From owner-freebsd-net@FreeBSD.ORG  Thu Feb 15 21:51:48 2007
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
X-Original-To: freebsd-net@FreeBSD.org
Delivered-To: freebsd-net@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 6E84F16A420
	for <freebsd-net@FreeBSD.org>; Thu, 15 Feb 2007 21:51:48 +0000 (UTC)
	(envelope-from jkim@FreeBSD.org)
Received: from anuket.mj.niksun.com (gwnew.niksun.com [65.115.46.162])
	by mx1.freebsd.org (Postfix) with ESMTP id 36EE813C4A6
	for <freebsd-net@FreeBSD.org>; Thu, 15 Feb 2007 21:51:48 +0000 (UTC)
	(envelope-from jkim@FreeBSD.org)
Received: from niksun.com (anuket [10.70.0.5])
	by anuket.mj.niksun.com (8.13.6/8.13.6) with ESMTP id l1FLpcfN051211;
	Thu, 15 Feb 2007 16:51:38 -0500 (EST)
	(envelope-from jkim@FreeBSD.org)
From: Jung-uk Kim <jkim@FreeBSD.org>
To: freebsd-net@FreeBSD.org
Date: Thu, 15 Feb 2007 16:51:27 -0500
User-Agent: KMail/1.6.2
References: <200702141805.20228.jkim@FreeBSD.org>
	<20070215091702.GD20957@comp.chem.msu.su>
In-Reply-To: <20070215091702.GD20957@comp.chem.msu.su>
MIME-Version: 1.0
Content-Disposition: inline
Content-Type: text/plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Message-Id: <200702151651.35631.jkim@FreeBSD.org>
X-Virus-Scanned: ClamAV 0.88.6/2576/Thu Feb 15 12:05:25 2007 on
	anuket.mj.niksun.com
X-Virus-Status: Clean
Cc: Yar Tikhiy <yar@comp.chem.msu.su>
Subject: Re: [PATCH] BPF to support directions and more
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Feb 2007 21:51:48 -0000

On Thursday 15 February 2007 04:17 am, Yar Tikhiy wrote:
> On Wed, Feb 14, 2007 at 06:05:15PM -0500, Jung-uk Kim wrote:
> > I was playing with some BPF ideas for few days and I added two
> > new features.  SEESENT flag is extended to see only outgoing
> > packets, which is analogous to libpcap's PCAP_D_OUT direction. 
> > Thus SEESENT is now called DIRECTION.
>
> Any plans to teach BPF to report the direction a packet goes in?
> In some cases it can be unobvious whether it's incoming or
> outgoing.

No, not at the moment.  You can work around it by using the patch 
though.  Capture incoming packets with BPF_D_IN and outgoing packets 
with BPF_D_OUT.  If you want to merge them back, you can use mergecap 
utility from Wireshark.

Jung-uk Kim