add pure_reflector

pogobanane · pogobanane · commit 89790e36de33 · 2024-07-03T16:21:53.000Z
diff --git a/Makefile b/Makefile
@@ -1,6 +1,9 @@
-XDP_TARGETS := reflector
+XDP_TARGETS := reflector pure_reflector
 USER_TARGETS :=
 
+# compile parameter:
+OUR_MAC := "{ 0x11, 0x22, 0x33, 0x44, 0x55, 0x66}"
+
 LLC ?= llc
 CLANG ?= clang
 CC ?= gcc
@@ -60,6 +63,7 @@ $(XDP_OBJ): %.o: %.c  Makefile $(OBJECT_LIBBPF)
 	$(CLANG) -S \
 	    -target bpf \
 	    -D __BPF_TRACING__ \
+			-DOUR_MAC="$(OUR_MAC)" \
 	    $(BPF_CFLAGS) \
 	    -Wall \
 	    -Wno-unused-value \
diff --git a/README.md b/README.md
@@ -49,5 +49,18 @@ This project is similarly structured as the
 [XDP tutorial](https://github.com/xdp-project/xdp-tutorial),
 which is a great resource for learning XDP prorgamming.
 
+## Reflector variant: `pure_reflector`
+
+The normal reflector properly switches the src and dst MAC address before sending the packet back into the network.
+As a variant, `pure_reflector` does not touch MAC addresses.
+It can be used to reflect packets back into the network that don't belong to this host.
+For that compile it with your local hosts MAC address (so that these packet are not reflected), and allow the host to accept packets destined for other hosts.
+```bash
+rm pure_reflector.o
+make pure_reflector.o OUR_MAC="{ 0x77, 0x96, 0x91, 0xb3, 0x8b, 0x77}"
+sudo ip link set <DEV> promisc on
+sudo ip link set <DEV> xdpgeneric obj pure_reflector.o sec xdp
+```
+
 ## License
 This project is distributed under [MIT](LICENSE) license.
diff --git a/pure_reflector.c b/pure_reflector.c
@@ -0,0 +1,26 @@
+#include <linux/bpf.h>
+#include <linux/if_ether.h>
+#include <bpf/bpf_helpers.h>
+
+SEC("xdp")
+/* Reflect ethernet frames back to the sender */
+int xdp_reflector(struct xdp_md *ctx)
+{
+    void *data_end = (void *)(long)ctx->data_end;
+    void *data = (void *)(long)ctx->data;
+    struct ethhdr *eth = data;
+
+    if (data + sizeof(*eth) > data_end)
+        return XDP_DROP;
+
+    __u8 our_mac[ETH_ALEN] = OUR_MAC;
+    if (__builtin_memcmp(eth->h_dest, our_mac, ETH_ALEN) == 0) {
+        // packet is for us. Let it pass.
+        return XDP_PASS; // TODO
+    }
+
+    // packet is for someone else. Send it back into the network.
+    return XDP_TX;
+}
+
+char _license[] SEC("license") = "MIT";
