vavrusa · March 31, 2018 05:07
diff --git a/console.lua b/console.lua
 $ sudo luarocks install https://raw.githubusercontent.com/iovisor/bcc/master/src/lua/bpf-scm-1.rockspec
 $ cat bpf_ttl.lua
 local S = require('syscall')
 local bpf = require('bpf')

 -- Kernel-space part of the program
 local map = bpf.map('array', 256)
 local prog = assert(bpf(function ()
    local net = pkt.net_off -- Socket filter on TCP starts from TCP otherwise
    if net.ver == 4 then    -- Check for IPv4
        local ttl = net.ip.ttl
        xadd(map[ttl], 1)
    else
        local ttl = net.ip6.hop_limit
        xadd(map[ttl], 1)
    end
    return true
 end))

 -- Guess the starting value and count down from it
 local function normalize(ttl)
    if     ttl > 128 then return 255 - ttl
    elseif ttl > 64  then return 128 - ttl
    elseif ttl > 32  then return 64 - ttl
    end
    return 32 - ttl
 end

 -- User-space part of the program
 local pfd = assert(S.bpf_prog_load(S.c.BPF_PROG.SOCKET_FILTER, prog.insn, prog.pc))
 for i = 1, #arg do
    local family = arg[i]:find(':') and 'inet6' or 'inet'
    local sockaddr = (family == 'inet6') and S.t.sockaddr_in6 or S.t.sockaddr_in
    local addr = sockaddr(80, arg[i])
    local sock = S.socket(family, 'stream')
    assert(sock:setsockopt('socket', 'attach_bpf', pfd:getfd()))
    assert(sock:connect(addr))

    local mindist = 255
    for ttl, c in map.pairs, map, 0 do
        if c > 0 then
            mindist = math.min(normalize(ttl), mindist)
            map[ttl] = 0 -- Clear the value
        end
    end

    print('TTL distance to', arg[i], 'is', mindist)
 end

 $ luajit bpf_ttl.lua 198.41.214.162 172.217.164.110
 TTL distance to	198.41.214.162	is	5
 TTL distance to	172.217.164.110	is	4
	$ sudo luarocks install https://raw.githubusercontent.com/iovisor/bcc/master/src/lua/bpf-scm-1.rockspec
	$ cat bpf_ttl.lua
	local S = require('syscall')
	local bpf = require('bpf')

	-- Kernel-space part of the program
	local map = bpf.map('array', 256)
	local prog = assert(bpf(function ()
	local net = pkt.net_off -- Socket filter on TCP starts from TCP otherwise
	if net.ver == 4 then -- Check for IPv4
	local ttl = net.ip.ttl
	xadd(map[ttl], 1)
	else
	local ttl = net.ip6.hop_limit
	xadd(map[ttl], 1)
	end
	return true
	end))

	-- Guess the starting value and count down from it
	local function normalize(ttl)
	if ttl > 128 then return 255 - ttl
	elseif ttl > 64 then return 128 - ttl
	elseif ttl > 32 then return 64 - ttl
	end
	return 32 - ttl
	end

	-- User-space part of the program
	local pfd = assert(S.bpf_prog_load(S.c.BPF_PROG.SOCKET_FILTER, prog.insn, prog.pc))
	for i = 1, #arg do
	local family = arg[i]:find(':') and 'inet6' or 'inet'
	local sockaddr = (family == 'inet6') and S.t.sockaddr_in6 or S.t.sockaddr_in
	local addr = sockaddr(80, arg[i])
	local sock = S.socket(family, 'stream')
	assert(sock:setsockopt('socket', 'attach_bpf', pfd:getfd()))
	assert(sock:connect(addr))

	local mindist = 255
	for ttl, c in map.pairs, map, 0 do
	if c > 0 then
	mindist = math.min(normalize(ttl), mindist)
	map[ttl] = 0 -- Clear the value
	end
	end

	print('TTL distance to', arg[i], 'is', mindist)
	end

	$ luajit bpf_ttl.lua 198.41.214.162 172.217.164.110
	TTL distance to 198.41.214.162 is 5
	TTL distance to 172.217.164.110 is 4