github-personal/firezone
1
0
Fork 0
mirror of https://github.com/outbackdingo/firezone.git synced 2026-01-27 18:18:55 +00:00
Code Issues Packages Projects Releases Wiki Activity

build(deps): bump network-types from 0.0.8 to 0.1.0 in /rust (#10644)

Browse Source 
Bumps [network-types](https://github.com/vadorovsky/network-types) from
0.0.8 to 0.1.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/vadorovsky/network-types/blob/main/CHANGELOG.md">network-types's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<p>All notable changes to this project will be documented in this
file.</p>
<p>The format is based on <a
href="https://keepachangelog.com/en/1.0.0/">Keep a Changelog</a>,
and this project adheres to <a
href="https://semver.org/spec/v2.0.0.html">Semantic Versioning</a>.</p>
<h2>[Unreleased]</h2>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="f0f60f40a9"><code>f0f60f4</code></a>
Release 0.1.0</li>
<li><a
href="ed8976abfd"><code>ed8976a</code></a>
perf: Reduce number of instructions in setters and getters</li>
<li><a
href="8db6af28ea"><code>8db6af2</code></a>
feat: full arp support (<a
href="https://redirect.github.com/vadorovsky/network-types/issues/66">#66</a>)</li>
<li><a
href="62bfb9da66"><code>62bfb9d</code></a>
test: Multi-target CI Stages (<a
href="https://redirect.github.com/vadorovsky/network-types/issues/62">#62</a>)</li>
<li><a
href="976026462f"><code>9760264</code></a>
chore: Fix rustfmt errors (<a
href="https://redirect.github.com/vadorovsky/network-types/issues/70">#70</a>)</li>
<li><a
href="993395c4b1"><code>993395c</code></a>
Adds support for GENEVE (<a
href="https://redirect.github.com/vadorovsky/network-types/issues/67">#67</a>)</li>
<li><a
href="1f1a75dbc3"><code>1f1a75d</code></a>
Update vxlan.rs (<a
href="https://redirect.github.com/vadorovsky/network-types/issues/58">#58</a>)</li>
<li><a
href="c77073b396"><code>c77073b</code></a>
feat: MPLS header structure support (<a
href="https://redirect.github.com/vadorovsky/network-types/issues/51">#51</a>)</li>
<li><a
href="e6d7c50c37"><code>e6d7c50</code></a>
feat: Add Logical Link Control (LLC) header support (<a
href="https://redirect.github.com/vadorovsky/network-types/issues/49">#49</a>)</li>
<li><a
href="b82ea45981"><code>b82ea45</code></a>
feat: icmp v4 and icmp v6 support (<a
href="https://redirect.github.com/vadorovsky/network-types/issues/48">#48</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/vadorovsky/network-types/compare/v0.0.8...v0.1.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=network-types&package-manager=cargo&previous-version=0.0.8&new-version=0.1.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Thomas Eizinger <thomas@eizinger.io>
This commit is contained in:
dependabot[bot]
2025-10-30 10:30:14 +11:00
committed by GitHub
parent c59b3e107c
commit 7a0a3a050f
15 changed files with 207 additions and 166 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
rust/Cargo.lock generated
View File

@@ -4647,9 +4647,12 @@ dependencies = [
[[package]]
name = "network-types"
version = "0.0.8"
version = "0.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f2df15b1cb023b9d205ae287d5dbe74510ae4d62b5131ceec516f4913ed05230"
checksum = "f06f1863cb5565864300c6bfb012312969908878d2ca5881eaf0bbdb8b519c23"
dependencies = [
"memoffset",
]
[[package]]
name = "new_debug_unreachable"

2
rust/Cargo.toml
View File

@@ -113,7 +113,7 @@ moka = "0.12.11"
native-dialog = "0.7.0"
netlink-packet-core = "0.7"
netlink-packet-route = "0.24"
network-types = "0.0.8"
network-types = "0.1.0"
nix = "0.30.1"
nu-ansi-term = "0.50"
num_cpus = "1.17.0"

28
rust/relay/ebpf-turn-router/src/try_handle_turn.rs
View File

@@ -46,9 +46,9 @@ pub fn try_handle_turn(ctx: &XdpContext) -> Result<(), Error> {
// SAFETY: The offset must point to the start of a valid `EthHdr`.
let eth = unsafe { ref_mut_at::<EthHdr>(ctx, 0)? };
let num_bytes = match eth.ether_type {
EtherType::Ipv4 => try_handle_turn_ipv4(ctx)?,
EtherType::Ipv6 => try_handle_turn_ipv6(ctx)?,
let num_bytes = match eth.ether_type() {
Ok(EtherType::Ipv4) => try_handle_turn_ipv4(ctx)?,
Ok(EtherType::Ipv6) => try_handle_turn_ipv6(ctx)?,
_ => return Err(Error::NotIp),
};
stats::emit_data_relayed(ctx, num_bytes);
@@ -65,7 +65,7 @@ fn try_handle_turn_ipv4(ctx: &XdpContext) -> Result<u16, Error> {
return Err(Error::NotUdp);
}
if ipv4.ihl() != 5 {
if ipv4.ihl() != 20 {
// IPv4 with options is not supported
return Err(Error::Ipv4PacketWithOptions);
}
@@ -75,17 +75,17 @@ fn try_handle_turn_ipv4(ctx: &XdpContext) -> Result<u16, Error> {
let udp_payload_len = udp.len() - UdpHdr::LEN as u16;
// We do not want to handle DNS packets
if udp.source() == DNS_PORT {
if udp.src_port() == DNS_PORT {
return Err(Error::DnsPacket);
}
if (LOWER_PORT..=UPPER_PORT).contains(&udp.dest()) {
if (LOWER_PORT..=UPPER_PORT).contains(&udp.dst_port()) {
try_handle_from_ipv4_udp(ctx)?;
return Ok(udp_payload_len);
}
if udp.dest() == 3478 {
if udp.dst_port() == 3478 {
try_handle_from_ipv4_channel_data(ctx)?;
return Ok(udp_payload_len - CdHdr::LEN as u16);
@@ -108,17 +108,17 @@ fn try_handle_turn_ipv6(ctx: &XdpContext) -> Result<u16, Error> {
let udp_payload_len = udp.len() - UdpHdr::LEN as u16;
// We do not want to handle DNS packets
if udp.source() == DNS_PORT {
if udp.src_port() == DNS_PORT {
return Err(Error::DnsPacket);
}
if (LOWER_PORT..=UPPER_PORT).contains(&udp.dest()) {
if (LOWER_PORT..=UPPER_PORT).contains(&udp.dst_port()) {
try_handle_from_ipv6_udp(ctx)?;
return Ok(udp_payload_len);
}
if udp.dest() == 3478 {
if udp.dst_port() == 3478 {
try_handle_from_ipv6_channel_data(ctx)?;
return Ok(udp_payload_len - CdHdr::LEN as u16);
@@ -135,7 +135,7 @@ fn try_handle_from_ipv4_udp(ctx: &XdpContext) -> Result<(), Error> {
// SAFETY: The offset must point to the start of a valid `UdpHdr`.
let udp = unsafe { ref_mut_at::<UdpHdr>(ctx, EthHdr::LEN + Ipv4Hdr::LEN)? };
let pp = PortAndPeerV4::new(ipv4.src_addr(), udp.dest(), udp.source());
let pp = PortAndPeerV4::new(ipv4.src_addr(), udp.dst_port(), udp.src_port());
trace!(
ctx,
@@ -191,7 +191,7 @@ fn try_handle_from_ipv4_channel_data(ctx: &XdpContext) -> Result<(), Error> {
return Err(Error::BadChannelDataLength);
}
let cc = ClientAndChannelV4::new(ipv4.src_addr(), udp.source(), channel_number);
let cc = ClientAndChannelV4::new(ipv4.src_addr(), udp.src_port(), channel_number);
trace!(
ctx,
@@ -251,7 +251,7 @@ fn try_handle_from_ipv6_udp(ctx: &XdpContext) -> Result<(), Error> {
// SAFETY: The offset must point to the start of a valid `UdpHdr`.
let udp = unsafe { ref_mut_at::<UdpHdr>(ctx, EthHdr::LEN + Ipv6Hdr::LEN)? };
let pp = PortAndPeerV6::new(ipv6.src_addr(), udp.dest(), udp.source());
let pp = PortAndPeerV6::new(ipv6.src_addr(), udp.dst_port(), udp.src_port());
trace!(
ctx,
@@ -307,7 +307,7 @@ fn try_handle_from_ipv6_channel_data(ctx: &XdpContext) -> Result<(), Error> {
return Err(Error::BadChannelDataLength);
}
let cc = ClientAndChannelV6::new(ipv6.src_addr(), udp.source(), cd.number());
let cc = ClientAndChannelV6::new(ipv6.src_addr(), udp.src_port(), cd.number());
trace!(
ctx,

19
rust/relay/ebpf-turn-router/src/try_handle_turn/from_ipv4_channel/to_ipv4_channel.rs
View File

@@ -21,11 +21,12 @@ pub fn to_ipv4_channel(
(
old_ipv4.src_addr(),
old_ipv4.dst_addr(),
old_ipv4.total_len(),
old_ipv4.tot_len(),
old_ipv4.checksum(),
old_ipv4.tos,
old_ipv4.id(),
old_ipv4.frag_off,
old_ipv4.frag_flags(),
old_ipv4.frag_offset(),
old_ipv4.ttl,
old_ipv4.proto,
)
@@ -36,9 +37,9 @@ pub fn to_ipv4_channel(
let old_udp = unsafe { ref_mut_at::<UdpHdr>(ctx, EthHdr::LEN + Ipv4Hdr::LEN)? };
(
old_udp.len(),
old_udp.source(),
old_udp.dest(),
old_udp.check(),
old_udp.src_port(),
old_udp.dst_port(),
old_udp.checksum(),
)
};
@@ -86,16 +87,16 @@ pub fn to_ipv4_channel(
// SAFETY: The offset must point to the start of a valid `UdpHdr`.
let udp = unsafe { ref_mut_at::<UdpHdr>(ctx, EthHdr::LEN + Ipv4Hdr::LEN)? };
udp.set_source(new_udp_src);
udp.set_dest(new_udp_dst);
udp.set_src_port(new_udp_src);
udp.set_dst_port(new_udp_dst);
// Incrementally update UDP checksum
if old_udp_check == 0 {
// No checksum is valid for UDP IPv4 - we didn't write it, but maybe a middlebox did
udp.set_check(0);
udp.set_checksum(0);
} else {
udp.set_check(
udp.set_checksum(
ChecksumUpdate::new(old_udp_check)
.remove_u32(u32::from_be_bytes(old_ipv4_src.octets()))
.add_u32(u32::from_be_bytes(new_ipv4_dst.octets()))

29
rust/relay/ebpf-turn-router/src/try_handle_turn/from_ipv4_channel/to_ipv4_udp.rs
View File

@@ -23,7 +23,8 @@ pub fn to_ipv4_udp(ctx: &XdpContext, port_and_peer: &PortAndPeerV4) -> Result<()
old_ipv4_check,
old_ipv4_tos,
old_ipv4_id,
old_ipv4_frag_off,
old_ipv4_frag_flags,
old_ipv4_frag_offset,
old_ipv4_ttl,
old_ipv4_proto,
) = {
@@ -32,11 +33,12 @@ pub fn to_ipv4_udp(ctx: &XdpContext, port_and_peer: &PortAndPeerV4) -> Result<()
(
old_ipv4.src_addr(),
old_ipv4.dst_addr(),
old_ipv4.total_len(),
old_ipv4.tot_len(),
old_ipv4.checksum(),
old_ipv4.tos,
old_ipv4.id(),
old_ipv4.frag_off,
old_ipv4.frag_flags(),
old_ipv4.frag_offset(),
old_ipv4.ttl,
old_ipv4.proto,
)
@@ -47,9 +49,9 @@ pub fn to_ipv4_udp(ctx: &XdpContext, port_and_peer: &PortAndPeerV4) -> Result<()
let old_udp = unsafe { ref_mut_at::<UdpHdr>(ctx, EthHdr::LEN + Ipv4Hdr::LEN)? };
(
old_udp.len(),
old_udp.source(),
old_udp.dest(),
old_udp.check(),
old_udp.src_port(),
old_udp.dst_port(),
old_udp.checksum(),
)
};
@@ -79,12 +81,11 @@ pub fn to_ipv4_udp(ctx: &XdpContext, port_and_peer: &PortAndPeerV4) -> Result<()
// SAFETY: The offset must point to the start of a valid `Ipv4Hdr`.
let ipv4 = unsafe { ref_mut_at::<Ipv4Hdr>(ctx, NET_SHRINK as usize + EthHdr::LEN)? };
ipv4.set_version(4); // IPv4
ipv4.set_ihl(5); // No options, 5 * 4 = 20 bytes
ipv4.set_vihl(4, 20); // IPv4
ipv4.tos = old_ipv4_tos; // Preserve TOS/DSCP
ipv4.set_total_len(new_ipv4_len);
ipv4.set_tot_len(new_ipv4_len);
ipv4.set_id(old_ipv4_id); // Preserve ID
ipv4.frag_off = old_ipv4_frag_off; // Preserve fragment flags
ipv4.set_frags(old_ipv4_frag_flags, old_ipv4_frag_offset); // Preserve fragment flags
ipv4.ttl = old_ipv4_ttl; // Preserve TTL exactly
ipv4.proto = old_ipv4_proto; // Protocol is UDP
ipv4.set_src_addr(new_ipv4_src);
@@ -109,17 +110,17 @@ pub fn to_ipv4_udp(ctx: &XdpContext, port_and_peer: &PortAndPeerV4) -> Result<()
// SAFETY: The offset must point to the start of a valid `UdpHdr`.
let udp =
unsafe { ref_mut_at::<UdpHdr>(ctx, NET_SHRINK as usize + EthHdr::LEN + Ipv4Hdr::LEN)? };
udp.set_source(new_udp_src);
udp.set_dest(new_udp_dst);
udp.set_src_port(new_udp_src);
udp.set_dst_port(new_udp_dst);
udp.set_len(new_udp_len);
// Incrementally update UDP checksum
if old_udp_check == 0 {
// No checksum is valid for UDP IPv4 - we didn't write it, but maybe a middlebox did
udp.set_check(0);
udp.set_checksum(0);
} else {
udp.set_check(
udp.set_checksum(
ChecksumUpdate::new(old_udp_check)
.remove_u32(u32::from_be_bytes(old_ipv4_src.octets()))
.add_u32(u32::from_be_bytes(new_ipv4_dst.octets()))

33
rust/relay/ebpf-turn-router/src/try_handle_turn/from_ipv4_channel/to_ipv6_channel.rs
View File

@@ -29,14 +29,23 @@ pub fn to_ipv6_channel(
(old_eth.src_addr, old_eth.dst_addr)
};
let (old_ipv4_src, old_ipv4_dst, old_ipv4_len, old_ipv4_tos, old_ipv4_ttl, old_ipv4_proto) = {
let (
old_ipv4_src,
old_ipv4_dst,
old_ipv4_len,
old_ipv4_dscp,
old_ipv4_ecn,
old_ipv4_ttl,
old_ipv4_proto,
) = {
// SAFETY: The offset must point to the start of a valid `Ipv4Hdr`.
let old_ipv4 = unsafe { ref_mut_at::<Ipv4Hdr>(ctx, old_data_offset + EthHdr::LEN)? };
(
old_ipv4.src_addr(),
old_ipv4.dst_addr(),
old_ipv4.total_len(),
old_ipv4.tos,
old_ipv4.tot_len(),
old_ipv4.dscp(),
old_ipv4.ecn(),
old_ipv4.ttl,
old_ipv4.proto,
)
@@ -48,9 +57,9 @@ pub fn to_ipv6_channel(
unsafe { ref_mut_at::<UdpHdr>(ctx, old_data_offset + EthHdr::LEN + Ipv4Hdr::LEN)? };
(
old_udp.len(),
old_udp.source(),
old_udp.dest(),
old_udp.check(),
old_udp.src_port(),
old_udp.dst_port(),
old_udp.checksum(),
)
};
@@ -79,7 +88,7 @@ pub fn to_ipv6_channel(
let eth = unsafe { ref_mut_at::<EthHdr>(ctx, 0)? };
eth.dst_addr = old_eth_src; // Swap source and destination
eth.src_addr = old_eth_dst;
eth.ether_type = EtherType::Ipv6; // Change to IPv6
eth.ether_type = EtherType::Ipv6.into(); // Change to IPv6
//
// 2. IPv4 -> IPv6 header
@@ -91,9 +100,7 @@ pub fn to_ipv6_channel(
// SAFETY: The offset must point to the start of a valid `Ipv6Hdr`.
let ipv6 = unsafe { ref_mut_at::<Ipv6Hdr>(ctx, EthHdr::LEN)? };
ipv6.set_version(6);
ipv6.set_priority(old_ipv4_tos);
ipv6.flow_label = [0, 0, 0]; // Default flow label
ipv6.set_vcf(6, old_ipv4_dscp, old_ipv4_ecn, 0); // Default flow label
ipv6.set_payload_len(new_ipv6_len);
ipv6.next_hdr = old_ipv4_proto;
ipv6.hop_limit = old_ipv4_ttl;
@@ -111,13 +118,13 @@ pub fn to_ipv6_channel(
// SAFETY: The offset must point to the start of a valid `UdpHdr`.
let udp = unsafe { ref_mut_at::<UdpHdr>(ctx, EthHdr::LEN + Ipv6Hdr::LEN)? };
udp.set_source(new_udp_src);
udp.set_dest(new_udp_dst);
udp.set_src_port(new_udp_src);
udp.set_dst_port(new_udp_dst);
udp.set_len(old_udp_len);
// Incrementally update UDP checksum
udp.set_check(
udp.set_checksum(
ChecksumUpdate::new(old_udp_check)
.remove_u32(u32::from_be_bytes(old_ipv4_src.octets()))
.add_u128(u128::from_be_bytes(new_ipv6_src.octets()))

23
rust/relay/ebpf-turn-router/src/try_handle_turn/from_ipv4_channel/to_ipv6_udp.rs
View File

@@ -25,13 +25,14 @@ pub fn to_ipv6_udp(ctx: &XdpContext, port_and_peer: &PortAndPeerV6) -> Result<()
(old_eth.src_addr, old_eth.dst_addr)
};
let (old_ipv4_src, old_ipv4_dst, old_ipv4_tos, old_ipv4_ttl, old_ipv4_proto) = {
let (old_ipv4_src, old_ipv4_dst, old_ipv4_dscp, old_ipv4_ecn, old_ipv4_ttl, old_ipv4_proto) = {
// SAFETY: The offset must point to the start of a valid `Ipv4Hdr`.
let old_ipv4 = unsafe { ref_mut_at::<Ipv4Hdr>(ctx, old_data_offset + EthHdr::LEN)? };
(
old_ipv4.src_addr(),
old_ipv4.dst_addr(),
old_ipv4.tos,
old_ipv4.dscp(),
old_ipv4.ecn(),
old_ipv4.ttl,
old_ipv4.proto,
)
@@ -43,9 +44,9 @@ pub fn to_ipv6_udp(ctx: &XdpContext, port_and_peer: &PortAndPeerV6) -> Result<()
unsafe { ref_mut_at::<UdpHdr>(ctx, old_data_offset + EthHdr::LEN + Ipv4Hdr::LEN)? };
(
old_udp.len(),
old_udp.source(),
old_udp.dest(),
old_udp.check(),
old_udp.src_port(),
old_udp.dst_port(),
old_udp.checksum(),
)
};
@@ -74,7 +75,7 @@ pub fn to_ipv6_udp(ctx: &XdpContext, port_and_peer: &PortAndPeerV6) -> Result<()
let eth = unsafe { ref_mut_at::<EthHdr>(ctx, 0)? };
eth.dst_addr = old_src_mac; // Swap MACs
eth.src_addr = old_dst_mac;
eth.ether_type = EtherType::Ipv6; // Change to IPv6
eth.ether_type = EtherType::Ipv6.into(); // Change to IPv6
//
// 2. IPv6 header
@@ -86,9 +87,7 @@ pub fn to_ipv6_udp(ctx: &XdpContext, port_and_peer: &PortAndPeerV6) -> Result<()
// SAFETY: The offset must point to the start of a valid `Ipv6Hdr`.
let ipv6 = unsafe { ref_mut_at::<Ipv6Hdr>(ctx, EthHdr::LEN)? };
ipv6.set_version(6); // IPv6
ipv6.set_priority(old_ipv4_tos);
ipv6.flow_label = [0, 0, 0];
ipv6.set_vcf(6, old_ipv4_dscp, old_ipv4_ecn, 0); // Default flow label
ipv6.set_payload_len(new_udp_len);
ipv6.next_hdr = old_ipv4_proto;
ipv6.hop_limit = old_ipv4_ttl;
@@ -104,13 +103,13 @@ pub fn to_ipv6_udp(ctx: &XdpContext, port_and_peer: &PortAndPeerV6) -> Result<()
// SAFETY: The offset must point to the start of a valid `UdpHdr`.
let udp = unsafe { ref_mut_at::<UdpHdr>(ctx, EthHdr::LEN + Ipv6Hdr::LEN)? };
udp.set_source(new_udp_src);
udp.set_dest(new_udp_dst);
udp.set_src_port(new_udp_src);
udp.set_dst_port(new_udp_dst);
udp.set_len(new_udp_len);
// Incrementally update UDP checksum
udp.set_check(
udp.set_checksum(
ChecksumUpdate::new(old_udp_check)
.remove_u32(u32::from_be_bytes(old_ipv4_src.octets()))
.add_u128(u128::from_be_bytes(new_ipv6_src.octets()))

29
rust/relay/ebpf-turn-router/src/try_handle_turn/from_ipv4_udp/to_ipv4_channel.rs
View File

@@ -31,7 +31,8 @@ pub fn to_ipv4_channel(
old_ipv4_check,
old_ipv4_tos,
old_ipv4_id,
old_ipv4_frag_off,
old_ipv4_frag_flags,
old_ipv4_frag_offset,
old_ipv4_ttl,
old_ipv4_proto,
) = {
@@ -40,11 +41,12 @@ pub fn to_ipv4_channel(
(
old_ipv4.src_addr(),
old_ipv4.dst_addr(),
old_ipv4.total_len(),
old_ipv4.tot_len(),
old_ipv4.checksum(),
old_ipv4.tos,
old_ipv4.id(),
old_ipv4.frag_off,
old_ipv4.frag_flags(),
old_ipv4.frag_offset(),
old_ipv4.ttl,
old_ipv4.proto,
)
@@ -56,9 +58,9 @@ pub fn to_ipv4_channel(
unsafe { ref_mut_at::<UdpHdr>(ctx, old_data_offset + EthHdr::LEN + Ipv4Hdr::LEN)? };
(
old_udp.len(),
old_udp.source(),
old_udp.dest(),
old_udp.check(),
old_udp.src_port(),
old_udp.dst_port(),
old_udp.checksum(),
)
};
@@ -82,12 +84,11 @@ pub fn to_ipv4_channel(
// SAFETY: The offset must point to the start of a valid `Ipv4Hdr`.
let ipv4 = unsafe { ref_mut_at::<Ipv4Hdr>(ctx, EthHdr::LEN)? };
ipv4.set_version(4); // IPv4
ipv4.set_ihl(5); // No options, 5 * 4 = 20 bytes
ipv4.set_vihl(4, 20);
ipv4.tos = old_ipv4_tos; // Preserve TOS/DSCP
ipv4.set_total_len(new_ipv4_len);
ipv4.set_tot_len(new_ipv4_len);
ipv4.set_id(old_ipv4_id); // Preserve fragment ID
ipv4.frag_off = old_ipv4_frag_off; // Preserve fragment flags
ipv4.set_frags(old_ipv4_frag_flags, old_ipv4_frag_offset); // Preserve fragment flags
ipv4.ttl = old_ipv4_ttl; // Preserve TTL exactly
ipv4.proto = old_ipv4_proto; // Protocol is UDP
ipv4.set_src_addr(new_ipv4_src); // Swap source and destination
@@ -113,17 +114,17 @@ pub fn to_ipv4_channel(
// SAFETY: The offset must point to the start of a valid `UdpHdr`.
let udp = unsafe { ref_mut_at::<UdpHdr>(ctx, EthHdr::LEN + Ipv4Hdr::LEN)? };
udp.set_source(new_udp_src);
udp.set_dest(new_udp_dst);
udp.set_src_port(new_udp_src);
udp.set_dst_port(new_udp_dst);
udp.set_len(new_udp_len);
// Incrementally update UDP checksum
if old_udp_check == 0 {
// No checksum is valid for UDP IPv4 - we didn't write it, but maybe a middlebox did
udp.set_check(0);
udp.set_checksum(0);
} else {
udp.set_check(
udp.set_checksum(
ChecksumUpdate::new(old_udp_check)
.remove_u32(u32::from_be_bytes(old_ipv4_src.octets()))
.add_u32(u32::from_be_bytes(new_ipv4_dst.octets()))

33
rust/relay/ebpf-turn-router/src/try_handle_turn/from_ipv4_udp/to_ipv6_channel.rs
View File

@@ -29,14 +29,23 @@ pub fn to_ipv6_channel(
(old_eth.src_addr, old_eth.dst_addr)
};
let (old_ipv4_src, old_ipv4_dst, old_ipv4_len, old_ipv4_tos, old_ipv4_ttl, old_ipv4_proto) = {
let (
old_ipv4_src,
old_ipv4_dst,
old_ipv4_len,
old_ipv4_dscp,
old_ipv4_ecn,
old_ipv4_ttl,
old_ipv4_proto,
) = {
// SAFETY: The offset must point to the start of a valid `Ipv4Hdr`.
let old_ipv4 = unsafe { ref_mut_at::<Ipv4Hdr>(ctx, old_data_offset + EthHdr::LEN)? };
(
old_ipv4.src_addr(),
old_ipv4.dst_addr(),
old_ipv4.total_len(),
old_ipv4.tos,
old_ipv4.tot_len(),
old_ipv4.dscp(),
old_ipv4.ecn(),
old_ipv4.ttl,
old_ipv4.proto,
)
@@ -48,9 +57,9 @@ pub fn to_ipv6_channel(
unsafe { ref_mut_at::<UdpHdr>(ctx, old_data_offset + EthHdr::LEN + Ipv4Hdr::LEN)? };
(
old_udp.len(),
old_udp.source(),
old_udp.dest(),
old_udp.check(),
old_udp.src_port(),
old_udp.dst_port(),
old_udp.checksum(),
)
};
@@ -68,7 +77,7 @@ pub fn to_ipv6_channel(
let eth = unsafe { ref_mut_at::<EthHdr>(ctx, 0)? };
eth.dst_addr = old_eth_src; // Swap source and destination
eth.src_addr = old_eth_dst;
eth.ether_type = EtherType::Ipv6; // Change to IPv6
eth.ether_type = EtherType::Ipv6.into(); // Change to IPv6
//
// 2. IPv4 -> IPv6 header
@@ -80,9 +89,7 @@ pub fn to_ipv6_channel(
// SAFETY: The offset must point to the start of a valid `Ipv6Hdr`.
let ipv6 = unsafe { ref_mut_at::<Ipv6Hdr>(ctx, EthHdr::LEN)? };
ipv6.set_version(6);
ipv6.set_priority(old_ipv4_tos);
ipv6.flow_label = [0, 0, 0]; // Default flow label
ipv6.set_vcf(6, old_ipv4_dscp, old_ipv4_ecn, 0);
ipv6.set_payload_len(new_ipv6_len);
ipv6.next_hdr = old_ipv4_proto;
ipv6.hop_limit = old_ipv4_ttl;
@@ -102,13 +109,13 @@ pub fn to_ipv6_channel(
// SAFETY: The offset must point to the start of a valid `UdpHdr`.
let udp = unsafe { ref_mut_at::<UdpHdr>(ctx, EthHdr::LEN + Ipv6Hdr::LEN)? };
udp.set_source(new_udp_src);
udp.set_dest(new_udp_dst);
udp.set_src_port(new_udp_src);
udp.set_dst_port(new_udp_dst);
udp.set_len(new_udp_len);
// Incrementally update UDP checksum
udp.set_check(
udp.set_checksum(
ChecksumUpdate::new(old_udp_check)
.remove_u32(u32::from_be_bytes(old_ipv4_src.octets()))
.add_u128(u128::from_be_bytes(new_ipv6_src.octets()))

35
rust/relay/ebpf-turn-router/src/try_handle_turn/from_ipv6_channel/to_ipv4_channel.rs
View File

@@ -27,13 +27,21 @@ pub fn to_ipv4_channel(
(old_eth.src_addr, old_eth.dst_addr)
};
let (old_ipv6_src, old_ipv6_dst, old_ipv6_priority, old_ipv6_hop_limit, old_ipv6_next_hdr) = {
let (
old_ipv6_src,
old_ipv6_dst,
old_ipv6_dscp,
old_ipv6_ecn,
old_ipv6_hop_limit,
old_ipv6_next_hdr,
) = {
// SAFETY: The offset must point to the start of a valid `Ipv6Hdr`.
let old_ipv6 = unsafe { ref_mut_at::<Ipv6Hdr>(ctx, EthHdr::LEN)? };
(
old_ipv6.src_addr(),
old_ipv6.dst_addr(),
old_ipv6.priority(),
old_ipv6.dscp(),
old_ipv6.ecn(),
old_ipv6.hop_limit,
old_ipv6.next_hdr,
)
@@ -44,9 +52,9 @@ pub fn to_ipv4_channel(
let old_udp = unsafe { ref_mut_at::<UdpHdr>(ctx, EthHdr::LEN + Ipv6Hdr::LEN)? };
(
old_udp.len(),
old_udp.source(),
old_udp.dest(),
old_udp.check(),
old_udp.src_port(),
old_udp.dst_port(),
old_udp.checksum(),
)
};
@@ -64,7 +72,7 @@ pub fn to_ipv4_channel(
let eth = unsafe { ref_mut_at::<EthHdr>(ctx, NET_SHRINK as usize)? };
eth.src_addr = old_eth_dst; // Swap source and destination
eth.dst_addr = old_eth_src;
eth.ether_type = EtherType::Ipv4; // Change to IPv4
eth.ether_type = EtherType::Ipv4.into(); // Change to IPv4
//
// 2. IPv6 -> IPv4 header
@@ -76,12 +84,11 @@ pub fn to_ipv4_channel(
// SAFETY: The offset must point to the start of a valid `Ipv4Hdr`.
let ipv4 = unsafe { ref_mut_at::<Ipv4Hdr>(ctx, NET_SHRINK as usize + EthHdr::LEN)? };
ipv4.set_version(4);
ipv4.set_ihl(5); // No options
ipv4.tos = old_ipv6_priority;
ipv4.set_total_len(new_ipv4_len);
ipv4.set_vihl(4, 20);
ipv4.set_tos(old_ipv6_dscp, old_ipv6_ecn);
ipv4.set_tot_len(new_ipv4_len);
ipv4.set_id(0); // Default ID
ipv4.frag_off = 0x4000_u16.to_be_bytes(); // Don't fragment
ipv4.set_frags(0b010, 0); // Don't fragment
ipv4.ttl = old_ipv6_hop_limit; // Preserve hop limit
ipv4.proto = old_ipv6_next_hdr; // Preserve protocol
ipv4.set_src_addr(new_ipv4_src);
@@ -102,13 +109,13 @@ pub fn to_ipv4_channel(
// SAFETY: The offset must point to the start of a valid `UdpHdr`.
let udp =
unsafe { ref_mut_at::<UdpHdr>(ctx, NET_SHRINK as usize + EthHdr::LEN + Ipv4Hdr::LEN)? };
udp.set_source(new_udp_src);
udp.set_dest(new_udp_dst);
udp.set_src_port(new_udp_src);
udp.set_dst_port(new_udp_dst);
udp.set_len(old_udp_len);
// Incrementally update UDP checksum
udp.set_check(
udp.set_checksum(
ChecksumUpdate::new(old_udp_check)
.remove_u128(u128::from_be_bytes(old_ipv6_src.octets()))
.add_u32(u32::from_be_bytes(new_ipv4_src.octets()))

35
rust/relay/ebpf-turn-router/src/try_handle_turn/from_ipv6_channel/to_ipv4_udp.rs
View File

@@ -24,13 +24,21 @@ pub fn to_ipv4_udp(ctx: &XdpContext, port_and_peer: &PortAndPeerV4) -> Result<()
(old_eth.src_addr, old_eth.dst_addr)
};
let (old_ipv6_src, old_ipv6_dst, old_ipv6_priority, old_ipv6_hop_limit, old_ipv6_next_hdr) = {
let (
old_ipv6_src,
old_ipv6_dst,
old_ipv6_dscp,
old_ipv6_ecn,
old_ipv6_hop_limit,
old_ipv6_next_hdr,
) = {
// SAFETY: The offset must point to the start of a valid `Ipv6Hdr`.
let old_ipv6 = unsafe { ref_mut_at::<Ipv6Hdr>(ctx, EthHdr::LEN)? };
(
old_ipv6.src_addr(),
old_ipv6.dst_addr(),
old_ipv6.priority(),
old_ipv6.dscp(),
old_ipv6.ecn(),
old_ipv6.hop_limit,
old_ipv6.next_hdr,
)
@@ -41,9 +49,9 @@ pub fn to_ipv4_udp(ctx: &XdpContext, port_and_peer: &PortAndPeerV4) -> Result<()
let old_udp = unsafe { ref_mut_at::<UdpHdr>(ctx, EthHdr::LEN + Ipv6Hdr::LEN)? };
(
old_udp.len(),
old_udp.source(),
old_udp.dest(),
old_udp.check(),
old_udp.src_port(),
old_udp.dst_port(),
old_udp.checksum(),
)
};
@@ -61,7 +69,7 @@ pub fn to_ipv4_udp(ctx: &XdpContext, port_and_peer: &PortAndPeerV4) -> Result<()
let eth = unsafe { ref_mut_at::<EthHdr>(ctx, NET_SHRINK as usize)? };
eth.src_addr = old_eth_dst; // Swap source and destination
eth.dst_addr = old_eth_src;
eth.ether_type = EtherType::Ipv4; // Change to IPv4
eth.ether_type = EtherType::Ipv4.into(); // Change to IPv4
//
// 2. IPv6 -> IPv4 header
@@ -73,12 +81,11 @@ pub fn to_ipv4_udp(ctx: &XdpContext, port_and_peer: &PortAndPeerV4) -> Result<()
// SAFETY: The offset must point to the start of a valid `Ipv4Hdr`.
let ipv4 = unsafe { ref_mut_at::<Ipv4Hdr>(ctx, NET_SHRINK as usize + EthHdr::LEN)? };
ipv4.set_version(4);
ipv4.set_ihl(5); // No options
ipv4.tos = old_ipv6_priority; // Copy TOS from IPv6
ipv4.set_total_len(new_ipv4_len);
ipv4.set_vihl(4, 20);
ipv4.set_tos(old_ipv6_dscp, old_ipv6_ecn); // Copy TOS from IPv6
ipv4.set_tot_len(new_ipv4_len);
ipv4.set_id(0); // Default ID
ipv4.frag_off = 0x4000_u16.to_be_bytes(); // Don't fragment
ipv4.set_frags(0b010, 0); // Don't fragment
ipv4.ttl = old_ipv6_hop_limit; // Preserve TTL
ipv4.proto = old_ipv6_next_hdr; // Copy protocol from IPv6
ipv4.set_src_addr(new_ipv4_src);
@@ -99,13 +106,13 @@ pub fn to_ipv4_udp(ctx: &XdpContext, port_and_peer: &PortAndPeerV4) -> Result<()
// SAFETY: The offset must point to the start of a valid `UdpHdr`.
let udp =
unsafe { ref_mut_at::<UdpHdr>(ctx, NET_SHRINK as usize + EthHdr::LEN + Ipv4Hdr::LEN)? };
udp.set_source(new_udp_src);
udp.set_dest(new_udp_dst);
udp.set_src_port(new_udp_src);
udp.set_dst_port(new_udp_dst);
udp.set_len(new_udp_len);
// Incrementally update UDP checksum
udp.set_check(
udp.set_checksum(
ChecksumUpdate::new(old_udp_check)
.remove_u128(u128::from_be_bytes(old_ipv6_src.octets()))
.add_u32(u32::from_be_bytes(new_ipv4_src.octets()))

17
rust/relay/ebpf-turn-router/src/try_handle_turn/from_ipv6_channel/to_ipv6_channel.rs
View File

@@ -22,8 +22,9 @@ pub fn to_ipv6_channel(
old_ipv6.src_addr(),
old_ipv6.dst_addr(),
old_ipv6.payload_len(),
old_ipv6.priority(),
old_ipv6.flow_label,
old_ipv6.dscp(),
old_ipv6.ecn(),
old_ipv6.flow_label(),
old_ipv6.hop_limit,
old_ipv6.next_hdr,
)
@@ -34,9 +35,9 @@ pub fn to_ipv6_channel(
let old_udp = unsafe { ref_mut_at::<UdpHdr>(ctx, EthHdr::LEN + Ipv6Hdr::LEN)? };
(
old_udp.len(),
old_udp.source(),
old_udp.dest(),
old_udp.check(),
old_udp.src_port(),
old_udp.dst_port(),
old_udp.checksum(),
)
};
@@ -78,12 +79,12 @@ pub fn to_ipv6_channel(
// SAFETY: The offset must point to the start of a valid `UdpHdr`.
let udp = unsafe { ref_mut_at::<UdpHdr>(ctx, EthHdr::LEN + Ipv6Hdr::LEN)? };
udp.set_source(new_udp_src);
udp.set_dest(new_udp_dst);
udp.set_src_port(new_udp_src);
udp.set_dst_port(new_udp_dst);
// Incrementally update UDP checksum
udp.set_check(
udp.set_checksum(
ChecksumUpdate::new(old_udp_check)
.remove_u128(u128::from_be_bytes(old_ipv6_src.octets()))
.add_u128(u128::from_be_bytes(new_ipv6_dst.octets()))

24
rust/relay/ebpf-turn-router/src/try_handle_turn/from_ipv6_channel/to_ipv6_udp.rs
View File

@@ -20,7 +20,8 @@ pub fn to_ipv6_udp(ctx: &XdpContext, port_and_peer: &PortAndPeerV6) -> Result<()
old_ipv6_src,
old_ipv6_dst,
old_ipv6_len,
old_ipv6_priority,
old_ipv6_dscp,
old_ipv6_ecn,
old_ipv6_flow_label,
old_ipv6_hop_limit,
old_ipv6_next_hdr,
@@ -31,8 +32,9 @@ pub fn to_ipv6_udp(ctx: &XdpContext, port_and_peer: &PortAndPeerV6) -> Result<()
old_ipv6.src_addr(),
old_ipv6.dst_addr(),
old_ipv6.payload_len(),
old_ipv6.priority(),
old_ipv6.flow_label,
old_ipv6.dscp(),
old_ipv6.ecn(),
old_ipv6.flow_label(),
old_ipv6.hop_limit,
old_ipv6.next_hdr,
)
@@ -43,9 +45,9 @@ pub fn to_ipv6_udp(ctx: &XdpContext, port_and_peer: &PortAndPeerV6) -> Result<()
let old_udp = unsafe { ref_mut_at::<UdpHdr>(ctx, EthHdr::LEN + Ipv6Hdr::LEN)? };
(
old_udp.len(),
old_udp.source(),
old_udp.dest(),
old_udp.check(),
old_udp.src_port(),
old_udp.dst_port(),
old_udp.checksum(),
)
};
@@ -75,9 +77,7 @@ pub fn to_ipv6_udp(ctx: &XdpContext, port_and_peer: &PortAndPeerV6) -> Result<()
// SAFETY: The offset must point to the start of a valid `Ipv6Hdr`.
let ipv6 = unsafe { ref_mut_at::<Ipv6Hdr>(ctx, NET_SHRINK as usize + EthHdr::LEN)? };
ipv6.set_version(6); // IPv6
ipv6.set_priority(old_ipv6_priority);
ipv6.flow_label = old_ipv6_flow_label;
ipv6.set_vcf(6, old_ipv6_dscp, old_ipv6_ecn, old_ipv6_flow_label);
ipv6.set_payload_len(new_ipv6_len);
ipv6.next_hdr = old_ipv6_next_hdr;
ipv6.hop_limit = old_ipv6_hop_limit;
@@ -95,13 +95,13 @@ pub fn to_ipv6_udp(ctx: &XdpContext, port_and_peer: &PortAndPeerV6) -> Result<()
// SAFETY: The offset must point to the start of a valid `UdpHdr`.
let udp =
unsafe { ref_mut_at::<UdpHdr>(ctx, NET_SHRINK as usize + EthHdr::LEN + Ipv6Hdr::LEN)? };
udp.set_source(new_udp_src);
udp.set_dest(new_udp_dst);
udp.set_src_port(new_udp_src);
udp.set_dst_port(new_udp_dst);
udp.set_len(new_udp_len);
// Incrementally update UDP checksum
udp.set_check(
udp.set_checksum(
ChecksumUpdate::new(old_udp_check)
.remove_u128(u128::from_be_bytes(old_ipv6_src.octets()))
.add_u128(u128::from_be_bytes(new_ipv6_dst.octets()))

35
rust/relay/ebpf-turn-router/src/try_handle_turn/from_ipv6_udp/to_ipv4_channel.rs
View File

@@ -27,13 +27,21 @@ pub fn to_ipv4_channel(
(old_eth.src_addr, old_eth.dst_addr)
};
let (old_ipv6_src, old_ipv6_dst, old_ipv6_priority, old_ipv6_hop_limit, old_ipv6_next_hdr) = {
let (
old_ipv6_src,
old_ipv6_dst,
old_ipv6_dscp,
old_ipv6_ecn,
old_ipv6_hop_limit,
old_ipv6_next_hdr,
) = {
// SAFETY: The offset must point to the start of a valid `Ipv6Hdr`.
let old_ipv6 = unsafe { ref_mut_at::<Ipv6Hdr>(ctx, EthHdr::LEN)? };
(
old_ipv6.src_addr(),
old_ipv6.dst_addr(),
old_ipv6.priority(),
old_ipv6.dscp(),
old_ipv6.ecn(),
old_ipv6.hop_limit,
old_ipv6.next_hdr,
)
@@ -44,9 +52,9 @@ pub fn to_ipv4_channel(
let old_udp = unsafe { ref_mut_at::<UdpHdr>(ctx, EthHdr::LEN + Ipv6Hdr::LEN)? };
(
old_udp.len(),
old_udp.source(),
old_udp.dest(),
old_udp.check(),
old_udp.src_port(),
old_udp.dst_port(),
old_udp.checksum(),
)
};
@@ -58,7 +66,7 @@ pub fn to_ipv4_channel(
let eth = unsafe { ref_mut_at::<EthHdr>(ctx, NET_SHRINK as usize)? };
eth.src_addr = old_eth_dst; // Swap source and destination
eth.dst_addr = old_eth_src;
eth.ether_type = EtherType::Ipv4; // Change to IPv4
eth.ether_type = EtherType::Ipv4.into(); // Change to IPv4
//
// 2. IPv6 -> IPv4 header
@@ -71,12 +79,11 @@ pub fn to_ipv4_channel(
// SAFETY: The offset must point to the start of a valid `Ipv4Hdr`.
let ipv4 = unsafe { ref_mut_at::<Ipv4Hdr>(ctx, NET_SHRINK as usize + EthHdr::LEN)? };
ipv4.set_version(4);
ipv4.set_ihl(5); // No options
ipv4.tos = old_ipv6_priority;
ipv4.set_total_len(new_ipv4_len);
ipv4.set_vihl(4, 20);
ipv4.set_tos(old_ipv6_dscp, old_ipv6_ecn); // Copy TOS from IPv6
ipv4.set_tot_len(new_ipv4_len);
ipv4.set_id(0); // Default ID
ipv4.frag_off = 0x4000_u16.to_be_bytes(); // Don't fragment
ipv4.set_frags(0b010, 0); // Don't fragment
ipv4.ttl = old_ipv6_hop_limit; // Preserve hop limit
ipv4.proto = old_ipv6_next_hdr; // Preserve protocol
ipv4.set_src_addr(new_ipv4_src);
@@ -98,13 +105,13 @@ pub fn to_ipv4_channel(
// SAFETY: The offset must point to the start of a valid `UdpHdr`.
let udp =
unsafe { ref_mut_at::<UdpHdr>(ctx, NET_SHRINK as usize + EthHdr::LEN + Ipv4Hdr::LEN)? };
udp.set_source(new_udp_src);
udp.set_dest(new_udp_dst);
udp.set_src_port(new_udp_src);
udp.set_dst_port(new_udp_dst);
udp.set_len(new_udp_len);
// Incrementally update UDP checksum
udp.set_check(
udp.set_checksum(
ChecksumUpdate::new(old_udp_check)
.remove_u128(u128::from_be_bytes(old_ipv6_src.octets()))
.add_u32(u32::from_be_bytes(new_ipv4_src.octets()))

24
rust/relay/ebpf-turn-router/src/try_handle_turn/from_ipv6_udp/to_ipv6_channel.rs
View File

@@ -29,7 +29,8 @@ pub fn to_ipv6_channel(
old_ipv6_src,
old_ipv6_dst,
old_ipv6_len,
old_ipv6_priority,
old_ipv6_dscp,
old_ipv6_ecn,
old_ipv6_flow_label,
old_ipv6_hop_limit,
old_ipv6_next_hdr,
@@ -40,8 +41,9 @@ pub fn to_ipv6_channel(
old_ipv6.src_addr(),
old_ipv6.dst_addr(),
old_ipv6.payload_len(),
old_ipv6.priority(),
old_ipv6.flow_label,
old_ipv6.dscp(),
old_ipv6.ecn(),
old_ipv6.flow_label(),
old_ipv6.hop_limit,
old_ipv6.next_hdr,
)
@@ -53,9 +55,9 @@ pub fn to_ipv6_channel(
unsafe { ref_mut_at::<UdpHdr>(ctx, old_data_offset + EthHdr::LEN + Ipv6Hdr::LEN)? };
(
old_udp.len(),
old_udp.source(),
old_udp.dest(),
old_udp.check(),
old_udp.src_port(),
old_udp.dst_port(),
old_udp.checksum(),
)
};
@@ -80,9 +82,7 @@ pub fn to_ipv6_channel(
// SAFETY: The offset must point to the start of a valid `Ipv6Hdr`.
let ipv6 = unsafe { ref_mut_at::<Ipv6Hdr>(ctx, EthHdr::LEN)? };
// Set fields explicitly to avoid reading potentially corrupted memory
ipv6.set_version(6); // IPv6
ipv6.set_priority(old_ipv6_priority);
ipv6.flow_label = old_ipv6_flow_label;
ipv6.set_vcf(6, old_ipv6_dscp, old_ipv6_ecn, old_ipv6_flow_label);
ipv6.set_payload_len(new_ipv6_len);
ipv6.next_hdr = old_ipv6_next_hdr;
ipv6.hop_limit = old_ipv6_hop_limit;
@@ -101,13 +101,13 @@ pub fn to_ipv6_channel(
// SAFETY: The offset must point to the start of a valid `UdpHdr`.
let udp = unsafe { ref_mut_at::<UdpHdr>(ctx, EthHdr::LEN + Ipv6Hdr::LEN)? };
udp.set_source(new_udp_src);
udp.set_dest(new_udp_dst);
udp.set_src_port(new_udp_src);
udp.set_dst_port(new_udp_dst);
udp.set_len(new_udp_len);
// Incrementally update UDP checksum
udp.set_check(
udp.set_checksum(
ChecksumUpdate::new(old_udp_check)
.remove_u128(u128::from_be_bytes(old_ipv6_src.octets()))
.add_u128(u128::from_be_bytes(new_ipv6_dst.octets()))