Date: Wed, 25 Apr 2018 20:10:28 +0530 From: Reshad Patuck <reshadpatuck1@gmail.com> To: Eugene Grosbein <eugen@grosbein.net>,freebsd-net@freebsd.org Subject: Re: [netgraph] ng_bpf filter large list of IP addresses Message-ID: <EFFB436D-3A09-4D91-88F1-D641993BBED3@gmail.com> In-Reply-To: <5AC118E8.1020800@grosbein.net> References: <D4E00F05-F64D-4446-A572-E1A0E06B2C47@gmail.com> <5AC118E8.1020800@grosbein.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Hey, =E2=80=8B I have tried to write some c code to add a bpf filter to my ng_bpf node, b= ut its just segfaulting=2E My c is not good enough to debug this=2E =E2=80=8B What baffles me is that when I load a filter for 250 IP addresses using th= e command in this link https://paste=2Eee/d/BHOoG/3 it loads fine=2E If I use 'ngctl -f' with the file in this link https://paste=2Eee/d/BHOoG/= 2 I get an error saying 'ngctl: send msg: Invalid argument; ngctl: line 1: = error in file' The BPF filter and arguments in that command are exactly the same=2E =E2=80=8B My problem is that I need to load thousands of IP addresses in a blocking = filter, which I am not able to pass over a command line because the list be= comes too long and I hit either the kern=2Eargmax limit of 262144 bytes or = the LINE_MAX (2048) for ngctl=2E =E2=80=8B I can share the c code I am using to attempt this using NgSendAsciiMsg(), = but I don't think that would be too useful=2E =E2=80=8B I am open to hiring someone as a consultant to help write a program/script= preferably in python or c to accomplish this=2E If anyone can help with this or knows someone who can, please feel free to= contact me=2E =E2=80=8B Best regards, =E2=80=8B Reshad On 1 April 2018 11:07:44 PM IST, Eugene Grosbein <eugen@grosbein=2Enet> wr= ote: >31=2E03=2E2018 20:46, Reshad Patuck wrote: > =E2=80=8B >> Please let me know what I am doing wrong with the ngctl config file >and >> if there is another way, maybe something more direct to load a binary >bpf filter directly into ng_bpf=2E > >There is also netgraph(3) - Netgraph User Library=2E You can use it >within your C code >to send binary or text (ASCII) control messages directly to ng_bpf >without limitations >of ngctl's own parser=2E > >You can get an example of NgSendAsciiMsg() usage in ngctl's sources: > >https://svnweb=2Efreebsd=2Eorg/base/head/usr=2Esbin/ngctl/msg=2Ec?view=3D= markup
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?EFFB436D-3A09-4D91-88F1-D641993BBED3>