|
|
@@ -315,7 +315,9 @@ static __always_inline int handle_tcp_event(void *ctx, const struct SOCK_EVENT_I
|
|
|
__u8 args_saddr[4];
|
|
|
__u8 args_daddr[4];
|
|
|
bpf_probe_read(args_saddr, sizeof(args_saddr), &args->saddr);
|
|
|
- bpf_probe_read(args_daddr, sizeof(args_daddr), &args->daddr);
|
|
|
+ bpf_probe_read(args_daddr, sizeof(args_daddr), &args->daddr);
|
|
|
+ bpf_printk("saddr is %d, %d\n", args_saddr[0], args_saddr[1]);
|
|
|
+ bpf_printk("saddr11111 is %d, %d\n",args_saddr[2], args_saddr[3]);
|
|
|
bpf_probe_read_kernel(stuple->laddr, sizeof(args_saddr), args_saddr);
|
|
|
bpf_probe_read_kernel(stuple->raddr, sizeof(args_daddr), args_daddr);
|
|
|
} else {
|
|
|
@@ -323,12 +325,21 @@ static __always_inline int handle_tcp_event(void *ctx, const struct SOCK_EVENT_I
|
|
|
__u8 args_daddr_v6[16];
|
|
|
bpf_probe_read(args_saddr_v6, sizeof(args_saddr_v6), &args->saddr_v6);
|
|
|
bpf_probe_read(args_daddr_v6, sizeof(args_daddr_v6), &args->daddr_v6);
|
|
|
+ bpf_printk("saddr6-1 is %d, %d\n", args_saddr_v6[0], args_saddr_v6[1]);
|
|
|
+ bpf_printk("saddr6-2 is %d, %d\n",args_saddr_v6[2], args_saddr_v6[3]);
|
|
|
+ bpf_printk("saddr6-3 is %d, %d\n", args_saddr_v6[4], args_saddr_v6[5]);
|
|
|
+ bpf_printk("saddr6-4 is %d, %d\n",args_saddr_v6[6], args_saddr_v6[7]);
|
|
|
+ bpf_printk("saddr6-5 is %d, %d\n", args_saddr_v6[8], args_saddr_v6[9]);
|
|
|
+ bpf_printk("saddr6-6 is %d, %d\n",args_saddr_v6[10], args_saddr_v6[11]);
|
|
|
+ bpf_printk("saddr6-7 is %d, %d\n", args_saddr_v6[12], args_saddr_v6[13]);
|
|
|
+ bpf_printk("saddr6-8 is %d, %d\n",args_saddr_v6[14], args_saddr_v6[15]);
|
|
|
bpf_probe_read_kernel(stuple->laddr, sizeof(args_saddr_v6), args_saddr_v6);
|
|
|
bpf_probe_read_kernel(stuple->raddr, sizeof(args_daddr_v6), args_daddr_v6);
|
|
|
}
|
|
|
__u16 args_sport;
|
|
|
__u16 args_dport;
|
|
|
bpf_probe_read_kernel(&args_sport, sizeof(args_sport), &args->sport);
|
|
|
+ bpf_printk("args_sport is %d\n", args_sport);
|
|
|
bpf_probe_read_kernel(&args_dport, sizeof(args_dport), &args->dport);
|
|
|
stuple->lport = args_sport;
|
|
|
stuple->rport = args_dport;
|
|
|
@@ -620,6 +631,15 @@ int cw_net_inet_sock_set_state(struct trace_event_raw_inet_sock_set_state *args)
|
|
|
if (!(family == AF_INET || family == AF_INET6))
|
|
|
return 0;
|
|
|
|
|
|
+ if (family == AF_INET)
|
|
|
+ {
|
|
|
+ bpf_printk("family == AF_INET\n");
|
|
|
+ }
|
|
|
+ if (family == AF_INET6)
|
|
|
+ {
|
|
|
+ bpf_printk("family == AF_INET6\n");
|
|
|
+ }
|
|
|
+
|
|
|
struct SOCK_EVENT_INFO event = {0, 0, family, 0, 0, (uint64_t)args, 0, "inet_sock_set_state"};
|
|
|
handle_tcp_event(args, &event);
|
|
|
|
|
|
@@ -694,7 +714,7 @@ static __always_inline int handle_tcp_packet(void* ctx, struct cw_net_sock *sock
|
|
|
key = KEY_SOCK(skc_hash);
|
|
|
stuple = bpf_map_lookup_elem(&hash_key_tuples, &key);
|
|
|
if (!stuple) {
|
|
|
- bpf_printk("WARNING: stuple is invalid\n");
|
|
|
+ // bpf_printk("WARNING: stuple is invalid\n");
|
|
|
return 0;
|
|
|
}
|
|
|
// sinfo = bpf_map_lookup_elem(&hash_socks, &key);
|
root