Introduce a new bd_seesent flag to the BPF descriptor, indicating whether or
not the current BPF device should report locally generated packets or not. This allows sniffing applications to see only packets that are not generated locally, which can be useful for debugging bridging problems, or other situations where MAC addresses are not sufficient to identify locally sourced packets. Default to true for this flag, so as to provide existing behavior by default. Introduce two new ioctls, BIOCGSEESENT and BIOCSSEESENT, which may be used to manipulate this flag from userland, given appropriate privilege. Modify bpf.4 to document these two new ioctl arguments. Reviewed by: asmodai
This commit is contained in:
parent
5f00c83601
commit
7432002de6
@ -290,6 +290,14 @@ Set to zero if the link level source address should be filled in automatically
|
||||
by the the interface output routine. Set to one if the link level source
|
||||
address will be written, as provided, to the wire. This flag is initialized
|
||||
to zero by default.
|
||||
.It Dv BIOCSSEESENT
|
||||
.It Dv BIOCGSEESENT
|
||||
.Pq Li u_int
|
||||
Set or get the flag determining whether locally generated packets on the
|
||||
interface should be returned by BPF. Set to zero to see only incoming
|
||||
packets on the interface. Set to one to see packets originating
|
||||
locally and remotely on the interface. This flag is initialized to one by
|
||||
default.
|
||||
.Sh BPF HEADER
|
||||
The following structure is prepended to each packet returned by
|
||||
.Xr read 2 :
|
||||
|
@ -359,6 +359,7 @@ bpfopen(dev, flags, fmt, p)
|
||||
dev->si_drv1 = d;
|
||||
d->bd_bufsize = bpf_bufsize;
|
||||
d->bd_sig = SIGIO;
|
||||
d->bd_seesent = 1;
|
||||
|
||||
return (0);
|
||||
}
|
||||
@ -633,6 +634,8 @@ reset_d(d)
|
||||
* BIOCVERSION Get filter language version.
|
||||
* BIOCGHDRCMPLT Get "header already complete" flag
|
||||
* BIOCSHDRCMPLT Set "header already complete" flag
|
||||
* BIOCGSEESENT Get "see packets sent" flag
|
||||
* BIOCSSEESENT Set "see packets sent" flag
|
||||
*/
|
||||
/* ARGSUSED */
|
||||
static int
|
||||
@ -848,6 +851,20 @@ bpfioctl(dev, cmd, addr, flags, p)
|
||||
d->bd_hdrcmplt = *(u_int *)addr ? 1 : 0;
|
||||
break;
|
||||
|
||||
/*
|
||||
* Get "see sent packets" flag
|
||||
*/
|
||||
case BIOCGSEESENT:
|
||||
*(u_int *)addr = d->bd_seesent;
|
||||
break;
|
||||
|
||||
/*
|
||||
* Set "see sent packets" flag
|
||||
*/
|
||||
case BIOCSSEESENT:
|
||||
d->bd_seesent = *(u_int *)addr;
|
||||
break;
|
||||
|
||||
case FIONBIO: /* Non-blocking I/O */
|
||||
break;
|
||||
|
||||
@ -1103,6 +1120,8 @@ bpf_mtap(ifp, m)
|
||||
pktlen += m0->m_len;
|
||||
|
||||
for (d = bp->bif_dlist; d != 0; d = d->bd_next) {
|
||||
if (!d->bd_seesent && (m->m_pkthdr.rcvif == NULL))
|
||||
continue;
|
||||
++d->bd_rcount;
|
||||
slen = bpf_filter(d->bd_filter, (u_char *)m, pktlen, 0);
|
||||
if (slen != 0)
|
||||
|
@ -113,6 +113,8 @@ struct bpf_version {
|
||||
#define BIOCSRSIG _IOW('B',115, u_int)
|
||||
#define BIOCGHDRCMPLT _IOR('B',116, u_int)
|
||||
#define BIOCSHDRCMPLT _IOW('B',117, u_int)
|
||||
#define BIOCGSEESENT _IOR('B',118, u_int)
|
||||
#define BIOCSSEESENT _IOW('B',119, u_int)
|
||||
|
||||
/*
|
||||
* Structure prepended to each packet.
|
||||
|
@ -77,6 +77,7 @@ struct bpf_d {
|
||||
u_char bd_state; /* idle, waiting, or timed out */
|
||||
u_char bd_immediate; /* true to return on packet arrival */
|
||||
int bd_hdrcmplt; /* false to fill in src lladdr automatically */
|
||||
int bd_seesent; /* true if bpf should see sent packets */
|
||||
int bd_async; /* non-zero if packet reception should generate signal */
|
||||
int bd_sig; /* signal to send upon packet reception */
|
||||
struct sigio * bd_sigio; /* information for async I/O */
|
||||
|
Loading…
Reference in New Issue
Block a user