assert False
out.write("#define REQ_8021Q " + args.vlan_tag + "\n")
+ use_v4 = False
+ use_v6 = False
+
out.write("#define RULES \\\n")
def write_rule(r):
continue
if t[0].strip() == "flow4":
proto = 4
+ use_v4 = True
out.write("if (eth_proto == htons(ETH_P_IP)) { \\\n")
out.write("\tdo {\\\n")
elif t[0].strip() == "flow6":
proto = 6
+ use_v6 = True
out.write("if (eth_proto == htons(ETH_P_IPV6)) { \\\n")
out.write("\tdo {\\\n")
else:
out.write("\t} while(0);\\\n}\\\n")
out.write("\n")
+ if use_v4:
+ out.write("#define NEED_V4_PARSE\n")
+ if use_v6:
+ out.write("#define NEED_V6_PARSE\n")
}
}
- const struct tcphdr *tcp = NULL;
- const struct udphdr *udp = NULL;
+#ifdef NEED_V4_PARSE
+ const struct iphdr *ip = NULL;
const struct icmphdr *icmp = NULL;
+#endif
+#ifdef NEED_V6_PARSE
+ const struct ip6hdr *ip6 = NULL;
const struct icmp6hdr *icmpv6 = NULL;
const struct ip6_fraghdr *frag6 = NULL;
- const struct iphdr *ip = NULL;
- const struct ip6hdr *ip6 = NULL;
+#endif
+
const void *l4hdr = NULL;
+ const struct tcphdr *tcp = NULL;
+ const struct udphdr *udp = NULL;
+
+#ifdef NEED_V4_PARSE
if (eth_proto == BE16(ETH_P_IP)) {
if (unlikely(pktdata + sizeof(struct iphdr) > data_end))
return XDP_DROP;
return XDP_DROP;
icmp = (struct icmphdr*) l4hdr;
}
- } else if (eth_proto == BE16(ETH_P_IPV6)) {
+ }
+#endif
+#ifdef NEED_V6_PARSE
+ if (eth_proto == BE16(ETH_P_IPV6)) {
if (unlikely(pktdata + sizeof(struct ip6hdr) > data_end))
return XDP_DROP;
ip6 = (struct ip6hdr*) pktdata;
icmpv6 = (struct icmp6hdr*) l4hdr;
}
// TODO: Handle some options?
- } else {
- return XDP_PASS;
}
+#endif
uint16_t sport, dport; // Host Endian! Only valid with tcp || udp
if (tcp != NULL) {
projects / flowspec-xdp / commitdiff