Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 28 Aug 2006 12:39:31 +0530
From:      "Rajkumar S" <rajkumars@gmail.com>
To:        freebsd-net@freebsd.org
Subject:   Re: Netgraph plumbing question
Message-ID:  <64de5c8b0608280009r52aabb4cl11103635419b845d@mail.gmail.com>
In-Reply-To: <20060826144424.GC30165@rambler-co.ru>
References:  <64de5c8b0608250849p2912457cs84c227cc914d1f10@mail.gmail.com> <20060826144424.GC30165@rambler-co.ru>
next in thread | previous in thread | raw e-mail | index | archive | help 
On 8/26/06, Ruslan Ermilov <ru@freebsd.org> wrote:
> No, but it's trivial to set up ng_bpf(4) to do it.  Since the
> default BPF program will be non-matching, "ifNotMatch" action
> should be used.

Cool!!

While testing this I ran into some difficulty.

> # ngctl
> [...]
> + mkpeer bpf mixed mixed
> + name mixed bpf
> + conn bpf: in1 in1
> + conn bpf: in2 in2
> + conn bpf: out out

So far it's okay.

> + msg bpf: setprogram { thisHook="in1" ifNotMatch="mixed" }

This is not working, and I get an error:

ngctl: send msg: Invalid argument

2 days back, I was playing with bpf for testing packet filtering. I
was using c program for creating bpf nodes and connecting. So today I
wrote a test program to create the steps you have given using ngctl.
In that program also I am getting upto the "conn" commands. But the
msg commands fails. I have put my test program at
http://pastebin.ca/151630

The msg part is:
        struct ng_bpf_hookprog bpf_hookprog;

        bzero (&bpf_hookprog, sizeof(bpf_hookprog));
        strlcpy (bpf_hookprog.thisHook, "in1", sizeof (bpf_hookprog.thisHook));
        strlcpy (bpf_hookprog.ifNotMatch, "mixed", sizeof
(bpf_hookprog.ifNotMatch));
        if (NgSendMsg(cfd, "bpf:", NGM_GENERIC_COOKIE,
                      NGM_BPF_SET_PROGRAM, &bpf_hookprog,
sizeof(bpf_hookprog)) < 0) {
                perror ("Setup Hooks");
                return (-1);
        }
If I comment out this part then I get in ngctl list

  Name: bpf             Type: bpf             ID: 0000001c   Num hooks: 4
  Name: test_socket     Type: socket          ID: 0000001b   Num hooks: 4
  Name: ngctl775        Type: socket          ID: 00000011   Num hooks: 0
  Name: vr0             Type: ether           ID: 00000002   Num hooks: 0
  Name: rl0             Type: ether           ID: 00000001   Num hooks: 0

but if this code fragment is present then:
  Name: test_socket     Type: socket          ID: 0000001d   Num hooks: 0
  Name: ngctl775        Type: socket          ID: 00000011   Num hooks: 0
  Name: vr0             Type: ether           ID: 00000002   Num hooks: 0
  Name: rl0             Type: ether           ID: 00000001   Num hooks: 0

the bpf node is absent. I had tested creating a bpf filter also, but
running that also gives the same result. So this is the smallest code
fragment simulating the problem.

Thanks again to you and Julian for all the help.

raj

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?64de5c8b0608280009r52aabb4cl11103635419b845d>