diff --git a/src/common/types.h b/src/common/types.h index 208894e..da727ee 100644 --- a/src/common/types.h +++ b/src/common/types.h @@ -2,7 +2,7 @@ #include -struct tcpopts +struct tcp_opts { unsigned int enabled : 1; @@ -36,9 +36,9 @@ struct tcpopts unsigned int do_cwr : 1; unsigned int cwr : 1; -}; +} typedef tcp_opts_t; -struct udpopts +struct udp_opts { unsigned int enabled : 1; @@ -47,9 +47,9 @@ struct udpopts unsigned int do_dport : 1; u16 dport; -}; +} typedef udp_opts_t; -struct icmpopts +struct icmp_opts { unsigned int enabled : 1; @@ -58,7 +58,7 @@ struct icmpopts unsigned int do_type : 1; u8 type; -}; +} typedef icmp_opts_t; struct filter { @@ -93,42 +93,42 @@ struct filter u8 tos; unsigned int do_pps : 1; - __u64 pps; + u64 pps; unsigned int do_bps : 1; - __u64 bps; + u64 bps; - __u64 blocktime; + u64 blocktime; - struct tcpopts tcpopts; - struct udpopts udpopts; - struct icmpopts icmpopts; -} __attribute__((__aligned__(8))); + tcp_opts_t tcpopts; + udp_opts_t udpopts; + icmp_opts_t icmpopts; +} __attribute__((__aligned__(8))) typedef filter_t; struct stats { - __u64 allowed; - __u64 dropped; - __u64 passed; -}; + u64 allowed; + u64 dropped; + u64 passed; +} typedef stats_t; struct ip_stats { - __u64 pps; - __u64 bps; - __u64 next_update; -}; + u64 pps; + u64 bps; + u64 next_update; +} typedef ip_stats_t ; struct flow { u32 ip; u16 port; u8 protocol; -}; +} typedef flow_t; struct flow6 { u128 ip; u16 port; u8 protocol; -}; \ No newline at end of file +} typedef flow6_t; \ No newline at end of file diff --git a/src/loader/loader.c b/src/loader/loader.c index 4ba66a1..6306d93 100644 --- a/src/loader/loader.c +++ b/src/loader/loader.c @@ -43,7 +43,7 @@ void SignalHndl(int tmp) * * @return Void */ -void UpdateFilters(struct config *cfg) +void UpdateFilters(config__t *cfg) { // Loop through all filters and delete the map. We do this in the case rules were edited and were put out of order since the key doesn't uniquely map to a specific rule. for (u8 i = 0; i < MAX_FILTERS; i++) @@ -63,7 +63,7 @@ void UpdateFilters(struct config *cfg) } // Create value array (max CPUs in size) since we're using a per CPU map. - struct filter filter[MAX_CPUS]; + filter_t filter[MAX_CPUS]; for (int j = 0; j < MAX_CPUS; j++) { @@ -86,7 +86,7 @@ void UpdateFilters(struct config *cfg) * * @return 0 on success or -1 on error. */ -int UpdateConfig(struct config *cfg, char *cfgfile) +int UpdateConfig(config__t *cfg, char *cfgfile) { // Open config file. if (OpenCfg(cfgfile) != 0) @@ -180,7 +180,7 @@ struct xdp_program *LoadBpfObj(const char *filename) * * @return 0 on success and 1 on error. */ -int AttachXdp(struct xdp_program *prog, int ifidx, u8 detach, struct cmdline *cmd) +int AttachXdp(struct xdp_program *prog, int ifidx, u8 detach, cmdline_t *cmd) { int err; @@ -273,7 +273,7 @@ struct stat conf_stat; int main(int argc, char *argv[]) { // Parse the command line. - struct cmdline cmd = + cmdline_t cmd = { .cfgfile = "/etc/xdpfw/xdpfw.conf", .help = 0, @@ -315,7 +315,7 @@ int main(int argc, char *argv[]) } // Initialize config. - struct config cfg = {0}; + config__t cfg = {0}; SetCfgDefaults(&cfg); @@ -332,7 +332,7 @@ int main(int argc, char *argv[]) for (uint16_t i = 0; i < MAX_FILTERS; i++) { - struct filter *filter = &cfg.filters[i]; + filter_t *filter = &cfg.filters[i]; if (filter->id < 1) { @@ -521,12 +521,12 @@ int main(int argc, char *argv[]) if (!cfg.nostats) { u32 key = 0; - struct stats stats[MAX_CPUS]; + stats_t stats[MAX_CPUS]; //memset(stats, 0, sizeof(struct stats) * MAX_CPUS); - __u64 allowed = 0; - __u64 dropped = 0; - __u64 passed = 0; + u64 allowed = 0; + u64 dropped = 0; + u64 passed = 0; if (bpf_map_lookup_elem(statsmap, &key, stats) != 0) { diff --git a/src/loader/utils/cmdline.c b/src/loader/utils/cmdline.c index 2ddfd0d..e9bb330 100644 --- a/src/loader/utils/cmdline.c +++ b/src/loader/utils/cmdline.c @@ -22,7 +22,7 @@ const struct option opts[] = * * @return Void */ -void ParseCommandLine(struct cmdline *cmd, int argc, char *argv[]) +void ParseCommandLine(cmdline_t *cmd, int argc, char *argv[]) { int c; diff --git a/src/loader/utils/cmdline.h b/src/loader/utils/cmdline.h index ff6bf95..905f1af 100644 --- a/src/loader/utils/cmdline.h +++ b/src/loader/utils/cmdline.h @@ -8,6 +8,6 @@ struct cmdline unsigned int time; unsigned int list : 1; unsigned int help : 1; -}; +} typedef cmdline_t; -void ParseCommandLine(struct cmdline *cmd, int argc, char *argv[]); \ No newline at end of file +void ParseCommandLine(cmdline_t *cmd, int argc, char *argv[]); \ No newline at end of file diff --git a/src/loader/utils/config.c b/src/loader/utils/config.c index ca0013c..108490e 100644 --- a/src/loader/utils/config.c +++ b/src/loader/utils/config.c @@ -11,7 +11,7 @@ FILE *file; * * @return Void */ -void SetCfgDefaults(struct config *cfg) +void SetCfgDefaults(config__t *cfg) { cfg->updatetime = 0; cfg->interface = NULL; @@ -111,7 +111,7 @@ int OpenCfg(const char *filename) * * @return 0 on success or 1/-1 on error. */ -int ReadCfg(struct config *cfg) +int ReadCfg(config__t *cfg) { // Not sure why this would be set to NULL after checking for it in OpenConfig(), but just for safety. if (file == NULL) @@ -225,7 +225,7 @@ int ReadCfg(struct config *cfg) if (config_setting_lookup_string(filter, "src_ip", &sip)) { - struct ip ip = ParseIp(sip); + ip_range_t ip = ParseIpCidr(sip); cfg->filters[i].src_ip = ip.ip; cfg->filters[i].src_cidr = ip.cidr; @@ -236,7 +236,7 @@ int ReadCfg(struct config *cfg) if (config_setting_lookup_string(filter, "dst_ip", &dip)) { - struct ip ip = ParseIp(dip); + ip_range_t ip = ParseIpCidr(dip); cfg->filters[i].dst_ip = ip.ip; cfg->filters[i].dst_cidr = ip.cidr; diff --git a/src/loader/utils/config.h b/src/loader/utils/config.h index 02ddeae..f539933 100644 --- a/src/loader/utils/config.h +++ b/src/loader/utils/config.h @@ -16,9 +16,9 @@ struct config u16 updatetime; unsigned int nostats : 1; int stdout_update_time; - struct filter filters[MAX_FILTERS]; -}; + filter_t filters[MAX_FILTERS]; +} typedef config__t; // config_t is taken by libconfig -.- -void SetCfgDefaults(struct config *cfg); +void SetCfgDefaults(config__t *cfg); int OpenCfg(const char *filename); -int ReadCfg(struct config *cfg); \ No newline at end of file +int ReadCfg(config__t *cfg); \ No newline at end of file diff --git a/src/loader/utils/helpers.c b/src/loader/utils/helpers.c index a9cdcb7..36d9bbc 100644 --- a/src/loader/utils/helpers.c +++ b/src/loader/utils/helpers.c @@ -7,9 +7,9 @@ * * @return Returns an IP structure with IP and CIDR. */ -struct ip ParseIp(const char *ip) +ip_range_t ParseIpCidr(const char *ip) { - struct ip ret = {0}; + ip_range_t ret = {0}; ret.cidr = 32; char *token = strtok((char *) ip, "/"); diff --git a/src/loader/utils/helpers.h b/src/loader/utils/helpers.h index e8e37ff..6377789 100644 --- a/src/loader/utils/helpers.h +++ b/src/loader/utils/helpers.h @@ -7,10 +7,10 @@ #include #include -struct ip +struct ip_range { u32 ip; u32 cidr; -}; +} typedef ip_range_t; -struct ip ParseIp(const char *ip); \ No newline at end of file +ip_range_t ParseIpCidr(const char *ip); \ No newline at end of file diff --git a/src/xdp/prog.c b/src/xdp/prog.c index 4ca1b4e..9f63816 100644 --- a/src/xdp/prog.c +++ b/src/xdp/prog.c @@ -44,7 +44,7 @@ int xdp_prog_main(struct xdp_md *ctx) } u8 action = 0; - __u64 blocktime = 1; + u64 blocktime = 1; // Initialize IP headers. struct iphdr *iph = NULL; @@ -81,12 +81,12 @@ int xdp_prog_main(struct xdp_md *ctx) // Get stats map. u32 key = 0; - struct stats *stats = bpf_map_lookup_elem(&stats_map, &key); + stats_t*stats = bpf_map_lookup_elem(&stats_map, &key); - __u64 now = bpf_ktime_get_ns(); + u64 now = bpf_ktime_get_ns(); // Check blacklist map. - __u64 *blocked = NULL; + u64 *blocked = NULL; if (iph6) { @@ -234,8 +234,8 @@ int xdp_prog_main(struct xdp_md *ctx) } // Update client stats (PPS/BPS). - __u64 pps = 0; - __u64 bps = 0; + u64 pps = 0; + u64 bps = 0; if (iph6) { @@ -250,7 +250,7 @@ int xdp_prog_main(struct xdp_md *ctx) { u32 key = i; - struct filter *filter = bpf_map_lookup_elem(&filters_map, &key); + filter_t *filter = bpf_map_lookup_elem(&filters_map, &key); // Check if ID is above 0 (if 0, it's an invalid rule). if (!filter || filter->id < 1) @@ -534,7 +534,7 @@ int xdp_prog_main(struct xdp_md *ctx) // Before dropping, update the blacklist map. if (blocktime > 0) { - __u64 newTime = now + (blocktime * NANO_TO_SEC); + u64 newTime = now + (blocktime * NANO_TO_SEC); if (iph6) { diff --git a/src/xdp/utils/maps.h b/src/xdp/utils/maps.h index 1455ddf..3dfe084 100644 --- a/src/xdp/utils/maps.h +++ b/src/xdp/utils/maps.h @@ -38,7 +38,7 @@ struct __uint(type, BPF_MAP_TYPE_LRU_HASH); __uint(max_entries, MAX_TRACK_IPS); __type(key, u32); - __type(value, __u64); + __type(value, u64); } ip_blacklist_map SEC(".maps"); struct @@ -58,5 +58,5 @@ struct __uint(type, BPF_MAP_TYPE_LRU_HASH); __uint(max_entries, MAX_TRACK_IPS); __type(key, u128); - __type(value, __u64); + __type(value, u64); } ip6_blacklist_map SEC(".maps"); \ No newline at end of file diff --git a/src/xdp/utils/rl.c b/src/xdp/utils/rl.c index 8692036..1df4587 100644 --- a/src/xdp/utils/rl.c +++ b/src/xdp/utils/rl.c @@ -13,17 +13,17 @@ * * @return void */ -static __always_inline void UpdateIpStats(__u64 *pps, __u64 *bps, u32 ip, u16 port, u8 protocol, u16 pkt_len, __u64 now) +static __always_inline void UpdateIpStats(u64 *pps, u64 *bps, u32 ip, u16 port, u8 protocol, u16 pkt_len, u64 now) { #ifdef USE_FLOW_RL - struct flow key = {0}; + flow_t key = {0}; key.ip = ip; key.port = port; key.protocol = protocol; - struct ip_stats *ip_stats = bpf_map_lookup_elem(&ip_stats_map, &key); + ip_stats_t *ip_stats = bpf_map_lookup_elem(&ip_stats_map, &key); #else - struct ip_stats *ip_stats = bpf_map_lookup_elem(&ip_stats_map, &ip); + ip_stats_t *ip_stats = bpf_map_lookup_elem(&ip_stats_map, &ip); #endif if (ip_stats) @@ -48,7 +48,7 @@ static __always_inline void UpdateIpStats(__u64 *pps, __u64 *bps, u32 ip, u16 po else { // Create new entry. - struct ip_stats new = {0}; + ip_stats_t new = {0}; new.pps = 1; new.bps = pkt_len; @@ -78,17 +78,17 @@ static __always_inline void UpdateIpStats(__u64 *pps, __u64 *bps, u32 ip, u16 po * * @return void */ -static __always_inline void UpdateIp6Stats(__u64 *pps, __u64 *bps, u128 *ip, u16 port, u8 protocol, u16 pkt_len, __u64 now) +static __always_inline void UpdateIp6Stats(u64 *pps, u64 *bps, u128 *ip, u16 port, u8 protocol, u16 pkt_len, u64 now) { #ifdef USE_FLOW_RL - struct flow6 key = {0}; + flow6_t key = {0}; key.ip = *ip; key.port = port; key.protocol = protocol; - struct ip_stats *ip_stats = bpf_map_lookup_elem(&ip_stats_map, &key); + ip_stats_t *ip_stats = bpf_map_lookup_elem(&ip_stats_map, &key); #else - struct ip_stats *ip_stats = bpf_map_lookup_elem(&ip_stats_map, ip); + ip_stats_t *ip_stats = bpf_map_lookup_elem(&ip_stats_map, ip); #endif if (ip_stats) @@ -113,7 +113,7 @@ static __always_inline void UpdateIp6Stats(__u64 *pps, __u64 *bps, u128 *ip, u16 else { // Create new entry. - struct ip_stats new = {0}; + ip_stats_t new = {0}; new.pps = 1; new.bps = pkt_len; diff --git a/src/xdp/utils/rl.h b/src/xdp/utils/rl.h index 8b98c10..4088e14 100644 --- a/src/xdp/utils/rl.h +++ b/src/xdp/utils/rl.h @@ -6,8 +6,8 @@ #include -static __always_inline void UpdateIpStats(__u64 *pps, __u64 *bps, u32 ip, u16 port, u8 protocol, u16 pkt_len, __u64 now); -static __always_inline void UpdateIp6Stats(__u64 *pps, __u64 *bps, u128 *ip, u16 port, u8 protocol, u16 pkt_len, __u64 now); +static __always_inline void UpdateIpStats(u64 *pps, u64 *bps, u32 ip, u16 port, u8 protocol, u16 pkt_len, u64 now); +static __always_inline void UpdateIp6Stats(u64 *pps, u64 *bps, u128 *ip, u16 port, u8 protocol, u16 pkt_len, u64 now); // NOTE: We include the C source file below because we can't link object files which includes the function logic into the main XDP program because we need to ensure the function is always inlined for performance which doesn't work with linked objects. // More Info: https://stackoverflow.com/questions/24289599/always-inline-does-not-work-when-function-is-implemented-in-different-file