mirror of https://github.com/OISF/suricata
You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
44 lines
911 B
C
44 lines
911 B
C
//#include <bcc/proto.h>
|
|
#include <stdint.h>
|
|
#include <stddef.h>
|
|
#include <linux/bpf.h>
|
|
|
|
#include <linux/if_ether.h>
|
|
#include <linux/in.h>
|
|
#include <linux/ip.h>
|
|
#include <linux/in6.h>
|
|
#include <linux/ipv6.h>
|
|
#include <linux/filter.h>
|
|
|
|
#include "bpf_helpers.h"
|
|
|
|
#define LINUX_VERSION_CODE 263682
|
|
|
|
int SEC("filter") hashfilter(struct __sk_buff *skb) {
|
|
__u32 nhoff = BPF_LL_OFF + ETH_HLEN;
|
|
|
|
skb->cb[0] = nhoff;
|
|
switch (skb->protocol) {
|
|
case __constant_htons(ETH_P_IP):
|
|
return -1;
|
|
case __constant_htons(ETH_P_IPV6):
|
|
return 0;
|
|
default:
|
|
#if 0
|
|
{
|
|
char fmt[] = "Got proto %u\n";
|
|
bpf_trace_printk(fmt, sizeof(fmt), h_proto);
|
|
break;
|
|
}
|
|
#else
|
|
break;
|
|
#endif
|
|
}
|
|
return -1;
|
|
}
|
|
|
|
|
|
char __license[] SEC("license") = "GPL";
|
|
|
|
uint32_t __version SEC("version") = LINUX_VERSION_CODE;
|