h"
0012
0013
0014 #define _htonl __builtin_bswap32
0015
0016 static inline void set_dst_mac(struct __sk_buff *skb, char *mac)
0017 {
0018 bpf_skb_store_bytes(skb, 0, mac, ETH_ALEN, 1);
0019 }
0020
0021 #define IP_CSUM_OFF (ETH_HLEN + offsetof(struct iphdr, check))
0022 #define TOS_OFF (ETH_HLEN + offsetof(struct iphdr, tos))
0023
0024 static inline void set_ip_tos(struct __sk_buff *skb, __u8 new_tos)
0025 {
0026 __u8 old_tos = load_byte(skb, TOS_OFF);
0027
0028 bpf_l3_csum_replace(skb, IP_CSUM_OFF, htons(old_tos), htons(new_tos), 2);
0029 bpf_skb_store_bytes(skb, TOS_OFF, &new_tos, sizeof(new_tos), 0);
0030 }
0031
0032 #define TCP_CSUM_OFF (ETH_HLEN + sizeof(struct iphdr) + offsetof(struct tcphdr, check))
0033 #define IP_SRC_OFF (ETH_HLEN + offsetof(struct iphdr, saddr))
0034
0035 #define IS_PSEUDO 0x10
0036
0037 static inline void set_tcp_ip_src(struct __sk_buff *skb, __u32 new_ip)
0038 {
0039 __u32 old_ip = _htonl(load_word(skb, IP_SRC_OFF));
0040
0041 bpf_l4_csum_replace(skb, TCP_CSUM_OFF, old_ip, new_ip, IS_PSEUDO | sizeof(new_ip));
0042 bpf_l3_csum_replace(skb, IP_CSUM_OFF, old_ip, new_ip, sizeof(new_ip));
0043 bpf_skb_store_bytes(skb, IP_SRC_OFF, &new_ip, sizeof(new_ip), 0);
0044 }
0045
0046 #define TCP_DPORT_OFF (ETH_HLEN + sizeof(struct iphdr) + offsetof(struct tcphdr, dest))
0047 static inline void set_tcp_dest_port(struct __sk_buff *skb, __u16 new_port)
0048 {
0049 __u16 old_port = htons(load_half(skb, TCP_DPORT_OFF));
0050
0051 bpf_l4_csum_replace(skb, TCP_CSUM_OFF, old_port, new_port, sizeof(new_port));
0052 bpf_skb_store_bytes(skb, TCP_DPORT_OFF, &new_port, sizeof(new_port), 0);
0053 }
0054
0055 SEC("classifier")
0056 int bpf_prog1(struct __sk_buff *skb)
0057 {
0058 __u8 proto = load_byte(skb, ETH_HLEN + offsetof(struct iphdr, protocol));
0059 long *value;
0060
0061 if (proto == IPPROTO_TCP) {
0062 set_ip_tos(skb, 8);
0063 set_tcp_ip_src(skb, 0xA010101);
0064 set_tcp_dest_port(skb, 5001);
0065 }
0066
0067 return 0;
0068 }
0069 SEC("redirect_xmit")
0070 int _redirect_xmit(struct __sk_buff *skb)
0071 {
0072 return bpf_redirect(skb->ifindex + 1, 0);
0073 }
0074 SEC("redirect_recv")
0075 int _redirect_recv(struct __sk_buff *skb)
0076 {
0077 return bpf_redirect(skb->ifindex + 1, 1);
0078 }
0079 SEC("clone_redirect_xmit")
0080 int _clone_redirect_xmit(struct __sk_buff *skb)
0081 {
0082 bpf_clone_redirect(skb, skb->ifindex + 1, 0);
0083 return TC_ACT_SHOT;
0084 }
0085 SEC("clone_redirect_recv")
0086 int _clone_redirect_recv(struct __sk_buff *skb)
0087 {
0088 bpf_clone_redirect(skb, skb->ifindex + 1, 1);
0089 return TC_ACT_SHOT;
0090 }
0091 char _license[] SEC("license") = "GPL";
