From 5c9233921c65793ce5d8be837b54fa83f9932c21 Mon Sep 17 00:00:00 2001 From: Jim Wilson <86026167+jmw51798@users.noreply.github.com> Date: Wed, 20 May 2026 15:14:16 -0600 Subject: [PATCH] revert socket__dns_filter to pre-43756 port-53 check Prototype to A/B the old hardcoded port-53 comparison against the current dns_ports map lookup. The dns_ports map declaration is kept so the Go side that populates it still compiles; it's just no longer consulted by the BPF program. Co-Authored-By: Claude Opus 4.7 (1M context) --- pkg/network/ebpf/c/prebuilt/dns.c | 14 +++----------- 1 file changed, 3 insertions(+), 11 deletions(-) diff --git a/pkg/network/ebpf/c/prebuilt/dns.c b/pkg/network/ebpf/c/prebuilt/dns.c index 771622f32807..56b62b6bb0ef 100644 --- a/pkg/network/ebpf/c/prebuilt/dns.c +++ b/pkg/network/ebpf/c/prebuilt/dns.c @@ -25,19 +25,11 @@ int socket__dns_filter(struct __sk_buff* skb) { if (!read_conn_tuple_skb(skb, &skb_info, &tup)) { return 0; } - - __u16 sport = tup.sport; - __u16 dport = tup.dport; - - if (bpf_map_lookup_elem(&dns_ports, &sport) != NULL) { - return -1; - } - - if (dns_stats_enabled() && bpf_map_lookup_elem(&dns_ports, &dport) != NULL) { - return -1; + if (tup.sport != 53 && (!dns_stats_enabled() || tup.dport != 53)) { + return 0; } - return 0; + return -1; } char _license[] SEC("license") = "GPL";