sending NGM_BPF_SET_PROGRAM message to a bpf node from a program

Rajkumar S rajkumars at gmail.com
Wed Aug 30 12:31:13 UTC 2006 

Hi,

I am trying to write a program to create a bpf node and assign a bpf
filter to that node. I am able to create the node and attch the node
to 3 other nodes, but not settng up a bpf filter to the node.

I am initialising the ng_bpf_hookprog struct using the following code:

struct ng_bpf_hookprog *bpf_hookprog;

        bpf_hookprog = calloc (1, sizeof (struct ng_bpf_hookprog) +
fp.bf_len * sizeof (struct bpf_insn));
        bpf_hookprog->bpf_prog_len = fp.bf_len;
        printf ("fp.bf_len is %d\n", fp.bf_len);
        insn = fp.bf_insns;
        for (k=0; k < fp.bf_len; ++k,++insn){
                memcpy ((bpf_hookprog->bpf_prog + k), insn, sizeof(insn));
                printf ("code=%d\n", bpf_hookprog->bpf_prog[k].code);
        }
        strlcpy (bpf_hookprog->thisHook, "from_lower", sizeof
(bpf_hookprog->thisHook));
        strlcpy (bpf_hookprog->ifNotMatch, "discard", sizeof
(bpf_hookprog->ifNotMatch));
        strlcpy (bpf_hookprog->ifMatch, "to_upper", sizeof
(bpf_hookprog->ifMatch));

and messaging the bpf: using the following code fragment.

        if (NgSendMsg(cfd, "bpf:", NGM_GENERIC_COOKIE,
                      NGM_BPF_SET_PROGRAM, bpf_hookprog, (sizeof
(struct ng_bpf_hookprog) + fp.bf_len * sizeof (struct bpf_insn))) < 0)
{
                perror ("Setup bpf program");
                return (-1);
        }

The full souce is available at http://pastebin.ca/154537

While running the code, just before sending the setprogram message,
the ngctl list shows:

+ list
There are 6 total nodes:
  Name: sink            Type: hole            ID: 00000082   Num hooks: 1
  Name: bpf             Type: bpf             ID: 00000081   Num hooks: 3
  Name: test_socket     Type: socket          ID: 00000080   Num hooks: 0
  Name: ngctl5868       Type: socket          ID: 0000003f   Num hooks: 0
  Name: vr0             Type: ether           ID: 00000002   Num hooks: 0
  Name: rl0             Type: ether           ID: 00000001   Num hooks: 2

but once the setprogram message has been sent, it becomes:

+ list
There are 4 total nodes:
  Name: test_socket     Type: socket          ID: 00000080   Num hooks: 0
  Name: ngctl5868       Type: socket          ID: 0000003f   Num hooks: 0
  Name: vr0             Type: ether           ID: 00000002   Num hooks: 0
  Name: rl0             Type: ether           ID: 00000001   Num hooks: 0

Since the argument for setprogram involves flexible array, I have
tried my best to make sure that there are no issues with the argument
passing, but even in that case zapping the already running bpf node is
bit strange, or is this a case of me being stupid?

with warm regards,
raj

More information about the freebsd-net mailing list