summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2013-05-27bpf: add minimal BPF JIT emitted image disassemblerDaniel Borkmann1-0/+207
This is a minimal stand-alone user space helper, that allows for debugging or verification of emitted BPF JIT images. This is in particular useful for emitted opcode debugging, since minor bugs in the JIT compiler can be fatal. The disassembler is architecture generic and uses libopcodes and libbfd. How to get to the disassembly, example: 1) `echo 2 > /proc/sys/net/core/bpf_jit_enable` 2) Load a BPF filter (e.g. `tcpdump -p -n -s 0 -i eth1 host 192.168.20.0/24`) 3) Run e.g. `bpf_jit_disasm -o` to disassemble the most recent JIT code output `bpf_jit_disasm -o` will display the related opcodes to a particular instruction as well. Example for x86_64: $./bpf_jit_disasm 94 bytes emitted from JIT compiler (pass:3, flen:9) ffffffffa0356000 + <x>: 0: push %rbp 1: mov %rsp,%rbp 4: sub $0x60,%rsp 8: mov %rbx,-0x8(%rbp) c: mov 0x68(%rdi),%r9d 10: sub 0x6c(%rdi),%r9d 14: mov 0xe0(%rdi),%r8 1b: mov $0xc,%esi 20: callq 0xffffffffe0d01b71 25: cmp $0x86dd,%eax 2a: jne 0x000000000000003d 2c: mov $0x14,%esi 31: callq 0xffffffffe0d01b8d 36: cmp $0x6,%eax [...] 5c: leaveq 5d: retq $ ./bpf_jit_disasm -o 94 bytes emitted from JIT compiler (pass:3, flen:9) ffffffffa0356000 + <x>: 0: push %rbp 55 1: mov %rsp,%rbp 48 89 e5 4: sub $0x60,%rsp 48 83 ec 60 8: mov %rbx,-0x8(%rbp) 48 89 5d f8 c: mov 0x68(%rdi),%r9d 44 8b 4f 68 10: sub 0x6c(%rdi),%r9d 44 2b 4f 6c [...] 5c: leaveq c9 5d: retq c3 Note that this is also part of the Linux kernel source tree under tools/net/. We also keep a copy of it here, since it is quite useful in conjunction with bpfc for debugging purposes. However, we do not integrate this small helper into the main build process. People who care to have this need to compile it on their own which is not a big deal. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-05-27man: mausezahn: initial formatting and fixupsDaniel Borkmann1-295/+304
Format larger text sections into subsections, include .PPs and other fixups. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-05-27man: minor: trafgen: add .PPs and modify BUGS sectionDaniel Borkmann1-81/+82
Minor change in BUGS section to bring it up to date. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-05-27man: minor: flowtop: add .PPsDaniel Borkmann1-34/+34
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-05-27man: minor: astraceroute: add .PPsDaniel Borkmann1-49/+49
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-05-26man: netsniff-ng: Reword a few sentencesTobias Klauser1-14/+13
Make the 2nd section of the description a bit easier to read by splitting and rearranging sentences. Also add a few missing punctuations or make it more consistent repectively. Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2013-05-26mausezahn: show long version on cliDaniel Borkmann1-1/+1
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-05-26make: minor cleanups in MakefileDaniel Borkmann1-6/+14
Remove some unneeded stuff, and move other things around. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-05-26man: netsniff-ng: add note about multithreadingDaniel Borkmann1-0/+9
Add a paragraph about multi-threading with netsniff-ng. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-05-25ifpps: Convert mem_free/mem_total members of struct ifstat to uint64_tTobias Klauser1-3/+4
Memory usage can never be negative, so make these members unsigned. Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2013-05-24man: curvetun: grammer, spelling, and other minor correctionsJon Schipp1-17/+15
Signed-off-by: Jon Schipp <jonschipp@gmail.com> Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-05-24make: add HARDENING build optionDaniel Borkmann1-8/+17
Add HARDENING=1 build option and move all hardening-related GCC flags into this condition. This allows the user to choose whether or not he wants to have a hardened build with some possible performance tradeoff at load/runtime. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-05-24make: minor update in cflagsDaniel Borkmann1-4/+5
Add -z relro for linking, move --param ssp-buffer-size=4 to stack protector flag, and more. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-05-24misc: fix some minor compile warnings all overDaniel Borkmann4-7/+8
Some regarding unused parameter, some regarding signed/unsigned comparison. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-05-23man: trafgen: corrections and various edits to manual pageJon Schipp1-16/+16
Signed-off-by: Jon Schipp <jonschipp@gmail.com> Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-05-23make: include build nameDaniel Borkmann9-10/+11
Include long version string into tools when called with --version. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-05-23bpfc: minor: do a line-break before 80-columnDaniel Borkmann1-1/+2
Just a minor cosmetic fix. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-05-23bpfc: allow bpf programs to be passed to cppDaniel Borkmann4-8/+48
This patch allows bpf programs to be passed to the C preprocessor before handing over to bpfc. Example: #define ETH_P_IP 0x800 ldh [12] jne #ETH_P_IP, drop ldb [23] jneq #6, drop ldh [20] jset #0x1fff, drop ldxb 4 * ([14] & 0xf) ldh [x + 14] jeq #0x16, pass ldh [x + 16] jne #0x16, drop pass: ret #-1 drop: ret #0 Compile with: bpfc -i foo -p Suggested-by: John Lange <JLange@trendium.com> Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-05-22man: astraceroute: minor edits all overJon Schipp1-19/+18
Some minor edits all over the place. Signed-off-by: Jon Schipp <jonschipp@gmail.com> Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-05-22docs: minor: say it's staging area, not a branchDaniel Borkmann1-2/+1
The extra branch is history for a while now, it's an internal staging area instead. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-05-22man: netsniff-ng: edits to the netsniff-ng man pageJon Schipp1-19/+20
Various edits all over. Signed-off-by: Jon Schipp <jonschipp@gmail.com> Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-05-22docs: minor: Add missing word 'it'Jon Schipp1-1/+1
Signed-off-by: Jon Schipp <jonschipp@gmail.com> Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-05-21curvetun: use free instead of xfreeDaniel Borkmann1-8/+4
Only use xfree where it makes sense, here not really. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-05-21man: curvetun: finish up initial draft of curvetunDaniel Borkmann1-8/+105
Initial draft of curvetun manpage. Follow-up commits may come to fix formating errors and the like. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-05-21man: curvetun: add option and usage example sectionDaniel Borkmann1-3/+81
This patch implements the option and usage examples of curvetun. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-05-21man: mausezahn: minor updates all overDaniel Borkmann1-11/+14
This patch escapes all '\' chars so that they get recognized. Also, we add a short note at the end of the NOTE section to point to the netsniff-ng(8) man page regarding tuning hints. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-05-21man: mausezahn: add howto for interactive modeDaniel Borkmann1-0/+871
It is quite useful to have an initial walkthrough for the interactive mode documented, so add a first version of this [1] into the man page. [1] original here: http://pub.netsniff-ng.org/docs/Mausezahn Formatting still needs to be fixed up in follow-up commits. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-05-21mausezahn: do not show version in promptDaniel Borkmann2-3/+1
Do not show the old mausezahn version in the prompt, since we use a different versioning scheme. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-05-21tprintf: Rename parameter to avoid shadowing global declarationTobias Klauser1-2/+2
The tprintf module already uses a static variable named 'buffer', thus rename the parameter to avoid a name clash. Found by compiling with -Wshadow. Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2013-05-21trafgen: Remove unnecessary reinitialization of icmp packetTobias Klauser1-2/+0
The entire packet is zeroed using memset() three lines above, thus there is no need to set icmp->code and icmp->checksum to 0 explicitely again. Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2013-05-21mac802.11: only wait for nl ack if unfinishedDaniel Borkmann1-7/+37
Jon reported that the setup via netlink of a raw 802.11 mon device fails with: root~/gencfg# trafgen --in beacon.cfg --rfraw --out wlan0 Waiting for netlink ack failed! Let us only wait for it, if really needed. Reported-by: Jon Schipp <jonschipp@gmail.com> Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-05-21misc: Ignore files generated by cscope/ctagsTobias Klauser1-0/+4
Add the index files generated by cscope and ctags to .gitignore. Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2013-05-17trafgen: Add __noreturn attribute previously missedTobias Klauser1-1/+1
The version() function was missed in the previous commit 785fe152 ("trafgen: Add __noreturn attribute to exiting functions"), so add __noreturn to it now. Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2013-05-17ifpps: Add __noreturn attribute to exiting functionsTobias Klauser1-2/+2
Add the __noreturn attribute to all functions which wont return but call die() themselves to exit(). Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2013-05-17curvetun: Add __noreturn attribute to exiting functionsTobias Klauser1-2/+2
Add the __noreturn attribute to all functions which wont return but call die() themselves to exit(). Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2013-05-17bpfc: Add __noreturn attribute to exiting functionsTobias Klauser1-2/+2
Add the __noreturn attribute to all functions which wont return but call die() themselves to exit(). Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2013-05-17astraceroute: Add __noreturn attribute to exiting functionsTobias Klauser1-2/+2
Add the __noreturn attribute to all functions which wont return but call die() themselves to exit(). Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2013-05-17trafgen: Add __noreturn attribute to exiting functionsTobias Klauser1-2/+2
Add the __noreturn attribute to all functions which wont return but call die() themselves to exit(). Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2013-05-17netsniff-ng: Add __noreturn attribute to exiting functionsTobias Klauser1-2/+2
Add the __noreturn attribute to all functions which wont return but call die() themselves to exit(). Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2013-05-17die.h: Add __noreturn attribute to exiting functionsTobias Klauser1-4/+4
Add the __noreturn attribute to all functions which wont return but call exit() (or die() respectively) themselves. Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2013-05-17built_in: Add __noreturn markerTobias Klauser1-0/+4
This can be used to mark functions which will call exit() by themselves. Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2013-05-16dissector: igmp: Fix another erroneous null pointer checkTobias Klauser1-1/+1
We need to break if we get NULL from pkt_pull() but the actual check was inverted. This was discovered by the coverity scanner and missed in commit b76adfd1 ("dissector: igmp: Fix erroneous null pointer check"). Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2013-05-16curvetun: Mention exit after printing information in built-in helpTobias Klauser1-2/+2
Mention the fact that curvetun exits after printing either the help of the version information. Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2013-05-16astraceroute: Mention exit after printing information in built-in helpTobias Klauser1-2/+2
Mention the fact that astraceroute exits after printing either the help of the version information. Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2013-05-16man: flowtop: Make wording in description for --version consistentTobias Klauser1-1/+1
Make the wording consistent with the other man pages. This was probably messed up by my previous commit which was not properly split. Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2013-05-16man: astraceroute: Make wording in description for --version consistentTobias Klauser1-1/+1
Make the wording consistent with the other man pages. This was probably messed up by my previous commit which was not properly split. Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2013-05-15docs: authors: add Stephen Wadeley for his man page patchesDaniel Borkmann1-0/+1
Add Stephen Wadeley for his man page contributions. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-05-15Merge branch 'master' of github.com:borkmann/netsniff-ngDaniel Borkmann11-47/+50
Conflicts resolved by hand: bpfc.8 ifpps.8 netsniff-ng.8 Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-05-15man: improvements to language and markup for netsniff-ng.8Stephen Wadeley1-192/+199
Signed-off-by: Stephen Wadeley <swadeley@redhat.com> Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-05-15man: trafgen: Minor fixesTobias Klauser10-49/+50
Replace "on default" by "by default", make it a bit more clear what the seed in the -E/--seed option is for and mention exit after display of information on --version and --help. Signed-off-by: Tobias Klauser <tklauser@distanz.ch>