Date: Wed, 9 Aug 1995 21:12:50 -0700 (PDT) From: "Rodney W. Grimes" <rgrimes@gndrsh.aac.dev.com> To: fenner@parc.xerox.com (Bill Fenner) Cc: freebsd-current@freebsd.org Subject: Re: Getting tcpdump to work with the BPF Message-ID: <199508100412.VAA00277@gndrsh.aac.dev.com> In-Reply-To: <95Aug9.203124pdt.177475@crevenia.parc.xerox.com> from "Bill Fenner" at Aug 9, 95 08:31:18 pm
next in thread | previous in thread | raw e-mail | index | archive | help
>
> In article <406pje$3tu@sol.ctr.columbia.edu>,
> Bill Paul <wpaul@ctr.columbia.edu> wrote:
> >You're not missing anything: it's the Intel EtherExpress 'ix' driver
> >that's missing something. It doesn't yet include BPF support.
>
> Although I know nothing about the EtherExpress in particular, I know what
> BPF needs; these patches *should* do the trick.
>
Except they fail to put the card into promiscous mode :-(.
Some one else has been passed work passed to me that had some rather serious
lock up bugs and is working on this. I hope they pick this bit up here,
as this looks rather clean as far as the tap off.
Putting in EEXP16 into and out of promiscous mode is no simple thing to
do though, and I am reasonably sure that is where the bugs in the other
patches sent to me are at.
And I can tell this patch has never been tested, you removed the
initialization of ``bytesleft'' which now creates an uninitialized,
but referenced variable at the line so market below.
> Bill
>
> --- if_ix.c.orig Thu Aug 10 03:06:30 1995
> +++ if_ix.c Thu Aug 10 03:26:52 1995
> @@ -67,7 +67,6 @@
> extern char all_es_snpa[], all_is_snpa[], all_l1is_snpa[], all_l2is_snpa[];
> #endif /* ISO */
>
> -/*ZZZ no work done on this, this is just here to remind me*/
> #include "bpfilter.h"
> #if NBPFILTER > 0
> #include <net/bpf.h>
> @@ -645,6 +644,9 @@
> bcopy(sc->arpcom.ac_enaddr, LLADDR(sdl), ETHER_ADDRESS_LENGTH);
> }
> printf("ix%d: address %s\n", unit, ether_sprintf(sc->arpcom.ac_enaddr));
> +#if NBPFILTER > 0
> + bpfattach(&sc->bpf, ifp, DLT_EN10MB, sizeof(struct ether_header));
> +#endif
> return(0);
> }
>
> @@ -1253,10 +1255,6 @@
> DEBUGDO(for (i = 0; i < 16; i ++) printf ("%02x", rb[i] & 0xFF);)
> DEBUGDO(printf(":");)
> DEBUGEND
> - /* trickery here, eh points right at memory on
> - * the board. eh is only used by ether_input,
> - * it is not passed to the upper layer */
> - eh = (struct ether_header *)rb;
>
> /* here we go, lets build an mbuf chain up to hold all this */
> MGETHDR(m, M_DONTWAIT, MT_DATA);
> @@ -1265,11 +1263,10 @@
> return;
> }
> m0 = m;
> + eh = mtod(m, struct ether_header *);
> length = rbd->act_count & RBD_STAT_SIZE;
> - bytesleft = length - sizeof(struct ether_header);
Okay, so bytesleft is now uninitialized.
> - rb += sizeof(struct ether_header);
> m->m_pkthdr.rcvif = ifp;
> - m->m_pkthdr.len = bytesleft;
> + m->m_pkthdr.len = length;
> m->m_len = MHLEN;
> while (bytesleft > 0) {
But clearly used :-(
> if (bytesleft > MINCLSIZE) {
> @@ -1298,6 +1295,35 @@
> }
> }
>
> +#if NBPFILTER > 0
> + /*
> + * Check if there's a BPF listener on this interface. If so, hand off
> + * the raw packet to bpf.
> + */
> + if (sc->bpf) {
> + bpf_mtap(sc->bpf, m);
> +
> + /*
> + * If we are in promiscuous mode, we have to check if
> + * this packet is really ours.
> + */
> + if ((sc->arpcom.ac_if.if_flags & IFF_PROMISC) &&
> + bcmp(eh->ether_dhost, sc->arpcom.ac_enaddr,
> + sizeof(eh->ether_dhost)) != 0 &&
> + !(eh->ether_dhost.ether_addr_octet[0] & 1)) {
> + m_freem(m);
> + return;
> + }
> + }
> +#endif
> +
> + /*
> + * Remove link layer address.
> + */
> + m->m_pkthdr.len -= sizeof(struct ether_header);
> + m->m_len -= sizeof(struct ether_header);
> + m->m_data += sizeof(struct ether_header);
> +
> ether_input(ifp, eh, m0);
> ifp->if_ipackets++;
> return;
> @@ -1419,6 +1445,14 @@
> tb += m_temp->m_len;
> length += m_temp->m_len;
> }
> +#if NBPFILTER > 0
> + /* This really wants to be done after the packet has been
> + * put on the wire, but this appears to be the easiest place
> + * to insert it.
> + */
> + if (sc->bpf)
> + bpf_mtap(sc->bpf, m);
> +#endif
> m_freem(m);
> if (length < ETHER_MIN_LENGTH) length = ETHER_MIN_LENGTH;
> #ifdef DIAGNOSTIC
>
--
Rod Grimes rgrimes@gndrsh.aac.dev.com
Accurate Automation Company Reliable computers for FreeBSD
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199508100412.VAA00277>