This adds a new function that allows using the bpf compiler without
having a pcap open. One could argue that this and the existing compiler should be factored in common routines, but I was trying to make it clear that this wouldn't break the existing code. from Greg Troxel <gdt@ir.bbn.com>
This commit is contained in:
mcr
parent
45ac9150b7
commit
e660fb6947
50
gencode.c
50
gencode.c
|
|
@ -21,7 +21,7 @@
|
|||
*/
|
||||
#ifndef lint
|
||||
static const char rcsid[] =
|
||||
"@(#) $Header: /tcpdump/master/libpcap/gencode.c,v 1.99 1999-11-01 15:56:40 itojun Exp $ (LBL)";
|
||||
"@(#) $Header: /tcpdump/master/libpcap/gencode.c,v 1.100 1999-12-08 19:54:03 mcr Exp $ (LBL)";
|
||||
#endif
|
||||
|
||||
#include <sys/types.h>
|
||||
|
|
@ -316,6 +316,54 @@ pcap_compile(pcap_t *p, struct bpf_program *program,
|
|||
return (0);
|
||||
}
|
||||
|
||||
/*
|
||||
* entry point for using the compiler with no pcap open
|
||||
* pass in all the stuff that is needed explicitly instead.
|
||||
*/
|
||||
int
|
||||
pcap_compile_nopcap(int snaplen_arg, int linktype_arg,
|
||||
struct bpf_program *program,
|
||||
char *buf, int optimize, bpf_u_int32 mask)
|
||||
{
|
||||
extern int n_errors;
|
||||
int len;
|
||||
|
||||
n_errors = 0;
|
||||
root = NULL;
|
||||
bpf_pcap = NULL;
|
||||
if (setjmp(top_ctx)) {
|
||||
freechunks();
|
||||
return (-1);
|
||||
}
|
||||
|
||||
netmask = mask;
|
||||
|
||||
/* XXX needed? I don't grok the use of globals here. */
|
||||
snaplen = snaplen_arg;
|
||||
|
||||
lex_init(buf ? buf : "");
|
||||
init_linktype(linktype_arg);
|
||||
(void)pcap_parse();
|
||||
|
||||
if (n_errors)
|
||||
syntax();
|
||||
|
||||
if (root == NULL)
|
||||
root = gen_retblk(snaplen_arg);
|
||||
|
||||
if (optimize) {
|
||||
bpf_optimize(&root);
|
||||
if (root == NULL ||
|
||||
(root->s.code == (BPF_RET|BPF_K) && root->s.k == 0))
|
||||
bpf_error("expression rejects all packets");
|
||||
}
|
||||
program->bf_insns = icode_to_fcode(root, &len);
|
||||
program->bf_len = len;
|
||||
|
||||
freechunks();
|
||||
return (0);
|
||||
}
|
||||
|
||||
/*
|
||||
* Backpatch the blocks in 'list' to 'target'. The 'sense' field indicates
|
||||
* which of the jt and jf fields has been resolved and which is a pointer
|
||||
|
|
|
|||
9
pcap.3
9
pcap.3
|
|
@ -225,6 +225,15 @@ controls whether optimization on the resulting code is performed.
|
|||
.I netmask
|
||||
specifies the netmask of the local net.
|
||||
.PP
|
||||
.B pcap_compile_nopcap()
|
||||
is similar to
|
||||
.B pcap_compile()
|
||||
except that instead of passing a pcap structure, one passes the
|
||||
snaplen and linktype explicitly. It is intended to be used for
|
||||
compiling filters for direct bpf usage, without necessarily having
|
||||
called
|
||||
.BR pcap_open() .
|
||||
.PP
|
||||
.B pcap_setfilter()
|
||||
is used to specify a filter program.
|
||||
.I fp
|
||||
|
|
|
|||
4
pcap.h
4
pcap.h
|
|
@ -30,7 +30,7 @@
|
|||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* @(#) $Header: /tcpdump/master/libpcap/pcap.h,v 1.21 1999-10-07 23:46:40 mcr Exp $ (LBL)
|
||||
* @(#) $Header: /tcpdump/master/libpcap/pcap.h,v 1.22 1999-12-08 19:54:03 mcr Exp $ (LBL)
|
||||
*/
|
||||
|
||||
#ifndef lib_pcap_h
|
||||
|
|
@ -115,6 +115,8 @@ char *pcap_strerror(int);
|
|||
char *pcap_geterr(pcap_t *);
|
||||
int pcap_compile(pcap_t *, struct bpf_program *, char *, int,
|
||||
bpf_u_int32);
|
||||
int pcap_compile_nopcap(int, int, struct bpf_program *,
|
||||
char *, int, bpf_u_int32);
|
||||
/* XXX */
|
||||
int pcap_freecode(pcap_t *, struct bpf_program *);
|
||||
int pcap_datalink(pcap_t *);
|
||||
|
|
|
|||
Reference in New Issue