misc: move file to source root

Only have Makefile specific folders in the project root where the
binaries are stored, the rest should be part of the repository root.

Signed-off-by: Daniel Borkmann <dborkman@redhat.com>

1 files changed, 0 insertions, 320 deletions

diff --git a/man/bpfc.8 b/man/bpfc.8
deleted file mode 100644
index 622014c..0000000
--- a/man/bpfc.8
+++ /dev/null
@@ -1,320 +0,0 @@
-.\" netsniff-ng - the packet sniffing beast
-.\" Copyright 2013 Daniel Borkmann.
-.\" Subject to the GPL, version 2.
-
-.TH BPFC 8 "03 March 2013" "Linux" "netsniff-ng toolkit"
-.SH NAME
-bpfc \- a Berkeley Packet Filter assembler/compiler
-
-.SH SYNOPSIS
-
-\fB bpfc\fR { [\fIoptions\fR] | [\fIsource-file\fR] }
-
-.SH DESCRIPTION
-
-bpfc is a small Berkeley Packet Filter assembler/compiler which is able to
-translate BPF assembler-like mnemonics into a numerical or C-like format,
-that can be read by tools such as netsniff-ng, iptables (xt_bpf) and many
-others. BPF is the one and only upstream filtering construct that is used
-in combination with packet(7) sockets. The Linux kernel and also BSD kernels
-implement ``virtual machine'' like constructs and JIT compilers that mimic
-a small register-based machine in BPF architecture and execute filter code
-that is e.g. composed by bpfc on a data buffer that is given by network
-packets. The purpose of this is to shift computation in time, so that the
-kernel can drop (or truncate) incoming packets as early as possible without
-having to push them to user space for further analysis first. Meanwhile,
-BPF constructs also find application in other areas like the communication
-between user and kernel space.
-
-By the time of writing this man page, the only available BPF compiler is
-part of the pcap(3) library and accessible through a high-level filter
-language that might be familiar for many people as tcpdump-like filters.
-
-However, quite often, it is useful to bypass that compiler and write
-optimized code that couldn't be produced by the pcap(3) compiler, was
-wrongly optimized, or is defective on purpose in order to debug test kernel
-code. Also, a reason to use bpfc could be to try out some new BPF extensions
-that are not supported by other compilers. Furthermore, bpfc can be of good
-use to verify JIT compiler behaviour or to find possible bugs that need
-to be fixed.
-
-bpfc is implemented with the help of flex(1) and bison(1), tokenizes the
-source file in a first stage and parses it's content into an AST. In two
-code generation stages it emits target opcodes. bpfc furthermore supports
-Linux kernel BPF extensions. More about that can be found in the syntax
-section.
-
-The Linux kernel BPF JIT compiler is automatically turned on if detected
-by netsniff-ng. However, it can also be manually turned on through the
-command ``echo "1" > /proc/sys/net/core/bpf_jit_enable'' (normal working
-mode) or ``echo "2" > /proc/sys/net/core/bpf_jit_enable'' (debug mode
-where emitted opcodes of the image are printed to the kernel log). An
-architecture generic BPF JIT image disassembler can be found in the kernel
-source tree under: tools/net/bpf_jit_disasm.c
-
-.SH OPTIONS
-
-.SS -i <source-file/->, --input <source-file/->
-Read BPF assembly instruction from an input file or from stdin.
-
-.SS -f <format>, --format <format>
-Specify a different output format than the default that is netsniff-ng
-compatible. The <format> specifier can be: C, netsniff-ng, xt_bpf, tcpdump.
-
-.SS -b, --bypass
-Bypass basic filter validation when emitting opcodes. This can be useful
-for explicitly creating malformed BPF expressions that should be injected
-into the kernel, e.g. for bug testing.
-
-.SS -V, --verbose
-Be more verbose and display some bpfc debugging information.
-
-.SS -d, --dump
-Dump all supported instructions to stdout.
-
-.SS -v, --version
-Show versioning information.
-
-.SS -h, --help
-Show user help.
-
-.SH SYNTAX
-
-The BPF architecture resp. register machine consists of the following
-elements:
-
-    Element          Description
-
-    A                32 bit wide accumulator
-    X                32 bit wide X register
-    M[]              16 x 32 bit wide misc registers aka ``scratch
-memory store'', addressable from 0 to 15
-
-A program, that is translated by bpfc into ``opcodes'' is an array that
-consists of the following elements:
-
-    o:16, jt:8, jf:8, k:32
-
-The element o is a 16 bit wide opcode that has a particular instruction
-encoded, jt and jf are two 8 bit wide jump targets, one for condition
-``true'', one for condition ``false''. Last but not least the 32 bit wide
-element k contains a miscellaneous argument that can be interpreted in
-different ways depending on the given instruction resp. opcode.
-
-The instruction set consists of load, store, branch, alu, miscellaneous
-and return instructions that are also represented in bpfc syntax. This
-table also includes own bpfc extensions. All operations are based on
-unsigned data structures:
-
-   Instruction      Addressing mode      Description
-
-   ld               1, 2, 3, 4, 10       Load word into A
-   ldi              4                    Load word into A
-   ldh              1, 2                 Load half-word into A
-   ldb              1, 2                 Load byte into A
-   ldx              3, 4, 5, 10          Load word into X
-   ldxi             4                    Load word into X
-   ldxb             5                    Load byte into X
-
-   st               3                    Copy A into M[]
-   stx              3                    Copy X into M[]
-
-   jmp              6                    Jump to label
-   ja               6                    Jump to label
-   jeq              7, 8                 Jump on k == A
-   jneq             8                    Jump on k != A
-   jne              8                    Jump on k != A
-   jlt              8                    Jump on k < A
-   jle              8                    Jump on k <= A
-   jgt              7, 8                 Jump on k > A
-   jge              7, 8                 Jump on k >= A
-   jset             7, 8                 Jump on k & A
-
-   add              0, 4                 A + <x>
-   sub              0, 4                 A - <x>
-   mul              0, 4                 A * <x>
-   div              0, 4                 A / <x>
-   mod              0, 4                 A % <x>
-   neg              0, 4                 !A
-   and              0, 4                 A & <x>
-   or               0, 4                 A | <x>
-   xor              0, 4                 A ^ <x>
-   lsh              0, 4                 A << <x>
-   rsh              0, 4                 A >> <x>
-
-   tax                                   Copy A into X
-   txa                                   Copy X into A
-
-   ret              4, 9                 Return
-
-   Addressing mode  Syntax               Description
-
-    0               x                    Register X
-    1               [k]                  BHW at byte offset k in the packet
-    2               [x + k]              BHW at the offset X + k in the packet
-    3               M[k]                 Word at offset k in M[]
-    4               #k                   Literal value stored in k
-    5               4*([k]&0xf)          Lower nibble * 4 at byte offset k in the packet
-    6               L                    Jump label L
-    7               #k,Lt,Lf             Jump to Lt if true, otherwise jump to Lf
-    8               #k,Lt                Jump to Lt if predicate is true
-    9               a                    Accumulator A
-   10               extension            BPF extension (see next table)
-
-   Extension (and alias)                 Description
-
-   #len, len, #pktlen, pktlen            Length of packet (skb->len)
-   #pto, pto, #proto, proto              Ethernet type field (skb->protocol)
-   #type, type                           Packet type (**) (skb->pkt_type)
-   #poff, poff                           Detected payload start offset
-   #ifx, ifx, #ifidx, ifidx              Interface index (skb->dev->ifindex)
-   #nla, nla                             Netlink attribute of type X with offset A
-   #nlan, nlan                           Nested Netlink attribute of type X with offset A
-   #mark, mark                           Packet mark (skb->mark)
-   #que, que, #queue, queue, #Q, Q       NIC queue index (skb->queue_mapping)
-   #hat, hat, #hatype, hatype            NIC hardware type (**) (skb->dev->type)
-   #rxh, rxh, #rxhash, rxhash            Receive hash (skb->rxhash)
-   #cpu, cpu                             Current CPU (raw_smp_processor_id())
-   #vlant, vlant, #vlan_tci, vlan_tci    VLAN TCI value (vlan_tx_tag_get(skb))
-   #vlanp, vlanp                         VLAN present (vlan_tx_tag_present(skb))
-
-   Further extension details (**)        Value
-
-   #type, type                           0 - to us / host
-                                         1 - to all / broadcast
-                                         2 - to group / multicast
-                                         3 - to others (promiscuous mode)
-                                         4 - outgoing of any type
-
-   #hat, hat, #hatype, hatype            1 - Ethernet 10Mbps
-                                         8 - APPLEtalk
-                                        19 - ATM
-                                        24 - IEEE 1394 IPv4 - RFC 2734
-                                        32 - InfiniBand
-                                       768 - IPIP tunnel
-                                       769 - IP6IP6 tunnel
-                                       772 - Loopback device
-                                       778 - GRE over IP
-                                       783 - Linux-IrDA
-                                       801 - IEEE 802.11
-                                       802 - IEEE 802.11 + Prism2 header
-                                       803 - IEEE 802.11 + radiotap header
-                                       823 - GRE over IP6
-                                       [...] See include/uapi/linux/if_arp.h
-
-Note that the majority of BPF extensions are available on Linux only.
-
-There are two types of comments in bpfc source-files:
-
-  1. Multi-line C-style comments:        /* put comment here */
-  2. Single-line ASM-style comments:     ;  put comment here
-
-Used Abbreviations:
-
-  BHW: byte, half-word, or word
-
-.SH SOURCE EXAMPLES
-
-In this section, we give a couple of examples for bpfc source-files, in other
-words, some small example filter programs:
-
-.SS Only return packet headers (truncate packets):
-
-  ld poff
-  ret a
-
-.SS Only allow ARP packets:
-
-  ldh [12]
-  jne #0x806, drop
-  ret #-1
-  drop: ret #0
-
-.SS Only allow IPv4 TCP packets:
-
-  ldh [12]
-  jne #0x800, drop
-  ldb [23]
-  jneq #6, drop
-  ret #-1
-  drop: ret #0
-
-.SS Only allow IPv4 TCP, SSH traffic:
-
-  ldh [12]
-  jne #0x800, drop
-  ldb [23]
-  jneq #6, drop
-  ldh [20]
-  jset #0x1fff, drop
-  ldxb 4 * ([14] & 0xf)
-  ldh [x + 14]
-  jeq #0x16, pass
-  ldh [x + 16]
-  jne #0x16, drop
-  pass: ret #-1
-  drop: ret #0
-
-.SS Allow any (hardware accelerated) VLAN:
-
-  ld vlanp
-  jeq #0, drop
-  ret #-1
-  drop: ret #0
-
-.SS Only allow traffic for (hardware accelerated) VLAN 10:
-
-  ld vlant
-  jneq #10, drop
-  ret #-1
-  drop: ret #0
-
-.SS More pedantic check for the above VLAN example:
-
-  ld vlanp
-  jeq #0, drop
-  ld vlant
-  jneq #10, drop
-  ret #-1
-  drop: ret #0
-
-.SH USAGE EXAMPLE
-
-.SS bpfc fubar
-Compile the source file ``fubar'' into BPF opcodes. Opcodes will be
-directed to stdout.
-
-.SS bpfc -f xt_bpf -b -i fubar, resp. iptables -A INPUT -m bpf --bytecode "`bpfc -f xt_bpf -i fubar`" -j LOG
-Compile the source file ``fubar'' into BPF opcodes, bypass basic filter
-validation and emit opcodes in netfilter's xt_bpf readable format.
-
-.SS bpfc -
-Read bpfc instruction from stdin and emit opcodes to stdout.
-
-.SS bpfc foo > bar, resp. netsniff-ng -f bar ...
-Compile filter instructions from file foo and redirect bpfc's output into
-the file bar, that can then be read by netsniff-ng(8) through option -f.
-
-.SS bpfc -f tcpdump -i fubar
-Output opcodes from source file fubar in the same behaviour as ``tcpdump -ddd''.
-
-.SH LEGAL
-bpfc is licensed under the GNU GPL version 2.0.
-
-.SH HISTORY
-.B bpfc
-was originally written for the netsniff-ng toolkit by Daniel Borkmann. It
-is currently maintained by Tobias Klauser <tklauser@distanz.ch> and Daniel
-Borkmann <dborkma@tik.ee.ethz.ch>.
-
-.SH SEE ALSO
-.BR netsniff-ng (8),
-.BR trafgen (8),
-.BR mausezahn (8),
-.BR ifpps (8),
-.BR flowtop (8),
-.BR astraceroute (8),
-.BR curvetun (8)
-
-.SH AUTHOR
-Manpage was written by Daniel Borkmann.