Deploying to gh-pages from @ eunomia-bpf/bpf-developer-tutorial@52ae3ae26d 🚀

2026-04-05 11:38:48 +08:00 · 2023-03-09 03:40:30 +00:00
parent a54b88ce20
commit 184e1c7eb3
121 changed files with 24872 additions and 0 deletions
--- a/19-lsm-connect/.gitignore
+++ b/19-lsm-connect/.gitignore
@@ -0,0 +1,6 @@
+.vscode
+package.json
+*.o
+*.skel.json
+*.skel.yaml
+package.yaml
--- a/19-lsm-connect/index.html
+++ b/19-lsm-connect/index.html
--- a/19-lsm-connect/lsm-connect.bpf.c
+++ b/19-lsm-connect/lsm-connect.bpf.c
@@ -0,0 +1,41 @@
+#include "vmlinux.h"
+#include <bpf/bpf_core_read.h>
+#include <bpf/bpf_helpers.h>
+#include <bpf/bpf_tracing.h>
+
+char LICENSE[] SEC("license") = "GPL";
+
+#define EPERM 1
+#define AF_INET 2
+
+const __u32 blockme = 16843009; // 1.1.1.1 -> int
+
+SEC("lsm/socket_connect")
+int BPF_PROG(restrict_connect, struct socket *sock, struct sockaddr *address, int addrlen, int ret)
+{
+    // Satisfying "cannot override a denial" rule
+    if (ret != 0)
+    {
+        return ret;
+    }
+
+    // Only IPv4 in this example
+    if (address->sa_family != AF_INET)
+    {
+        return 0;
+    }
+
+    // Cast the address to an IPv4 socket address
+    struct sockaddr_in *addr = (struct sockaddr_in *)address;
+
+    // Where do you want to go?
+    __u32 dest = addr->sin_addr.s_addr;
+    bpf_printk("lsm: found connect to %d", dest);
+
+    if (dest == blockme)
+    {
+        bpf_printk("lsm: blocking %d", dest);
+        return -EPERM;
+    }
+    return 0;
+}