Introduce a new bd_seesent flag to the BPF descriptor, indicating whether or

not the current BPF device should report locally generated packets or not.
This allows sniffing applications to see only packets that are not generated
locally, which can be useful for debugging bridging problems, or other
situations where MAC addresses are not sufficient to identify locally
sourced packets.  Default to true for this flag, so as to provide existing
behavior by default.

Introduce two new ioctls, BIOCGSEESENT and BIOCSSEESENT, which may be used
to manipulate this flag from userland, given appropriate privilege.

Modify bpf.4 to document these two new ioctl arguments.

Reviewed by:	asmodai
This commit is contained in:
rwatson 2000-03-18 06:30:42 +00:00
parent 5f00c83601
commit 7432002de6
4 changed files with 30 additions and 0 deletions

View File

@ -290,6 +290,14 @@ Set to zero if the link level source address should be filled in automatically
by the the interface output routine. Set to one if the link level source
address will be written, as provided, to the wire. This flag is initialized
to zero by default.
.It Dv BIOCSSEESENT
.It Dv BIOCGSEESENT
.Pq Li u_int
Set or get the flag determining whether locally generated packets on the
interface should be returned by BPF. Set to zero to see only incoming
packets on the interface. Set to one to see packets originating
locally and remotely on the interface. This flag is initialized to one by
default.
.Sh BPF HEADER
The following structure is prepended to each packet returned by
.Xr read 2 :

View File

@ -359,6 +359,7 @@ bpfopen(dev, flags, fmt, p)
dev->si_drv1 = d;
d->bd_bufsize = bpf_bufsize;
d->bd_sig = SIGIO;
d->bd_seesent = 1;
return (0);
}
@ -633,6 +634,8 @@ reset_d(d)
* BIOCVERSION Get filter language version.
* BIOCGHDRCMPLT Get "header already complete" flag
* BIOCSHDRCMPLT Set "header already complete" flag
* BIOCGSEESENT Get "see packets sent" flag
* BIOCSSEESENT Set "see packets sent" flag
*/
/* ARGSUSED */
static int
@ -848,6 +851,20 @@ bpfioctl(dev, cmd, addr, flags, p)
d->bd_hdrcmplt = *(u_int *)addr ? 1 : 0;
break;
/*
* Get "see sent packets" flag
*/
case BIOCGSEESENT:
*(u_int *)addr = d->bd_seesent;
break;
/*
* Set "see sent packets" flag
*/
case BIOCSSEESENT:
d->bd_seesent = *(u_int *)addr;
break;
case FIONBIO: /* Non-blocking I/O */
break;
@ -1103,6 +1120,8 @@ bpf_mtap(ifp, m)
pktlen += m0->m_len;
for (d = bp->bif_dlist; d != 0; d = d->bd_next) {
if (!d->bd_seesent && (m->m_pkthdr.rcvif == NULL))
continue;
++d->bd_rcount;
slen = bpf_filter(d->bd_filter, (u_char *)m, pktlen, 0);
if (slen != 0)

View File

@ -113,6 +113,8 @@ struct bpf_version {
#define BIOCSRSIG _IOW('B',115, u_int)
#define BIOCGHDRCMPLT _IOR('B',116, u_int)
#define BIOCSHDRCMPLT _IOW('B',117, u_int)
#define BIOCGSEESENT _IOR('B',118, u_int)
#define BIOCSSEESENT _IOW('B',119, u_int)
/*
* Structure prepended to each packet.

View File

@ -77,6 +77,7 @@ struct bpf_d {
u_char bd_state; /* idle, waiting, or timed out */
u_char bd_immediate; /* true to return on packet arrival */
int bd_hdrcmplt; /* false to fill in src lladdr automatically */
int bd_seesent; /* true if bpf should see sent packets */
int bd_async; /* non-zero if packet reception should generate signal */
int bd_sig; /* signal to send upon packet reception */
struct sigio * bd_sigio; /* information for async I/O */