From 869eaf668b8eefcd8f0bf08dc151bd76cf84a852 Mon Sep 17 00:00:00 2001
From: Christian Deacon <christianmdeacon@gmail.com>
Date: Tue, 25 Mar 2025 11:35:33 -0400
Subject: [PATCH] Fix issue with port range matching due to port in network
 byte order.

---
 src/loader/utils/xdp.c | 10 +++++-----
 src/xdp/prog.c         | 12 ++++++------
 2 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/src/loader/utils/xdp.c b/src/loader/utils/xdp.c
index d11054f..cc3300b 100644
--- a/src/loader/utils/xdp.c
+++ b/src/loader/utils/xdp.c
@@ -304,7 +304,7 @@ int update_filter(int map_filters, filter_rule_cfg_t* filter_cfg, int idx)
         filter.ip.dst_ip = ip_range.ip;
         filter.ip.dst_cidr = ip_range.cidr;
     }
-    
+
 #ifdef ENABLE_IPV6
     if (filter_cfg->ip.src_ip6)
     {
@@ -372,8 +372,8 @@ int update_filter(int map_filters, filter_rule_cfg_t* filter_cfg, int idx)
         filter.tcp.do_sport_min = 1;
         filter.tcp.do_sport_max = 1;
 
-        filter.tcp.sport_min = htons(tcp_src_port_range.min);
-        filter.tcp.sport_max = htons(tcp_src_port_range.max);
+        filter.tcp.sport_min = tcp_src_port_range.min;
+        filter.tcp.sport_max = tcp_src_port_range.max;
     }
 
     port_range_t tcp_dst_port_range = parse_port_range(filter_cfg->tcp.dport);
@@ -383,8 +383,8 @@ int update_filter(int map_filters, filter_rule_cfg_t* filter_cfg, int idx)
         filter.tcp.do_dport_min = 1;
         filter.tcp.do_dport_max = 1;
 
-        filter.tcp.dport_min = htons(tcp_dst_port_range.min);
-        filter.tcp.dport_max = htons(tcp_dst_port_range.max);
+        filter.tcp.dport_min = tcp_dst_port_range.min;
+        filter.tcp.dport_max = tcp_dst_port_range.max;
     }
 
     if (filter_cfg->tcp.urg > -1)
diff --git a/src/xdp/prog.c b/src/xdp/prog.c
index 2dbf92a..965c52a 100644
--- a/src/xdp/prog.c
+++ b/src/xdp/prog.c
@@ -497,23 +497,23 @@ int xdp_prog_main(struct xdp_md *ctx)
             }
 
             // Source port checks.
-            if (filter->tcp.do_sport_min && tcph->source < filter->tcp.sport_min)
+            if (filter->tcp.do_sport_min && ntohs(tcph->source) < filter->tcp.sport_min)
             {
                 continue;
             }
 
-            if (filter->tcp.do_sport_max && tcph->source > filter->tcp.sport_max)
+            if (filter->tcp.do_sport_max && ntohs(tcph->source) > filter->tcp.sport_max)
             {
                 continue;
             }
 
             // Destination port checks.
-            if (filter->tcp.do_dport_min && tcph->dest < filter->tcp.dport_min)
+            if (filter->tcp.do_dport_min && ntohs(tcph->dest) < filter->tcp.dport_min)
             {
                 continue;
             }
 
-            if (filter->tcp.do_dport_max && tcph->dest > filter->tcp.dport_max)
+            if (filter->tcp.do_dport_max && ntohs(tcph->dest) > filter->tcp.dport_max)
             {
                 continue;
             }
@@ -575,12 +575,12 @@ int xdp_prog_main(struct xdp_md *ctx)
             }
 
             // Source port checks.
-            if (filter->udp.do_sport_min && udph->source < filter->udp.sport_min)
+            if (filter->udp.do_sport_min && ntohs(udph->source) < filter->udp.sport_min)
             {
                 continue;
             }
 
-            if (filter->udp.do_sport_max && udph->source > filter->udp.sport_max)
+            if (filter->udp.do_sport_max && ntohs(udph->source) > filter->udp.sport_max)
             {
                 continue;
             }