Page MenuHomeFreeBSD
Paste P161

ng_bpf testing
ActivePublic
Actions

Authored by melifaro on Apr 1 2018, 4:00 PM.
#!/bin/sh
kenv net.inet.ip.fw.default_to_accept="1"
kldload ipfw
kldload ng_hole
kldload ng_bpf
kldload ng_ipfw
PATTERN="tcp dst port 7777"
NODENAME="my_bpf"
INHOOK="input"
MATCHHOOK="match_hook"
NOMATCHHOOK="nomatch_hook"
ngctl mkpeer ipfw: bpf 44 ${INHOOK}
ngctl name ipfw:44 ${NODENAME}
ngctl mkpeer ${NODENAME}: hole ${MATCHHOOK} input
ngctl name ${NODENAME}:${MATCHHOOK} match_hole
ngctl mkpeer ${NODENAME}: hole ${NOMATCHHOOK} input
ngctl name ${NODENAME}:${NOMATCHHOOK} nomatch_hole
BPFPROG=$( tcpdump -s 8192 -ddd ${PATTERN} | \
( read len ; \
echo -n "bpf_prog_len=$len " ; \
echo -n "bpf_prog=[" ; \
while read code jt jf k ; do \
echo -n " { code=$code jt=$jt jf=$jf k=$k } " ; \
done ; \
echo " ]" ) )
ngctl msg ${NODENAME}: setprogram { thisHook=\"${INHOOK}\" \
ifMatch=\"${MATCHHOOK}\" \
ifNotMatch=\"${NOMATCHHOOK}\" \
${BPFPROG} }
ipfw add 100 netgraph 44 tcp from any to 1.2.3.4 dst-port 7000-8000

Event Timeline

melifaro created this paste.Apr 1 2018, 4:00 PM
melifaro created this object in space S1 Global.