1 #include <uapi/linux/bpf.h> 2 #include <uapi/linux/if_ether.h> 3 #include <uapi/linux/if_packet.h> 4 #include <uapi/linux/ip.h> 5 #include <uapi/linux/in.h> 6 #include <uapi/linux/tcp.h> 7 #include <uapi/linux/filter.h> 8 #include <uapi/linux/pkt_cls.h> 9 #include <bpf/bpf_helpers.h> 10 #include "bpf_legacy.h" 11 12 /* compiler workaround */ 13 #define _htonl __builtin_bswap32 14 15 #define IP_CSUM_OFF (ETH_HLEN + offsetof(struct iphdr, check)) 16 #define TCP_CSUM_OFF (ETH_HLEN + sizeof(struct iphdr) + offsetof(struct tcphdr, check)) 17 #define IP_DST_OFF (ETH_HLEN + offsetof(struct iphdr, daddr)) 18 19 #define IS_PSEUDO 0x10 20 21 static inline int set_tcp_ip_dst(struct __sk_buff *skb, __u32 new_ip) 22 { 23 __u32 old_ip = _htonl(load_word(skb, IP_DST_OFF)); 24 if (old_ip != 0x0A010A0A) return 0; 25 bpf_printk("redirect from %x to %x\n", old_ip, new_ip); 26 bpf_l4_csum_replace(skb, TCP_CSUM_OFF, old_ip, new_ip, IS_PSEUDO | sizeof(new_ip)); 27 bpf_l3_csum_replace(skb, IP_CSUM_OFF, old_ip, new_ip, sizeof(new_ip)); 28 bpf_skb_store_bytes(skb, IP_DST_OFF, &new_ip, sizeof(new_ip), 0); 29 return 1; 30 } 31 32 SEC("tclb") 33 int bpf_prog(struct __sk_buff *skb) 34 { 35 __u8 proto = load_byte(skb, ETH_HLEN + offsetof(struct iphdr, protocol)); 36 37 if (proto == IPPROTO_TCP) { 38 if (set_tcp_ip_dst(skb, 0x030112ac)) return TC_ACT_REPEAT; 39 } 40 41 return TC_ACT_OK; 42 } 43 44 char _license[] SEC("license") = "GPL"; 45