ebpf: implement vlan filter

Basic filter allowing only a list of VLANs.
7 years ago · a229635792
parent 0654c31397
commit a229635792
2 changed files with 25 additions and 1 deletions
--- a/ebpf/Makefile.am
+++ b/ebpf/Makefile.am
@ -1,6 +1,6 @@
 if BUILD_EBPF

-all: lb.bpf filter.bpf bypass_filter.bpf xdp_filter.bpf
+all: lb.bpf filter.bpf bypass_filter.bpf xdp_filter.bpf vlan_filter.bpf

 %.bpf: %.c
 	${CC} -Wall -O2 -D__KERNEL__ -D__ASM_SYSREG_H -emit-llvm -c $< -o - | ${LLC} -march=bpf -filetype=obj -o $@
--- a/ebpf/vlan_filter.c
+++ b/ebpf/vlan_filter.c
@ -0,0 +1,24 @@
+#include <stdint.h>
+#include <stddef.h>
+#include <linux/bpf.h>
+
+#include "bpf_helpers.h"
+
+#define LINUX_VERSION_CODE 263682
+
+int SEC("filter") hashfilter(struct __sk_buff *skb) {
+    uint16_t vlan_id = skb->vlan_tci & 0x0fff;
+    /* accept VLAN 2 and 4 and drop the rest */
+    switch (vlan_id) {
+        case 2:
+        case 4:
+            return -1;
+        default:
+            return 0;
+    }
+    return 0;
+}
+
+char __license[] SEC("license") = "GPL";
+
+uint32_t __version SEC("version") = LINUX_VERSION_CODE;