diff options
| author | Maatuq <mahmoudmatook.mm@gmail.com> | 2023-03-22 21:18:12 +0400 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-03-22 18:18:12 +0100 |
| commit | 530d0de4382ab4d70cfc1dedcf8cf2ac729dfddf (patch) | |
| tree | 5009dcbdfe2f6e0f651d2ebc5906fcfa965f1e15 /example/reader_util.c | |
| parent | 04e017a854797c02a2cfc9fadd954fc0426f8e04 (diff) | |
Add support for vxlan decapsulation (#1441) (#1900)
Close #1441
Diffstat (limited to 'example/reader_util.c')
| -rw-r--r-- | example/reader_util.c | 50 |
1 files changed, 50 insertions, 0 deletions
diff --git a/example/reader_util.c b/example/reader_util.c index ac152813e..f5705bec0 100644 --- a/example/reader_util.c +++ b/example/reader_util.c @@ -1745,6 +1745,52 @@ int ndpi_is_datalink_supported(int datalink_type) { } } +static bool ndpi_is_valid_vxlan(const struct pcap_pkthdr *header, const u_char *packet, u_int16_t ip_offset, u_int16_t ip_len){ + if(header->caplen < ip_offset + ip_len + sizeof(struct ndpi_vxlanhdr)) { + return false; + } + u_int32_t vxlan_dst_port = ntohs(4789); + struct ndpi_udphdr *udp = (struct ndpi_udphdr *)&packet[ip_offset+ip_len]; + u_int offset = ip_offset + ip_len + sizeof(struct ndpi_udphdr); + /** + * rfc-7348 + * VXLAN Header: This is an 8-byte field that has: + + - Flags (8 bits): where the I flag MUST be set to 1 for a valid + VXLAN Network ID (VNI). The other 7 bits (designated "R") are + reserved fields and MUST be set to zero on transmission and + ignored on receipt. + + - VXLAN Segment ID/VXLAN Network Identifier (VNI): this is a + 24-bit value used to designate the individual VXLAN overlay + network on which the communicating VMs are situated. VMs in + different VXLAN overlay networks cannot communicate with each + other. + + - Reserved fields (24 bits and 8 bits): MUST be set to zero on + transmission and ignored on receipt. + VXLAN Header: + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + |R|R|R|R|I|R|R|R| Reserved | + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + | VXLAN Network Identifier (VNI) | Reserved | + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + */ + if((udp->dest == vxlan_dst_port || udp->source == vxlan_dst_port) && + (packet[offset] == 0x8) && + (packet[offset + 1] == 0x0) && + (packet[offset + 2] == 0x0) && + (packet[offset + 3] == 0x0) && + (packet[offset + 7] == 0x0)) { + return true; + } + return false; +} + +static inline u_int ndpi_skip_vxlan(u_int16_t ip_offset, u_int16_t ip_len){ + return ip_offset + ip_len + sizeof(struct ndpi_udphdr) + sizeof(struct ndpi_vxlanhdr); +} + /* ****************************************************** */ struct ndpi_proto ndpi_workflow_process_packet(struct ndpi_workflow * workflow, @@ -2243,6 +2289,10 @@ struct ndpi_proto ndpi_workflow_process_packet(struct ndpi_workflow * workflow, } } } + }else if(ndpi_is_valid_vxlan(header, packet, ip_offset, ip_len)){ + tunnel_type = ndpi_vxlan_tunnel; + eth_offset = ndpi_skip_vxlan(ip_offset, ip_len); + goto datalink_check; } } } |