Date: Mon, 04 Feb 2002 18:29:53 -0800 From: "Ronald F. Guilmette" <rfg@monkeys.com> To: freebsd-questions@freebsd.org Subject: Need a simple Berkeley Packet Filter state machine `program' Message-ID: <8743.1012876193@monkeys.com>
next in thread | raw e-mail | index | archive | help
Greetings, Is there anyone who is already well and truly familiar with BPF programming around here who might be willing to give me some help writing a small filter? Here's what I need... I need a BPF state machine program that will filter out all incoming packets on an interface _except_ ones that are _TCP_ packets and that have both the SYN and ACK bits set. All TCP packets with SYN+ACK set should be allowed through the filter. For extra credit, it would also be peachy if the filter program could also filter out and ignore any of those SYN+ACK TCP packets that come from sources IPv4 addresses that fall outside of a given block designated by two 32-bit quantities such as: unsigned long base_address; unsigned long netmask; where `base_address' would be some base IP address, already in network byte order, and where `netmask' would be a value like 0xffffff00 (but stored in network byte order) to indicate the whole /24 netblock starting at the address designated by `base_address'. I could probably figure out how to do this all myself, but my sense of it is that it would take me some time, and I'd have to look at a LOT of other BPF examples first. If somebody who is already fluent in the BPF state machine language could just give me the appropriate state-machine code, that would probably save me quite a lot of time. Thanks in advance. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?8743.1012876193>