add local host and port verdict

luckymrwang · luckymrwang · commit 0b772a67c062 · 2022-08-08T22:33:01.000+08:00
diff --git a/03-sockops/ebpf-sockops/bpf_redir.c b/03-sockops/ebpf-sockops/bpf_redir.c
@@ -20,5 +20,26 @@ __section("sk_msg") int bpf_redir(struct sk_msg_md *msg)
 	return SK_PASS;
 }
 
+/*
+int bpf_redir(struct sk_msg_md *msg)
+{
+	__u64 flags = BPF_F_INGRESS;
+	struct sock_key key = {};
+
+	sk_msg_extract4_key(msg, &key);
+	// See whether the source or destination IP is local host
+	if (key.sip4 == 16777343 || key.dip4 == 16777343) {
+		// See whether the source or destination port is 10000
+		if (key.sport == 4135 || key.dport == 4135) {
+			//int len1 = (__u64)msg->data_end - (__u64)msg->data;
+					//printk("<<< redir_proxy port %d --> %d (%d)\n", key.sport, key.dport, len1);
+			msg_redirect_hash(msg, &sock_ops_map, &key, flags);
+		}
+	}
+
+	return SK_PASS;
+}
+*/
+
 BPF_LICENSE("GPL");
 int _version __section("version") = 1;
diff --git a/03-sockops/ebpf-sockops/bpf_sockops.c b/03-sockops/ebpf-sockops/bpf_sockops.c
@@ -16,6 +16,24 @@ static inline void bpf_sock_ops_ipv4(struct bpf_sock_ops *skops)
 	printk("<<< ipv4 op = %d, port %d --> %d\n", skops->op, key.sport, bpf_ntohl(key.dport));
 }
 
+/*
+static inline void bpf_sock_ops_ipv4(struct bpf_sock_ops *skops)
+{
+	struct sock_key key = {};
+	sk_extract4_key(skops, &key);
+	// See whether the source or destination IP is local host
+	if (key.dip4 == 16777343 || key.sip4 == 16777343 ) {
+		// See whether the source or destination port is 10000
+		if (key.dport == 4135 || key.sport == 4135) {
+			int ret = sock_hash_update(skops, &sock_ops_map, &key, BPF_NOEXIST);
+			printk("<<< ipv4 op = %d, port %d --> %d\n", skops->op, key.sport, key.dport);
+			if (ret != 0)
+				printk("*** FAILED %d ***\n", ret);
+		}
+	}
+}
+*/
+
 static inline void bpf_sock_ops_ipv6(struct bpf_sock_ops *skops)
 {
 	if (skops->remote_ip4)
