From 3579fd95a14406135c21edbd29e0dc49499cc2d3 Mon Sep 17 00:00:00 2001
From: Vincent Li <vincent.mc.li@gmail.com>
Date: Wed, 4 Sep 2024 19:04:42 +0000
Subject: [PATCH] xdp-dns: attach xdp-dns prog to green0 interface

To block or rate limit DNS query from green
network client, the xdp-dns program should
be attached to green0 interface to scan the
DNS query. attach to red0 interface only get
the DNS response packet from red0(WAN), not
matching the DNS query we want.

Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>
---
 src/initscripts/system/ddos | 13 ++++++-------
 1 file changed, 6 insertions(+), 7 deletions(-)

diff --git a/src/initscripts/system/ddos b/src/initscripts/system/ddos
index 6fc18083a..1e0f1199f 100755
--- a/src/initscripts/system/ddos
+++ b/src/initscripts/system/ddos
@@ -90,12 +90,12 @@ load_xdpudp () {
 }
 
 load_xdpdns () {
-	/usr/sbin/xdp-loader status red0 | grep 'xdp_dns'
+	/usr/sbin/xdp-loader status green0 | grep 'xdp_dns'
 	if [ $? -ne 0 ]; then
-		xdp-loader load red0 -P 80 -p /sys/fs/bpf/xdp-dns -n xdp_dns /usr/lib/bpf/xdp_dnsrrl.bpf.o
+		xdp-loader load green0 -P 80 -p /sys/fs/bpf/xdp-dns -n xdp_dns /usr/lib/bpf/xdp_dnsrrl.bpf.o
 		if [ $? -ge 1 ]; then
 			boot_mesg "Native mode not supported, try SKB"
-			xdp-loader load red0 -m skb -P 80 -p /sys/fs/bpf/xdp-dns -n xdp_dns /usr/lib/bpf/xdp_dnsrrl.bpf.o
+			xdp-loader load green0 -m skb -P 80 -p /sys/fs/bpf/xdp-dns -n xdp_dns /usr/lib/bpf/xdp_dnsrrl.bpf.o
 		fi
 	fi
 }
@@ -123,11 +123,10 @@ unload_xdpudp () {
 }
 
 unload_xdpdns () {
-	/usr/sbin/xdp-loader status red0 | grep 'xdp_dns'
+	/usr/sbin/xdp-loader status green0 | grep 'xdp_dns'
 	if [ $? -eq 0 ]; then
-		prog_id=$(xdp-loader status red0 | grep 'xdp_dns' | awk '{print $4}')
-		/usr/sbin/xdp-loader unload -i $prog_id red0
-		/bin/rm -rf /sys/fs/bpf/xdp-dns
+		prog_id=$(xdp-loader status green0 | grep 'xdp_dns' | awk '{print $4}')
+		/usr/sbin/xdp-loader unload -i $prog_id green0
 	else
 		boot_mesg "Error xdp_dns not loaded!"
 	fi