fix filtering ip address

1. fix filtering ip address 2. update README Signed-off-by: Leon Huayra <hffilwlqm@gmail.com>
Asphaltt · Dec 11, 2021 · dc8b5b7 · dc8b5b7
1 parent 3673b0d
commit dc8b5b7
Show file tree

Hide file tree

Showing 3 changed files with 11 additions and 18 deletions.
diff --git a/README.md b/README.md
@@ -24,7 +24,7 @@ Flags:
   -h, --help               help for skbtracer
       --icmpid uint16      trace icmp id
   -H, --ipaddr string      ip address
-      --iptable            output iptable path
+      --iptables           output iptables path
       --keep               keep trace packet all lifetime (DEPRECATED: not implemented yet)
   -N, --netns uint32       trace this Network Namespace only
       --noroute            do not output route path

diff --git a/ebpf/headers/skbtracer.h b/ebpf/headers/skbtracer.h
@@ -65,6 +65,13 @@ BPF_MAP_DEF(skbtracer_cfg) = {
 };
 BPF_MAP_ADD(skbtracer_cfg);
 
+#define GET_CFG()                                      \
+    u32 index = 0;                                     \
+    struct config *cfg = NULL;                         \
+    cfg = bpf_map_lookup_elem(&skbtracer_cfg, &index); \
+    if (cfg == NULL) return 0;                         \
+    cfg->ip = bpf_htonl(cfg->ip)
+
 union addr {
     u32 v4addr;
     struct {

diff --git a/ebpf/skbtracer.c b/ebpf/skbtracer.c
@@ -44,12 +44,7 @@ INLINE bool do_trace_skb(struct event_t *event, struct config *cfg,
 }
 
 INLINE int do_trace(struct pt_regs *ctx, struct sk_buff *skb, const char *func_name) {
-    u32 index = 0;
-    struct config *cfg = NULL;
-
-    cfg = bpf_map_lookup_elem(&skbtracer_cfg, &index);
-    if (cfg == NULL) return 0;
-
+    GET_CFG();
     GET_EVENT_BUF();
 
     if (!do_trace_skb(event, cfg, ctx, skb)) return 0;
@@ -260,20 +255,16 @@ INLINE int __ipt_do_table_out(struct pt_regs *ctx, struct sk_buff *skb) {
     u32 pid;
     u32 verdict;
     u64 ipt_delay;
-    u32 index = 0;
-    struct config *cfg = NULL;
     struct ipt_do_table_args *args;
 
     pid = bpf_get_current_pid_tgid();
     args = bpf_map_lookup_elem(&skbtracer_ipt, &pid);
     if (args == NULL) return 0;
     bpf_map_delete_elem(&skbtracer_ipt, &pid);
 
+    GET_CFG();
     GET_EVENT_BUF();
 
-    cfg = bpf_map_lookup_elem(&skbtracer_cfg, &index);
-    if (cfg == NULL) return 0;
-
     if (!do_trace_skb(event, cfg, ctx, args->skb)) return 0;
 
     event->flags |= SKBTRACER_EVENT_IPTABLE;
@@ -322,16 +313,11 @@ int ipt_kr_do_tbl6(struct pt_regs *ctx) {
 
 SEC("kprobe/__kfree_skb")
 int k___kfree_skb(struct pt_regs *ctx) {
-    u32 index = 0;
-    struct config *cfg = NULL;
-
     struct sk_buff *skb = (struct sk_buff *)PT_REGS_PARM1(ctx);
 
+    GET_CFG();
     GET_EVENT_BUF();
 
-    cfg = bpf_map_lookup_elem(&skbtracer_cfg, &index);
-    if (cfg == NULL) return 0;
-
     if (!do_trace_skb(event, cfg, ctx, skb))
         return 0;