fetch skb struct and print

jschwinger233 · Mar 10, 2023 · b99cd74 · b99cd74
1 parent c5d93c1
commit b99cd74
Show file tree

Hide file tree

Showing 5 changed files with 57 additions and 14 deletions.
diff --git a/internal/bpf/skb_checker.h b/internal/bpf/skb_checker.h
@@ -2,7 +2,7 @@
 #include "bpf_helpers.h"
 #include "endian.h"
 
-#define MAX_LAYER 6
+#define MAX_LAYER 0
 
 static __always_inline
 bool check_eth(struct ethhdr *eth)

diff --git a/internal/bpf/skbdump.c b/internal/bpf/skbdump.c
@@ -11,11 +11,22 @@ char __license[] SEC("license") = "Dual MIT/GPL";
 
 struct skb_meta {
 	bool	is_ingress;
-	__u8	h_source[ETH_HLEN];
-	__u8	h_dest[ETH_HLEN];
-	__u32	saddr;
-	__u32	daddr;
 	__u64	time_ns;
+
+	/* fetch 13 fields from skb */
+	__u32	len;
+	__u32	pkt_type;
+	__u32	mark;
+	__u32	queue_mapping;
+	__u32	protocol;
+	__u32	vlan_present;
+	__u32	vlan_tci;
+	__u32	vlan_proto;
+	__u32	priority;
+	__u32	ingress_ifindex;
+	__u32	ifindex;
+	__u32	tc_index;
+	__u32	cb[5];
 };
 
 // force emitting struct into the ELF.
@@ -51,6 +62,23 @@ void handle_skb(struct __sk_buff *skb, bool ingress)
 	__builtin_memset(&meta, 0, sizeof(meta));
 	meta.is_ingress = ingress;
 	meta.time_ns = bpf_ktime_get_ns();
+	/* copy from skb */
+	meta.len = skb->len;
+	meta.pkt_type = skb->pkt_type;
+	meta.mark = skb->mark;
+	meta.queue_mapping = skb->queue_mapping;
+	meta.protocol = skb->protocol;
+	meta.vlan_present = skb->vlan_present;
+	meta.vlan_proto = skb->vlan_proto;
+	meta.priority = skb->priority;
+	meta.ingress_ifindex = skb->ingress_ifindex;
+	meta.ifindex = skb->ifindex;
+	meta.tc_index = skb->tc_index;
+	meta.cb[0] = skb->cb[0];
+	meta.cb[1] = skb->cb[1];
+	meta.cb[2] = skb->cb[2];
+	meta.cb[3] = skb->cb[3];
+	meta.cb[4] = skb->cb[4];
 	bpf_map_push_elem(&meta_queue, &meta, BPF_EXIST);
 
 	bpf_tail_call(skb, &skb_data_call,

diff --git a/internal/bpf/skbdump_bpfel_x86.go b/internal/bpf/skbdump_bpfel_x86.go
diff --git a/internal/bpf/skbdump_bpfel_x86.o b/internal/bpf/skbdump_bpfel_x86.o
diff --git a/main.go b/main.go
@@ -2,6 +2,7 @@ package main
 
 import (
 	"context"
+	"encoding/json"
 	"fmt"
 	"log"
 	"os"
@@ -93,12 +94,16 @@ func main() {
 			time.Sleep(time.Microsecond)
 
 		}
-		fmt.Printf(".")
+		jb, err := json.Marshal(meta)
+		if err != nil {
+			log.Fatalf("failed to marshal json: %+v\n", err)
+		}
+		fmt.Printf("%s\n", string(jb))
 		captureInfo := gopacket.CaptureInfo{
 			Timestamp:      bootTime.Add(time.Duration(meta.TimeNs)),
 			CaptureLength:  int(data.Len),
 			Length:         int(data.Len),
-			InterfaceIndex: getConfig().Ifindex,
+			InterfaceIndex: int(meta.Ifindex),
 		}
 		if err := pcapw.WritePacket(captureInfo, data.Data[:data.Len]); err != nil {
 			log.Fatalf("pcap.WritePacket(): %v", err)