From owner-freebsd-net@freebsd.org Wed Apr 25 14:40:35 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id D1EA8FA7BEA for ; Wed, 25 Apr 2018 14:40:34 +0000 (UTC) (envelope-from reshadpatuck1@gmail.com) Received: from mail-pf0-x22a.google.com (mail-pf0-x22a.google.com [IPv6:2607:f8b0:400e:c00::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 447FC7424E for ; Wed, 25 Apr 2018 14:40:34 +0000 (UTC) (envelope-from reshadpatuck1@gmail.com) Received: by mail-pf0-x22a.google.com with SMTP id z9so15411072pfe.6 for ; Wed, 25 Apr 2018 07:40:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=date:user-agent:in-reply-to:references:mime-version :content-transfer-encoding:subject:to:from:message-id; bh=nxXYQ1BDoSYN1cvmHzI02r0lOTcJ0tcY5sq3k27zObA=; b=fR/Yx15LyDDIhZdJ3QSxPg3CvTjEM+7JPhWPvFq6p9puMzR+O/pTY+k5mzOSlC0Yp5 G74thsZX2fJ1aiCe2R24uiRTXOuJoTTCL+RvFer6Ey4FlI76tcsNPN7NRVn1YIQoFUte xw7aQqRNjTF51VvOrDHdwGPK12THAfToD2f+p6JIFe4DoBllGWx/DSbI3R2lfyq035/G wyJqO1NaNCGbTdk2DRSulmiosQltPhSQFkzCrroSrZ7beh0itXrpfRGLgykCO/+U7+UW ArnLTzcQq9ddGEHe3VIEuKlZUegbyg8pSZSrSO/G8EbDnNaItvR4Zq/cluVeJMQOQ3uq 0geQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:user-agent:in-reply-to:references :mime-version:content-transfer-encoding:subject:to:from:message-id; bh=nxXYQ1BDoSYN1cvmHzI02r0lOTcJ0tcY5sq3k27zObA=; b=EBtFHuc1cYSCukOkvkW+XnuFMWK874eVrSKKU0I/A9+8elasZRF+K8pvgbgO/62qwW 5NpJEY561/TqDJQ7hzEf6ESm3oCejj7YKjvXyb9Lu66DcR+t3P63EQMNOSzTKA9rD4ne xCde4GTsHY9TrMwHNtrhF9GgORzBboqabG3Tl+b8DUUPHlJ/m7DIDo2xh4jkA1BxQc2E OLlZ7CF225KHa55lKcAbllSq1gMaVwS89BibFQRrd5emlzqNhAtei5OCIWO8KdJvaFNN KCmx1UBOWymKeQ9lptue8SqZCzhQhviBSANPR4GKwAp+EOBJhklUuvmRVLxiBWZrBsjh vvbA== X-Gm-Message-State: ALQs6tCuwf/JGtPC24AbfOqg9rVZ/q7i7MpNNwSw88TElNem9NhbKDad aRfMwmFJUVl1A6RQ0EqxhR8QlJvH X-Google-Smtp-Source: AB8JxZqwq8DhaHkkyPrPJn+tTphgjFXX37R+V7OOVqNxWFjg1DEIglVqBhsAzo1LeLs0uDhkA/MXpQ== X-Received: by 10.101.64.3 with SMTP id f3mr983622pgp.359.1524667233205; Wed, 25 Apr 2018 07:40:33 -0700 (PDT) Received: from ?IPv6:2402:3a80:692:53f6:5702:d4cf:57d:6cae? ([2402:3a80:692:53f6:5702:d4cf:57d:6cae]) by smtp.gmail.com with ESMTPSA id 85sm32206715pfz.155.2018.04.25.07.40.31 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 25 Apr 2018 07:40:32 -0700 (PDT) Date: Wed, 25 Apr 2018 20:10:28 +0530 User-Agent: K-9 Mail for Android In-Reply-To: <5AC118E8.1020800@grosbein.net> References: <5AC118E8.1020800@grosbein.net> MIME-Version: 1.0 Subject: Re: [netgraph] ng_bpf filter large list of IP addresses To: Eugene Grosbein ,freebsd-net@freebsd.org From: Reshad Patuck Message-ID: Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.25 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 25 Apr 2018 14:40:35 -0000 Hey, =E2=80=8B I have tried to write some c code to add a bpf filter to my ng_bpf node, b= ut its just segfaulting=2E My c is not good enough to debug this=2E =E2=80=8B What baffles me is that when I load a filter for 250 IP addresses using th= e command in this link https://paste=2Eee/d/BHOoG/3 it loads fine=2E If I use 'ngctl -f' with the file in this link https://paste=2Eee/d/BHOoG/= 2 I get an error saying 'ngctl: send msg: Invalid argument; ngctl: line 1: = error in file' The BPF filter and arguments in that command are exactly the same=2E =E2=80=8B My problem is that I need to load thousands of IP addresses in a blocking = filter, which I am not able to pass over a command line because the list be= comes too long and I hit either the kern=2Eargmax limit of 262144 bytes or = the LINE_MAX (2048) for ngctl=2E =E2=80=8B I can share the c code I am using to attempt this using NgSendAsciiMsg(), = but I don't think that would be too useful=2E =E2=80=8B I am open to hiring someone as a consultant to help write a program/script= preferably in python or c to accomplish this=2E If anyone can help with this or knows someone who can, please feel free to= contact me=2E =E2=80=8B Best regards, =E2=80=8B Reshad On 1 April 2018 11:07:44 PM IST, Eugene Grosbein wr= ote: >31=2E03=2E2018 20:46, Reshad Patuck wrote: > =E2=80=8B >> Please let me know what I am doing wrong with the ngctl config file >and >> if there is another way, maybe something more direct to load a binary >bpf filter directly into ng_bpf=2E > >There is also netgraph(3) - Netgraph User Library=2E You can use it >within your C code >to send binary or text (ASCII) control messages directly to ng_bpf >without limitations >of ngctl's own parser=2E > >You can get an example of NgSendAsciiMsg() usage in ngctl's sources: > >https://svnweb=2Efreebsd=2Eorg/base/head/usr=2Esbin/ngctl/msg=2Ec?view=3D= markup