From: Remi Gacogne <remi.gacogne@powerdns.com>
Date: Thu, 2 Mar 2023 14:04:33 +0000 (+0100)
Subject: dnsdist: Punt fragmented UDP dgrams to the kernel in xdp-filter
X-Git-Tag: dnsdist-1.9.0-rc1^2~45
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=7d0d8ed6816816cf1193aee9147a1cf5bb45ddb3;p=thirdparty%2Fpdns.git

dnsdist: Punt fragmented UDP dgrams to the kernel in xdp-filter
---

diff --git a/contrib/xdp-filter.ebpf.src b/contrib/xdp-filter.ebpf.src
index 8de35a0445..786d9d75a3 100644
--- a/contrib/xdp-filter.ebpf.src
+++ b/contrib/xdp-filter.ebpf.src
@@ -195,6 +195,14 @@ static inline enum xdp_action parseIPV4(struct xdp_md* ctx, struct cursor* c)
     goto res;
   }
 
+  // ignore the DF flag
+  const uint16_t fragMask = htons(~(1 << 14));
+  uint16_t frag = ipv4->frag_off & fragMask;
+  if (frag != 0) {
+    // MF flag is set, or Fragment Offset is != 0
+    return XDP_PASS;
+  }
+
   if (dns) {
     value = check_qname(c);
   }