Re: BPF Berkeley Packet Filter
On 30/12/2015 12:22 PM, Juan Herrera wrote: Hello BSD folks, I am developing a networking application in C and I have a question regarding BPF (Berkeley Packet Filters), I will give you an idea of the app first, I need to send a packet from machine A to machine B (any kind of packet) so for this I wrote a packet generator application which will send a packet to machine B, but before sending the packet I need to append some metadata values at the end of the packet, already done, so in machine B I have a raw socket listener app ready to receive incoming packets from machine A, however I want to implement filtering with BPF on machine B, but as my metadata was appended at the end of the packet (have to be at the end), I need to read the packet length with(using) Berkeley Packet Filter to match a specific field to filter one of the bytes at the end of my packet (metadata appended), in other words I need to know the incoming packet length to filtered against one of the metadatas fields and be able to drop the packet before reaching user space applications(drop it in kernel space). So my question is, Can I use BPF to read the packet length to do what I want? you mean can you use a bpf filter to act upon a trailer? yes you can look at the man page for BPF_LD and BPF_LEN Thank you in advance! Happy Holidays! ___ freebsd-net@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org" ___ freebsd-net@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
Re: BPF Berkeley Packet Filter
On 30/12/2015 6:26 AM, Juan Herrera wrote: Hello, I have a question regarding Berkeley Packet filter, which is Can I read an incoming packet length with BPF, I am working on a project that requires to filter the receiving packets in the kernel before they get to userspace, but I need to be able to read the packet length when applying BPF because I (previously) encapsulated the packet with my own metadata before sending it to the machine with BPF so I want to read packet length to decapsulate as I know the value for the metadata at the end of the packet? https://www.freebsd.org/cgi/man.cgi?bpf%284%29 should show you what you need. there is a structure prepended to the packet that includes the original length. or do you want to know the length BEFORE reading it? or do you want your filter to know the length? what do you mean by "applying BPF"? Thank you in advance! ___ freebsd-net@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org" ___ freebsd-net@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
BPF Berkeley Packet Filter
Hello BSD folks, I am developing a networking application in C and I have a question regarding BPF (Berkeley Packet Filters), I will give you an idea of the app first, I need to send a packet from machine A to machine B (any kind of packet) so for this I wrote a packet generator application which will send a packet to machine B, but before sending the packet I need to append some metadata values at the end of the packet, already done, so in machine B I have a raw socket listener app ready to receive incoming packets from machine A, however I want to implement filtering with BPF on machine B, but as my metadata was appended at the end of the packet (have to be at the end), I need to read the packet length with(using) Berkeley Packet Filter to match a specific field to filter one of the bytes at the end of my packet (metadata appended), in other words I need to know the incoming packet length to filtered against one of the metadatas fields and be able to drop the packet before reaching user space applications(drop it in kernel space). So my question is, Can I use BPF to read the packet length to do what I want? Thank you in advance! Happy Holidays! ___ freebsd-net@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
BPF Berkeley Packet Filter
Hello, I have a question regarding Berkeley Packet filter, which is Can I read an incoming packet length with BPF, I am working on a project that requires to filter the receiving packets in the kernel before they get to userspace, but I need to be able to read the packet length when applying BPF because I (previously) encapsulated the packet with my own metadata before sending it to the machine with BPF so I want to read packet length to decapsulate as I know the value for the metadata at the end of the packet? Thank you in advance! ___ freebsd-net@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"