Redirecting to another port

[glaslos]

Hi, first of all, thanks for this very interesting library!
I am trying to receive frames, change the destination port and send it on again. Is this generally possible? E.g. frame has destination port 8080, I change it to 80 and let me web server handle it. Ideally on the way out I'd also change the source port back to the original destination port. If this sounds mad, I basically want to replace a solution based on nfqueue were I accept any destination port and send all the traffic to a single server (honeypot research).

I took the dumpframes example and added a xsk.Transmit(rxDescs) but I have the suspicion this send the packet out of the interface instead letting it continue to reach my service.

[slavc]

Thanks Lukas and sorry for late reply,

Check out this diagram: https://upload.wikimedia.org/wikipedia/commons/3/37/Netfilter-packet-flow.svg

An XDP BPF program gets executed only on the receive path, very early on, e.g. before an SKB gets allocated, it does not get executed on the transmit path (e.g. when a locally running application sends something).

Theoretically, you can modify the port in XDP BPF, but then you'd also probably need to fix up the checksums - I'm not sure this is possible, there are bpf-helpers(8) to do that, but they assume an SKB and so cannot be used in XDP BPF.

Perhaps what you're looking for are the tc-bpf(8). They can be hooked on both receive and transmit paths, and you could track the state of IP+port translations with BPF maps. On the diagram above, the ingress/egress qdisc is where tc-bpf(8) can be attached. The manpage actually has an example of port redirection.

Hope this helps, best of luck with the project!