rendered paste body#include <stdio.h>#include <stdlib.h>#include <string.h>#include <errno.h>#include <unistd.h>#include <sys/types.h>#include <sys/socket.h>#include <net/bpf.h>#include <netgraph.h>#include <netgraph/ng_socket.h>#include <netgraph/ng_hole.h>#include <netgraph/ng_bpf.h>#include <pcap.h>/* * Init a bpf filter * Takes in a bpf_program and a filter */int create_bpf_filter (struct bpf_program *fp, char *filter_exp){ const int SNAP_LEN = 1518; pcap_t *handle; handle = pcap_open_dead(DLT_EN10MB, SNAP_LEN); if (handle == NULL){ fprintf (stderr, "Could not open device"); return (-1); } if (pcap_compile (handle, fp, filter_exp, 0, 0) < 0){ fprintf (stderr, "Could not compile filter"); return (-1); } pcap_close (handle); return (0);}/* * Connects node1:hook1 to node2:hook2 * cfd is the command socket. */int ng_connect (int *cfd, char *node1, char *hook1, char *node2, char *hook2){ struct ngm_connect ngc; char nodename[50]; snprintf(ngc.path, sizeof(ngc.path), "%s:", node2); snprintf(ngc.ourhook, sizeof(ngc.ourhook), "%s", hook1); snprintf(ngc.peerhook, sizeof(ngc.peerhook), "%s", hook2); snprintf (nodename, sizeof (nodename), "%s:", node1); if (NgSendMsg(*cfd, nodename, NGM_GENERIC_COOKIE, NGM_CONNECT, &ngc, sizeof(ngc)) < 0) { return (-1); } return (0);}int main (){ int dfd, cfd; char socket_name[] = "test_socket"; struct ngm_mkpeer mkp; char path[50]; int k = 0; /* bpf */ struct bpf_program fp; char filter_exp[] = "tcp port 80"; struct ng_bpf_hookprog *bpf_hookprog; struct bpf_insn *insn; /* Create the bpf filter first, exit if there are any problems */ if (create_bpf_filter (&fp, filter_exp) < 0) { printf ("Error compiling bpf expression, exiting\n"); return (-1); } if (NgMkSockNode(socket_name, &cfd, &dfd) < 0) { perror ("NgMkSockNode"); return (-1); } snprintf (mkp.type, sizeof(mkp.type), "%s", NG_BPF_NODE_TYPE); snprintf (mkp.ourhook, sizeof(mkp.ourhook), "%s", "lower"); snprintf (mkp.peerhook, sizeof(mkp.peerhook), "%s", "from_lower"); snprintf (path, sizeof (path), "%s:", "rl0"); if (NgSendMsg(cfd, path, NGM_GENERIC_COOKIE, NGM_MKPEER, &mkp, sizeof(mkp)) < 0) { perror ("create bpf"); return (-1); } snprintf (path, sizeof (path), "%s:%s", "rl0","lower"); NgNameNode(cfd, path, "bpf"); snprintf (mkp.type, sizeof(mkp.type), "%s", NG_HOLE_NODE_TYPE); snprintf (mkp.ourhook, sizeof(mkp.ourhook), "%s", "discard"); snprintf (mkp.peerhook, sizeof(mkp.peerhook), "%s", "discard"); snprintf (path, sizeof (path), "%s:", "bpf"); if (NgSendMsg(cfd, path, NGM_GENERIC_COOKIE, NGM_MKPEER, &mkp, sizeof(mkp)) < 0) { perror ("create hole"); return (-1); } snprintf (path, sizeof (path), "%s:%s", "bpf","discard"); NgNameNode(cfd, path, "sink"); ng_connect (&cfd, "rl0", "upper", "bpf", "to_upper"); bpf_hookprog = calloc (1, sizeof (struct ng_bpf_hookprog) + fp.bf_len * sizeof (struct bpf_insn)); bpf_hookprog->bpf_prog_len = fp.bf_len; printf ("fp.bf_len is %d\n", fp.bf_len); insn = fp.bf_insns; for (k=0; k < fp.bf_len; ++k,++insn){ memcpy ((bpf_hookprog->bpf_prog + k), insn, sizeof(insn)); printf ("code=%d\n", bpf_hookprog->bpf_prog[k].code); } sleep (25); printf ("Slept\n"); strlcpy (bpf_hookprog->thisHook, "from_lower", sizeof (bpf_hookprog->thisHook)); strlcpy (bpf_hookprog->ifNotMatch, "discard", sizeof (bpf_hookprog->ifNotMatch)); strlcpy (bpf_hookprog->ifMatch, "to_upper", sizeof (bpf_hookprog->ifMatch)); if (NgSendMsg(cfd, "bpf:", NGM_GENERIC_COOKIE, NGM_BPF_SET_PROGRAM, bpf_hookprog, (sizeof (struct ng_bpf_hookprog) + fp.bf_len * sizeof (struct bpf_insn))) < 0) { perror ("Setup bpf program"); return (-1); } sleep(100); return (0);}