Hi, His On Mon, Jan 03, 2022 at 03:53:12PM +0300, His Shadow wrote: > Greeetings. Here's the problem. I've written a simple program, that, > when a connection is established, it establishes a connection to a > predetermined target and starts routing traffic between a user > connection and a new connection. > I've tried to use ebpf stream_parser/verdict programs for this, > however there's a problem: when a connection to my program is > established, client sends the data immediately, however there's a > delay, while I establish a connection to the target. So stream_verdict > never gets called, because the data is already in the socket receive > queue(or maybe I'm misunderstanding something). Is there a way around > this? Should I use something else, like skb_msg verdict? Are you saying the packets arrived before you put the socket into the sockmap? If so, you can consider BPF_SOCK_OPS_PASSIVE_ESTABLISHED_CB. Hope this helps. Thanks.
