vikarti.anatra/safing-portmaster
1
0
Fork 0
mirror of https://github.com/safing/portmaster synced 2025-09-01 18:19:12 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Merge pull request #1415 from safing/fix/ebpf-missing-udp.pcflag

Browse source 
Use sk->sk_protocol instead of udp.pcflag to detect UDPLite protocol in eBPF
This commit is contained in:
Daniel Hovie 2024-01-11 10:11:46 +01:00 committed by GitHub
commit f239769ea9
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 14 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

BIN
firewall/interception/ebpf/connection_listener/bpf_bpfeb.o
View file

Binary file not shown.

BIN
firewall/interception/ebpf/connection_listener/bpf_bpfel.o
View file

Binary file not shown.

22
firewall/interception/ebpf/programs/monitor.c
View file

@ -105,19 +105,23 @@ int BPF_PROG(udp_v4_connect, struct sock *sk) {
// Read PID (Careful: This is the Thread Group ID in kernel speak!)
udp_info->pid = __builtin_bswap32((u32)(bpf_get_current_pid_tgid() >> 32));
// Set src and dist ports
// Set src and dst ports
udp_info->sport = __builtin_bswap16(sk->__sk_common.skc_num);
udp_info->dport = sk->__sk_common.skc_dport;
// Set src and dist IPs
// Set src and dst IPs
udp_info->saddr[0] = __builtin_bswap32(sk->__sk_common.skc_rcv_saddr);
udp_info->daddr[0] = __builtin_bswap32(sk->__sk_common.skc_daddr);
// Set IP version
udp_info->ipVersion = 4;
// Set protocol. No way to detect udplite for ipv4
// Set protocol
if(sk->sk_protocol == IPPROTO_UDPLITE) {
udp_info->protocol = UDPLite;
} else {
udp_info->protocol = UDP;
}
// Send event
bpf_ringbuf_submit(udp_info, 0);
@ -154,11 +158,11 @@ int BPF_PROG(udp_v6_connect, struct sock *sk) {
// Read PID (Careful: This is the Thread Group ID in kernel speak!)
udp_info->pid = __builtin_bswap32((u32)(bpf_get_current_pid_tgid() >> 32));
// Set src and dist ports
// Set src and dst ports
udp_info->sport = __builtin_bswap16(sk->__sk_common.skc_num);
udp_info->dport = sk->__sk_common.skc_dport;
// Set src and dist IPs
// Set src and dst IPs
for(int i = 0; i < 4; i++) {
udp_info->saddr[i] = __builtin_bswap32(sk->__sk_common.skc_v6_rcv_saddr.in6_u.u6_addr32[i]);
}
@ -169,11 +173,11 @@ int BPF_PROG(udp_v6_connect, struct sock *sk) {
// IP version
udp_info->ipVersion = 6;
// Set protocol for UDPLite
if(us->udp.pcflag == 0) {
udp_info->protocol = UDP;
} else {
// Set protocol
if(sk->sk_protocol == IPPROTO_UDPLITE) {
udp_info->protocol = UDPLite;
} else {
udp_info->protocol = UDP;
}
// Send event

0
firewall/interception/ebpf/programs/update.sh Normal file → Executable file
View file