On 09/05/2016 04:22 PM, Daniel Mack wrote:
On 08/30/2016 12:03 AM, Daniel Borkmann wrote:
On 08/26/2016 09:58 PM, Daniel Mack wrote:
diff --git a/net/core/dev.c b/net/core/dev.c
index a75df86..17484e6 100644
--- a/net/core/dev.c
+++ b/net/core/dev.c
@@ -141,6 +141,7 @@
#include
On 08/30/2016 12:03 AM, Daniel Borkmann wrote:
> On 08/26/2016 09:58 PM, Daniel Mack wrote:
>> diff --git a/net/core/dev.c b/net/core/dev.c
>> index a75df86..17484e6 100644
>> --- a/net/core/dev.c
>> +++ b/net/core/dev.c
>> @@ -141,6 +141,7 @@
>> #include
>> #include
>> #include
>>
On Tue, Aug 30, 2016 at 12:03:23AM +0200, Daniel Borkmann wrote:
> On 08/26/2016 09:58 PM, Daniel Mack wrote:
> >If the cgroup associated with the receiving socket has an eBPF
> >programs installed, run them from __dev_queue_xmit().
> >
> >eBPF programs used in this context are expected to either
On 08/26/2016 09:58 PM, Daniel Mack wrote:
If the cgroup associated with the receiving socket has an eBPF
programs installed, run them from __dev_queue_xmit().
eBPF programs used in this context are expected to either return 1 to
let the packet pass, or != 1 to drop them. The programs have
If the cgroup associated with the receiving socket has an eBPF
programs installed, run them from __dev_queue_xmit().
eBPF programs used in this context are expected to either return 1 to
let the packet pass, or != 1 to drop them. The programs have access to
the full skb, including the MAC
