diff options
| author | Daniel Borkmann <dborkman@redhat.com> | 2013-03-15 10:41:48 +0100 |
|---|---|---|
| committer | Daniel Borkmann <dborkman@redhat.com> | 2013-03-15 10:41:48 +0100 |
| commit | 1a9fbac03c684f29cff9ac44875bd9504a89f54e (patch) | |
| tree | 1b2e40dbe5dc1899ef5b62c4325c9b94c9c450fc /bpf.h | |
all: import netsniff-ng 0.5.8-rc0 source
We decided to get rid of the old Git history and start a new one for
several reasons:
*) Allow / enforce only high-quality commits (which was not the case
for many commits in the history), have a policy that is more close
to the one from the Linux kernel. With high quality commits, we
mean code that is logically split into commits and commit messages
that are signed-off and have a proper subject and message body.
We do not allow automatic Github merges anymore, since they are
total bullshit. However, we will either cherry-pick your patches
or pull them manually.
*) The old archive was about ~27MB for no particular good reason.
This basically derived from the bad decision that also some PDF
files where stored there. From this moment onwards, no binary
objects are allowed to be stored in this repository anymore.
The old archive is not wiped away from the Internet. You will still
be able to find it, e.g. on git.cryptoism.org etc.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
Diffstat (limited to 'bpf.h')
| -rw-r--r-- | bpf.h | 135 |
1 files changed, 135 insertions, 0 deletions
@@ -0,0 +1,135 @@ +/* + * netsniff-ng - the packet sniffing beast + * Copyright 2009, 2010 Daniel Borkmann. + * Subject to the GPL, version 2. + */ + +#ifndef BPF_I_H +#define BPF_I_H + +#include <linux/filter.h> +#include <stdint.h> +#include <stdlib.h> + +#include "xmalloc.h" + +extern void bpf_dump_op_table(void); +extern void bpf_dump_all(struct sock_fprog *bpf); +extern int __bpf_validate(const struct sock_fprog *bpf); +extern uint32_t bpf_run_filter(const struct sock_fprog *bpf, uint8_t *packet, + size_t plen); +extern void bpf_attach_to_sock(int sock, struct sock_fprog *bpf); +extern void bpf_detach_from_sock(int sock); +extern int enable_kernel_bpf_jit_compiler(void); +extern void bpf_parse_rules(char *rulefile, struct sock_fprog *bpf, uint32_t link_type); +#ifdef __WITH_TCPDUMP_LIKE_FILTER +extern void bpf_try_compile(const char *rulefile, struct sock_fprog *bpf, + uint32_t link_type); +#else +static inline void bpf_try_compile(const char *rulefile, struct sock_fprog *bpf, + uint32_t link_type) +{ + panic("Cannot open file %s!\n", rulefile); +} +#endif + +static inline void bpf_release(struct sock_fprog *bpf) +{ + free(bpf->filter); +} + +#define BPF_CLASS(code) ((code) & 0x07) +#define BPF_LD 0x00 +#define BPF_LDX 0x01 +#define BPF_ST 0x02 +#define BPF_STX 0x03 +#define BPF_ALU 0x04 +#define BPF_JMP 0x05 +#define BPF_RET 0x06 +#define BPF_MISC 0x07 + +#define BPF_SIZE(code) ((code) & 0x18) +#define BPF_W 0x00 +#define BPF_H 0x08 +#define BPF_B 0x10 + +#define BPF_MODE(code) ((code) & 0xe0) +#define BPF_IMM 0x00 +#define BPF_ABS 0x20 +#define BPF_IND 0x40 +#define BPF_MEM 0x60 +#define BPF_LEN 0x80 +#define BPF_MSH 0xa0 + +#define BPF_OP(code) ((code) & 0xf0) +#define BPF_ADD 0x00 +#define BPF_SUB 0x10 +#define BPF_MUL 0x20 +#define BPF_DIV 0x30 +#define BPF_OR 0x40 +#define BPF_AND 0x50 +#define BPF_LSH 0x60 +#define BPF_RSH 0x70 +#define BPF_NEG 0x80 +#define BPF_MOD 0x90 +#define BPF_XOR 0xa0 + +#define BPF_JA 0x00 +#define BPF_JEQ 0x10 +#define BPF_JGT 0x20 +#define BPF_JGE 0x30 +#define BPF_JSET 0x40 + +#define BPF_SRC(code) ((code) & 0x08) +#define BPF_K 0x00 +#define BPF_X 0x08 + +/* ret - BPF_K and BPF_X also apply */ +#define BPF_RVAL(code) ((code) & 0x18) +#define BPF_A 0x10 + +#define BPF_MISCOP(code) ((code) & 0xf8) +#define BPF_TAX 0x00 +#define BPF_TXA 0x80 + +#ifndef SKF_AD_OFF +# define SKF_AD_OFF (-0x1000) +#endif +#ifndef SKF_AD_PROTOCOL +# define SKF_AD_PROTOCOL 0 +#endif +#ifndef SKF_AD_PKTTYPE +# define SKF_AD_PKTTYPE 4 +#endif +#ifndef SKF_AD_IFINDEX +# define SKF_AD_IFINDEX 8 +#endif +#ifndef SKF_AD_NLATTR +# define SKF_AD_NLATTR 12 +#endif +#ifndef SKF_AD_NLATTR_NEST +# define SKF_AD_NLATTR_NEST 16 +#endif +#ifndef SKF_AD_MARK +# define SKF_AD_MARK 20 +#endif +#ifndef SKF_AD_QUEUE +# define SKF_AD_QUEUE 24 +#endif +#ifndef SKF_AD_HATYPE +# define SKF_AD_HATYPE 28 +#endif +#ifndef SKF_AD_RXHASH +# define SKF_AD_RXHASH 32 +#endif +#ifndef SKF_AD_CPU +# define SKF_AD_CPU 36 +#endif +#ifndef SKF_AD_VLAN_TAG +# define SKF_AD_VLAN_TAG 44 +#endif +#ifndef SKF_AD_VLAN_TAG_PRESENT +# define SKF_AD_VLAN_TAG_PRESENT 48 +#endif + +#endif /* BPF_I_H */ |