-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
29 changed files
with
1,152 additions
and
92 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,47 @@ | ||
# eBPF Makefile for handling eBPF-related tasks | ||
|
||
# Variables | ||
CLANG := clang | ||
BPFTOOL := bpftool | ||
SRC_DIR := c/src | ||
OBJ_DIR := c/obj | ||
SRC := $(SRC_DIR)/ebpf_program.c | ||
OBJ := $(OBJ_DIR)/ebpf_program.o | ||
INTERFACE := eth0 # Replace with the network interface you want to attach to | ||
|
||
# eBPF targets | ||
.PHONY: ebpf-all ebpf-build ebpf-load ebpf-unload ebpf-status ebpf-clean | ||
|
||
# Default eBPF target | ||
ebpf-all: ebpf-build | ||
|
||
# Create object directory if it doesn't exist | ||
$(OBJ_DIR): | ||
mkdir -p $(OBJ_DIR) | ||
|
||
# Compile the eBPF program | ||
$(OBJ): $(SRC) | $(OBJ_DIR) | ||
$(CLANG) -O2 -g -target bpf -c $(SRC) -o $(OBJ) | ||
|
||
# Build the eBPF program | ||
ebpf-build: $(OBJ) | ||
@echo "eBPF program compiled successfully." | ||
|
||
# Load the eBPF program onto the interface | ||
ebpf-load: $(OBJ) | ||
sudo ip link set dev $(INTERFACE) xdp obj $(OBJ) sec xdp | ||
@echo "eBPF program loaded onto interface $(INTERFACE)." | ||
|
||
# Unload the eBPF program from the interface | ||
ebpf-unload: | ||
sudo ip link set dev $(INTERFACE) xdp off | ||
@echo "eBPF program unloaded from interface $(INTERFACE)." | ||
|
||
# Check if the eBPF program is loaded | ||
ebpf-status: | ||
$(BPFTOOL) prog | ||
|
||
# Clean up the compiled objects | ||
ebpf-clean: | ||
rm -rf $(OBJ_DIR) | ||
@echo "Cleaned up eBPF compiled files." |
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,70 @@ | ||
#include <linux/bpf.h> | ||
#include <linux/if_ether.h> | ||
#include <linux/ip.h> | ||
#include <linux/tcp.h> | ||
#include <linux/udp.h> | ||
#include <linux/in.h> | ||
#include <linux/types.h> | ||
#include <stdint.h> | ||
#include <bpf/bpf_helpers.h> | ||
|
||
#define ETHERNET_MTU 1500 // Ethernet MTU size | ||
|
||
struct { | ||
__uint(type, BPF_MAP_TYPE_RINGBUF); | ||
__uint(max_entries, 1 << 24); // 16MB ring buffer size | ||
} msg_ringbuf SEC(".maps"); | ||
|
||
SEC("xdp") | ||
int handle_packet(struct xdp_md *ctx) { | ||
// Get the start and end pointers for the packet data | ||
unsigned char *data = (unsigned char *)(long)ctx->data; | ||
unsigned char *data_end = (unsigned char *)(long)ctx->data_end; | ||
|
||
// Calculate the packet length directly from ctx | ||
uint32_t total_len = data_end - data; | ||
|
||
// Bound the packet length by Ethernet MTU | ||
if (total_len == 0 || total_len > ETHERNET_MTU) | ||
return XDP_PASS; // We pass the packet instead of dropping it | ||
|
||
// Ensure the packet has enough data for the Ethernet header | ||
if (data + sizeof(struct ethhdr) > data_end) | ||
return XDP_PASS; // Not enough data for Ethernet header | ||
|
||
struct ethhdr *eth = (struct ethhdr *)data; | ||
|
||
// Only process IPv4 packets | ||
if (__constant_htons(eth->h_proto) != ETH_P_IP) | ||
return XDP_PASS; // We only handle IPv4, pass the rest | ||
|
||
// Ensure the packet has enough data for the IP header | ||
struct iphdr *ip = (struct iphdr *)(data + sizeof(struct ethhdr)); | ||
if ((unsigned char *)ip + sizeof(struct iphdr) > data_end) | ||
return XDP_PASS; // Not enough data for IP header | ||
|
||
// Check if the packet has enough data for TCP or UDP headers | ||
unsigned char *transport_header = data + sizeof(struct ethhdr) + sizeof(struct iphdr); | ||
if (ip->protocol == IPPROTO_TCP && (transport_header + sizeof(struct tcphdr) > data_end)) | ||
return XDP_PASS; // Not enough data for TCP header | ||
if (ip->protocol == IPPROTO_UDP && (transport_header + sizeof(struct udphdr) > data_end)) | ||
return XDP_PASS; // Not enough data for UDP header | ||
|
||
// Reserve space in the ring buffer for the packet data | ||
void *ringbuf_space = bpf_ringbuf_reserve(&msg_ringbuf, ETHERNET_MTU, 0); | ||
if (!ringbuf_space) | ||
return XDP_PASS; // If we can't reserve space, pass the packet | ||
|
||
// Copy the entire packet into the ring buffer | ||
if (bpf_probe_read_kernel(ringbuf_space, ETHERNET_MTU, data)) { | ||
bpf_ringbuf_discard(ringbuf_space, 0); // Discard the reserved space if reading fails | ||
return XDP_ABORTED; // Abort if copying the packet fails | ||
} | ||
|
||
// Submit the packet to the ring buffer | ||
bpf_ringbuf_submit(ringbuf_space, 0); | ||
|
||
return XDP_PASS; // Pass the packet after processing | ||
} | ||
|
||
char _license[] SEC("license") = "GPL"; |
Empty file.
Oops, something went wrong.