1 // SPDX-License-Identifier: GPL-2.0
2 // Copyright (c) 2018 Facebook
6 #include <linux/stddef.h>
10 #include <sys/socket.h>
12 #include "bpf_helpers.h"
13 #include "bpf_endian.h"
15 #define SRC_REWRITE_IP4 0x7f000004U
16 #define DST_REWRITE_IP4 0x7f000001U
17 #define DST_REWRITE_PORT4 4444
19 int _version
SEC("version") = 1;
21 SEC("cgroup/connect4")
22 int connect_v4_prog(struct bpf_sock_addr
*ctx
)
24 struct bpf_sock_tuple tuple
= {};
25 struct sockaddr_in sa
;
28 /* Verify that new destination is available. */
29 memset(&tuple
.ipv4
.saddr
, 0, sizeof(tuple
.ipv4
.saddr
));
30 memset(&tuple
.ipv4
.sport
, 0, sizeof(tuple
.ipv4
.sport
));
32 tuple
.ipv4
.daddr
= bpf_htonl(DST_REWRITE_IP4
);
33 tuple
.ipv4
.dport
= bpf_htons(DST_REWRITE_PORT4
);
35 if (ctx
->type
!= SOCK_STREAM
&& ctx
->type
!= SOCK_DGRAM
)
37 else if (ctx
->type
== SOCK_STREAM
)
38 sk
= bpf_sk_lookup_tcp(ctx
, &tuple
, sizeof(tuple
.ipv4
),
39 BPF_F_CURRENT_NETNS
, 0);
41 sk
= bpf_sk_lookup_udp(ctx
, &tuple
, sizeof(tuple
.ipv4
),
42 BPF_F_CURRENT_NETNS
, 0);
47 if (sk
->src_ip4
!= tuple
.ipv4
.daddr
||
48 sk
->src_port
!= DST_REWRITE_PORT4
) {
55 /* Rewrite destination. */
56 ctx
->user_ip4
= bpf_htonl(DST_REWRITE_IP4
);
57 ctx
->user_port
= bpf_htons(DST_REWRITE_PORT4
);
60 memset(&sa
, 0, sizeof(sa
));
62 sa
.sin_family
= AF_INET
;
63 sa
.sin_port
= bpf_htons(0);
64 sa
.sin_addr
.s_addr
= bpf_htonl(SRC_REWRITE_IP4
);
66 if (bpf_bind(ctx
, (struct sockaddr
*)&sa
, sizeof(sa
)) != 0)
72 char _license
[] SEC("license") = "GPL";
