From 4584b955420cd8d2fcae767c86b853fde4bccc6e Mon Sep 17 00:00:00 2001
From: Daniel Borkmann <dborkman@redhat.com>
Date: Thu, 23 May 2013 11:08:03 +0200
Subject: bpfc: allow bpf programs to be passed to cpp

This patch allows bpf programs to be passed to the C preprocessor
before handing over to bpfc. Example:

  #define ETH_P_IP        0x800

  ldh [12]
  jne #ETH_P_IP, drop
  ldb [23]
  jneq #6, drop
  ldh [20]
  jset #0x1fff, drop
  ldxb 4 * ([14] & 0xf)
  ldh [x + 14]
  jeq #0x16, pass
  ldh [x + 16]
  jne #0x16, drop
  pass: ret #-1
  drop: ret #0

Compile with: bpfc -i foo -p

Suggested-by: John Lange <JLange@trendium.com>
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
---
 bpfc.8 | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

(limited to 'bpfc.8')

diff --git a/bpfc.8 b/bpfc.8
index 6f9a504..41ee1e6 100644
--- a/bpfc.8
+++ b/bpfc.8
@@ -57,6 +57,11 @@ source tree under: tools/net/bpf_jit_disasm.c
 .SS -i <source-file/->, --input <source-file/->
 Read BPF assembly instruction from an input file or from stdin.
 .PP
+.SS -p, --cpp
+Pass the bpf program through the C preprocessor before reading it in
+bpfc. This allows #define and #include directives (e.g. to include
+definitions from system headers) to be used in the bpf program.
+.PP
 .SS -f <format>, --format <format>
 Specify a different output format than the default that is netsniff-ng
 compatible. The <format> specifier can be: C, netsniff-ng, xt_bpf, tcpdump.
@@ -284,9 +289,11 @@ words, some small example filter programs:
 Compile the source file ''fubar'' into BPF opcodes. Opcodes will be
 directed to stdout.
 .PP
-.SS bpfc -f xt_bpf -b -i fubar, resp. iptables -A INPUT -m bpf --bytecode "`bpfc -f xt_bpf -i fubar`" -j LOG
+.SS bpfc -f xt_bpf -b -p -i fubar, resp. iptables -A INPUT -m bpf --bytecode "`bpfc -f xt_bpf -i fubar`" -j LOG
 Compile the source file ''fubar'' into BPF opcodes, bypass basic filter
-validation and emit opcodes in netfilter's xt_bpf readable format.
+validation and emit opcodes in netfilter's xt_bpf readable format. Note
+that the source file ''fubar'' is first passed to the C preprocessor for
+textual replacments before handing over to the bpfc compiler.
 .PP
 .SS bpfc -
 Read bpfc instruction from stdin and emit opcodes to stdout.
-- 
cgit v1.2.3-54-g00ecf