in katran/lib/bpf/healthchecking_ipip.c [89:157]
int healthchecker(struct __sk_buff* skb) {
int ret = 0;
int tun_flag = 0;
__u32 ifindex;
__u32 somark = skb->mark;
__u32 v4_intf_pos = 1;
__u32 v6_intf_pos = 2;
struct bpf_tunnel_key tkey = {};
__u32 stats_key = GENERIC_STATS_INDEX;
struct hc_stats* prog_stats;
prog_stats = bpf_map_lookup_elem(&hc_stats_map, &stats_key);
if (!prog_stats) {
return TC_ACT_UNSPEC;
}
if (skb->mark == 0) {
prog_stats->pckts_skipped += 1;
return TC_ACT_UNSPEC;
}
struct hc_real_definition* real = bpf_map_lookup_elem(&hc_reals_map, &somark);
if (!real) {
// some strange (w/ fwmark; but not a healthcheck) local packet
prog_stats->pckts_skipped += 1;
return TC_ACT_UNSPEC;
}
if (skb->len > MAX_PACKET_SIZE) {
// do not allow packets bigger than the specified size
prog_stats->pckts_dropped += 1;
prog_stats->pckts_too_big += 1;
return TC_ACT_SHOT;
}
__u32* v4_intf_ifindex = bpf_map_lookup_elem(&hc_ctrl_map, &v4_intf_pos);
if (!v4_intf_ifindex) {
// we dont have ifindex for ipip v4 interface
// not much we can do without it. Drop packet so that hc will fail
prog_stats->pckts_dropped += 1;
return TC_ACT_SHOT;
}
__u32* v6_intf_ifindex = bpf_map_lookup_elem(&hc_ctrl_map, &v6_intf_pos);
if (!v6_intf_ifindex) {
prog_stats->pckts_dropped += 1;
return TC_ACT_SHOT;
}
tkey.tunnel_ttl = DEFAULT_TTL;
// to prevent recursion, when encaped packet would run through this filter
skb->mark = 0;
if (real->flags == V6DADDR) {
// the dst is v6.
tun_flag = BPF_F_TUNINFO_IPV6;
memcpy(tkey.remote_ipv6, real->v6daddr, 16);
ifindex = *v6_intf_ifindex;
} else {
// the dst is v4
tkey.remote_ipv4 = real->daddr;
ifindex = *v4_intf_ifindex;
}
prog_stats->pckts_processed += 1;
bpf_skb_set_tunnel_key(skb, &tkey, sizeof(tkey), tun_flag);
return bpf_redirect(ifindex, REDIRECT_EGRESS);
}