I need to write an application that sits between two servers and modifies HTTP packets sent from one server to another by adding a specific HTTP header to each packet.
Apparently it has to be done as fast as possible, I have found that by using eBFP and XDP, I can capture packets with high performance, but as far as I can see XDP verdicts are either abort, drop, pass, and tx.
Using tx verdict I can send the captured packet to a user space program to modify it, but I couldn't figure out how to send the packet after header modification? This video here is an explanation of what can be done using eBPF and XDP, and it states that it can be done, but I couldn't find out how.
Any help would be appreciated.
As far as I know, XDP_TX will not let the packet through user-space. It will return the packet on the same NIC it comes from. Also, you can modify the packet, but I don't see easy way to expand the packet. Hence, to write additional header, you would have to override some datas.
It looks like you have two options: