set v4 and more debug

boratanrikulu · Jul 27, 2024 · 812e016 · 812e016
1 parent 8a1846c
commit 812e016
Show file tree

Hide file tree

Showing 2 changed files with 24 additions and 2 deletions.
diff --git a/internal/ebpf-c/xdp.c b/internal/ebpf-c/xdp.c
@@ -118,6 +118,7 @@ int xdp_durdur_func(struct xdp_md *ctx)
 
 	if (data + sizeof(struct ethhdr) + sizeof(struct iphdr) > data_end)
 	{
+		printk("[ERROR] Packet too short for Ethernet and IP headers");
 		return XDP_PASS;
 	}
 
@@ -129,6 +130,12 @@ int xdp_durdur_func(struct xdp_md *ctx)
 
 	struct iphdr *ip = data + sizeof(struct ethhdr);
 
+	if ((void *)(ip + 1) > data_end)
+	{
+		printk("[ERROR] Packet too short for IP header");
+		return XDP_PASS;
+	}
+
 	__u32 ip_src = ip->saddr;
 	long *pkt_count = bpf_map_lookup_elem(&drop_src_addrs, &ip_src);
 	if (pkt_count)
@@ -142,25 +149,40 @@ int xdp_durdur_func(struct xdp_md *ctx)
 		struct udphdr *udp;
 		if (data + sizeof(struct ethhdr) + sizeof(struct iphdr) + sizeof(struct udphdr) > data_end)
 		{
+			printk("[ERROR] Packet too short for UDP header");
 			return XDP_PASS;
 		}
 
 		udp = data + sizeof(struct ethhdr) + sizeof(struct iphdr);
+		if ((void *)(udp + 1) > data_end)
+		{
+			printk("[ERROR] Packet too short for UDP header");
+			return XDP_PASS;
+		}
+
 		if (udp->source == bpf_htons(53))
 		{
 			if (data + sizeof(*eth) + sizeof(*ip) + sizeof(*udp) + sizeof(struct dnshdr) > data_end)
 			{
+				printk("[ERROR] Packet too short for DNS header");
 				return XDP_PASS;
 			}
 
 			struct dnshdr *dns = data + sizeof(*eth) + sizeof(*ip) + sizeof(*udp);
+			if ((void *)(dns + 1) > data_end)
+			{
+				printk("[ERROR] Packet too short for DNS header");
+				return XDP_PASS;
+			}
+
 			if (dns->opcode == 0) // it's a dns query.
 			{
 				void *query_start = (void *)dns + sizeof(struct dnshdr);
 
 				struct dnsquery query;
 				if (!parse_query(data_end, query_start, &query))
 				{
+					printk("[ERROR] Failed to parse DNS query");
 					return XDP_PASS;
 				}
 

diff --git a/internal/ebpf/testing.go b/internal/ebpf/testing.go
@@ -93,7 +93,7 @@ func (tw *tWrap) Run(c *qt.C, until string, f func(e *EBPF)) {
 
 // TTCPWrite tests the TCP connection through the address.
 func TTCPWrite(c *qt.C, address string, ok bool) {
-	conn, err := net.DialTimeout("tcp", address, 2*time.Second)
+	conn, err := net.DialTimeout("tcp4", address, 2*time.Second)
 	if !ok {
 		c.Assert(err, qt.ErrorMatches, ".* i/o timeout")
 		return
@@ -114,7 +114,7 @@ func TDNSLookup(c *qt.C, dns string, ok bool) {
 		},
 	}
 
-	_, err := r.LookupIP(context.Background(), "ip", dns)
+	_, err := r.LookupIP(context.Background(), "ip4", dns)
 	if !ok {
 		c.Assert(err, qt.IsNotNil)
 		return