Liking cljdoc? Tell your friends :D
Clojure only.

clj-ebpf.dsl.flow-dissector

High-level FLOW_DISSECTOR DSL for BPF programs.

FLOW_DISSECTOR programs implement custom packet parsing logic for the kernel networking stack. They're used for flow hashing (RSS, ECMP routing) and can override the built-in C-based flow dissector.

Context: __sk_buff (same as TC programs) Output: struct bpf_flow_keys (written via skb->flow_keys pointer)

Return values:

  • BPF_OK (0): Continue/success
  • BPF_DROP (-1): Stop dissection

Use cases:

  • Custom protocol parsing (e.g., GRE, custom encapsulation)
  • Non-standard header handling
  • Protocol-specific flow hashing
  • Debugging packet classification

Example: (defprogram my-flow-dissector :type :flow-dissector :license "GPL" :body (concat (flow-dissector-prologue :r6 :r2 :r3) ;; Parse headers and fill flow_keys (flow-dissector-ok)))

High-level FLOW_DISSECTOR DSL for BPF programs.

FLOW_DISSECTOR programs implement custom packet parsing logic for the
kernel networking stack. They're used for flow hashing (RSS, ECMP routing)
and can override the built-in C-based flow dissector.

Context: __sk_buff (same as TC programs)
Output: struct bpf_flow_keys (written via skb->flow_keys pointer)

Return values:
- BPF_OK (0): Continue/success
- BPF_DROP (-1): Stop dissection

Use cases:
- Custom protocol parsing (e.g., GRE, custom encapsulation)
- Non-standard header handling
- Protocol-specific flow hashing
- Debugging packet classification

Example:
  (defprogram my-flow-dissector
    :type :flow-dissector
    :license "GPL"
    :body (concat
            (flow-dissector-prologue :r6 :r2 :r3)
            ;; Parse headers and fill flow_keys
            (flow-dissector-ok)))
raw docstring

build-flow-dissector-programclj

(build-flow-dissector-program
  {:keys [ctx-reg data-reg data-end-reg body default-action]
   :or {ctx-reg :r6 data-reg :r2 data-end-reg :r3 default-action :ok}})

Build a complete FLOW_DISSECTOR program.

Parameters:

  • opts: Map with: :ctx-reg - Register to save context (default :r6) :data-reg - Register for data pointer (default :r2) :data-end-reg - Register for data_end (default :r3) :body - Vector of body instructions :default-action - :ok or :drop (default :ok)

Returns assembled program bytes.

Build a complete FLOW_DISSECTOR program.

Parameters:
- opts: Map with:
  :ctx-reg - Register to save context (default :r6)
  :data-reg - Register for data pointer (default :r2)
  :data-end-reg - Register for data_end (default :r3)
  :body - Vector of body instructions
  :default-action - :ok or :drop (default :ok)

Returns assembled program bytes.
sourceraw docstring

ethernet-header-sizeclj

source

ethernet-protocolsclj

Common Ethernet protocol values (ETH_P_*).

Common Ethernet protocol values (ETH_P_*).
sourceraw docstring

flow-dissector-actionclj

(flow-dissector-action action)

Get FLOW_DISSECTOR action value.

Parameters:

  • action: :ok (0) or :drop (-1)

Returns integer value.

Get FLOW_DISSECTOR action value.

Parameters:
- action: :ok (0) or :drop (-1)

Returns integer value.
sourceraw docstring

flow-dissector-bounds-checkclj

(flow-dissector-bounds-check data-reg data-end-reg offset fail-insns)

Generate bounds check for packet access.

Parameters:

  • data-reg: Register with data pointer
  • data-end-reg: Register with data_end pointer
  • offset: Offset to check (must be accessible)
  • fail-insns: Number of instructions to skip on bounds check failure

Returns vector of instructions.

Generate bounds check for packet access.

Parameters:
- data-reg: Register with data pointer
- data-end-reg: Register with data_end pointer
- offset: Offset to check (must be accessible)
- fail-insns: Number of instructions to skip on bounds check failure

Returns vector of instructions.
sourceraw docstring

flow-dissector-dropclj

(flow-dissector-drop)

Generate instructions to return BPF_DROP (stop dissection).

Returns vector of instructions.

Generate instructions to return BPF_DROP (stop dissection).

Returns vector of instructions.
sourceraw docstring

flow-dissector-get-flow-keys-ptrclj

(flow-dissector-get-flow-keys-ptr ctx-reg dst-reg)

Load pointer to flow_keys from __sk_buff.

The flow_keys field in __sk_buff contains a pointer to the bpf_flow_keys structure that the dissector should fill.

Parameters:

  • ctx-reg: Register containing __sk_buff pointer
  • dst-reg: Destination register for flow_keys pointer

Returns ldx instruction.

Load pointer to flow_keys from __sk_buff.

The flow_keys field in __sk_buff contains a pointer to the
bpf_flow_keys structure that the dissector should fill.

Parameters:
- ctx-reg: Register containing __sk_buff pointer
- dst-reg: Destination register for flow_keys pointer

Returns ldx instruction.
sourceraw docstring

flow-dissector-load-ctx-fieldclj

(flow-dissector-load-ctx-field ctx-reg dst-reg field)

Load a field from __sk_buff context.

Parameters:

  • ctx-reg: Register containing __sk_buff pointer
  • dst-reg: Destination register
  • field: Field keyword from skb-offsets

Returns ldx instruction.

Load a field from __sk_buff context.

Parameters:
- ctx-reg: Register containing __sk_buff pointer
- dst-reg: Destination register
- field: Field keyword from skb-offsets

Returns ldx instruction.
sourceraw docstring

flow-dissector-okclj

(flow-dissector-ok)

Generate instructions to return BPF_OK (success).

Returns vector of instructions.

Generate instructions to return BPF_OK (success).

Returns vector of instructions.
sourceraw docstring

flow-dissector-parse-ethernetclj

(flow-dissector-parse-ethernet data-reg data-end-reg keys-reg tmp-reg)

Generate instructions to parse Ethernet header and check ethertype.

Sets up:

  • Network header offset (nhoff) = 14
  • Network protocol (n_proto) from ethertype

Parameters:

  • data-reg: Register with data pointer
  • data-end-reg: Register with data_end pointer
  • keys-reg: Register with flow_keys pointer
  • tmp-reg: Temporary register

Returns vector of instructions (succeeds or falls through to drop).

Generate instructions to parse Ethernet header and check ethertype.

Sets up:
- Network header offset (nhoff) = 14
- Network protocol (n_proto) from ethertype

Parameters:
- data-reg: Register with data pointer
- data-end-reg: Register with data_end pointer
- keys-reg: Register with flow_keys pointer
- tmp-reg: Temporary register

Returns vector of instructions (succeeds or falls through to drop).
sourceraw docstring

flow-dissector-parse-ipv4clj

(flow-dissector-parse-ipv4 data-reg
                           data-end-reg
                           keys-reg
                           nhoff
                           tmp-reg
                           tmp-reg2)

Generate instructions to parse IPv4 header.

Sets up:

  • addr_proto = ETH_P_IP
  • ip_proto from IPv4 header
  • ipv4_src and ipv4_dst
  • Transport header offset (thoff)

Parameters:

  • data-reg: Register with data pointer
  • data-end-reg: Register with data_end pointer
  • keys-reg: Register with flow_keys pointer
  • nhoff: Network header offset (usually 14 for Ethernet)
  • tmp-reg: Temporary register
  • tmp-reg2: Second temporary register

Returns vector of instructions.

Generate instructions to parse IPv4 header.

Sets up:
- addr_proto = ETH_P_IP
- ip_proto from IPv4 header
- ipv4_src and ipv4_dst
- Transport header offset (thoff)

Parameters:
- data-reg: Register with data pointer
- data-end-reg: Register with data_end pointer
- keys-reg: Register with flow_keys pointer
- nhoff: Network header offset (usually 14 for Ethernet)
- tmp-reg: Temporary register
- tmp-reg2: Second temporary register

Returns vector of instructions.
sourceraw docstring

flow-dissector-parse-tcp-portsclj

(flow-dissector-parse-tcp-ports data-reg data-end-reg keys-reg thoff tmp-reg)

Generate instructions to parse TCP source and destination ports.

Parameters:

  • data-reg: Register with data pointer
  • data-end-reg: Register with data_end pointer
  • keys-reg: Register with flow_keys pointer
  • thoff: Transport header offset
  • tmp-reg: Temporary register

Returns vector of instructions.

Generate instructions to parse TCP source and destination ports.

Parameters:
- data-reg: Register with data pointer
- data-end-reg: Register with data_end pointer
- keys-reg: Register with flow_keys pointer
- thoff: Transport header offset
- tmp-reg: Temporary register

Returns vector of instructions.
sourceraw docstring

flow-dissector-parse-udp-portsclj

(flow-dissector-parse-udp-ports data-reg data-end-reg keys-reg thoff tmp-reg)

Generate instructions to parse UDP source and destination ports.

Same as TCP ports (both have ports at same offsets).

Parameters:

  • data-reg: Register with data pointer
  • data-end-reg: Register with data_end pointer
  • keys-reg: Register with flow_keys pointer
  • thoff: Transport header offset
  • tmp-reg: Temporary register

Returns vector of instructions.

Generate instructions to parse UDP source and destination ports.

Same as TCP ports (both have ports at same offsets).

Parameters:
- data-reg: Register with data pointer
- data-end-reg: Register with data_end pointer
- keys-reg: Register with flow_keys pointer
- thoff: Transport header offset
- tmp-reg: Temporary register

Returns vector of instructions.
sourceraw docstring

flow-dissector-prologueclj

(flow-dissector-prologue ctx-save-reg data-reg data-end-reg)

Generate FLOW_DISSECTOR program prologue.

Saves context and loads data pointers from __sk_buff.

Parameters:

  • ctx-save-reg: Register to save __sk_buff pointer
  • data-reg: Register for packet data pointer
  • data-end-reg: Register for data_end pointer

Returns vector of instructions.

Generate FLOW_DISSECTOR program prologue.

Saves context and loads data pointers from __sk_buff.

Parameters:
- ctx-save-reg: Register to save __sk_buff pointer
- data-reg: Register for packet data pointer
- data-end-reg: Register for data_end pointer

Returns vector of instructions.
sourceraw docstring

flow-dissector-section-nameclj

(flow-dissector-section-name)
(flow-dissector-section-name name)

Generate ELF section name for FLOW_DISSECTOR program.

Returns "flow_dissector" or "flow_dissector/<name>".

Generate ELF section name for FLOW_DISSECTOR program.

Returns "flow_dissector" or "flow_dissector/<name>".
sourceraw docstring

flow-dissector-verdictclj

FLOW_DISSECTOR return values.

FLOW_DISSECTOR return values.
sourceraw docstring

flow-keys-flagsclj

Flags for bpf_flow_keys.flags field.

Flags for bpf_flow_keys.flags field.
sourceraw docstring

flow-keys-load-u16clj

(flow-keys-load-u16 keys-reg dst-reg field)

Load 16-bit value from flow_keys field.

Parameters:

  • keys-reg: Register containing flow_keys pointer
  • dst-reg: Destination register
  • field: Field keyword

Returns ldx instruction.

Load 16-bit value from flow_keys field.

Parameters:
- keys-reg: Register containing flow_keys pointer
- dst-reg: Destination register
- field: Field keyword

Returns ldx instruction.
sourceraw docstring

flow-keys-load-u32clj

(flow-keys-load-u32 keys-reg dst-reg field)

Load 32-bit value from flow_keys field.

Parameters:

  • keys-reg: Register containing flow_keys pointer
  • dst-reg: Destination register
  • field: Field keyword

Returns ldx instruction.

Load 32-bit value from flow_keys field.

Parameters:
- keys-reg: Register containing flow_keys pointer
- dst-reg: Destination register
- field: Field keyword

Returns ldx instruction.
sourceraw docstring

flow-keys-load-u8clj

(flow-keys-load-u8 keys-reg dst-reg field)

Load 8-bit value from flow_keys field.

Parameters:

  • keys-reg: Register containing flow_keys pointer
  • dst-reg: Destination register
  • field: Field keyword

Returns ldx instruction.

Load 8-bit value from flow_keys field.

Parameters:
- keys-reg: Register containing flow_keys pointer
- dst-reg: Destination register
- field: Field keyword

Returns ldx instruction.
sourceraw docstring

flow-keys-offsetclj

(flow-keys-offset field)

Get offset for bpf_flow_keys field.

Parameters:

  • field: Field keyword from flow-keys-offsets

Returns integer offset.

Get offset for bpf_flow_keys field.

Parameters:
- field: Field keyword from flow-keys-offsets

Returns integer offset.
sourceraw docstring

flow-keys-offsetsclj

Offsets in bpf_flow_keys structure.

This structure is passed to FLOW_DISSECTOR programs for output. The program fills in these fields based on packet parsing.

Offsets in bpf_flow_keys structure.

This structure is passed to FLOW_DISSECTOR programs for output.
The program fills in these fields based on packet parsing.
sourceraw docstring

flow-keys-set-addr-protoclj

(flow-keys-set-addr-proto keys-reg value-reg)

Set address protocol in flow_keys.

Parameters:

  • keys-reg: Register containing flow_keys pointer
  • value-reg: Register containing protocol (ETH_P_IP, ETH_P_IPV6)

Returns stx instruction.

Set address protocol in flow_keys.

Parameters:
- keys-reg: Register containing flow_keys pointer
- value-reg: Register containing protocol (ETH_P_IP, ETH_P_IPV6)

Returns stx instruction.
sourceraw docstring

flow-keys-set-ip-protoclj

(flow-keys-set-ip-proto keys-reg value-reg)

Set IP protocol in flow_keys.

Parameters:

  • keys-reg: Register containing flow_keys pointer
  • value-reg: Register containing protocol (TCP=6, UDP=17, etc.)

Returns stx instruction.

Set IP protocol in flow_keys.

Parameters:
- keys-reg: Register containing flow_keys pointer
- value-reg: Register containing protocol (TCP=6, UDP=17, etc.)

Returns stx instruction.
sourceraw docstring

flow-keys-set-ipv4-addrsclj

(flow-keys-set-ipv4-addrs keys-reg src-reg dst-reg)

Set IPv4 source and destination addresses in flow_keys.

Parameters:

  • keys-reg: Register containing flow_keys pointer
  • src-reg: Register containing source IPv4 address
  • dst-reg: Register containing destination IPv4 address

Returns vector of instructions.

Set IPv4 source and destination addresses in flow_keys.

Parameters:
- keys-reg: Register containing flow_keys pointer
- src-reg: Register containing source IPv4 address
- dst-reg: Register containing destination IPv4 address

Returns vector of instructions.
sourceraw docstring

flow-keys-set-is-encapclj

(flow-keys-set-is-encap keys-reg value-reg)

Set is_encap flag in flow_keys.

Parameters:

  • keys-reg: Register containing flow_keys pointer
  • value-reg: Register containing flag value (0 or 1)

Returns stx instruction.

Set is_encap flag in flow_keys.

Parameters:
- keys-reg: Register containing flow_keys pointer
- value-reg: Register containing flag value (0 or 1)

Returns stx instruction.
sourceraw docstring

flow-keys-set-is-first-fragclj

(flow-keys-set-is-first-frag keys-reg value-reg)

Set is_first_frag flag in flow_keys.

Parameters:

  • keys-reg: Register containing flow_keys pointer
  • value-reg: Register containing flag value (0 or 1)

Returns stx instruction.

Set is_first_frag flag in flow_keys.

Parameters:
- keys-reg: Register containing flow_keys pointer
- value-reg: Register containing flag value (0 or 1)

Returns stx instruction.
sourceraw docstring

flow-keys-set-is-fragclj

(flow-keys-set-is-frag keys-reg value-reg)

Set is_frag flag in flow_keys.

Parameters:

  • keys-reg: Register containing flow_keys pointer
  • value-reg: Register containing flag value (0 or 1)

Returns stx instruction.

Set is_frag flag in flow_keys.

Parameters:
- keys-reg: Register containing flow_keys pointer
- value-reg: Register containing flag value (0 or 1)

Returns stx instruction.
sourceraw docstring

flow-keys-set-n-protoclj

(flow-keys-set-n-proto keys-reg value-reg)

Set network protocol in flow_keys.

Parameters:

  • keys-reg: Register containing flow_keys pointer
  • value-reg: Register containing protocol (network byte order)

Returns stx instruction.

Set network protocol in flow_keys.

Parameters:
- keys-reg: Register containing flow_keys pointer
- value-reg: Register containing protocol (network byte order)

Returns stx instruction.
sourceraw docstring

flow-keys-set-nhoffclj

(flow-keys-set-nhoff keys-reg value-reg)

Set network header offset in flow_keys.

Parameters:

  • keys-reg: Register containing flow_keys pointer
  • value-reg: Register containing offset value

Returns stx instruction.

Set network header offset in flow_keys.

Parameters:
- keys-reg: Register containing flow_keys pointer
- value-reg: Register containing offset value

Returns stx instruction.
sourceraw docstring

flow-keys-set-portsclj

(flow-keys-set-ports keys-reg sport-reg dport-reg)

Set source and destination ports in flow_keys.

Parameters:

  • keys-reg: Register containing flow_keys pointer
  • sport-reg: Register containing source port
  • dport-reg: Register containing destination port

Returns vector of instructions.

Set source and destination ports in flow_keys.

Parameters:
- keys-reg: Register containing flow_keys pointer
- sport-reg: Register containing source port
- dport-reg: Register containing destination port

Returns vector of instructions.
sourceraw docstring

flow-keys-set-thoffclj

(flow-keys-set-thoff keys-reg value-reg)

Set transport header offset in flow_keys.

Parameters:

  • keys-reg: Register containing flow_keys pointer
  • value-reg: Register containing offset value

Returns stx instruction.

Set transport header offset in flow_keys.

Parameters:
- keys-reg: Register containing flow_keys pointer
- value-reg: Register containing offset value

Returns stx instruction.
sourceraw docstring

flow-keys-store-u16clj

(flow-keys-store-u16 keys-reg field value-reg)

Store 16-bit value to flow_keys field.

Parameters:

  • keys-reg: Register containing flow_keys pointer
  • field: Field keyword
  • value-reg: Register containing value to store

Returns stx instruction.

Store 16-bit value to flow_keys field.

Parameters:
- keys-reg: Register containing flow_keys pointer
- field: Field keyword
- value-reg: Register containing value to store

Returns stx instruction.
sourceraw docstring

flow-keys-store-u32clj

(flow-keys-store-u32 keys-reg field value-reg)

Store 32-bit value to flow_keys field.

Parameters:

  • keys-reg: Register containing flow_keys pointer
  • field: Field keyword
  • value-reg: Register containing value to store

Returns stx instruction.

Store 32-bit value to flow_keys field.

Parameters:
- keys-reg: Register containing flow_keys pointer
- field: Field keyword
- value-reg: Register containing value to store

Returns stx instruction.
sourceraw docstring

flow-keys-store-u8clj

(flow-keys-store-u8 keys-reg field value-reg)

Store 8-bit value to flow_keys field.

Parameters:

  • keys-reg: Register containing flow_keys pointer
  • field: Field keyword
  • value-reg: Register containing value to store

Returns stx instruction.

Store 8-bit value to flow_keys field.

Parameters:
- keys-reg: Register containing flow_keys pointer
- field: Field keyword
- value-reg: Register containing value to store

Returns stx instruction.
sourceraw docstring

htonlclj

(htonl value)

Convert 32-bit value from host to network byte order (big-endian).

Parameters:

  • value: 32-bit integer

Returns network byte order value.

Convert 32-bit value from host to network byte order (big-endian).

Parameters:
- value: 32-bit integer

Returns network byte order value.
sourceraw docstring

htonsclj

(htons value)

Convert 16-bit value from host to network byte order (big-endian).

Parameters:

  • value: 16-bit integer

Returns network byte order value.

Convert 16-bit value from host to network byte order (big-endian).

Parameters:
- value: 16-bit integer

Returns network byte order value.
sourceraw docstring

ip-protocolsclj

IP protocol numbers.

IP protocol numbers.
sourceraw docstring

ipv4-header-min-sizeclj

source

ipv6-header-sizeclj

source

make-flow-dissector-infoclj

(make-flow-dissector-info program-name instructions)

Create program metadata for a FLOW_DISSECTOR program.

Parameters:

  • program-name: Name for the BPF program
  • instructions: Program instructions

Returns map with program metadata.

Create program metadata for a FLOW_DISSECTOR program.

Parameters:
- program-name: Name for the BPF program
- instructions: Program instructions

Returns map with program metadata.
sourceraw docstring

ntohlclj

(ntohl value)

Convert 32-bit value from network to host byte order.

Parameters:

  • value: 32-bit integer in network byte order

Returns host byte order value.

Convert 32-bit value from network to host byte order.

Parameters:
- value: 32-bit integer in network byte order

Returns host byte order value.
sourceraw docstring

ntohsclj

(ntohs value)

Convert 16-bit value from network to host byte order.

Parameters:

  • value: 16-bit integer in network byte order

Returns host byte order value.

Convert 16-bit value from network to host byte order.

Parameters:
- value: 16-bit integer in network byte order

Returns host byte order value.
sourceraw docstring

skb-offsetclj

source

skb-offsetsclj

source

tcp-header-min-sizeclj

source

udp-header-sizeclj

source

cljdoc builds & hosts documentation for Clojure/Script libraries

Keyboard shortcuts
Ctrl+kJump to recent docs
Move to previous article
Move to next article
Ctrl+/Jump to the search field
Raise an issueBrowse cljdoc sourceChat on Slack
× close