xref: /dpdk/examples/bpf/t1.c (revision 25d11a86c56d50947af33d0b79ede622809bd8b9) 
1 /* SPDX-License-Identifier: BSD-3-Clause
2  * Copyright(c) 2018 Intel Corporation
3  */
4 
5 /*
6  * eBPF program sample.
7  * Accepts pointer to first segment packet data as an input parameter.
8  * analog of tcpdump -s 1 -d 'dst 1.2.3.4 && udp && dst port 5000'
9  * (000) ldh      [12]
10  * (001) jeq      #0x800           jt 2    jf 12
11  * (002) ld       [30]
12  * (003) jeq      #0x1020304       jt 4    jf 12
13  * (004) ldb      [23]
14  * (005) jeq      #0x11            jt 6    jf 12
15  * (006) ldh      [20]
16  * (007) jset     #0x1fff          jt 12   jf 8
17  * (008) ldxb     4*([14]&0xf)
18  * (009) ldh      [x + 16]
19  * (010) jeq      #0x1388          jt 11   jf 12
20  * (011) ret      #1
21  * (012) ret      #0
22  *
23  * To compile on x86:
24  * clang -O2 -U __GNUC__ -target bpf -c t1.c
25  *
26  * To compile on ARM:
27  * clang -O2 -I/usr/include/aarch64-linux-gnu/ -target bpf -c t1.c
28  */
29 
30 #include <stdint.h>
31 #include <net/ethernet.h>
32 #include <netinet/ip.h>
33 #include <netinet/udp.h>
34 #include <arpa/inet.h>
35 
36 uint64_t
entry(void * pkt)37 entry(void *pkt)
38 {
39 	struct ether_header *ether_header = (void *)pkt;
40 
41 	if (ether_header->ether_type != htons(0x0800))
42 		return 0;
43 
44 	struct iphdr *iphdr = (void *)(ether_header + 1);
45 	if (iphdr->protocol != 17 || (iphdr->frag_off & 0x1ffff) != 0 ||
46 			iphdr->daddr != htonl(0x1020304))
47 		return 0;
48 
49 	int hlen = iphdr->ihl * 4;
50 	struct udphdr *udphdr = (void *)iphdr + hlen;
51 
52 	if (udphdr->dest != htons(5000))
53 		return 0;
54 
55 	return 1;
56 }
57