I'm trying to achieve a simple NAT (just swap dest and src IP of the packet) using XDP so I can just process the packet once I receive it on an interface and send it back to the sender through another interface, but it seems I missed something and would be grateful for tips and advice. Note that I'm not sure I understand the underlying mechanisms of networking protocols or Linux networking - I'm working on improving that xD. Anyway here's the code I'm using.
struct in_addr ipaddr;
int ifindex = 3;
uint8_t tmp_mac[ETH_ALEN] = {/* mac address of the second interface */};
// Here I'm supposed to have a decision function to decide which IP to be translated to what
// ipaddr.s_addr = (in_addr_t) bpf_map_lookup_elem(&ip_nat, &ip->daddr);
// Change the source MAC to the MAC of forwarding back interface
memcpy(eth->h_source, tmp_mac, ETH_ALEN);
// Change the destination to the same interface address from the packet sender
memcpy(eth->h_dest, eth->h_source, ETH_ALEN);
// Swap IP addresses
memcpy(&ipaddr, &ip->saddr, sizeof(ipaddr));
memcpy(&ip->saddr, &ip->daddr, sizeof(ipaddr));
memcpy(&ip->daddr, &ipaddr, sizeof(ipaddr));
// Send the packet to forwarding interface
return bpf_redirect(ifindex, 0);
I'm using Scapy to generate TCP packets from a machine to another, but unfortunately I route the packets back. I tried the xdp_tutorial but I couldn't see what I'm missing - noop flag is up xD.
from Recent Questions - Stack Overflow https://ift.tt/3zUJcjq
https://ift.tt/eA8V8J
No comments:
Post a Comment