Berkeley Packet Filter struct bpf_insn

StackOverflow https://stackoverflow.com/questions/8555691

  •  20-03-2021
  •  | 
  •  

Question

Can someone explain please how to set a filter using struct bpf_program member struct bpf_insn? All documentation and tutorials are welcome, for example what would be the struct bpf_insn if i want to filter for example dhcp, dns or ...?

Thanks for your help.

Was it helpful?

Solution

This tutorial uses struct bpf_program to create a filter program, not sure if that helps much but it's worth a look. (scroll down to the tcp bit).

http://www.enderunix.org/docs/en/rawipspoof/

OTHER TIPS

See also the original paper on BPF, which describes the BPF machine language in section 3.3 "The BPF Pseudo-Machine", and gives some examples of BPF programs in section 3.4 "Examples" and 3.5 "Parsing Packet Headers".

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top