![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / sys / net
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.72 / (download) - annotate - [select for diffs], Fri Jan 26 21:14:08 2024 UTC (4 months, 2 weeks ago) by jan
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5,
HEAD
Changes since 1.71: +2 -1 lines
Diff to previous 1.71 (colored)
Put checksum flags in bpf_hdr to use them in userland dhcpleased. Thus, dhcpleased accept non-calculated checksums which were verified by hardware/hypervisor. With tweaks from dlg@ ok bluhm@ mkay tobhe@
Revision 1.71 / (download) - annotate - [select for diffs], Thu Mar 9 05:56:58 2023 UTC (15 months ago) by dlg
Branch: MAIN
CVS Tags: OPENBSD_7_4_BASE,
OPENBSD_7_4,
OPENBSD_7_3_BASE,
OPENBSD_7_3
Changes since 1.70: +4 -1 lines
Diff to previous 1.70 (colored)
add a timeout between capturing a packet and making the buffer readable. before this, there were three reasons that a bpf read will finish. the first is the obvious one: the bpf packet buffer in the kernel fills up. by default this is about 32k, so if you're only capturing a small packet packet every few seconds, it can take a long time for the buffer to fill up before you can read them. the second is if bpf has been configured to enable immediate mode with ioctl(BIOCIMMEDIATE). this means that when any packet is written into the bpf buffer, the buffer is immediately readable. this is fine if the packet rate is low, but if the packet rate is high you don't get the benefit of buffering many packets that bpf is supposed to provide. the third mechanism is if bpf has been configured with the BIOCSRTIMEOUT ioctl, which sets a maximum wait time on a bpf read. BIOCSRTIMEOUT means than a clock starts ticking down when a program (eg pflogd) reads from bpf. when the clock reaches zero then the read returns with whatever is in the bpf packet buffer. however, there could be nothing in the buffer, and the read will still complete. deraadt@ noticed this behaviour with pflogd. it wants packets logged by pf to end up on disk in a timely fashion, but it's fine with tolerating a bit of delay so it can take advantatage of buffering to amortise the cost of the reads per packet. it currently does this with BIOCSRTIMEOUT set to half a second, which means it's always waking up every half second even if there's nothing to log. this diff adds BIOCSWTIMEOUT, which specifies a timeout from when bpf first puts a packet in the capture buffer, and when the buffer becomes readable. by default this wait timeout is infinite, meaning the buffer has to be filled before it becomes readable. BIOCSWTIMEOUT can be set to enable the new functionality. BIOCIMMEDIATE is turned into a variation of BIOCSWTIMEOUT with the wait time set to 0, ie, wait 0 seconds between when a packet is written to the buffer and when the buffer becomes readable. combining BIOCSWTIMEOUT and BIOCIMMEDIATE simplifies the code a lot. for pflogd, this means if there are no packets to capture, pflogd won't wake up every half second to do nothing. however, when a packet is logged by pf, bpf will wait another half second to see if any more packets arrive (or the buffer fills up) before the read fires. discussed a lot with deraadt@ and sashan@ ok sashan@
Revision 1.70 / (download) - annotate - [select for diffs], Mon Aug 3 03:21:24 2020 UTC (3 years, 10 months ago) by dlg
Branch: MAIN
CVS Tags: OPENBSD_7_2_BASE,
OPENBSD_7_2,
OPENBSD_7_1_BASE,
OPENBSD_7_1,
OPENBSD_7_0_BASE,
OPENBSD_7_0,
OPENBSD_6_9_BASE,
OPENBSD_6_9,
OPENBSD_6_8_BASE,
OPENBSD_6_8
Changes since 1.69: +2 -1 lines
Diff to previous 1.69 (colored)
add a BPF_RND load location that provides a random value. this will be used so a bpf filter can make a decision based on a random number, which in turn will be used so a filter can perform random sampling of packets rather than capturing all packets. random sampling means that we don't have to figure out how to make bpf coordinate multiple concurrent calls to do counter based sampling. BPF_RND is currently backed with arc4random. discussed with many including jmatthew@, alex wilson, claudio@, sthen@, deraadt@, and tb@ ok kn@ tb@ jmatthew@ i call this extended bpf... xBPF.
Revision 1.69 / (download) - annotate - [select for diffs], Thu Jun 18 23:27:58 2020 UTC (3 years, 11 months ago) by dlg
Branch: MAIN
Changes since 1.68: +15 -16 lines
Diff to previous 1.68 (colored)
extend the bpf_hdr struct to include some metadata if available. the metadata is set if the mbuf is passed with an m_pktrhdr, and copies the mbufs rcvif, priority, flowid. it also carries the direction of the packet. it also makes bpf_hdr a multiple of 4 bytes, which simplifies some calculations a bit. it also requires no changes in userland because libpcap just thinks the extra bytes in the header are padding and skips over them to the payload. this helps me verify things like whether the stack and a network card agree about toeplitz hashes, and paves the way for doing more interesting packet captures. being able to see where a packet came from as it is leaving a machine is very useful. ok mpi@
Revision 1.68 / (download) - annotate - [select for diffs], Mon Sep 30 01:53:04 2019 UTC (4 years, 8 months ago) by dlg
Branch: MAIN
CVS Tags: OPENBSD_6_7_BASE,
OPENBSD_6_7,
OPENBSD_6_6_BASE,
OPENBSD_6_6
Changes since 1.67: +2 -3 lines
Diff to previous 1.67 (colored)
remove the "copy function" argument to bpf_mtap_hdr. it was previously (ab)used by pflog, which has since been fixed. apart from that nothing else used it, so we can trim the cruft. ok kn@ claudio@ visa@ visa@ also made sure i fixed ipw(4) so i386 won't break.
Revision 1.67 / (download) - annotate - [select for diffs], Thu Sep 12 01:17:38 2019 UTC (4 years, 9 months ago) by dlg
Branch: MAIN
Changes since 1.66: +2 -2 lines
Diff to previous 1.66 (colored)
make bpf_mtap_hdr take a const void *, not a caddr_t. this makes it easier to call at least, and makes it consistent with bpf_tap_hdr. ok stsp@ sashan@
Revision 1.66 / (download) - annotate - [select for diffs], Sun Mar 17 23:57:12 2019 UTC (5 years, 2 months ago) by dlg
Branch: MAIN
CVS Tags: OPENBSD_6_5_BASE,
OPENBSD_6_5
Changes since 1.65: +8 -1 lines
Diff to previous 1.65 (colored)
extend BIOCSFILDROP so it can be configured to not capture packets. this just provides the macros for the different values for BIOCGFILDROP and BIOCSFILDROP, the implementation behing them is coming. ok sthen@ mikeb@ claudio@ visa@
Revision 1.65 / (download) - annotate - [select for diffs], Sat Feb 3 13:37:37 2018 UTC (6 years, 4 months ago) by mpi
Branch: MAIN
CVS Tags: OPENBSD_6_4_BASE,
OPENBSD_6_4,
OPENBSD_6_3_BASE,
OPENBSD_6_3
Changes since 1.64: +2 -1 lines
Diff to previous 1.64 (colored)
Add support for dumping USB transfers via bpf(4) using USBPcap headers. ok deraadt@, dlg@
Revision 1.64 / (download) - annotate - [select for diffs], Thu Feb 1 12:10:27 2018 UTC (6 years, 4 months ago) by dlg
Branch: MAIN
Changes since 1.63: +2 -1 lines
Diff to previous 1.63 (colored)
add bpf_tap_hdr(), for handling a buffer (not an mbuf) with a header. internally it uses mbufs to handle the chain of buffers, but the caller doesnt have to deal with that or allocate a temporary buffer with the header attached. ok mpi@
Revision 1.63 / (download) - annotate - [select for diffs], Wed Jan 24 00:25:17 2018 UTC (6 years, 4 months ago) by dlg
Branch: MAIN
Changes since 1.62: +3 -1 lines
Diff to previous 1.62 (colored)
add support for bpf on "subsystems", not just network interfaces bpf assumed that it was being unconditionally attached to network interfaces, and maintained a pointer to a struct ifnet *. this was mostly used to get at the name of the interface, which is how userland asks to be attached to a particular interface. this diff adds a pointer to the name and uses it instead of the interface pointer for these lookups. this in turn allows bpf to be attached to arbitrary subsystems in the kernel which just have to supply a name rather than an interface pointer. for example, bpf could be attached to pf_test so you can see what packets are about to be filtered. mpi@ is using this to look at usb transfers. bpf still uses the interface pointer for bpfwrite, and for enabling and disabling promisc. however, these are nopped out for subsystems. ok mpi@
Revision 1.62 / (download) - annotate - [select for diffs], Wed Feb 22 09:56:03 2017 UTC (7 years, 3 months ago) by reyk
Branch: MAIN
CVS Tags: OPENBSD_6_2_BASE,
OPENBSD_6_2,
OPENBSD_6_1_BASE,
OPENBSD_6_1
Changes since 1.61: +2 -2 lines
Diff to previous 1.61 (colored)
The pcap people gave us ID 267 for DLT_OPENFLOW Via https://github.com/the-tcpdump-group/libpcap/issues/542 OK sthen@ jsg@
Revision 1.61 / (download) - annotate - [select for diffs], Thu Nov 17 15:41:14 2016 UTC (7 years, 6 months ago) by sthen
Branch: MAIN
Changes since 1.60: +16 -1 lines
Diff to previous 1.60 (colored)
Add DLT_USER1..15 with the same values as the upstream libpcap repository. Suggested by reyk@ as a quick fix to unbreak ports/net/wireshark.
Revision 1.60 / (download) - annotate - [select for diffs], Wed Nov 16 13:47:27 2016 UTC (7 years, 6 months ago) by reyk
Branch: MAIN
Changes since 1.59: +3 -1 lines
Diff to previous 1.59 (colored)
Add new DLT_OPENFLOW link-type to allow using tcpdump to debug switch(4), eg. tcpdump -y openflow -i switch0 Includes a minor bump for libpcap. Feedback and OK rzalamena@
Revision 1.59 / (download) - annotate - [select for diffs], Sun Oct 30 17:46:34 2016 UTC (7 years, 7 months ago) by phessler
Branch: MAIN
Changes since 1.58: +3 -1 lines
Diff to previous 1.58 (colored)
add __BEGIN_DECLS/__END_DECLS to the public userland side of net/bpf.h, so c++ programs can use them. OK jca@
Revision 1.58 / (download) - annotate - [select for diffs], Mon Sep 12 16:24:37 2016 UTC (7 years, 8 months ago) by krw
Branch: MAIN
Changes since 1.57: +1 -2 lines
Diff to previous 1.57 (colored)
bpf_tap() is long dead! Long live bpf_mtap() & friends. ok natano@ deraadt@
Revision 1.57 / (download) - annotate - [select for diffs], Sun Sep 11 13:57:57 2016 UTC (7 years, 9 months ago) by deraadt
Branch: MAIN
Changes since 1.56: +2 -3 lines
Diff to previous 1.56 (colored)
Remove #ifdef's for architectures of the past around SIZEOF_BPF_HDR This is still a mess. Why don't we just clean this up?
Revision 1.56 / (download) - annotate - [select for diffs], Tue May 10 23:48:07 2016 UTC (8 years, 1 month ago) by dlg
Branch: MAIN
CVS Tags: OPENBSD_6_0_BASE,
OPENBSD_6_0
Changes since 1.55: +5 -5 lines
Diff to previous 1.55 (colored)
make the bpf tap functions take const struct mbuf * this makes it more obvious that the bpf code should only read packets, never modify them. now possible because the paths that care about M_FILDROP set it after calling bpf_mtap. ok mpi@ visa@ deraadt@
Revision 1.55 / (download) - annotate - [select for diffs], Sun Apr 3 01:37:26 2016 UTC (8 years, 2 months ago) by dlg
Branch: MAIN
Changes since 1.54: +3 -2 lines
Diff to previous 1.54 (colored)
mark the packet buffer in bpf_filter as bounded by the pktlen arg ok guenther@
Revision 1.54 / (download) - annotate - [select for diffs], Sat Apr 2 09:05:16 2016 UTC (8 years, 2 months ago) by dlg
Branch: MAIN
Changes since 1.53: +2 -2 lines
Diff to previous 1.53 (colored)
mark the program and buffer as const in bpf_filter() other projects have already done this, and there's software (eg, gopacket) which now expects it. based on a discussion with jasper@ and canacar@ ok jasper@
Revision 1.53 / (download) - annotate - [select for diffs], Sat Apr 2 08:49:49 2016 UTC (8 years, 2 months ago) by dlg
Branch: MAIN
Changes since 1.52: +17 -1 lines
Diff to previous 1.52 (colored)
refactor bpf_filter a bit. the code was confusing around how it dealt with packets in mbufs vs plain memory buffers with a lenght. this renames bpf_filter to _bpf_filter, and changes it so the packet memory is referred to by an opaque pointer, and callers have to provide a set of operations to extra values from that opaque pointer. bpf_filter is now provided as a wrapper around _bpf_filter. it provides a set of operators that work on a straight buffer with a lenght. this also adds a bpf_mfilter function which takes an mbuf instead of a buffer, and it provides explicit operations for extracting values from mbufs. if we want to use bpf filters against other data structures (usb or scsi packets maybe?) we are able to provide functions for extracting payloads from them and use _bpf_filter as is. ok canacar@
Revision 1.52 / (download) - annotate - [select for diffs], Wed Mar 30 12:51:10 2016 UTC (8 years, 2 months ago) by dlg
Branch: MAIN
Changes since 1.51: +1 -3 lines
Diff to previous 1.51 (colored)
BIOCGQUEUE and BIOCSQUEUE are no more
Revision 1.51 / (download) - annotate - [select for diffs], Tue Mar 29 10:38:27 2016 UTC (8 years, 2 months ago) by dlg
Branch: MAIN
Changes since 1.50: +5 -5 lines
Diff to previous 1.50 (colored)
make bpf_mtap et al return whether the mbuf should be dropped ok mpi@
Revision 1.50 / (download) - annotate - [select for diffs], Wed Mar 9 16:32:19 2016 UTC (8 years, 3 months ago) by deraadt
Branch: MAIN
Changes since 1.49: +2 -2 lines
Diff to previous 1.49 (colored)
remove __vax__
Revision 1.49 / (download) - annotate - [select for diffs], Tue Jun 16 11:09:39 2015 UTC (8 years, 11 months ago) by mpi
Branch: MAIN
CVS Tags: OPENBSD_5_9_BASE,
OPENBSD_5_9,
OPENBSD_5_8_BASE,
OPENBSD_5_8
Changes since 1.48: +3 -1 lines
Diff to previous 1.48 (colored)
Store a unique ID, an interface index, rather than a pointer to the receiving interface in the packet header of every mbuf. The interface pointer should now be retrieved when necessary with if_get(). If a NULL pointer is returned by if_get(), the interface has probably been destroy/removed and the mbuf should be freed. Such mechanism will simplify garbage collection of mbufs and limit problems with dangling ifp pointers. Tested by jmatthew@ and krw@, discussed with many. ok mikeb@, bluhm@, dlg@
Revision 1.48 / (download) - annotate - [select for diffs], Tue Feb 10 00:53:55 2015 UTC (9 years, 4 months ago) by pelikan
Branch: MAIN
CVS Tags: OPENBSD_5_7_BASE,
OPENBSD_5_7
Changes since 1.47: +3 -1 lines
Diff to previous 1.47 (colored)
make bpf(4) able to filter based on a pf(4) queue ID for tcpdump -Q qname ALTQ version has been on tech@ for years, people were generally ok with it. ok henning
Revision 1.47 / (download) - annotate - [select for diffs], Tue Oct 7 11:16:23 2014 UTC (9 years, 8 months ago) by dlg
Branch: MAIN
Changes since 1.46: +1 -2 lines
Diff to previous 1.46 (colored)
when running bpf on an outgoing vlan interface that doesnt have a parent that doesnt offload the tag insertion, we need to chop the vlan subheader out before the filter is run, not after. this moves the mbuf surgery out from the bpf layer into the vlan layer. ok henning@ jmatthew@
Revision 1.46 / (download) - annotate - [select for diffs], Thu Jul 10 09:46:29 2014 UTC (9 years, 11 months ago) by henning
Branch: MAIN
CVS Tags: OPENBSD_5_6_BASE,
OPENBSD_5_6
Changes since 1.45: +2 -1 lines
Diff to previous 1.45 (colored)
introduce bpf_mcopy_stripvlan, which cuts the 4 extra bytes out of the ether_vlan_header to make it a regular ether_header while copying into the bpf buffer. add bpf_mtap_stripvlan, which is a 1-line wrapper around _bpf_mtap passing this copy function in. ok benno
Revision 1.45 / (download) - annotate - [select for diffs], Wed Jul 9 11:03:04 2014 UTC (9 years, 11 months ago) by henning
Branch: MAIN
Changes since 1.44: +1 -2 lines
Diff to previous 1.44 (colored)
tedu bpf_mtap_pflog(). now that it is a trivial wrapper around the extended bpf_mtap_hdr, we can use bpf_mtap_hdr directly. added benefit: pflog_bpfcopy doesn't need to be exported any more and can stay private to if_pflog.c ok benno bluhm reyk
Revision 1.44 / (download) - annotate - [select for diffs], Wed Jul 9 09:30:49 2014 UTC (9 years, 11 months ago) by henning
Branch: MAIN
Changes since 1.43: +2 -1 lines
Diff to previous 1.43 (colored)
bpf code surgery / shuffling / simplification. the various bpf_mtap_* are very similiar, they differ in what (and to some extent how) they prepend something, and what copy function they pass to bpf_catchpacket. use an internal _bpf_mtap as "backend" for bpf_mtap and friends. extend bpf_mtap_hdr so that it covers all common cases: if dlen is 0, nothing gets prepended. copy function can be given, if NULL the default bpf_mcopy is used. adjust the existing bpf_mtap_hdr users to pass a NULL ptr for the copy fn. re-implement bpf_mtap_af as simple wrapper for bpf_mtap_hdr. re-implement bpf_mtap_ether using bpf_map_hdr re-implement bpf_mtap_pflog as trivial bpf_mtap_hdr wrapper ok bluhm benno
Revision 1.43 / (download) - annotate - [select for diffs], Mon Mar 26 19:37:42 2012 UTC (12 years, 2 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_5_5_BASE,
OPENBSD_5_5,
OPENBSD_5_4_BASE,
OPENBSD_5_4,
OPENBSD_5_3_BASE,
OPENBSD_5_3,
OPENBSD_5_2_BASE,
OPENBSD_5_2
Changes since 1.42: +3 -1 lines
Diff to previous 1.42 (colored)
Add DLT_PPP_SERIAL and DLT_C_HDLC to bpf.h even though the system will not generate such packets but it helps porting applications that assume that these are available on any system. Requested by dhill long time ago.
Revision 1.42 / (download) - annotate - [select for diffs], Tue Jul 26 09:24:52 2011 UTC (12 years, 10 months ago) by martynas
Branch: MAIN
CVS Tags: OPENBSD_5_1_BASE,
OPENBSD_5_1,
OPENBSD_5_0_BASE,
OPENBSD_5_0
Changes since 1.41: +2 -2 lines
Diff to previous 1.41 (colored)
__arm32__ -> __arm__, since our new compiler isn't defining the former anymore. OK miod@.
Revision 1.41 / (download) - annotate - [select for diffs], Fri Oct 29 03:43:35 2010 UTC (13 years, 7 months ago) by canacar
Branch: MAIN
CVS Tags: OPENBSD_4_9_BASE,
OPENBSD_4_9
Changes since 1.40: +2 -2 lines
Diff to previous 1.40 (colored)
Align to 32-bits instead of sizeof(long) which may be bigger. There is no practical value of aligning things to 64-bit and waste more space then necessary on some architectures. ok deraadt@
Revision 1.40 / (download) - annotate - [select for diffs], Tue Sep 21 04:06:37 2010 UTC (13 years, 8 months ago) by henning
Branch: MAIN
Changes since 1.39: +2 -1 lines
Diff to previous 1.39 (colored)
pflog overhaul pflog was logging the "wrong" as in not yet rewritten (nat/rdr) addresses. to address this without making an extra copy of the mbuf chain: -introduce bpf_mtap_pflog, which is a 1:1 copy of bpf_mtap_hdr, except that it supplies bpf_catchpacket with pflog_bpfcopy as copy function instead of plain bcopy -said new shiny pflog_bpfcopy knows what a pflog packet looks like, copies everything into bpf's buffer, contructs a fake mbuf (which is allocated once at attach time and reused over and over) which points to the bpf buffer as data storage -call pf_setup_pdesc on said fake mbuf -then call pf_translate to rewrite the addresses as needed right in the bpf buffer this changes the pflog header as we have to pass the new addresses/ports around. relies on canacar's awesome work in libpcap to work olrite with the new, longer pflog header as well as with the old, shorter one. almost completely written at c2k10 in canada, finished here at j2k10 in japan. ok ryan dlg
Revision 1.39 / (download) - annotate - [select for diffs], Sat Jun 26 16:49:01 2010 UTC (13 years, 11 months ago) by henning
Branch: MAIN
CVS Tags: OPENBSD_4_8_BASE,
OPENBSD_4_8
Changes since 1.38: +1 -2 lines
Diff to previous 1.38 (colored)
bye bye DLT_OLD_PFLOG & friends. dead since 2003. 7 years oughta be enough ok ryan theo reyk
Revision 1.38 / (download) - annotate - [select for diffs], Mon Dec 22 12:13:13 2008 UTC (15 years, 5 months ago) by michele
Branch: MAIN
CVS Tags: OPENBSD_4_7_BASE,
OPENBSD_4_7,
OPENBSD_4_6_BASE,
OPENBSD_4_6,
OPENBSD_4_5_BASE,
OPENBSD_4_5
Changes since 1.37: +2 -2 lines
Diff to previous 1.37 (colored)
Change DLT_MPLS number. Use one assigned by tcpdump guys to keep things in sync with them. ok canacar@
Revision 1.37 / (download) - annotate - [select for diffs], Wed Nov 26 18:01:43 2008 UTC (15 years, 6 months ago) by dlg
Branch: MAIN
Changes since 1.36: +1 -4 lines
Diff to previous 1.36 (colored)
dont have bpf.h expose the kernel ticks variable wherever it is includeing. it is very confusing like this. ok deraadt@ canacar@
Revision 1.36 / (download) - annotate - [select for diffs], Sun Nov 9 15:08:26 2008 UTC (15 years, 7 months ago) by naddy
Branch: MAIN
Changes since 1.35: +2 -1 lines
Diff to previous 1.35 (colored)
Introduce bpf_mtap_ether(), which for the benefit of bpf listeners creates the VLAN encapsulation from the tag stored in the mbuf header. Idea from FreeBSD, input from claudio@ and canacar@. Switch all hardware VLAN enabled drivers to the new function. ok claudio@
Revision 1.35 / (download) - annotate - [select for diffs], Sun Jun 29 19:31:16 2008 UTC (15 years, 11 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_4_4_BASE,
OPENBSD_4_4
Changes since 1.34: +2 -2 lines
Diff to previous 1.34 (colored)
this stupid per-arch SIZEOF_BPF_HDR define is really really stupid, but for now add __sparc64__ to the list (ridiculous as it seems, but that is the best we know to do so far) ok miod
Revision 1.34 / (download) - annotate - [select for diffs], Tue May 6 13:33:50 2008 UTC (16 years, 1 month ago) by pyr
Branch: MAIN
Changes since 1.33: +2 -1 lines
Diff to previous 1.33 (colored)
bring in the mpe interface - for ``MPLS Provider Edge'' - this is a work in progress and some bits need to be cleaned up but will be in-tree for convenience. ok claudio@, norby@
Revision 1.33 / (download) - annotate - [select for diffs], Sat Mar 25 22:41:47 2006 UTC (18 years, 2 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_4_3_BASE,
OPENBSD_4_3,
OPENBSD_4_2_BASE,
OPENBSD_4_2,
OPENBSD_4_1_BASE,
OPENBSD_4_1,
OPENBSD_4_0_BASE,
OPENBSD_4_0
Changes since 1.32: +13 -5 lines
Diff to previous 1.32 (colored)
allow bpf(4) to ignore packets based on their direction (inbound or outbound), using a new BIOCSDIRFILT ioctl; guidance, feedback and ok canacar@
Revision 1.32 / (download) - annotate - [select for diffs], Thu Nov 3 20:00:18 2005 UTC (18 years, 7 months ago) by reyk
Branch: MAIN
CVS Tags: OPENBSD_3_9_BASE,
OPENBSD_3_9
Changes since 1.31: +4 -4 lines
Diff to previous 1.31 (colored)
re-implement the bpf "filter drop" option that it actually works. the bpf FILDROP interface exists for about one year but the required interface to the drivers was missing - so it was useless. this new approach based on a design by henning@ uses a new mbuf flag to mark filtered packets and to drop them in the generic network stack input routines (like ether_input). for example; after some additional testing, this could be used by dhclient to filter everything except DHCP packets (track tech@ for a corresponding dhclient diff). the "filter dropped" packets won't reach the network stack. so it's probably some kind of a very basic application layer packet filter ;). ok canacar@, discussed with henning@ and others
Revision 1.31 / (download) - annotate - [select for diffs], Sun Jul 31 03:52:18 2005 UTC (18 years, 10 months ago) by pascoe
Branch: MAIN
CVS Tags: OPENBSD_3_8_BASE,
OPENBSD_3_8
Changes since 1.30: +3 -1 lines
Diff to previous 1.30 (colored)
Introduce bpf_mtap_af and bpf_mtap_hdr to be used when passing a mbuf chain to bpf with either an address family or other header added. These helpers only allocate a much smaller struct m_hdr on the stack when needed, rather than leaving 256 byte struct mbufs on the stack in deep call paths. Also removes a fair bit of duplicated code. commit now, tune after deraadt@
Revision 1.30 / (download) - annotate - [select for diffs], Fri Jan 7 16:28:38 2005 UTC (19 years, 5 months ago) by reyk
Branch: MAIN
CVS Tags: OPENBSD_3_7_BASE,
OPENBSD_3_7
Changes since 1.29: +12 -1 lines
Diff to previous 1.29 (colored)
add support for BIOCGDLTLIST and BIOCSDLT, see bpf(4) ok canacar@, fgsch@, tested by some other people
Revision 1.29 / (download) - annotate - [select for diffs], Fri Dec 17 15:56:58 2004 UTC (19 years, 5 months ago) by reyk
Branch: MAIN
Changes since 1.28: +28 -28 lines
Diff to previous 1.28 (colored)
knf cleanup, convert old k&r-style functions to ansi-style for a consistent style in sys/net/bpf.c. ok henning@, "looks fine" canacar@
Revision 1.28 / (download) - annotate - [select for diffs], Tue Jun 22 04:04:19 2004 UTC (19 years, 11 months ago) by canacar
Branch: MAIN
CVS Tags: OPENBSD_3_6_BASE,
OPENBSD_3_6
Changes since 1.27: +5 -3 lines
Diff to previous 1.27 (colored)
Add a new "filter drop" flag to bpf and related ioclts. When enabled, it notifies the calling interface that the packet matches a bpf filter and should be dropped. ok henning@ markus@ frantzen@
Revision 1.12.4.9 / (download) - annotate - [select for diffs], Sat Jun 5 23:11:23 2004 UTC (20 years ago) by niklas
Branch: SMP
Changes since 1.12.4.8: +3 -2 lines
Diff to previous 1.12.4.8 (colored) to branchpoint 1.12 (colored) next main 1.13 (colored)
Merge with the trunk
Revision 1.27 / (download) - annotate - [select for diffs], Sun May 16 04:34:58 2004 UTC (20 years, 1 month ago) by brad
Branch: MAIN
CVS Tags: SMP_SYNC_B,
SMP_SYNC_A
Changes since 1.26: +2 -1 lines
Diff to previous 1.26 (colored)
add DLT_PPP_ETHER DLT type From NetBSD ok deraadt@
Revision 1.26 / (download) - annotate - [select for diffs], Mon Apr 26 08:10:10 2004 UTC (20 years, 1 month ago) by otto
Branch: MAIN
Changes since 1.25: +2 -2 lines
Diff to previous 1.25 (colored)
- make the k field in struct bpf_insn unsigned, as promised in the manual page. - more strict bpf code validation, preventing arbitrary kernel memory read and writes. Some help from frantzen@ and canacar@; testing jmc@ markus@; ok canacar@ henning@ franzen@
Revision 1.12.4.8 / (download) - annotate - [select for diffs], Thu Feb 19 10:57:20 2004 UTC (20 years, 3 months ago) by niklas
Branch: SMP
Changes since 1.12.4.7: +4 -1 lines
Diff to previous 1.12.4.7 (colored) to branchpoint 1.12 (colored)
Merge of current from two weeks agointo the SMP branch
Revision 1.25 / (download) - annotate - [select for diffs], Fri Feb 6 22:38:58 2004 UTC (20 years, 4 months ago) by tedu
Branch: MAIN
CVS Tags: OPENBSD_3_5_BASE,
OPENBSD_3_5
Changes since 1.24: +2 -2 lines
Diff to previous 1.24 (colored)
as seen in netbsd. crank bpf sizes to adapt to faster networks. max size goes to 2MB, default goes to 32k. ok canacar@ mcbride@
Revision 1.24 / (download) - annotate - [select for diffs], Wed Oct 22 18:42:40 2003 UTC (20 years, 7 months ago) by canacar
Branch: MAIN
Changes since 1.23: +3 -1 lines
Diff to previous 1.23 (colored)
Add locking and write filtering to bpf descriptors. Locking prevents dangerous ioctls such as changing the interface and sending signals to be executed by an unprivileged process. A filter can also be applied to packets injected through a bpf descriptor. These features allow programs using bpf descriptors to safely drop/seperate privileges. ok frantzen@ henning@ mcbride@
Revision 1.23 / (download) - annotate - [select for diffs], Mon Aug 25 08:16:41 2003 UTC (20 years, 9 months ago) by fgsch
Branch: MAIN
CVS Tags: OPENBSD_3_4_BASE,
OPENBSD_3_4
Changes since 1.22: +1 -0 lines
Diff to previous 1.22 (colored)
add DLT_IEEE802_11; deraadt@ ok.
Revision 1.12.4.7 / (download) - annotate - [select for diffs], Sat Jun 7 11:06:06 2003 UTC (21 years ago) by ho
Branch: SMP
Changes since 1.12.4.6: +2 -6 lines
Diff to previous 1.12.4.6 (colored) to branchpoint 1.12 (colored)
Sync SMP branch to -current
Revision 1.22 / (download) - annotate - [select for diffs], Mon Jun 2 23:28:11 2003 UTC (21 years ago) by millert
Branch: MAIN
Changes since 1.21: +2 -6 lines
Diff to previous 1.21 (colored)
Remove the advertising clause in the UCB license which Berkeley rescinded 22 July 1999. Proofed by myself and Theo.
Revision 1.17.4.2 / (download) - annotate - [select for diffs], Mon May 19 22:29:06 2003 UTC (21 years ago) by tedu
Branch: UBC
Changes since 1.17.4.1: +7 -5 lines
Diff to previous 1.17.4.1 (colored) to branchpoint 1.17 (colored) next main 1.18 (colored)
sync
Revision 1.12.4.6 / (download) - annotate - [select for diffs], Fri May 16 00:29:43 2003 UTC (21 years, 1 month ago) by niklas
Branch: SMP
Changes since 1.12.4.5: +2 -1 lines
Diff to previous 1.12.4.5 (colored) to branchpoint 1.12 (colored)
merge the trunk so we will get the genfs and locking fixes
Revision 1.21 / (download) - annotate - [select for diffs], Wed May 14 08:42:00 2003 UTC (21 years, 1 month ago) by canacar
Branch: MAIN
CVS Tags: UBC_SYNC_A
Changes since 1.20: +3 -2 lines
Diff to previous 1.20 (colored)
Use official (from pcap people) link type for pflog. With this change, the log header format also changes. The new log format is extendible and allows logging of the originating anchor and ruleset information. ok henning@ dhartmei@ frantzen@
Revision 1.12.4.5 / (download) - annotate - [select for diffs], Fri Mar 28 00:41:28 2003 UTC (21 years, 2 months ago) by niklas
Branch: SMP
Changes since 1.12.4.4: +4 -3 lines
Diff to previous 1.12.4.4 (colored) to branchpoint 1.12 (colored)
Sync the SMP branch with 3.3
Revision 1.20 / (download) - annotate - [select for diffs], Fri Nov 29 18:35:15 2002 UTC (21 years, 6 months ago) by henning
Branch: MAIN
CVS Tags: OPENBSD_3_3_BASE,
OPENBSD_3_3
Changes since 1.19: +4 -4 lines
Diff to previous 1.19 (colored)
minor KNF
Revision 1.19 / (download) - annotate - [select for diffs], Fri Nov 29 18:25:22 2002 UTC (21 years, 6 months ago) by mickey
Branch: MAIN
Changes since 1.18: +2 -1 lines
Diff to previous 1.18 (colored)
expose state table changes
Revision 1.17.4.1 / (download) - annotate - [select for diffs], Tue Jun 11 03:30:45 2002 UTC (22 years ago) by art
Branch: UBC
Changes since 1.17: +8 -8 lines
Diff to previous 1.17 (colored)
Sync UBC branch to -current
Revision 1.12.4.4 / (download) - annotate - [select for diffs], Thu Mar 28 14:57:36 2002 UTC (22 years, 2 months ago) by niklas
Branch: SMP
Changes since 1.12.4.3: +8 -8 lines
Diff to previous 1.12.4.3 (colored) to branchpoint 1.12 (colored)
Merge in -current from roughly a week ago
Revision 1.18 / (download) - annotate - [select for diffs], Thu Mar 14 01:27:09 2002 UTC (22 years, 3 months ago) by millert
Branch: MAIN
CVS Tags: UBC_SYNC_B,
OPENBSD_3_2_BASE,
OPENBSD_3_2,
OPENBSD_3_1_BASE,
OPENBSD_3_1
Changes since 1.17: +8 -8 lines
Diff to previous 1.17 (colored)
First round of __P removal in sys
Revision 1.12.4.3 / (download) - annotate - [select for diffs], Wed Oct 31 03:29:02 2001 UTC (22 years, 7 months ago) by nate
Branch: SMP
Changes since 1.12.4.2: +7 -2 lines
Diff to previous 1.12.4.2 (colored) to branchpoint 1.12 (colored)
Sync the SMP branch to something just after 3.0
Revision 1.17 / (download) - annotate - [select for diffs], Tue Oct 2 18:04:35 2001 UTC (22 years, 8 months ago) by deraadt
Branch: MAIN
CVS Tags: UBC_BASE,
OPENBSD_3_0_BASE,
OPENBSD_3_0
Branch point for: UBC
Changes since 1.16: +7 -2 lines
Diff to previous 1.16 (colored)
change timeval to bpf_timeval; 32 bit in size, permitting much greater portability
Revision 1.12.4.2 / (download) - annotate - [select for diffs], Wed Jul 4 10:53:51 2001 UTC (22 years, 11 months ago) by niklas
Branch: SMP
Changes since 1.12.4.1: +5 -2 lines
Diff to previous 1.12.4.1 (colored) to branchpoint 1.12 (colored)
Merge in -current from two days ago in the SMP branch. As usual with merges, they do not indicate progress, so do not hold your breath for working SMP, and do not mail me and ask about the state of it. It has not changed. There is work ongoing, but very, very slowly. The commit is done in parts as to not lock up the tree in too big chunks at a time.
Revision 1.16 / (download) - annotate - [select for diffs], Mon Jun 25 23:02:17 2001 UTC (22 years, 11 months ago) by provos
Branch: MAIN
Changes since 1.15: +2 -1 lines
Diff to previous 1.15 (colored)
extend the logging via a new link header type. export interface, direction, action and rule nr.
Revision 1.15 / (download) - annotate - [select for diffs], Sat Jun 9 06:16:37 2001 UTC (23 years ago) by angelos
Branch: MAIN
Changes since 1.14: +2 -2 lines
Diff to previous 1.14 (colored)
By popular demand, protect from multiple inclusion, and fix to use the same naming style.
Revision 1.14 / (download) - annotate - [select for diffs], Mon May 28 19:51:06 2001 UTC (23 years ago) by dugsong
Branch: MAIN
Changes since 1.13: +3 -1 lines
Diff to previous 1.13 (colored)
add BIOC[GS]HDRCMPLT ioctl for BPF, to disable overwriting of link level source address in forged frames. from NetBSD. art@ok
Revision 1.12.4.1 / (download) - annotate - [select for diffs], Mon May 14 22:39:59 2001 UTC (23 years, 1 month ago) by niklas
Branch: SMP
Changes since 1.12: +2 -24 lines
Diff to previous 1.12 (colored)
merge in approximately 2.9 into SMP branch
Revision 1.13 / (download) - annotate - [select for diffs], Mon Jun 19 03:00:54 2000 UTC (23 years, 11 months ago) by jason
Branch: MAIN
CVS Tags: OPENBSD_2_9_BASE,
OPENBSD_2_9,
OPENBSD_2_8_BASE,
OPENBSD_2_8
Changes since 1.12: +2 -24 lines
Diff to previous 1.12 (colored)
de-#ifdef-ize
Revision 1.12 / (download) - annotate - [select for diffs], Sun Aug 8 00:43:00 1999 UTC (24 years, 10 months ago) by niklas
Branch: MAIN
CVS Tags: kame_19991208,
SMP_BASE,
OPENBSD_2_7_BASE,
OPENBSD_2_7,
OPENBSD_2_6_BASE,
OPENBSD_2_6
Branch point for: SMP
Changes since 1.11: +2 -1 lines
Diff to previous 1.11 (colored)
Support detaching of network interfaces. Still work to do in ipf, and other families than inet.
Revision 1.11 / (download) - annotate - [select for diffs], Sun Jul 4 18:44:28 1999 UTC (24 years, 11 months ago) by brad
Branch: MAIN
Changes since 1.10: +4 -4 lines
Diff to previous 1.10 (colored)
fix link level type codes
Revision 1.10 / (download) - annotate - [select for diffs], Sun Jul 4 18:37:19 1999 UTC (24 years, 11 months ago) by espie
Branch: MAIN
Changes since 1.9: +3 -3 lines
Diff to previous 1.9 (colored)
Typos
Revision 1.9 / (download) - annotate - [select for diffs], Wed May 26 19:26:11 1999 UTC (25 years ago) by brad
Branch: MAIN
Changes since 1.8: +4 -1 lines
Diff to previous 1.8 (colored)
Implement DLT_RAW, DLT_{SLIP,PPP}_BSDOS from libpcap 0.4
Revision 1.8 / (download) - annotate - [select for diffs], Fri Jun 26 09:13:11 1998 UTC (25 years, 11 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_2_5_BASE,
OPENBSD_2_5,
OPENBSD_2_4_BASE,
OPENBSD_2_4
Changes since 1.7: +5 -2 lines
Diff to previous 1.7 (colored)
fix bpf select(); from mts@rare.net
Revision 1.7 / (download) - annotate - [select for diffs], Wed Jun 10 23:57:09 1998 UTC (26 years ago) by provos
Branch: MAIN
Changes since 1.6: +2 -1 lines
Diff to previous 1.6 (colored)
make the packets which were successfully processed by IPSec available to bpf via the enc0 interface, using linktype DLT_ENC.
Revision 1.6 / (download) - annotate - [select for diffs], Thu Jun 4 23:11:37 1998 UTC (26 years ago) by deraadt
Branch: MAIN
Changes since 1.5: +2 -1 lines
Diff to previous 1.5 (colored)
add DLT_LOOP support; 4-byte header indicates proto; cstone@pobox.com
Revision 1.5 / (download) - annotate - [select for diffs], Mon Mar 17 16:29:37 1997 UTC (27 years, 3 months ago) by niklas
Branch: MAIN
CVS Tags: OPENBSD_2_3_BASE,
OPENBSD_2_3,
OPENBSD_2_2_BASE,
OPENBSD_2_2,
OPENBSD_2_1_BASE,
OPENBSD_2_1
Changes since 1.4: +6 -6 lines
Diff to previous 1.4 (colored)
Removed static specifiers. Align bpf headers on sizeof(long) boundaries as it begins with a timeval struct. This fixes the alpha bpf panics. Removed double prototypes. Reordered includes. The last change came from NetBSD. Updated $NetBSD$ tags. Slight KNF too.
Revision 1.4 / (download) - annotate - [select for diffs], Fri Jul 12 07:57:41 1996 UTC (27 years, 11 months ago) by mickey
Branch: MAIN
CVS Tags: OPENBSD_2_0_BASE,
OPENBSD_2_0
Changes since 1.3: +7 -1 lines
Diff to previous 1.3 (colored)
refresh to the latest bpf code release.
Revision 1.3 / (download) - annotate - [select for diffs], Tue May 7 13:40:26 1996 UTC (28 years, 1 month ago) by deraadt
Branch: MAIN
Changes since 1.2: +11 -2 lines
Diff to previous 1.2 (colored)
gross BPF_HDR hack, do better
Revision 1.2 / (download) - annotate - [select for diffs], Sun Mar 3 21:07:02 1996 UTC (28 years, 3 months ago) by niklas
Branch: MAIN
Changes since 1.1: +2 -7 lines
Diff to previous 1.1 (colored)
From NetBSD: 960217 merge
Revision 1.1.1.1 / (download) - annotate - [select for diffs] (vendor branch), Wed Oct 18 08:53:05 1995 UTC (28 years, 8 months ago) by deraadt
CVS Tags: netbsd_1_1
Changes since 1.1: +0 -0 lines
Diff to previous 1.1 (colored)
initial import of NetBSD tree
Revision 1.1 / (download) - annotate - [select for diffs], Wed Oct 18 08:53:05 1995 UTC (28 years, 8 months ago) by deraadt
Branch: MAIN
Initial revision