This commit is contained in:
mzz2017 2023-02-06 22:03:03 +08:00
parent f8b83a9283
commit 9b38fa97e6

View File

@ -1178,15 +1178,15 @@ int tproxy_lan_ingress(struct __sk_buff *skb) {
}
/**
ip rule add fwmark 0x80000000/0x80000000 table 1000
ip route add local 0.0.0.0/0 dev lo table 1000
ip -6 rule add fwmark 0x80000000/0x80000000 table 1000
ip -6 route add local ::/0 dev lo table 1000
ip rule add fwmark 0x80000000/0x80000000 table 2023
ip route add local 0.0.0.0/0 dev lo table 2023
ip -6 rule add fwmark 0x80000000/0x80000000 table 2023
ip -6 route add local ::/0 dev lo table 2023
ip rule del fwmark 0x80000000/0x80000000 table 1000
ip route del local 0.0.0.0/0 dev lo table 1000
ip -6 rule del fwmark 0x80000000/0x80000000 table 1000
ip -6 route del local ::/0 dev lo table 1000
ip rule del fwmark 0x80000000/0x80000000 table 2023
ip route del local 0.0.0.0/0 dev lo table 2023
ip -6 rule del fwmark 0x80000000/0x80000000 table 2023
ip -6 route del local ::/0 dev lo table 2023
*/
struct bpf_sock_tuple tuple = {0};
__u32 tuple_size;
@ -1196,10 +1196,6 @@ int tproxy_lan_ingress(struct __sk_buff *skb) {
void *l4hdr;
// Socket lookup and assign skb to existing socket connection.
if ((bpf_map_lookup_elem(&routing_tuples_map, &tuples))) {
// Should be old connection.
is_old_conn = true;
if (ipversion == 4) {
tuple.ipv4.daddr = tuples.dst.ip[3];
tuple.ipv4.saddr = tuples.src.ip[3];
@ -1223,6 +1219,7 @@ int tproxy_lan_ingress(struct __sk_buff *skb) {
sk = bpf_skc_lookup_tcp(skb, &tuple, tuple_size, BPF_F_CURRENT_NETNS, 0);
if (sk) {
if (sk->state != BPF_TCP_LISTEN) {
is_old_conn = true;
goto assign;
}
bpf_sk_release(sk);
@ -1232,10 +1229,10 @@ int tproxy_lan_ingress(struct __sk_buff *skb) {
sk = bpf_sk_lookup_udp(skb, &tuple, tuple_size, BPF_F_CURRENT_NETNS, 0);
if (sk) {
is_old_conn = true;
goto assign;
}
}
}
// Routing for new connection.
new_connection: