On Wed, Mar 25, 2020 at 11:25 PM Martin KaFai Lau <kafai@xxxxxx> wrote: > > On Wed, Mar 25, 2020 at 01:55:59PM -0700, Joe Stringer wrote: > > On Wed, Mar 25, 2020 at 3:35 AM Lorenz Bauer <lmb@xxxxxxxxxxxxxx> wrote: > > > > > > On Wed, 25 Mar 2020 at 05:58, Joe Stringer <joe@xxxxxxxxxxx> wrote: > > > > > > > > From: Lorenz Bauer <lmb@xxxxxxxxxxxxxx> > > > > > > > > Attach a tc direct-action classifier to lo in a fresh network > > > > namespace, and rewrite all connection attempts to localhost:4321 > > > > to localhost:1234 (for port tests) and connections to unreachable > > > > IPv4/IPv6 IPs to the local socket (for address tests). > > > > > > Can you extend this to cover UDP as well? > > > > I'm working on a follow-up series for UDP, we need this too. > Other than selftests, what are the changes for UDP in patch 1 - 4? Nothing in those patches, I have refactoring of all of the socket helpers, skc_lookup_udp() and adding flags to the socket lookup functions to support only looking for a certain type of sockets - established or listen. This helps to avoid multiple lookups in these cases where you really just want to look up established sockets with the packet tuple first then look up the listener socket with the unrelated/tproxy tuple. For UDP it makes it easier to find the correct socket and in general (including TCP) helps to avoid up to two socket hashtable lookups for this use case. This part is because the current helpers all look up the established socket first then the listener socket, so for the first packet that hits these we perform both of these lookups for the packet tuple (which finds nothing), then look up an established socket for the target tuple (which finds nothing) then finally a listen socket for the target tuple. It's about another 300+ / 250- changes overall, of which a large chunk is one patch that refactors the code into macros. I haven't narrowed down for sure whether the lookup flags patch is required for UDP cases yet.
