1 #define KBUILD_MODNAME "foo"
2 #include <uapi/linux/bpf.h>
3 #include <uapi/linux/if_ether.h>
4 #include <uapi/linux/if_packet.h>
5 #include <uapi/linux/ip.h>
6 #include <uapi/linux/in.h>
7 #include <uapi/linux/tcp.h>
8 #include <uapi/linux/filter.h>
9 #include <uapi/linux/pkt_cls.h>
10 #include <bpf/bpf_helpers.h>
11 #include "bpf_legacy.h"
12
13 /* compiler workaround */
14 #define _htonl __builtin_bswap32
15
set_dst_mac(struct __sk_buff * skb,char * mac)16 static inline void set_dst_mac(struct __sk_buff *skb, char *mac)
17 {
18 bpf_skb_store_bytes(skb, 0, mac, ETH_ALEN, 1);
19 }
20
21 #define IP_CSUM_OFF (ETH_HLEN + offsetof(struct iphdr, check))
22 #define TOS_OFF (ETH_HLEN + offsetof(struct iphdr, tos))
23
set_ip_tos(struct __sk_buff * skb,__u8 new_tos)24 static inline void set_ip_tos(struct __sk_buff *skb, __u8 new_tos)
25 {
26 __u8 old_tos = load_byte(skb, TOS_OFF);
27
28 bpf_l3_csum_replace(skb, IP_CSUM_OFF, htons(old_tos), htons(new_tos), 2);
29 bpf_skb_store_bytes(skb, TOS_OFF, &new_tos, sizeof(new_tos), 0);
30 }
31
32 #define TCP_CSUM_OFF (ETH_HLEN + sizeof(struct iphdr) + offsetof(struct tcphdr, check))
33 #define IP_SRC_OFF (ETH_HLEN + offsetof(struct iphdr, saddr))
34
35 #define IS_PSEUDO 0x10
36
set_tcp_ip_src(struct __sk_buff * skb,__u32 new_ip)37 static inline void set_tcp_ip_src(struct __sk_buff *skb, __u32 new_ip)
38 {
39 __u32 old_ip = _htonl(load_word(skb, IP_SRC_OFF));
40
41 bpf_l4_csum_replace(skb, TCP_CSUM_OFF, old_ip, new_ip, IS_PSEUDO | sizeof(new_ip));
42 bpf_l3_csum_replace(skb, IP_CSUM_OFF, old_ip, new_ip, sizeof(new_ip));
43 bpf_skb_store_bytes(skb, IP_SRC_OFF, &new_ip, sizeof(new_ip), 0);
44 }
45
46 #define TCP_DPORT_OFF (ETH_HLEN + sizeof(struct iphdr) + offsetof(struct tcphdr, dest))
set_tcp_dest_port(struct __sk_buff * skb,__u16 new_port)47 static inline void set_tcp_dest_port(struct __sk_buff *skb, __u16 new_port)
48 {
49 __u16 old_port = htons(load_half(skb, TCP_DPORT_OFF));
50
51 bpf_l4_csum_replace(skb, TCP_CSUM_OFF, old_port, new_port, sizeof(new_port));
52 bpf_skb_store_bytes(skb, TCP_DPORT_OFF, &new_port, sizeof(new_port), 0);
53 }
54
55 SEC("classifier")
bpf_prog1(struct __sk_buff * skb)56 int bpf_prog1(struct __sk_buff *skb)
57 {
58 __u8 proto = load_byte(skb, ETH_HLEN + offsetof(struct iphdr, protocol));
59 long *value;
60
61 if (proto == IPPROTO_TCP) {
62 set_ip_tos(skb, 8);
63 set_tcp_ip_src(skb, 0xA010101);
64 set_tcp_dest_port(skb, 5001);
65 }
66
67 return 0;
68 }
69 SEC("redirect_xmit")
_redirect_xmit(struct __sk_buff * skb)70 int _redirect_xmit(struct __sk_buff *skb)
71 {
72 return bpf_redirect(skb->ifindex + 1, 0);
73 }
74 SEC("redirect_recv")
_redirect_recv(struct __sk_buff * skb)75 int _redirect_recv(struct __sk_buff *skb)
76 {
77 return bpf_redirect(skb->ifindex + 1, 1);
78 }
79 SEC("clone_redirect_xmit")
_clone_redirect_xmit(struct __sk_buff * skb)80 int _clone_redirect_xmit(struct __sk_buff *skb)
81 {
82 bpf_clone_redirect(skb, skb->ifindex + 1, 0);
83 return TC_ACT_SHOT;
84 }
85 SEC("clone_redirect_recv")
_clone_redirect_recv(struct __sk_buff * skb)86 int _clone_redirect_recv(struct __sk_buff *skb)
87 {
88 bpf_clone_redirect(skb, skb->ifindex + 1, 1);
89 return TC_ACT_SHOT;
90 }
91 char _license[] SEC("license") = "GPL";
92