From owner-freebsd-stable@FreeBSD.ORG Tue Oct 10 16:39:02 2006 Return-Path: X-Original-To: stable@freebsd.org Delivered-To: freebsd-stable@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id F24F616A412 for ; Tue, 10 Oct 2006 16:39:02 +0000 (UTC) (envelope-from dudu.meyer@gmail.com) Received: from ug-out-1314.google.com (ug-out-1314.google.com [66.249.92.170]) by mx1.FreeBSD.org (Postfix) with ESMTP id 233FB43D58 for ; Tue, 10 Oct 2006 16:38:55 +0000 (GMT) (envelope-from dudu.meyer@gmail.com) Received: by ug-out-1314.google.com with SMTP id m2so739625uge for ; Tue, 10 Oct 2006 09:38:43 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=KrnUBYPUXPoS+NHjp1XqcvIxLiYre/5hB2oWE6riHookC5TQzMMg4tUh1GLGA29yjbg/oV6B05KVk48vUqZ+xmylaBJffLs/ImR+XDTEXtRxGUDE9QVuFurELWmAjQt7eDsLGsQz5p2Nn/71tB0FFn3BsLF/6GjHO9FXGhF8VI0= Received: by 10.67.29.12 with SMTP id g12mr8454089ugj; Tue, 10 Oct 2006 09:38:43 -0700 (PDT) Received: by 10.66.248.4 with HTTP; Tue, 10 Oct 2006 09:38:43 -0700 (PDT) Message-ID: Date: Tue, 10 Oct 2006 13:38:43 -0300 From: "Eduardo Meyer" To: stable@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Cc: Subject: Netgraph - ng_bpf help (first experience) X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 10 Oct 2006 16:39:03 -0000 Hello, I tried asking it on freebsd-ipfw@ but I got no luck. Maybe because this is related to Netgraph and not ipfw essentially. I want to use ng_bpf to use ng_tag to use ipfw-tag. Looks like lego, where I have to assemble my toy, but I liked Lego when I was a child. Following ng_bpf(4) man page I ran this script: PATTERN="(ether[40:4]=0x134e5844 && ether[44:4]=0x6f6d6169 && ether[48:4]=0x6e0a)" NODEPATH="my_node:" INHOOK="hook1" MATCHHOOK="hook2" NOTMATCHHOOK="hook3" cat > /tmp/bpf.awk << xxENDxx { if (!init) { printf "bpf_prog_len=%d bpf_prog=[", \$1; init=1; } else { printf " { code=%d jt=%d jf=%d k=%d }", \$1, \$2, \$3, \$4; } } END { print " ]" } xxENDxx BPFPROG=`tcpdump -s 8192 -ddd ${PATTERN} | awk -f /tmp/bpf.awk` ngctl msg ${NODEPATH} setprogram { thisHook=\"${INHOOK}\" \ ifMatch=\"${MATCHHOOK}\" \ ifNotMatch=\"${NOTMATCHHOOK}\" \ ${BPFPROG} } } But I got this message: ngctl: send msg: No such file or directory I printed the full commands that returns the error, it is: ngctl msg setprogram { thisHook="" ifMatch="" ifNotMatch="" bpf_prog_len=8 bpf_prog=[ { code=32 jt=0 jf=0 k=40 } { code=21 jt=0 jf=5 k=323901508 } { code=32 jt=0 jf=0 k=44 } { code=21 jt=0 jf=3 k=1869439337 } { code=32 jt=0 jf=0 k=48 } { code=21 jt=0 jf=1 k=28170 } { code=6 jt=0 jf=0 k=8192 } { code=6 jt=0 jf=0 k=0 } ] } } Running tcpdump -s 8192 -ddd $PATTERN manually I get: 8 32 0 0 40 21 0 5 323901508 32 0 0 44 21 0 3 1869439337 32 0 0 48 21 0 1 28170 6 0 0 8192 6 0 0 0 Which looks that the ngctl data (code, kt, jf and k) are correct. But the command returns that error for some reason. The script was taken from ng_blf(4) man page. I am all new to this netgraph thing. Can anyone help me to find out what is rong? Thank you. -- =========== Eduardo Meyer pessoal: dudu.meyer@gmail.com profissional: ddm.farmaciap@saude.gov.br