Created
July 24, 2024 12:02
-
-
Save Grant-Knoetze/eef145e025f74af5265561e827a19243 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <linux/bpf.h> | |
| #include <linux/if_ether.h> | |
| #include <linux/ip.h> | |
| #include <linux/in.h> | |
| SEC("filter") | |
| int filter_packets(struct __sk_buff *skb) { | |
| void *data = (void *)(long)skb->data; | |
| void *data_end = (void *)(long)skb->data_end; | |
| struct ethhdr *eth = data; | |
| struct iphdr *ip = data + sizeof(*eth); | |
| if (data + sizeof(*eth) + sizeof(*ip) > data_end) | |
| return 0; | |
| if (eth->h_proto == htons(ETH_P_IP) && ip->protocol == IPPROTO_TCP) { | |
| // Implement your filtering logic here | |
| // Example: Drop packets from a specific IP address | |
| if (ip->saddr == inet_addr("192.168.1.1")) | |
| return TC_ACT_SHOT; | |
| } | |
| return TC_ACT_OK; | |
| } | |
| char _license[] SEC("license") = "GPL"; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment