diff --git a/client/internal/dns/forwarder/bpf_bpfeb.go b/client/internal/dns/forwarder/bpf_bpfeb.go index 1fe1fd6e0..9ab731d9b 100644 --- a/client/internal/dns/forwarder/bpf_bpfeb.go +++ b/client/internal/dns/forwarder/bpf_bpfeb.go @@ -61,6 +61,7 @@ type bpfProgramSpecs struct { // // It can be passed ebpf.CollectionSpec.Assign. type bpfMapSpecs struct { + XdpIpMap *ebpf.MapSpec `ebpf:"xdp_ip_map"` XdpPortMap *ebpf.MapSpec `ebpf:"xdp_port_map"` } @@ -83,11 +84,13 @@ func (o *bpfObjects) Close() error { // // It can be passed to loadBpfObjects or ebpf.CollectionSpec.LoadAndAssign. type bpfMaps struct { + XdpIpMap *ebpf.Map `ebpf:"xdp_ip_map"` XdpPortMap *ebpf.Map `ebpf:"xdp_port_map"` } func (m *bpfMaps) Close() error { return _BpfClose( + m.XdpIpMap, m.XdpPortMap, ) } diff --git a/client/internal/dns/forwarder/bpf_bpfeb.o b/client/internal/dns/forwarder/bpf_bpfeb.o index 5c31177e5..f18f85af7 100644 Binary files a/client/internal/dns/forwarder/bpf_bpfeb.o and b/client/internal/dns/forwarder/bpf_bpfeb.o differ diff --git a/client/internal/dns/forwarder/bpf_bpfel.go b/client/internal/dns/forwarder/bpf_bpfel.go index c98028ef6..27f09b354 100644 --- a/client/internal/dns/forwarder/bpf_bpfel.go +++ b/client/internal/dns/forwarder/bpf_bpfel.go @@ -61,6 +61,7 @@ type bpfProgramSpecs struct { // // It can be passed ebpf.CollectionSpec.Assign. type bpfMapSpecs struct { + XdpIpMap *ebpf.MapSpec `ebpf:"xdp_ip_map"` XdpPortMap *ebpf.MapSpec `ebpf:"xdp_port_map"` } @@ -83,11 +84,13 @@ func (o *bpfObjects) Close() error { // // It can be passed to loadBpfObjects or ebpf.CollectionSpec.LoadAndAssign. type bpfMaps struct { + XdpIpMap *ebpf.Map `ebpf:"xdp_ip_map"` XdpPortMap *ebpf.Map `ebpf:"xdp_port_map"` } func (m *bpfMaps) Close() error { return _BpfClose( + m.XdpIpMap, m.XdpPortMap, ) } diff --git a/client/internal/dns/forwarder/bpf_bpfel.o b/client/internal/dns/forwarder/bpf_bpfel.o index c45d49af7..9713152e2 100644 Binary files a/client/internal/dns/forwarder/bpf_bpfel.o and b/client/internal/dns/forwarder/bpf_bpfel.o differ diff --git a/client/internal/dns/forwarder/src/port_fwd.c b/client/internal/dns/forwarder/src/port_fwd.c index fc594bdf0..d8edcd830 100644 --- a/client/internal/dns/forwarder/src/port_fwd.c +++ b/client/internal/dns/forwarder/src/port_fwd.c @@ -15,6 +15,13 @@ const __u32 map_key_dns_ip = 0; const __u32 map_key_dns_port = 1; +struct bpf_map_def SEC("maps") xdp_ip_map = { + .type = BPF_MAP_TYPE_ARRAY, + .key_size = sizeof(__u32), + .value_size = sizeof(__u32), + .max_entries = 10, +}; + struct bpf_map_def SEC("maps") xdp_port_map = { .type = BPF_MAP_TYPE_ARRAY, .key_size = sizeof(__u32), @@ -25,32 +32,37 @@ struct bpf_map_def SEC("maps") xdp_port_map = { __be32 dns_ip = 0; __be16 dns_port = 0; -bool read_port_settings() { - __u16 *value; - __be32 *ip_value; - value = bpf_map_lookup_elem(&xdp_port_map, &map_key_dns_port); - if(!value) { - return false; - } +// 13568 is 53 in big endian +__be16 GENERAL_DNS_PORT = 13568; - dns_port = htons(*value); +bool read_settings() { + __u16 *port_value; + __u32 *ip_value; - ip_value = bpf_map_lookup_elem(&xdp_port_map, &map_key_dns_ip); + // read dns ip + ip_value = bpf_map_lookup_elem(&xdp_ip_map, &map_key_dns_ip); if(!ip_value) { return false; } dns_ip = htonl(*ip_value); + + // read dns port + port_value = bpf_map_lookup_elem(&xdp_port_map, &map_key_dns_port); + if(!port_value) { + return false; + } + dns_port = htons(*port_value); return true; } SEC("xdp") int xdp_dns_port_fwd(struct xdp_md *ctx) { if(dns_port == 0) { - if(!read_port_settings()){ + if(!read_settings()){ return XDP_PASS; } - bpf_printk("dns port: %d", dns_port); - bpf_printk("dns ip: %d", dns_ip); + bpf_printk("dns port: %d", ntohs(dns_port)); + bpf_printk("dns ip: %d", ntohl(dns_ip)); } void *data = (void *)(long)ctx->data; @@ -73,13 +85,12 @@ int xdp_dns_port_fwd(struct xdp_md *ctx) { return XDP_PASS; } - // 2130706433 = 127.0.0.1 if (ip->daddr != dns_ip) { return XDP_PASS; } // skip non dns ports - if (udp->source != htons(53)){ + if (udp->dest != GENERAL_DNS_PORT){ return XDP_PASS; } diff --git a/client/internal/dns/forwarder/traffic_forwarder.go b/client/internal/dns/forwarder/traffic_forwarder.go index 05155241f..46f940743 100644 --- a/client/internal/dns/forwarder/traffic_forwarder.go +++ b/client/internal/dns/forwarder/traffic_forwarder.go @@ -52,7 +52,7 @@ func (tf *TrafficForwarder) Start(ip string, dnsPort int) error { _ = objs.Close() }() - err = objs.XdpPortMap.Put(mapKeyDNSIP, tf.ip2int(ip)) + err = objs.XdpIpMap.Put(mapKeyDNSIP, tf.ip2int(ip)) if err != nil { return err }