github.com/datadog/cilium@v1.6.12/bpf/bpf_ipsec.c

github.com/datadog/cilium@v1.6.12/bpf/bpf_ipsec.c (about)

     1  /*
     2   *  Copyright (C) 2019 Authors of Cilium
     3   *
     4   *  This program is free software; you can redistribute it and/or modify
     5   *  it under the terms of the GNU General Public License as published by
     6   *  the Free Software Foundation; either version 2 of the License, or
     7   *  (at your option) any later version.
     8   *
     9   *  This program is distributed in the hope that it will be useful,
    10   *  but WITHOUT ANY WARRANTY; without even the implied warranty of
    11   *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    12   *  GNU General Public License for more details.
    13   *
    14   *  You should have received a copy of the GNU General Public License
    15   *  along with this program; if not, write to the Free Software
    16   *  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
    17   */
    18  #include <linux/if_packet.h>
    19  
    20  #include <node_config.h>
    21  #include <netdev_config.h>
    22  #include <bpf/api.h>
    23  
    24  #include <stdint.h>
    25  #include <stdio.h>
    26  
    27  #include "lib/common.h"
    28  #include "lib/dbg.h"
    29  
    30  __section("from-netdev")
    31  int from_netdev(struct __sk_buff *skb)
    32  {
    33  	if ((skb->cb[0] & MARK_MAGIC_HOST_MASK) == MARK_MAGIC_ENCRYPT) {
    34  		skb->mark = skb->cb[0];
    35  		set_identity(skb, skb->cb[1]);
    36  	} else {
    37  		// Upper 16 bits may carry proxy port number, clear it out
    38  		__u32 magic = skb->cb[0] & 0xFFFF;
    39  		if (magic == MARK_MAGIC_TO_PROXY) {
    40  			__be16 port = skb->cb[0] >> 16;
    41  
    42  			skb->mark = skb->cb[0];
    43  			skb_change_type(skb, PACKET_HOST);
    44  			cilium_dbg_capture(skb, DBG_CAPTURE_PROXY_POST, port);
    45  		}
    46  	}
    47  	return TC_ACT_OK;
    48  }
    49  
    50  BPF_LICENSE("GPL");