Include a practical example that shows how ng_bpf can be used to prevent spoofing.
donner pi hselasky bcr
- Group Reviewers
- rS366873: MFC r365958:
rS365958: Add example to ng_bpf(4) showing how ng_bpf(4) can be used to prevent spoofing.
May you please provide a full context diff?
Okay from my side, final words come from "manpages".
May you use "documentation" IP space? See RFC 5737
There are two ways to check man pages:
textproc/igor, it reports:
$ igor ng_bpf.4
ng_bpf.4:38:date not today, September 20, 2020:.Dd [April 29, 2020]
and mandoc -Tlint, which reports:
$ mandoc -Tlint ng_bpf.4
mandoc: ng_bpf.4:173:1: WARNING: blank line in fill mode, using .sp
mandoc: ng_bpf.4:117:2: STYLE: useless macro: Tn
mandoc: ng_bpf.4:124:2: STYLE: useless macro: Tn
mandoc: ng_bpf.4:130:2: STYLE: useless macro: Tn
Can you fix them ?
The EXAMPLES section mentions tcpdump to generate BPF instructions that are fed into awk -- I do not see the awk(1) call in the example ? Is awk really needed for the example ?
This awk script exists in an older version of the man page.
- about awk: So the mention of awk(1) can be removed from the EXAMPLES section ?
- tcpdump wants to operate on some interface, as far as I can see, even it that interface will not be used ?
So running it as normal user gives this error:
$ tcpdump -s 8192 -p -ddd tcp dst port 80
tcpdump: igb0: You don't have permission to capture on that device
So this script needs to be run as root, right ? Can this be mentioned somewhere ? Any options to avoid running this as root ?
The change is fine, with or without removing awk(1), and the root requirement is implicit, you can't modify hooks as normal user anyway (or can you?).
I'm glad to hear that. As it isn't any effort, I've removed the awk reference anyway.