BPF example 

 1 (000) ldh [12]
 2 (001) jeq #0x86dd jt 2 jf 6 #check ipv6 or not
 3 (002) ldb [20]
 4 (003) jeq #0x6 jt 4 jf 15 #check tcp or not
 5 (004) ldh [56]
 6 (005) jeq #0x1b9e jt 14 jf 15 #check port 7070(0x1b9e) or not
 7 (006) jeq #0x800 jt 7 jf 15 #check ipv4 or not
 8 (007) ldb [23]
 9 (008) jeq #0x6 jt 9 jf 15 #check tcp or not
10 (009) ldh [20]
11 (010) jset #0x1fff jt 15 jf 11 #check IP fragmentation or not
12 (011) ldxb 4*([14]&0xf)
13 (012) ldh [x + 16] #find dest port in tcp
14 (013) jeq #0x1b9e jt 14 jf 15 #check port 7070(0x1b9e) or not
15 (014) ret #262144 #meet the requirement
16 (015) ret #0 #deny

 

posted on 2018-01-22 00:22  utokyo  阅读(148)  评论(0编辑  收藏  举报

Powered by: 博客园 Copyright © 2024 utokyo
Powered by .NET 8.0 on Kubernetes