On 03/29/2017 09:00 PM, Alexei Starovoitov via iovisor-dev wrote:
On Tue, Mar 28, 2017 at 7:08 PM, Marek Vavruša via iovisor-dev
<[email protected]> wrote:
Hi,
so I was tinkering with programs attached to reuseport groups again, and
simple decisions work as expected.
The problem comes when I want to make decisions based on source or
destination IP address. Since the sockets
in the socket group are already UDP or TCP, I can only see the payloads. In
userspace, I can use IP(V6)_PKTINFO and get this over ancillary data, but I
couldn't find anything like this in helpers, so I'm wondering what to do.
Things I'm considering:
1. I'm probably missing something. I expected to be able to see the whole
packet in reuseport programs (unlike in socket filters bound to sockets).
2. I need to make a helper, or something like SKF_AD_PROTOCOL (or direct
access through skb), but for PKTINFO.
3. I should look at the addresses in tc, tag messages based on
source/destination address (assuming I can convey the tag through some skb
field somehow), and then make decisions based on tags in the socket filter.
Any ideas?
ldabs insn works with negative offset.
unfortunately skb_load_bytes() doesn't.
Or use BPF_NET_OFF ugliness, but it's slower.
Hm, probably makes sense to implement a version of skb_load_bytes() for
socket filter types explicitly that could also deal with such offsets.
_______________________________________________
iovisor-dev mailing list
[email protected]
https://lists.iovisor.org/mailman/listinfo/iovisor-dev
