Merge branch 'main' into make-runner-optional to test its correct working in upstream

responder-ebpf/src/bin/icmp.rs

@@ -66,40 +66,18 @@ unsafe fn matches_filter(daddr: IpAddr) -> bool {
 fn try_responder(ctx: XdpContext) -> Result<xdp_action::Type, xdp_action::Type> {
     let mut hdr_cursor = 0usize;
 
-    // let eth = parse_ethhdr(&ctx, &mut hdr_cursor).ok_or(xdp_action::XDP_PASS)?;
-    // let protocol = unsafe { u16::from_be((*eth).h_proto) };
-
-    // if protocol != ETH_P_IP {
-    //     return Ok(xdp_action::XDP_PASS);
-    // }
-
-    // let ip = parse_ipv4hdr(&ctx, &mut hdr_cursor).ok_or(xdp_action::XDP_PASS)?;
-    //
-
     let (eth, ip) = unsafe {
         parse_routing(&ctx, &mut hdr_cursor)
             .ok_or(xdp_action::XDP_PASS)?
     };
 
-    let (protocol, daddr) = match ip {
-        Layer3::Ipv4(ip) => unsafe { (
-            (*ip).protocol,
-            IpAddr::V4((*ip).daddr)
-        ) },
-        Layer3::Ipv6(ip) => unsafe {(
-            (*ip).nexthdr,
-             IpAddr::V6((*ip).daddr)
-        ) }
-    };
-
+    let protocol = unsafe { l3_get_protocol(&ip) };
+    let daddr = unsafe { l3_get_daddr(&ip) };
 
     if is_local(daddr) {
-        // info!(&ctx, "local: pass");
-        return Ok(xdp_action::XDP_PASS);
+        return Ok(xdp_action::XDP_PASS); // Pass normal loopback traffic to not disturb host
     }
 
-    info!(&ctx, "received a packet");
-    info!(&ctx,"Received eth with proto: {}", protocol);
     info!(&ctx, "Received ip with proto: {}", protocol);
     match daddr {
         IpAddr::V4(ip) => info!(&ctx, "daddr: {:ipv4}", ip),

responder-ebpf/src/bin/syn.rs

@@ -71,16 +71,8 @@ fn try_responder(ctx: XdpContext) -> Result<xdp_action::Type, xdp_action::Type>
             .ok_or(xdp_action::XDP_PASS)?
     };
 
-    let (protocol, daddr) = match ip {
-        Layer3::Ipv4(ip) => unsafe { (
-            (*ip).protocol,
-            IpAddr::V4(u32::from_be((*ip).daddr))
-        ) },
-        Layer3::Ipv6(ip) => unsafe {(
-            (*ip).nexthdr,
-             IpAddr::V6((*ip).daddr)
-        ) }
-    };
+    let protocol = unsafe { l3_get_protocol(&ip) };
+    let daddr = unsafe { l3_get_daddr(&ip) };
 
     if is_local(daddr) {
         // info!(&ctx, "local: pass");

responder-ebpf/src/util.rs

@@ -75,6 +75,22 @@ pub unsafe fn parse_routing(ctx: &XdpContext, cursor: &mut usize) -> Option<(*mu
     return None;
 }
 
+#[inline(always)]
+pub unsafe fn l3_get_protocol(l3: &Layer3) -> u8 {
+    return match l3 {
+        Layer3::Ipv4(ip) => (**ip).protocol,
+        Layer3::Ipv6(ip) => (**ip).nexthdr,
+    }
+}
+
+#[inline(always)]
+pub unsafe fn l3_get_daddr(l3: &Layer3) -> IpAddr {
+    return match l3 {
+        Layer3::Ipv4(ip) => IpAddr::V4(u32::from_be((**ip).daddr)),
+        Layer3::Ipv6(ip) => IpAddr::V6((**ip).daddr),
+    }
+}
+
 #[inline(always)]
 pub unsafe fn bounce_eth(_ctx: &XdpContext, eth: *mut ethhdr) {
     (*eth).h_dest = (*eth).h_source;