diff options
| -rw-r--r-- | netifexec.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/netifexec.c b/netifexec.c index ee53980..34e71a8 100644 --- a/netifexec.c +++ b/netifexec.c @@ -448,9 +448,11 @@ static void hook_setsockopt(int cgroupfd, char *iface) struct bpf_insn bpf_program[] = { BPF_MOV64_IMM(BPF_REG_0, SK_PASS), BPF_LDX_MEM(BPF_W, BPF_REG_2, BPF_REG_1, offsetof(struct bpf_sockopt, level)), - BPF_JMP_IMM(BPF_AND, BPF_REG_2, SOL_SOCKET, 3), + BPF_JMP_IMM(BPF_AND, BPF_REG_2, SOL_SOCKET, 5), BPF_LDX_MEM(BPF_W, BPF_REG_2, BPF_REG_1, offsetof(struct bpf_sockopt, optname)), - BPF_JMP_IMM(BPF_AND, BPF_REG_2, SO_BINDTODEVICE, 1), + BPF_JMP_IMM(BPF_JEQ, BPF_REG_2, SO_BINDTODEVICE, 2), + BPF_JMP_IMM(BPF_JEQ, BPF_REG_2, SO_MARK, 1), + BPF_JMP_IMM(BPF_JA, 0, 0, 1), BPF_MOV64_IMM(BPF_REG_0, SK_DROP), BPF_EXIT_INSN() }; |