clean up

GPL/Events/Network/Probe.bpf.c

@@ -46,6 +46,9 @@ static int inet_csk_accept__exit(struct sock *sk)
 
 static int udp_skb_handle(struct sk_buff *skb, enum ebpf_net_udp_info evt_type)
 {
+    if (skb == NULL){
+        goto out;
+    }
 
     if (ebpf_events_is_trusted_pid())
         goto out;
@@ -105,6 +108,7 @@ static int udp_skb_handle(struct sk_buff *skb, enum ebpf_net_udp_info evt_type)
 
     uint16_t dport = bpf_ntohs(udp_hdr.dest);
     uint16_t sport = bpf_ntohs(udp_hdr.source);
+    // filter out non-DNS packets
     if (sport != 53 && dport != 53) {
         goto out;
     }
@@ -113,11 +117,6 @@ static int udp_skb_handle(struct sk_buff *skb, enum ebpf_net_udp_info evt_type)
     event->net.sport     = sport;
     event->net.transport = EBPF_NETWORK_EVENT_TRANSPORT_UDP;
 
-    // filter out non-dns packets
-    if (event->net.sport != 53 && event->net.dport != 53) {
-        goto out;
-    }
-
     struct task_struct *task = (struct task_struct *)bpf_get_current_task();
     ebpf_pid_info__fill(&event->pids, task);
     bpf_get_current_comm(event->comm, TASK_COMM_LEN);
@@ -147,7 +146,6 @@ static int udp_skb_handle(struct sk_buff *skb, enum ebpf_net_udp_info evt_type)
     ebpf_vl_fields__init(&event->vl_fields);
     struct ebpf_varlen_field *field;
     field = ebpf_vl_field__add(&event->vl_fields, EBPF_VL_FIELD_DNS_BODY);
-
     long ret = bpf_probe_read_kernel(field->data, headlen,
                                      skb_head + transport_header_offset + sizeof(struct udphdr));
     if (ret != 0) {

testing/test_bins/udp_send.c

@@ -27,7 +27,7 @@ int main(int argc, char **argv)
     int sockfd;
     struct sockaddr_in server;
 
-    create_buffer(buffer, sizeof(buffer));
+    memset(&buffer, 0xff, sizeof(buffer));
 
     sockfd = socket(AF_INET, SOCK_DGRAM, 0);
     if (sockfd < 0) {