ARTICLE AD BOX
i wrote a XDP program in c that saves every packet except some blocked ones into a ring buffer map which is sent into userspace, i also made a xdp_loader program in C++ that loads the XDP program and attaches it to an interface. but it gives me an error that bpf_xdp_attach is undefined, so i cant attach it. its probably not even the right way to do it but im honestly confused i didnt find very good resources online so i hope this will help.
int Load(DatabaseManager &db){ const char *iface = GetInterfaces().c_str();// choose your interface if( iface == "") { std::cerr << "No valid interface chosen" << std::endl; return 1; } struct bpf_object *obj; int prog_fd; obj = bpf_object__open_file("xdp_sniffer.o", nullptr); bpf_object__load(obj); blockedip_map_fd = bpf_object__find_map_fd_by_name(obj, "blocked_ips"); blockedMAC_map_fd = bpf_object__find_map_fd_by_name(obj, "blocked_macs"); blockedport_map_fd = bpf_object__find_map_fd_by_name(obj, "blocked_ports"); Block(obj, db); // get program struct bpf_program *prog = bpf_object__find_program_by_title(obj, "xdp"); prog_fd = bpf_program__fd(prog); // attach to interface int ifindex = if_nametoindex(iface); bpf_xdp_attach(ifindex, prog_fd, 0, nullptr); // get ring buffer map int map_fd = bpf_object__find_map_fd_by_name(obj, "events"); struct ring_buffer *rb = ring_buffer__new(map_fd, handle_event, nullptr, nullptr); std::cout << "XDP sniffer running..." << std::endl; while (true) { ring_buffer__poll(rb, 100); // blocking wait }} and these are my includes in the same file:
#include <bpf/libbpf.h> #include <bpf/bpf.h> #include <iostream> #include <vector> #include <arpa/inet.h> #include <ifaddrs.h> #include <optional> #include <net/if.h> #include "xdp_loader.h"