diff options
author | Daniel Borkmann <dborkman@redhat.com> | 2013-05-23 11:08:03 +0200 |
---|---|---|
committer | Daniel Borkmann <dborkman@redhat.com> | 2013-05-23 11:10:55 +0200 |
commit | 4584b955420cd8d2fcae767c86b853fde4bccc6e (patch) | |
tree | a0a00667b54fd4d3b4bda48185ce5df98ca24bc5 /bpf_parser.y | |
parent | 4e497b9aa7e8635a9414021bd1bf31a9ff923566 (diff) |
bpfc: allow bpf programs to be passed to cpp
This patch allows bpf programs to be passed to the C preprocessor
before handing over to bpfc. Example:
#define ETH_P_IP 0x800
ldh [12]
jne #ETH_P_IP, drop
ldb [23]
jneq #6, drop
ldh [20]
jset #0x1fff, drop
ldxb 4 * ([14] & 0xf)
ldh [x + 14]
jeq #0x16, pass
ldh [x + 16]
jne #0x16, drop
pass: ret #-1
drop: ret #0
Compile with: bpfc -i foo -p
Suggested-by: John Lange <JLange@trendium.com>
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
Diffstat (limited to 'bpf_parser.y')
-rw-r--r-- | bpf_parser.y | 30 |
1 files changed, 28 insertions, 2 deletions
diff --git a/bpf_parser.y b/bpf_parser.y index 459ea99..7734fb3 100644 --- a/bpf_parser.y +++ b/bpf_parser.y @@ -16,16 +16,19 @@ #include <signal.h> #include <stdint.h> #include <errno.h> +#include <libgen.h> #include "bpf.h" #include "xmalloc.h" #include "bpf_parser.tab.h" #include "built_in.h" #include "die.h" +#include "xutils.h" #define MAX_INSTRUCTIONS 4096 -int compile_filter(char *file, int verbose, int bypass, int format); +int compile_filter(char *file, int verbose, int bypass, int format, + bool invoke_cpp); static int curr_instr = 0; @@ -659,10 +662,30 @@ static void pretty_printer(const struct sock_fprog *prog, int format) } } -int compile_filter(char *file, int verbose, int bypass, int format) +int compile_filter(char *file, int verbose, int bypass, int format, + bool invoke_cpp) { int i; struct sock_fprog res; + char tmp_file[128]; + + memset(tmp_file, 0, sizeof(tmp_file)); + + if (invoke_cpp) { + char cmd[256], *dir, *base, *a, *b; + + dir = dirname((a = xstrdup(file))); + base = basename((b = xstrdup(file))); + + slprintf(tmp_file, sizeof(tmp_file), "%s/.tmp-%u-%s", dir, rand(), base); + slprintf(cmd, sizeof(cmd), "cpp -I" PREFIX_STRING + "/etc/netsniff-ng/ %s > %s", file, tmp_file); + system(cmd); + + file = tmp_file; + xfree(a); + xfree(b); + } if (!strncmp("-", file, strlen("-"))) yyin = stdin; @@ -718,6 +741,9 @@ int compile_filter(char *file, int verbose, int bypass, int format) } fclose(yyin); + if (invoke_cpp) + unlink(tmp_file); + return 0; } |