Last active
December 19, 2023 08:48
-
-
Save fntlnz/f6638d59e0e39f0993219684d9bf57d3 to your computer and use it in GitHub Desktop.
XDP Drop udp example
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <linux/bpf.h> | |
| #include <linux/in.h> | |
| #include <linux/if_ether.h> | |
| #include <linux/ip.h> | |
| #define SEC(NAME) __attribute__((section(NAME), used)) | |
| SEC("dropper_main") | |
| int dropper(struct xdp_md *ctx) { | |
| int ipsize = 0; | |
| void *data = (void *)(long)ctx->data; | |
| void *data_end = (void *)(long)ctx->data_end; | |
| struct ethhdr *eth = data; | |
| ipsize = sizeof(*eth); | |
| struct iphdr *ip = data + ipsize; | |
| ipsize += sizeof(struct iphdr); | |
| if (data + ipsize > data_end) { | |
| return XDP_PASS; | |
| } | |
| if (ip->protocol == IPPROTO_UDP) { | |
| return XDP_DROP; | |
| } | |
| return XDP_PASS; | |
| } | |
| char _license[] SEC("license") = "GPL"; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment