Clean up responder main.rs, icmp.rs and syn.rs

responder-ebpf/src/bin/icmp.rs

@@ -78,12 +78,6 @@ fn try_responder(ctx: XdpContext) -> Result<xdp_action::Type, xdp_action::Type>
         return Ok(xdp_action::XDP_PASS); // Pass normal loopback traffic to not disturb host
     }
 
-    info!(&ctx, "Received ip with proto: {}", protocol);
-    match daddr {
-        IpAddr::V4(ip) => info!(&ctx, "daddr: {:ipv4}", ip),
-        IpAddr::V6(ip) => unsafe { info!(&ctx, "daddr: {:ipv6}", ip.in6_u.u6_addr8) }
-    }
-
     if unsafe { !matches_filter(daddr) } {
         info!(&ctx, "no match: drop");
         return Ok(xdp_action::XDP_DROP);
@@ -96,7 +90,11 @@ fn try_responder(ctx: XdpContext) -> Result<xdp_action::Type, xdp_action::Type>
     let icmp = parse_icmphdr(&ctx, &mut hdr_cursor).ok_or(xdp_action::XDP_PASS)?;
     let icmp_type = unsafe { (*icmp).type_ };
 
-    info!(&ctx, "Received icmp with type: {}", icmp_type);
+    match daddr {
+        IpAddr::V4(ip) => info!(&ctx, "Received matching packet with daddr: {:ipv4}", ip),
+        IpAddr::V6(ip) => unsafe { info!(&ctx, "Received matching packet with daddr: {:ipv6}", ip.in6_u.u6_addr8) }
+    }
+    info!(&ctx, "and icmp with type: {}", icmp_type);
 
     if icmp_type != ICMP_ECHO {
         return Ok(xdp_action::XDP_PASS);

responder-ebpf/src/bin/syn.rs

@@ -79,16 +79,8 @@ fn try_responder(ctx: XdpContext) -> Result<xdp_action::Type, xdp_action::Type>
         return Ok(xdp_action::XDP_PASS);
     }
 
-    info!(&ctx, "received a packet");
-    info!(&ctx,"Received eth with proto: {}", protocol);
-    info!(&ctx, "Received ip with proto: {}", protocol);
-    match daddr {
-        IpAddr::V4(ip) => info!(&ctx, "daddr: {:ipv4}", ip),
-        IpAddr::V6(ip) => unsafe { info!(&ctx, "daddr: {:ipv6}", ip.in6_u.u6_addr8) }
-    }
 
     if unsafe { !matches_filter(daddr) } {
-        info!(&ctx, "no match: drop");
         return Ok(xdp_action::XDP_DROP);
     }
 
@@ -100,7 +92,11 @@ fn try_responder(ctx: XdpContext) -> Result<xdp_action::Type, xdp_action::Type>
     let tcp_syn = unsafe { (*tcp).syn() };
     let tcp_ack = unsafe { (*tcp).ack() };
 
-    info!(&ctx, "Received tcp with syn: {}, ack: ", tcp_syn, tcp_ack);
+    match daddr {
+        IpAddr::V4(ip) => info!(&ctx, "Received packet with matching daddr: {:ipv4}", ip),
+        IpAddr::V6(ip) => unsafe { info!(&ctx, "Received packet with matching daddr: {:ipv6}", ip.in6_u.u6_addr8) }
+    }
+    info!(&ctx, "and tcp with syn: {}, ack: {}", tcp_syn, tcp_ack);
 
     if tcp_syn == 0 || tcp_ack != 0 {
         return Ok(xdp_action::XDP_PASS);

responder/src/main.rs

@@ -1,10 +1,11 @@
-use std::net::{Ipv4Addr};
+use std::{net::Ipv4Addr, path::PathBuf};
 
 use aya::{Bpf, maps::HashMap};
 use anyhow::{anyhow, Context};
 use aya::programs::{Xdp, XdpFlags};
 use aya_log::BpfLogger;
 use clap::Parser;
+use env_logger::Env;
 use log::{info, warn};
 use tokio::signal;
 use csv::ReaderBuilder;
@@ -18,6 +19,8 @@ struct Opt {
     scan_type: String,
     #[clap(short, long)]
     csv: Option<String>,
+    #[clap(default_value = "bpfel-unknown-none", long)]
+    target: String,
 }
 
 #[derive(Debug, Deserialize, Eq, PartialEq)]
@@ -29,24 +32,26 @@ struct CsvRow {
 async fn main() -> Result<(), anyhow::Error> {
     let opt = Opt::parse();
 
-    env_logger::init();
+    env_logger::Builder::from_env(Env::default().default_filter_or("info")).init();
+
+    let mut bpf_path = PathBuf::new();
+    bpf_path.push("target");
+    bpf_path.push(opt.target);
 
     #[cfg(debug_assertions)]
-    let bpefl_dir =  "target/bpfel-unknown-none/debug";
+    bpf_path.push("debug");
 
     #[cfg(not(debug_assertions))]
-    let bpefl_dir =  "target/bpfel-unknown-none/release";
+    bpf_path.push("release");
 
     let xdp_name = opt.scan_type;
+    bpf_path.push(xdp_name.clone());
 
-    let mut bpf = Bpf::load_file(format!("{}/{}",
-        bpefl_dir, xdp_name
-    ))?;
-    // TODO Proper pathing
+    let mut bpf = Bpf::load_file(bpf_path)?;
 
     if let Err(e) = BpfLogger::init(&mut bpf) {
-        // This can happen if you remove all log statements from your eBPF program.
-        warn!("failed to initialize eBPF logger: {}", e);
+        warn!("failed to initialize eBPF logger: {}
+This can happen if the loaded eBPF program has no log statements.", e);
     }
 
     // Obtain and load the XDP program called "responder" defined in the XDP file loaded above
@@ -54,13 +59,16 @@ async fn main() -> Result<(), anyhow::Error> {
     program.load()?;
     program.attach(&opt.iface, XdpFlags::default())
            .context(format!(
-               "failed to attach the {} XDP program with default flags - try changing XdpFlags::default() to XdpFlags::SKB_MODE",
+               "failed to attach the {} XDP program with default flags \
+ - try changing XdpFlags::default() to XdpFlags::SKB_MODE",
                xdp_name
            ))?;
 
     info!("Loaded {} XDP program", xdp_name);
 
-    let mut filter_map: HashMap<_, u32, u8> = HashMap::try_from(bpf.map_mut("FILTER_MAP").ok_or(anyhow!("Could not construct mutable FILTER_MAP"))?)?;
+    let mut filter_map: HashMap<_, u32, u8> =
+        HashMap::try_from(bpf.map_mut("FILTER_MAP")
+                          .ok_or(anyhow!("Could not construct mutable FILTER_MAP"))?)?;
 
     if let Some(csv_path) = opt.csv {
         info!("Installing filter rules from {}", csv_path);
@@ -70,6 +78,7 @@ async fn main() -> Result<(), anyhow::Error> {
         for record in reader.deserialize() {
             let row: CsvRow = record?;
             filter_map.insert(u32::from(row.saddr), 1u8, 0)?;
+            // TODO replace with BPF_MAP_UPDATE_BATCH
         }
     };