1
2
3
4
5
6
7
8
9
10
11
12
13
14
15#include <uapi/linux/bpf.h>
16#include <uapi/linux/if_ether.h>
17#include <uapi/linux/if_packet.h>
18#include <uapi/linux/ip.h>
19#include <linux/socket.h>
20#include <bpf/bpf_helpers.h>
21#include <bpf/bpf_endian.h>
22
23#define DEBUG 1
24
25SEC("sockops")
26int bpf_clamp(struct bpf_sock_ops *skops)
27{
28 int bufsize = 150000;
29 int to_init = 10;
30 int clamp = 100;
31 int rv = 0;
32 int op;
33
34
35
36
37 if (bpf_ntohl(skops->remote_port) != 55601 && skops->local_port != 55601) {
38 skops->reply = -1;
39 return 0;
40 }
41
42 op = (int) skops->op;
43
44#ifdef DEBUG
45 bpf_printk("BPF command: %d\n", op);
46#endif
47
48
49
50
51
52 if (skops->family == AF_INET6 &&
53 skops->local_ip6[0] == skops->remote_ip6[0] &&
54 (bpf_ntohl(skops->local_ip6[1]) & 0xfff00000) ==
55 (bpf_ntohl(skops->remote_ip6[1]) & 0xfff00000)) {
56 switch (op) {
57 case BPF_SOCK_OPS_TIMEOUT_INIT:
58 rv = to_init;
59 break;
60 case BPF_SOCK_OPS_TCP_CONNECT_CB:
61
62 rv = bpf_setsockopt(skops, SOL_SOCKET, SO_SNDBUF,
63 &bufsize, sizeof(bufsize));
64 rv += bpf_setsockopt(skops, SOL_SOCKET,
65 SO_RCVBUF, &bufsize,
66 sizeof(bufsize));
67 break;
68 case BPF_SOCK_OPS_ACTIVE_ESTABLISHED_CB:
69 rv = bpf_setsockopt(skops, SOL_TCP,
70 TCP_BPF_SNDCWND_CLAMP,
71 &clamp, sizeof(clamp));
72 break;
73 case BPF_SOCK_OPS_PASSIVE_ESTABLISHED_CB:
74
75 rv = bpf_setsockopt(skops, SOL_TCP,
76 TCP_BPF_SNDCWND_CLAMP,
77 &clamp, sizeof(clamp));
78 rv += bpf_setsockopt(skops, SOL_SOCKET,
79 SO_SNDBUF, &bufsize,
80 sizeof(bufsize));
81 rv += bpf_setsockopt(skops, SOL_SOCKET,
82 SO_RCVBUF, &bufsize,
83 sizeof(bufsize));
84 break;
85 default:
86 rv = -1;
87 }
88 } else {
89 rv = -1;
90 }
91#ifdef DEBUG
92 bpf_printk("Returning %d\n", rv);
93#endif
94 skops->reply = rv;
95 return 1;
96}
97char _license[] SEC("license") = "GPL";
98