Page Menu
Home
FreeBSD
Search
Configure Global Search
Log In
Paste
P161
ng_bpf testing
Active
Public
Actions
Authored by
melifaro
on Apr 1 2018, 4:00 PM.
Edit Paste
Archive Paste
View Raw File
Subscribe
Mute Notifications
Flag For Later
Award Token
Tags
None
Referenced Files
F3287905: ng_bpf testing
Apr 1 2018, 4:00 PM
2018-04-01 16:00:25 (UTC+0)
Subscribers
None
#!/bin/sh
kenv
net.inet.ip.fw.default_to_accept
=
"1"
kldload
ipfw
kldload
ng_hole
kldload
ng_bpf
kldload
ng_ipfw
PATTERN
=
"tcp dst port 7777"
NODENAME
=
"my_bpf"
INHOOK
=
"input"
MATCHHOOK
=
"match_hook"
NOMATCHHOOK
=
"nomatch_hook"
ngctl
mkpeer
ipfw:
bpf
44
${
INHOOK
}
ngctl
name
ipfw:44
${
NODENAME
}
ngctl
mkpeer
${
NODENAME
}
:
hole
${
MATCHHOOK
}
input
ngctl
name
${
NODENAME
}
:
${
MATCHHOOK
}
match_hole
ngctl
mkpeer
${
NODENAME
}
:
hole
${
NOMATCHHOOK
}
input
ngctl
name
${
NODENAME
}
:
${
NOMATCHHOOK
}
nomatch_hole
BPFPROG
=
$(
tcpdump
-s
8192
-ddd
${
PATTERN
}
|
\
(
read
len
;
\
echo
-n
"bpf_prog_len=
$len
"
;
\
echo
-n
"bpf_prog=["
;
\
while
read
code
jt
jf
k
;
do
\
echo
-n
" { code=
$code
jt=
$jt
jf=
$jf
k=
$k
} "
;
\
done
;
\
echo
" ]"
)
)
ngctl
msg
${
NODENAME
}
:
setprogram
{
thisHook
=
\"
${
INHOOK
}
\"
\
ifMatch
=
\"
${
MATCHHOOK
}
\"
\
ifNotMatch
=
\"
${
NOMATCHHOOK
}
\"
\
${
BPFPROG
}
}
ipfw
add
100
netgraph
44
tcp
from
any
to
1
.2.3.4
dst-port
7000
-8000
Event Timeline
melifaro
created this paste.
Apr 1 2018, 4:00 PM
2018-04-01 16:00:25 (UTC+0)
melifaro
created this object in space
S1 Global
.
Log In to Comment