Feature/dhcpv4 bpf filter (#19)

ipchama · ipchama · web-flow · commit ae094f6571ae · 2020-03-06T21:31:55.000-05:00
* ebpf filter property added to socketeer and filter added to init.

* TODO note.

Co-authored-by: ipchama &lt;no-reply@example.com&gt;
diff --git a/cmd/dhcpv4.go b/cmd/dhcpv4.go
@@ -10,6 +10,7 @@ import (
 	"github.com/ipchama/dhammer/socketeer"
 	"github.com/spf13/cobra"
 	"github.com/vishvananda/netlink"
+	"golang.org/x/sys/unix"
 	"net"
 	"sync"
 	"time"
@@ -246,13 +247,45 @@ func init() {
 				options.StatsRate = 5
 			}
 
+			filter := [28]unix.SockFilter{{0x28, 0, 0, 0x0000000c}, // "arp or (port 67 or port 68)"
+				{0x15, 24, 0, 0x00000806},
+				{0x15, 0, 9, 0x000086dd},
+				{0x30, 0, 0, 0x00000014},
+				{0x15, 2, 0, 0x00000084},
+				{0x15, 1, 0, 0x00000006},
+				{0x15, 0, 20, 0x00000011},
+				{0x28, 0, 0, 0x00000036},
+				{0x15, 17, 0, 0x00000043},
+				{0x15, 16, 0, 0x00000044},
+				{0x28, 0, 0, 0x00000038},
+				{0x15, 14, 13, 0x00000043},
+				{0x15, 0, 14, 0x00000800},
+				{0x30, 0, 0, 0x00000017},
+				{0x15, 2, 0, 0x00000084},
+				{0x15, 1, 0, 0x00000006},
+				{0x15, 0, 10, 0x00000011},
+				{0x28, 0, 0, 0x00000014},
+				{0x45, 8, 0, 0x00001fff},
+				{0xb1, 0, 0, 0x0000000e},
+				{0x48, 0, 0, 0x0000000e},
+				{0x15, 4, 0, 0x00000043},
+				{0x15, 3, 0, 0x00000044},
+				{0x48, 0, 0, 0x00000010},
+				{0x15, 1, 0, 0x00000043},
+				{0x15, 0, 1, 0x00000044},
+				{0x6, 0, 0, 0x00040000},
+				{0x6, 0, 0, 0x00000000}}
+
+			socketeerOptions.EbpfFilter = &unix.SockFprog{28, &filter[0]}
+
 			gHammer = hammer.New(socketeerOptions, options)
 
 			err = gHammer.Init(ApiAddress, ApiPort)
 
 			if err != nil {
 				panic(err)
 			}
+
 			err = gHammer.Run()
 
 			if err != nil {
diff --git a/config/socketeer.go b/config/socketeer.go
@@ -1,11 +1,13 @@
 package config
 
 import (
+	"golang.org/x/sys/unix"
 	"net"
 )
 
 type SocketeerOptions struct {
 	InterfaceName   string
 	GatewayMAC      net.HardwareAddr
 	PromiscuousMode bool
+	EbpfFilter      *unix.SockFprog
 }
diff --git a/socketeer/socketeer.go b/socketeer/socketeer.go
@@ -6,11 +6,15 @@ import (
 	"github.com/google/gopacket/layers"
 	"github.com/ipchama/dhammer/config"
 	"github.com/ipchama/dhammer/message"
+	"golang.org/x/sys/unix"
 	"net"
 	"runtime"
 	"syscall"
 )
 
+// TODO:	Move syscalls from syscall package to golang.org/x/sys/unix.
+//			Maybe add custom port to ebpf rules.
+
 type RawSocketeer struct {
 	socketFd      int
 	IfInfo        *net.Interface
@@ -57,6 +61,13 @@ func (s *RawSocketeer) Init() error {
 		return err
 	}
 
+	if s.options.EbpfFilter != nil {
+		err = unix.SetsockoptSockFprog(s.socketFd, syscall.SOL_SOCKET, syscall.SO_ATTACH_FILTER, s.options.EbpfFilter)
+		if err != nil {
+			return err
+		}
+	}
+
 	s.IfInfo, err = net.InterfaceByName(s.options.InterfaceName)
 
 	if err != nil {

Original file line number	Diff line number	Diff line change
`@@ -1,11 +1,13 @@`
`1`	`1`	`package config`
`2`	`2`
`3`	`3`	`import (`
	`4`	`+ "golang.org/x/sys/unix"`
`4`	`5`	`"net"`
`5`	`6`	`)`
`6`	`7`
`7`	`8`	`type SocketeerOptions struct {`
`8`	`9`	`InterfaceName string`
`9`	`10`	`GatewayMAC net.HardwareAddr`
`10`	`11`	`PromiscuousMode bool`
	`12`	`+ EbpfFilter *unix.SockFprog`
`11`	`13`	`}`