Ah, I completely missed the BPF_NET_OFF for some reason. Thanks for getting me back on track, it's just what I need. I didn't have much success with negative offsets with LDABS, it passes verifier but it didn't read anything (unless there's a special offset I forgot to add).
On Wed, Mar 29, 2017 at 12:00 PM, Alexei Starovoitov < [email protected]> wrote: > On Tue, Mar 28, 2017 at 7:08 PM, Marek Vavruša via iovisor-dev > <[email protected]> wrote: > > Hi, > > > > so I was tinkering with programs attached to reuseport groups again, and > > simple decisions work as expected. > > The problem comes when I want to make decisions based on source or > > destination IP address. Since the sockets > > in the socket group are already UDP or TCP, I can only see the payloads. > In > > userspace, I can use IP(V6)_PKTINFO and get this over ancillary data, > but I > > couldn't find anything like this in helpers, so I'm wondering what to do. > > Things I'm considering: > > > > 1. I'm probably missing something. I expected to be able to see the whole > > packet in reuseport programs (unlike in socket filters bound to sockets). > > 2. I need to make a helper, or something like SKF_AD_PROTOCOL (or direct > > access through skb), but for PKTINFO. > > 3. I should look at the addresses in tc, tag messages based on > > source/destination address (assuming I can convey the tag through some > skb > > field somehow), and then make decisions based on tags in the socket > filter. > > > > Any ideas? > > ldabs insn works with negative offset. > unfortunately skb_load_bytes() doesn't. > Or use BPF_NET_OFF ugliness, but it's slower. >
_______________________________________________ iovisor-dev mailing list [email protected] https://lists.iovisor.org/mailman/listinfo/iovisor-dev
