This is the first diff in a series to move base to /dev/bpf. I think
tcpdump is a good starting point, because it is easy to test.
Ok?
natano
Index: privsep_pcap.c
===================================================================
RCS file: /cvs/src/usr.sbin/tcpdump/privsep_pcap.c,v
retrieving revision 1.19
diff -u -p -r1.19 privsep_pcap.c
--- privsep_pcap.c 1 Oct 2015 13:18:40 -0000 1.19
+++ privsep_pcap.c 1 May 2016 20:25:19 -0000
@@ -175,20 +175,14 @@ int
pcap_live(const char *device, int snaplen, int promisc, u_int dlt,
u_int dirfilt)
{
- char bpf[sizeof "/dev/bpf0000000000"];
- int fd, n = 0;
+ int fd;
struct ifreq ifr;
unsigned v;
if (device == NULL || snaplen <= 0)
return (-1);
- do {
- snprintf(bpf, sizeof(bpf), "/dev/bpf%d", n++);
- fd = open(bpf, O_RDONLY);
- } while (fd < 0 && errno == EBUSY);
-
- if (fd < 0)
+ if ((fd = open("/dev/bpf", O_RDONLY)) == -1)
return (-1);
v = 32768; /* XXX this should be a user-accessible hook */
Index: tcpdump.8
===================================================================
RCS file: /cvs/src/usr.sbin/tcpdump/tcpdump.8,v
retrieving revision 1.89
diff -u -p -r1.89 tcpdump.8
--- tcpdump.8 31 Mar 2016 15:53:25 -0000 1.89
+++ tcpdump.8 1 May 2016 20:25:19 -0000
@@ -44,7 +44,7 @@
prints out the headers of packets on a network interface that match the boolean
.Ar expression .
You must have read access to
-.Pa /dev/bpf* .
+.Pa /dev/bpf .
.Pp
The options are as follows:
.Bl -tag -width "-c count"
