I am new to using XDP and trying to teach myself how to create ELF programs to do a variety of XDP actions. I am also a beginner to using C.
How can I parse through packets to show data from specific bytes in the data without using helper headers (ip.h, tcp.h, udp.h, etc.)?
I tried following the xdp_tutorial section on parsing packets found here. I also tried reading through how to parse packets from skbuff with bpf. There was an example found here in this git repo found here. Tbh, trying to follow the xdp_tutorial examples was fairly difficult for me as I am so new to C. I did find some XDP examples here as well which are more straight forward to me.
All of these examples suffer from the same problem of not detailing how to work with higher level headers in a packet (DNS, HTTP, etc.)
I understand the basics of setting up an xdp program. Clear out the buffers for *data and *data_end then find the length of the ethernet header, ip header, and L4 header. The problem is most examples and guides I follow require me to use structs from header files to parse through the structure of the packet. That's all well and good, however how would I parse through a DNS or HTTP header? What if I want to look at what the 11th byte of a FTP header is? How can I check if a HTTP header contains a GET or PUT request?
Just looking for an example of working though the a higher level packet like HTTP.