Skip to content

Commit

Permalink
various cleanup
Browse files Browse the repository at this point in the history
  • Loading branch information
akarpz committed Nov 21, 2023
1 parent dd45856 commit 39377a9
Show file tree
Hide file tree
Showing 4 changed files with 22 additions and 21 deletions.
4 changes: 2 additions & 2 deletions pkg/network/ebpf/c/prebuilt/conntrack.c
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ int kprobe___nf_conntrack_hash_insert(struct pt_regs* ctx) {
if (nf_conn_to_conntrack_tuples(ct, &orig, &reply) != 0) {
return 0;
}
RETURN_IF_NOT_NAT(orig, reply);
RETURN_IF_NOT_NAT(&orig, &reply);

bpf_map_update_with_telemetry(conntrack, &orig, &reply, BPF_ANY);
bpf_map_update_with_telemetry(conntrack, &reply, &orig, BPF_ANY);
Expand All @@ -47,7 +47,7 @@ int kprobe_ctnetlink_fill_info(struct pt_regs* ctx) {
return 0;
}

RETURN_IF_NOT_NAT(orig, reply);
RETURN_IF_NOT_NAT(&orig, &reply);

bpf_map_update_with_telemetry(conntrack, &orig, &reply, BPF_ANY);
bpf_map_update_with_telemetry(conntrack, &reply, &orig, BPF_ANY);
Expand Down
8 changes: 4 additions & 4 deletions pkg/network/ebpf/c/prebuilt/conntrack.h
Original file line number Diff line number Diff line change
Expand Up @@ -34,10 +34,10 @@ offset_ct(ino)
return 0; \
}

bool is_conn_nat(conntrack_tuple_t orig, conntrack_tuple_t reply) {
return orig.daddr_l != reply.saddr_l || orig.dport != reply.sport ||
orig.saddr_l != reply.daddr_l || orig.sport != reply.dport ||
orig.daddr_h != reply.saddr_h;
static __always_inline bool is_conn_nat(const conntrack_tuple_t* orig, const conntrack_tuple_t* reply) {
return orig->daddr_l != reply->saddr_l || orig->dport != reply->sport ||
orig->saddr_l != reply->daddr_l || orig->sport != reply->dport ||
orig->daddr_h != reply->saddr_h;
}

static __always_inline u32 get_netns(struct nf_conn *ct) {
Expand Down
18 changes: 12 additions & 6 deletions pkg/network/ebpf/c/runtime/conntrack.c
Original file line number Diff line number Diff line change
Expand Up @@ -27,15 +27,18 @@ SEC("kprobe/__nf_conntrack_hash_insert")
int kprobe___nf_conntrack_hash_insert(struct pt_regs* ctx) {
struct nf_conn *ct = (struct nf_conn*)PT_REGS_PARM1(ctx);

log_debug("kprobe/__nf_conntrack_hash_insert: netns: %u\n", get_netns(&ct->ct_net));
u32 status = ct_status(ct);
if (!(status&IPS_CONFIRMED) || !(status&IPS_NAT_MASK)) {
return 0;
}

log_debug("kprobe/__nf_conntrack_hash_insert: netns: %u, status: %x\n", get_netns(&ct->ct_net), status);

conntrack_tuple_t orig = {}, reply = {};
if (nf_conn_to_conntrack_tuples(ct, &orig, &reply) != 0) {
return 0;
}

RETURN_IF_NOT_NAT(orig, reply);

bpf_map_update_with_telemetry(conntrack, &orig, &reply, BPF_ANY);
bpf_map_update_with_telemetry(conntrack, &reply, &orig, BPF_ANY);
increment_telemetry_registers_count();
Expand All @@ -53,15 +56,18 @@ int kprobe_ctnetlink_fill_info(struct pt_regs* ctx) {

struct nf_conn *ct = (struct nf_conn*)PT_REGS_PARM5(ctx);

log_debug("kprobe/ctnetlink_fill_info: netns: %u\n", get_netns(&ct->ct_net));
u32 status = ct_status(ct);
if (!(status&IPS_CONFIRMED) || !(status&IPS_NAT_MASK)) {
return 0;
}

log_debug("kprobe/__nf_conntrack_hash_insert: netns: %u, status: %x\n", get_netns(&ct->ct_net), status);

conntrack_tuple_t orig = {}, reply = {};
if (nf_conn_to_conntrack_tuples(ct, &orig, &reply) != 0) {
return 0;
}

RETURN_IF_NOT_NAT(orig, reply);

bpf_map_update_with_telemetry(conntrack, &orig, &reply, BPF_ANY);
bpf_map_update_with_telemetry(conntrack, &reply, &orig, BPF_ANY);
increment_telemetry_registers_count();
Expand Down
13 changes: 4 additions & 9 deletions pkg/network/ebpf/c/runtime/conntrack.h
Original file line number Diff line number Diff line change
Expand Up @@ -28,15 +28,10 @@ static __always_inline u32 get_netns(void *p_net) {
return net_ns_inum;
}

#define RETURN_IF_NOT_NAT(orig, reply) \
if (!is_conn_nat(orig, reply)) { \
return 0; \
}

bool is_conn_nat(conntrack_tuple_t orig, conntrack_tuple_t reply) {
return orig.daddr_l != reply.saddr_l || orig.dport != reply.sport ||
orig.saddr_l != reply.daddr_l || orig.sport != reply.dport ||
orig.daddr_h != reply.saddr_h;
static __always_inline u32 ct_status(const struct nf_conn *ct) {
u32 status = 0;
bpf_probe_read_kernel_with_telemetry(&status, sizeof(status), (void *)&ct->status);
return status;
}

static __always_inline int nf_conn_to_conntrack_tuples(struct nf_conn* ct, conntrack_tuple_t* orig, conntrack_tuple_t* reply) {
Expand Down

0 comments on commit 39377a9

Please sign in to comment.