gencode.c (122029) | gencode.c (127667) |
---|---|
1/*#define CHASE_CHAIN*/ 2/* 3 * Copyright (c) 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997, 1998 4 * The Regents of the University of California. All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that: (1) source code distributions 8 * retain the above copyright notice and this paragraph in its entirety, (2) --- 5 unchanged lines hidden (view full) --- 14 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of 15 * the University nor the names of its contributors may be used to endorse 16 * or promote products derived from this software without specific prior 17 * written permission. 18 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED 19 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF 20 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. 21 * | 1/*#define CHASE_CHAIN*/ 2/* 3 * Copyright (c) 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997, 1998 4 * The Regents of the University of California. All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that: (1) source code distributions 8 * retain the above copyright notice and this paragraph in its entirety, (2) --- 5 unchanged lines hidden (view full) --- 14 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of 15 * the University nor the names of its contributors may be used to endorse 16 * or promote products derived from this software without specific prior 17 * written permission. 18 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED 19 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF 20 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. 21 * |
22 * $FreeBSD: head/contrib/libpcap/gencode.c 122029 2003-11-04 06:12:21Z green $ | 22 * $FreeBSD: head/contrib/libpcap/gencode.c 127667 2004-03-31 09:15:09Z bms $ |
23 */ 24#ifndef lint | 23 */ 24#ifndef lint |
25static const char rcsid[] = 26 "@(#) $Header: /tcpdump/master/libpcap/gencode.c,v 1.160 2001/11/30 07:25:48 guy Exp $ (LBL)"; | 25static const char rcsid[] _U_ = 26 "@(#) $Header: /tcpdump/master/libpcap/gencode.c,v 1.193.2.8 2004/03/29 20:53:47 guy Exp $ (LBL)"; |
27#endif 28 29#ifdef HAVE_CONFIG_H 30#include "config.h" 31#endif 32 | 27#endif 28 29#ifdef HAVE_CONFIG_H 30#include "config.h" 31#endif 32 |
33#ifdef WIN32 34#include <pcap-stdinc.h> 35#else /* WIN32 */ |
|
33#include <sys/types.h> 34#include <sys/socket.h> 35#include <sys/time.h> | 36#include <sys/types.h> 37#include <sys/socket.h> 38#include <sys/time.h> |
39#endif /* WIN32 */ 40 41/* 42 * XXX - why was this included even on UNIX? 43 */ 44#ifdef __MINGW32__ 45#include "IP6_misc.h" 46#endif 47 48#ifndef WIN32 49 |
|
36#ifdef __NetBSD__ 37#include <sys/param.h> 38#endif 39 | 50#ifdef __NetBSD__ 51#include <sys/param.h> 52#endif 53 |
40struct mbuf; 41struct rtentry; 42#include <net/if.h> 43 | |
44#include <netinet/in.h> 45 | 54#include <netinet/in.h> 55 |
56#endif /* WIN32 */ 57 |
|
46#include <stdlib.h> 47#include <string.h> 48#include <memory.h> 49#include <setjmp.h> 50#include <stdarg.h> 51 52#include "pcap-int.h" 53 54#include "ethertype.h" 55#include "nlpid.h" 56#include "llc.h" 57#include "gencode.h" | 58#include <stdlib.h> 59#include <string.h> 60#include <memory.h> 61#include <setjmp.h> 62#include <stdarg.h> 63 64#include "pcap-int.h" 65 66#include "ethertype.h" 67#include "nlpid.h" 68#include "llc.h" 69#include "gencode.h" |
70#include "atmuni31.h" 71#include "sunatmpos.h" |
|
58#include "ppp.h" 59#include "sll.h" 60#include "arcnet.h" | 72#include "ppp.h" 73#include "sll.h" 74#include "arcnet.h" |
61#include <pcap-namedb.h> | 75#include "pf.h" 76#ifndef offsetof 77#define offsetof(s, e) ((size_t)&((s *)0)->e) 78#endif |
62#ifdef INET6 | 79#ifdef INET6 |
63#include <netdb.h> 64#include <sys/socket.h> | 80#ifndef WIN32 81#include <netdb.h> /* for "struct addrinfo" */ 82#endif /* WIN32 */ |
65#endif /*INET6*/ | 83#endif /*INET6*/ |
84#include <pcap-namedb.h> |
|
66 67#undef ETHERMTU 68#define ETHERMTU 1500 69 70#ifndef IPPROTO_SCTP 71#define IPPROTO_SCTP 132 72#endif 73 74#ifdef HAVE_OS_PROTO_H 75#include "os-proto.h" 76#endif 77 78#define JMP(c) ((c)|BPF_JMP|BPF_K) 79 80/* Locals */ 81static jmp_buf top_ctx; 82static pcap_t *bpf_pcap; 83 84/* Hack for updating VLAN offsets. */ | 85 86#undef ETHERMTU 87#define ETHERMTU 1500 88 89#ifndef IPPROTO_SCTP 90#define IPPROTO_SCTP 132 91#endif 92 93#ifdef HAVE_OS_PROTO_H 94#include "os-proto.h" 95#endif 96 97#define JMP(c) ((c)|BPF_JMP|BPF_K) 98 99/* Locals */ 100static jmp_buf top_ctx; 101static pcap_t *bpf_pcap; 102 103/* Hack for updating VLAN offsets. */ |
85static u_int orig_linktype = -1, orig_nl = -1; | 104static u_int orig_linktype = -1, orig_nl = -1, orig_nl_nosnap = -1; |
86 87/* XXX */ 88#ifdef PCAP_FDDIPAD 89int pcap_fddipad = PCAP_FDDIPAD; 90#else 91int pcap_fddipad; 92#endif 93 --- 44 unchanged lines hidden (view full) --- 138static inline void syntax(void); 139 140static void backpatch(struct block *, struct block *); 141static void merge(struct block *, struct block *); 142static struct block *gen_cmp(u_int, u_int, bpf_int32); 143static struct block *gen_cmp_gt(u_int, u_int, bpf_int32); 144static struct block *gen_mcmp(u_int, u_int, bpf_int32, bpf_u_int32); 145static struct block *gen_bcmp(u_int, u_int, const u_char *); | 105 106/* XXX */ 107#ifdef PCAP_FDDIPAD 108int pcap_fddipad = PCAP_FDDIPAD; 109#else 110int pcap_fddipad; 111#endif 112 --- 44 unchanged lines hidden (view full) --- 157static inline void syntax(void); 158 159static void backpatch(struct block *, struct block *); 160static void merge(struct block *, struct block *); 161static struct block *gen_cmp(u_int, u_int, bpf_int32); 162static struct block *gen_cmp_gt(u_int, u_int, bpf_int32); 163static struct block *gen_mcmp(u_int, u_int, bpf_int32, bpf_u_int32); 164static struct block *gen_bcmp(u_int, u_int, const u_char *); |
165static struct block *gen_ncmp(bpf_u_int32, bpf_u_int32, bpf_u_int32, 166 bpf_u_int32, bpf_u_int32, int); |
|
146static struct block *gen_uncond(int); 147static inline struct block *gen_true(void); 148static inline struct block *gen_false(void); | 167static struct block *gen_uncond(int); 168static inline struct block *gen_true(void); 169static inline struct block *gen_false(void); |
170static struct block *gen_ether_linktype(int); |
|
149static struct block *gen_linktype(int); 150static struct block *gen_snap(bpf_u_int32, bpf_u_int32, u_int); | 171static struct block *gen_linktype(int); 172static struct block *gen_snap(bpf_u_int32, bpf_u_int32, u_int); |
173static struct block *gen_llc(int); |
|
151static struct block *gen_hostop(bpf_u_int32, bpf_u_int32, int, int, u_int, u_int); 152#ifdef INET6 153static struct block *gen_hostop6(struct in6_addr *, struct in6_addr *, int, int, u_int, u_int); 154#endif 155static struct block *gen_ahostop(const u_char *, int); 156static struct block *gen_ehostop(const u_char *, int); 157static struct block *gen_fhostop(const u_char *, int); 158static struct block *gen_thostop(const u_char *, int); | 174static struct block *gen_hostop(bpf_u_int32, bpf_u_int32, int, int, u_int, u_int); 175#ifdef INET6 176static struct block *gen_hostop6(struct in6_addr *, struct in6_addr *, int, int, u_int, u_int); 177#endif 178static struct block *gen_ahostop(const u_char *, int); 179static struct block *gen_ehostop(const u_char *, int); 180static struct block *gen_fhostop(const u_char *, int); 181static struct block *gen_thostop(const u_char *, int); |
159static struct block *gen_whostop(const u_char *, int); | 182static struct block *gen_wlanhostop(const u_char *, int); 183static struct block *gen_ipfchostop(const u_char *, int); |
160static struct block *gen_dnhostop(bpf_u_int32, int, u_int); 161static struct block *gen_host(bpf_u_int32, bpf_u_int32, int, int); 162#ifdef INET6 163static struct block *gen_host6(struct in6_addr *, struct in6_addr *, int, int); 164#endif 165#ifndef INET6 166static struct block *gen_gateway(const u_char *, bpf_u_int32 **, int, int); 167#endif --- 8 unchanged lines hidden (view full) --- 176struct block *gen_portop6(int, int, int); 177static struct block *gen_port6(int, int, int); 178#endif 179static int lookup_proto(const char *, int); 180static struct block *gen_protochain(int, int, int); 181static struct block *gen_proto(int, int, int); 182static struct slist *xfer_to_x(struct arth *); 183static struct slist *xfer_to_a(struct arth *); | 184static struct block *gen_dnhostop(bpf_u_int32, int, u_int); 185static struct block *gen_host(bpf_u_int32, bpf_u_int32, int, int); 186#ifdef INET6 187static struct block *gen_host6(struct in6_addr *, struct in6_addr *, int, int); 188#endif 189#ifndef INET6 190static struct block *gen_gateway(const u_char *, bpf_u_int32 **, int, int); 191#endif --- 8 unchanged lines hidden (view full) --- 200struct block *gen_portop6(int, int, int); 201static struct block *gen_port6(int, int, int); 202#endif 203static int lookup_proto(const char *, int); 204static struct block *gen_protochain(int, int, int); 205static struct block *gen_proto(int, int, int); 206static struct slist *xfer_to_x(struct arth *); 207static struct slist *xfer_to_a(struct arth *); |
208static struct block *gen_mac_multicast(int); |
|
184static struct block *gen_len(int, int); 185 | 209static struct block *gen_len(int, int); 210 |
211static struct block *gen_msg_abbrev(int type); 212 |
|
186static void * 187newchunk(n) 188 u_int n; 189{ 190 struct chunk *cp; | 213static void * 214newchunk(n) 215 u_int n; 216{ 217 struct chunk *cp; |
191 int k, size; | 218 int k; 219 size_t size; |
192 193#ifndef __NetBSD__ 194 /* XXX Round up to nearest long. */ 195 n = (n + sizeof(long) - 1) & ~(sizeof(long) - 1); 196#else 197 /* XXX Round up to structure boundary. */ 198 n = ALIGN(n); 199#endif 200 201 cp = &chunks[cur_chunk]; 202 if (n > cp->n_left) { 203 ++cp, k = ++cur_chunk; 204 if (k >= NCHUNKS) 205 bpf_error("out of memory"); 206 size = CHUNK0SIZE << k; 207 cp->m = (void *)malloc(size); | 220 221#ifndef __NetBSD__ 222 /* XXX Round up to nearest long. */ 223 n = (n + sizeof(long) - 1) & ~(sizeof(long) - 1); 224#else 225 /* XXX Round up to structure boundary. */ 226 n = ALIGN(n); 227#endif 228 229 cp = &chunks[cur_chunk]; 230 if (n > cp->n_left) { 231 ++cp, k = ++cur_chunk; 232 if (k >= NCHUNKS) 233 bpf_error("out of memory"); 234 size = CHUNK0SIZE << k; 235 cp->m = (void *)malloc(size); |
236 if (cp->m == NULL) 237 bpf_error("out of memory"); |
|
208 memset((char *)cp->m, 0, size); 209 cp->n_left = size; 210 if (n > size) 211 bpf_error("out of memory"); 212 } 213 cp->n_left -= n; 214 return (void *)((char *)cp->m + cp->n_left); 215} --- 83 unchanged lines hidden (view full) --- 299 bpf_pcap = p; 300 if (setjmp(top_ctx)) { 301 lex_cleanup(); 302 freechunks(); 303 return (-1); 304 } 305 306 netmask = mask; | 238 memset((char *)cp->m, 0, size); 239 cp->n_left = size; 240 if (n > size) 241 bpf_error("out of memory"); 242 } 243 cp->n_left -= n; 244 return (void *)((char *)cp->m + cp->n_left); 245} --- 83 unchanged lines hidden (view full) --- 329 bpf_pcap = p; 330 if (setjmp(top_ctx)) { 331 lex_cleanup(); 332 freechunks(); 333 return (-1); 334 } 335 336 netmask = mask; |
307 | 337 |
308 snaplen = pcap_snapshot(p); 309 if (snaplen == 0) { 310 snprintf(p->errbuf, PCAP_ERRBUF_SIZE, 311 "snaplen of 0 rejects all packets"); 312 return -1; 313 } 314 315 lex_init(buf ? buf : ""); --- 222 unchanged lines hidden (view full) --- 538 tmp = gen_cmp(offset, BPF_B, (bpf_int32)v[0]); 539 if (b != NULL) 540 gen_and(b, tmp); 541 b = tmp; 542 } 543 return b; 544} 545 | 338 snaplen = pcap_snapshot(p); 339 if (snaplen == 0) { 340 snprintf(p->errbuf, PCAP_ERRBUF_SIZE, 341 "snaplen of 0 rejects all packets"); 342 return -1; 343 } 344 345 lex_init(buf ? buf : ""); --- 222 unchanged lines hidden (view full) --- 568 tmp = gen_cmp(offset, BPF_B, (bpf_int32)v[0]); 569 if (b != NULL) 570 gen_and(b, tmp); 571 b = tmp; 572 } 573 return b; 574} 575 |
576static struct block * 577gen_ncmp(datasize, offset, mask, jtype, jvalue, reverse) 578 bpf_u_int32 datasize, offset, mask, jtype, jvalue; 579 int reverse; 580{ 581 struct slist *s; 582 struct block *b; 583 584 s = new_stmt(BPF_LD|datasize|BPF_ABS); 585 s->s.k = offset; 586 587 if (mask != 0xffffffff) { 588 s->next = new_stmt(BPF_ALU|BPF_AND|BPF_K); 589 s->next->s.k = mask; 590 } 591 592 b = new_block(JMP(jtype)); 593 b->stmts = s; 594 b->s.k = jvalue; 595 if (reverse && (jtype == BPF_JGT || jtype == BPF_JGE)) 596 gen_not(b); 597 return b; 598} 599 |
|
546/* 547 * Various code constructs need to know the layout of the data link | 600/* 601 * Various code constructs need to know the layout of the data link |
548 * layer. These variables give the necessary offsets. off_linktype 549 * is set to -1 for no encapsulation, in which case, IP is assumed. | 602 * layer. These variables give the necessary offsets. |
550 */ | 603 */ |
604 605/* 606 * This is the offset of the beginning of the MAC-layer header. 607 * It's usually 0, except for ATM LANE. 608 */ 609static u_int off_mac; 610 611/* 612 * "off_linktype" is the offset to information in the link-layer header 613 * giving the packet type. 614 * 615 * For Ethernet, it's the offset of the Ethernet type field. 616 * 617 * For link-layer types that always use 802.2 headers, it's the 618 * offset of the LLC header. 619 * 620 * For PPP, it's the offset of the PPP type field. 621 * 622 * For Cisco HDLC, it's the offset of the CHDLC type field. 623 * 624 * For BSD loopback, it's the offset of the AF_ value. 625 * 626 * For Linux cooked sockets, it's the offset of the type field. 627 * 628 * It's set to -1 for no encapsulation, in which case, IP is assumed. 629 */ |
|
551static u_int off_linktype; | 630static u_int off_linktype; |
631 632/* 633 * TRUE if the link layer includes an ATM pseudo-header. 634 */ 635static int is_atm = 0; 636 637/* 638 * TRUE if "lane" appeared in the filter; it causes us to generate 639 * code that assumes LANE rather than LLC-encapsulated traffic in SunATM. 640 */ 641static int is_lane = 0; 642 643/* 644 * These are offsets for the ATM pseudo-header. 645 */ 646static u_int off_vpi; 647static u_int off_vci; 648static u_int off_proto; 649 650/* 651 * This is the offset of the first byte after the ATM pseudo_header, 652 * or -1 if there is no ATM pseudo-header. 653 */ 654static u_int off_payload; 655 656/* 657 * These are offsets to the beginning of the network-layer header. 658 * 659 * If the link layer never uses 802.2 LLC: 660 * 661 * "off_nl" and "off_nl_nosnap" are the same. 662 * 663 * If the link layer always uses 802.2 LLC: 664 * 665 * "off_nl" is the offset if there's a SNAP header following 666 * the 802.2 header; 667 * 668 * "off_nl_nosnap" is the offset if there's no SNAP header. 669 * 670 * If the link layer is Ethernet: 671 * 672 * "off_nl" is the offset if the packet is an Ethernet II packet 673 * (we assume no 802.3+802.2+SNAP); 674 * 675 * "off_nl_nosnap" is the offset if the packet is an 802.3 packet 676 * with an 802.2 header following it. 677 */ |
|
552static u_int off_nl; | 678static u_int off_nl; |
679static u_int off_nl_nosnap; 680 |
|
553static int linktype; 554 555static void 556init_linktype(type) 557 int type; 558{ 559 linktype = type; 560 | 681static int linktype; 682 683static void 684init_linktype(type) 685 int type; 686{ 687 linktype = type; 688 |
689 /* 690 * Assume it's not raw ATM with a pseudo-header, for now. 691 */ 692 off_mac = 0; 693 is_atm = 0; 694 is_lane = 0; 695 off_vpi = -1; 696 off_vci = -1; 697 off_proto = -1; 698 off_payload = -1; 699 |
|
561 orig_linktype = -1; 562 orig_nl = -1; | 700 orig_linktype = -1; 701 orig_nl = -1; |
702 orig_nl_nosnap = -1; |
|
563 564 switch (type) { 565 566 case DLT_ARCNET: 567 off_linktype = 2; | 703 704 switch (type) { 705 706 case DLT_ARCNET: 707 off_linktype = 2; |
568 off_nl = 6; /* XXX in reality, variable! */ | 708 off_nl = 6; /* XXX in reality, variable! */ 709 off_nl_nosnap = 6; /* no 802.2 LLC */ |
569 return; 570 | 710 return; 711 |
712 case DLT_ARCNET_LINUX: 713 off_linktype = 4; 714 off_nl = 8; /* XXX in reality, variable! */ 715 off_nl_nosnap = 8; /* no 802.2 LLC */ 716 return; 717 |
|
571 case DLT_EN10MB: 572 off_linktype = 12; | 718 case DLT_EN10MB: 719 off_linktype = 12; |
573 off_nl = 14; | 720 off_nl = 14; /* Ethernet II */ 721 off_nl_nosnap = 17; /* 802.3+802.2 */ |
574 return; 575 576 case DLT_SLIP: 577 /* 578 * SLIP doesn't have a link level type. The 16 byte 579 * header is hacked into our SLIP driver. 580 */ 581 off_linktype = -1; 582 off_nl = 16; | 722 return; 723 724 case DLT_SLIP: 725 /* 726 * SLIP doesn't have a link level type. The 16 byte 727 * header is hacked into our SLIP driver. 728 */ 729 off_linktype = -1; 730 off_nl = 16; |
731 off_nl_nosnap = 16; /* no 802.2 LLC */ |
|
583 return; 584 585 case DLT_SLIP_BSDOS: 586 /* XXX this may be the same as the DLT_PPP_BSDOS case */ 587 off_linktype = -1; 588 /* XXX end */ 589 off_nl = 24; | 732 return; 733 734 case DLT_SLIP_BSDOS: 735 /* XXX this may be the same as the DLT_PPP_BSDOS case */ 736 off_linktype = -1; 737 /* XXX end */ 738 off_nl = 24; |
739 off_nl_nosnap = 24; /* no 802.2 LLC */ |
|
590 return; 591 592 case DLT_NULL: 593 case DLT_LOOP: 594 off_linktype = 0; 595 off_nl = 4; | 740 return; 741 742 case DLT_NULL: 743 case DLT_LOOP: 744 off_linktype = 0; 745 off_nl = 4; |
746 off_nl_nosnap = 4; /* no 802.2 LLC */ |
|
596 return; 597 | 747 return; 748 |
749 case DLT_ENC: 750 off_linktype = 0; 751 off_nl = 12; 752 off_nl_nosnap = 12; /* no 802.2 LLC */ 753 return; 754 |
|
598 case DLT_PPP: 599 case DLT_C_HDLC: /* BSD/OS Cisco HDLC */ 600 case DLT_PPP_SERIAL: /* NetBSD sync/async serial PPP */ 601 off_linktype = 2; 602 off_nl = 4; | 755 case DLT_PPP: 756 case DLT_C_HDLC: /* BSD/OS Cisco HDLC */ 757 case DLT_PPP_SERIAL: /* NetBSD sync/async serial PPP */ 758 off_linktype = 2; 759 off_nl = 4; |
760 off_nl_nosnap = 4; /* no 802.2 LLC */ |
|
603 return; 604 605 case DLT_PPP_ETHER: 606 /* 607 * This does no include the Ethernet header, and 608 * only covers session state. 609 */ 610 off_linktype = 6; 611 off_nl = 8; | 761 return; 762 763 case DLT_PPP_ETHER: 764 /* 765 * This does no include the Ethernet header, and 766 * only covers session state. 767 */ 768 off_linktype = 6; 769 off_nl = 8; |
770 off_nl_nosnap = 8; /* no 802.2 LLC */ |
|
612 return; 613 614 case DLT_PPP_BSDOS: 615 off_linktype = 5; 616 off_nl = 24; | 771 return; 772 773 case DLT_PPP_BSDOS: 774 off_linktype = 5; 775 off_nl = 24; |
776 off_nl_nosnap = 24; /* no 802.2 LLC */ |
|
617 return; 618 619 case DLT_FDDI: 620 /* 621 * FDDI doesn't really have a link-level type field. 622 * We set "off_linktype" to the offset of the LLC header. 623 * 624 * To check for Ethernet types, we assume that SSAP = SNAP 625 * is being used and pick out the encapsulated Ethernet type. 626 * XXX - should we generate code to check for SNAP? 627 */ 628 off_linktype = 13; 629#ifdef PCAP_FDDIPAD 630 off_linktype += pcap_fddipad; 631#endif | 777 return; 778 779 case DLT_FDDI: 780 /* 781 * FDDI doesn't really have a link-level type field. 782 * We set "off_linktype" to the offset of the LLC header. 783 * 784 * To check for Ethernet types, we assume that SSAP = SNAP 785 * is being used and pick out the encapsulated Ethernet type. 786 * XXX - should we generate code to check for SNAP? 787 */ 788 off_linktype = 13; 789#ifdef PCAP_FDDIPAD 790 off_linktype += pcap_fddipad; 791#endif |
632 off_nl = 21; | 792 off_nl = 21; /* FDDI+802.2+SNAP */ 793 off_nl_nosnap = 16; /* FDDI+802.2 */ |
633#ifdef PCAP_FDDIPAD 634 off_nl += pcap_fddipad; | 794#ifdef PCAP_FDDIPAD 795 off_nl += pcap_fddipad; |
796 off_nl_nosnap += pcap_fddipad; |
|
635#endif 636 return; 637 638 case DLT_IEEE802: 639 /* 640 * Token Ring doesn't really have a link-level type field. 641 * We set "off_linktype" to the offset of the LLC header. 642 * --- 12 unchanged lines hidden (view full) --- 655 * of the first byte of the source address, at an 656 * offset of 8, has the uppermost bit set. If the 657 * packet is source-routed, the total number of bytes 658 * of routing information is 2 plus bits 0x1F00 of 659 * the 16-bit value at an offset of 14 (shifted right 660 * 8 - figure out which byte that is). 661 */ 662 off_linktype = 14; | 797#endif 798 return; 799 800 case DLT_IEEE802: 801 /* 802 * Token Ring doesn't really have a link-level type field. 803 * We set "off_linktype" to the offset of the LLC header. 804 * --- 12 unchanged lines hidden (view full) --- 817 * of the first byte of the source address, at an 818 * offset of 8, has the uppermost bit set. If the 819 * packet is source-routed, the total number of bytes 820 * of routing information is 2 plus bits 0x1F00 of 821 * the 16-bit value at an offset of 14 (shifted right 822 * 8 - figure out which byte that is). 823 */ 824 off_linktype = 14; |
663 off_nl = 22; | 825 off_nl = 22; /* Token Ring+802.2+SNAP */ 826 off_nl_nosnap = 17; /* Token Ring+802.2 */ |
664 return; 665 666 case DLT_IEEE802_11: 667 /* 668 * 802.11 doesn't really have a link-level type field. 669 * We set "off_linktype" to the offset of the LLC header. 670 * 671 * To check for Ethernet types, we assume that SSAP = SNAP 672 * is being used and pick out the encapsulated Ethernet type. 673 * XXX - should we generate code to check for SNAP? 674 * 675 * XXX - the header is actually variable-length. We 676 * assume a 24-byte link-layer header, as appears in 677 * data frames in networks with no bridges. If the 678 * fromds and tods 802.11 header bits are both set, 679 * it's actually supposed to be 30 bytes. 680 */ 681 off_linktype = 24; | 827 return; 828 829 case DLT_IEEE802_11: 830 /* 831 * 802.11 doesn't really have a link-level type field. 832 * We set "off_linktype" to the offset of the LLC header. 833 * 834 * To check for Ethernet types, we assume that SSAP = SNAP 835 * is being used and pick out the encapsulated Ethernet type. 836 * XXX - should we generate code to check for SNAP? 837 * 838 * XXX - the header is actually variable-length. We 839 * assume a 24-byte link-layer header, as appears in 840 * data frames in networks with no bridges. If the 841 * fromds and tods 802.11 header bits are both set, 842 * it's actually supposed to be 30 bytes. 843 */ 844 off_linktype = 24; |
682 off_nl = 32; | 845 off_nl = 32; /* 802.11+802.2+SNAP */ 846 off_nl_nosnap = 27; /* 802.11+802.2 */ |
683 return; 684 685 case DLT_PRISM_HEADER: 686 /* 687 * Same as 802.11, but with an additional header before 688 * the 802.11 header, containing a bunch of additional 689 * information including radio-level information. 690 * 691 * The header is 144 bytes long. 692 * 693 * XXX - same variable-length header problem; at least 694 * the Prism header is fixed-length. 695 */ 696 off_linktype = 144+24; | 847 return; 848 849 case DLT_PRISM_HEADER: 850 /* 851 * Same as 802.11, but with an additional header before 852 * the 802.11 header, containing a bunch of additional 853 * information including radio-level information. 854 * 855 * The header is 144 bytes long. 856 * 857 * XXX - same variable-length header problem; at least 858 * the Prism header is fixed-length. 859 */ 860 off_linktype = 144+24; |
697 off_nl = 144+30; | 861 off_nl = 144+32; /* Prism+802.11+802.2+SNAP */ 862 off_nl_nosnap = 144+27; /* Prism+802.11+802.2 */ |
698 return; 699 | 863 return; 864 |
865 case DLT_IEEE802_11_RADIO_AVS: 866 /* 867 * Same as 802.11, but with an additional header before 868 * the 802.11 header, containing a bunch of additional 869 * information including radio-level information. 870 * 871 * The header is 64 bytes long, at least in its 872 * current incarnation. 873 * 874 * XXX - same variable-length header problem, only 875 * more so; this header is also variable-length, 876 * with the length being the 32-bit big-endian 877 * number at an offset of 4 from the beginning 878 * of the radio header. 879 */ 880 off_linktype = 64+24; 881 off_nl = 64+32; /* Radio+802.11+802.2+SNAP */ 882 off_nl_nosnap = 64+27; /* Radio+802.11+802.2 */ 883 return; 884 885 case DLT_IEEE802_11_RADIO: 886 /* 887 * Same as 802.11, but with an additional header before 888 * the 802.11 header, containing a bunch of additional 889 * information including radio-level information. 890 * 891 * XXX - same variable-length header problem, only 892 * even *more* so; this header is also variable-length, 893 * with the length being the 16-bit number at an offset 894 * of 2 from the beginning of the radio header, and it's 895 * device-dependent (different devices might supply 896 * different amounts of information), so we can't even 897 * assume a fixed length for the current version of the 898 * header. 899 * 900 * Therefore, currently, only raw "link[N:M]" filtering is 901 * supported. 902 */ 903 off_linktype = -1; 904 off_nl = -1; 905 off_nl_nosnap = -1; 906 return; 907 |
|
700 case DLT_ATM_RFC1483: | 908 case DLT_ATM_RFC1483: |
909 case DLT_ATM_CLIP: /* Linux ATM defines this */ |
|
701 /* 702 * assume routed, non-ISO PDUs 703 * (i.e., LLC = 0xAA-AA-03, OUT = 0x00-00-00) 704 */ | 910 /* 911 * assume routed, non-ISO PDUs 912 * (i.e., LLC = 0xAA-AA-03, OUT = 0x00-00-00) 913 */ |
705 off_linktype = 6; 706 off_nl = 8; | 914 off_linktype = 0; 915 off_nl = 8; /* 802.2+SNAP */ 916 off_nl_nosnap = 3; /* 802.2 */ |
707 return; 708 | 917 return; 918 |
919 case DLT_SUNATM: 920 /* 921 * Full Frontal ATM; you get AALn PDUs with an ATM 922 * pseudo-header. 923 */ 924 is_atm = 1; 925 off_vpi = SUNATM_VPI_POS; 926 off_vci = SUNATM_VCI_POS; 927 off_proto = PROTO_POS; 928 off_mac = -1; /* LLC-encapsulated, so no MAC-layer header */ 929 off_payload = SUNATM_PKT_BEGIN_POS; 930 off_linktype = off_payload; 931 off_nl = off_payload+8; /* 802.2+SNAP */ 932 off_nl_nosnap = off_payload+3; /* 802.2 */ 933 return; 934 |
|
709 case DLT_RAW: 710 off_linktype = -1; 711 off_nl = 0; | 935 case DLT_RAW: 936 off_linktype = -1; 937 off_nl = 0; |
938 off_nl_nosnap = 0; /* no 802.2 LLC */ |
|
712 return; 713 | 939 return; 940 |
714 case DLT_ATM_CLIP: /* Linux ATM defines this */ 715 off_linktype = 6; 716 off_nl = 8; 717 return; 718 | |
719 case DLT_LINUX_SLL: /* fake header for Linux cooked socket */ 720 off_linktype = 14; 721 off_nl = 16; | 941 case DLT_LINUX_SLL: /* fake header for Linux cooked socket */ 942 off_linktype = 14; 943 off_nl = 16; |
944 off_nl_nosnap = 16; /* no 802.2 LLC */ |
|
722 return; 723 724 case DLT_LTALK: 725 /* 726 * LocalTalk does have a 1-byte type field in the LLAP header, 727 * but really it just indicates whether there is a "short" or 728 * "long" DDP packet following. 729 */ 730 off_linktype = -1; 731 off_nl = 0; | 945 return; 946 947 case DLT_LTALK: 948 /* 949 * LocalTalk does have a 1-byte type field in the LLAP header, 950 * but really it just indicates whether there is a "short" or 951 * "long" DDP packet following. 952 */ 953 off_linktype = -1; 954 off_nl = 0; |
955 off_nl_nosnap = 0; /* no 802.2 LLC */ |
|
732 return; | 956 return; |
957 958 case DLT_IP_OVER_FC: 959 /* 960 * RFC 2625 IP-over-Fibre-Channel doesn't really have a 961 * link-level type field. We set "off_linktype" to the 962 * offset of the LLC header. 963 * 964 * To check for Ethernet types, we assume that SSAP = SNAP 965 * is being used and pick out the encapsulated Ethernet type. 966 * XXX - should we generate code to check for SNAP? RFC 967 * 2625 says SNAP should be used. 968 */ 969 off_linktype = 16; 970 off_nl = 24; /* IPFC+802.2+SNAP */ 971 off_nl_nosnap = 19; /* IPFC+802.2 */ 972 return; 973 974 case DLT_FRELAY: 975 /* 976 * XXX - we should set this to handle SNAP-encapsulated 977 * frames (NLPID of 0x80). 978 */ 979 off_linktype = -1; 980 off_nl = 0; 981 off_nl_nosnap = 0; /* no 802.2 LLC */ 982 return; 983 984 case DLT_APPLE_IP_OVER_IEEE1394: 985 off_linktype = 16; 986 off_nl = 18; 987 off_nl_nosnap = 0; /* no 802.2 LLC */ 988 return; 989 990 case DLT_LINUX_IRDA: 991 /* 992 * Currently, only raw "link[N:M]" filtering is supported. 993 */ 994 off_linktype = -1; 995 off_nl = -1; 996 off_nl_nosnap = -1; 997 return; 998 999 case DLT_PFLOG: 1000 off_linktype = 0; 1001 /* XXX read from header? */ 1002 off_nl = PFLOG_HDRLEN; 1003 off_nl_nosnap = PFLOG_HDRLEN; 1004 return; 1005 1006#ifdef DLT_PFSYNC 1007 case DLT_PFSYNC: 1008 off_linktype = -1; 1009 off_nl = 4; 1010 off_nl_nosnap = 4; 1011 return; 1012#endif |
|
733 } 734 bpf_error("unknown data link type %d", linktype); 735 /* NOTREACHED */ 736} 737 738static struct block * 739gen_uncond(rsense) 740 int rsense; --- 25 unchanged lines hidden (view full) --- 766 * Byte-swap a 32-bit number. 767 * ("htonl()" or "ntohl()" won't work - we want to byte-swap even on 768 * big-endian platforms.) 769 */ 770#define SWAPLONG(y) \ 771((((y)&0xff)<<24) | (((y)&0xff00)<<8) | (((y)&0xff0000)>>8) | (((y)>>24)&0xff)) 772 773static struct block * | 1013 } 1014 bpf_error("unknown data link type %d", linktype); 1015 /* NOTREACHED */ 1016} 1017 1018static struct block * 1019gen_uncond(rsense) 1020 int rsense; --- 25 unchanged lines hidden (view full) --- 1046 * Byte-swap a 32-bit number. 1047 * ("htonl()" or "ntohl()" won't work - we want to byte-swap even on 1048 * big-endian platforms.) 1049 */ 1050#define SWAPLONG(y) \ 1051((((y)&0xff)<<24) | (((y)&0xff00)<<8) | (((y)&0xff0000)>>8) | (((y)>>24)&0xff)) 1052 1053static struct block * |
774gen_linktype(proto) | 1054gen_ether_linktype(proto) |
775 register int proto; 776{ 777 struct block *b0, *b1; 778 | 1055 register int proto; 1056{ 1057 struct block *b0, *b1; 1058 |
779 switch (linktype) { | 1059 switch (proto) { |
780 | 1060 |
781 case DLT_EN10MB: 782 switch (proto) { | 1061 case LLCSAP_ISONS: 1062 /* 1063 * OSI protocols always use 802.2 encapsulation. 1064 * XXX - should we check both the DSAP and the 1065 * SSAP, like this, or should we check just the 1066 * DSAP? 1067 */ 1068 b0 = gen_cmp_gt(off_linktype, BPF_H, ETHERMTU); 1069 gen_not(b0); 1070 b1 = gen_cmp(off_linktype + 2, BPF_H, (bpf_int32) 1071 ((LLCSAP_ISONS << 8) | LLCSAP_ISONS)); 1072 gen_and(b0, b1); 1073 return b1; |
783 | 1074 |
784 case LLCSAP_ISONS: 785 /* 786 * OSI protocols always use 802.2 encapsulation. 787 * XXX - should we check both the DSAP and the 788 * SSAP, like this, or should we check just the 789 * DSAP? 790 */ 791 b0 = gen_cmp_gt(off_linktype, BPF_H, ETHERMTU); 792 gen_not(b0); 793 b1 = gen_cmp(off_linktype + 2, BPF_H, (bpf_int32) 794 ((LLCSAP_ISONS << 8) | LLCSAP_ISONS)); 795 gen_and(b0, b1); 796 return b1; | 1075 case LLCSAP_IP: 1076 b0 = gen_cmp_gt(off_linktype, BPF_H, ETHERMTU); 1077 gen_not(b0); 1078 b1 = gen_cmp(off_linktype + 2, BPF_H, (bpf_int32) 1079 ((LLCSAP_IP << 8) | LLCSAP_IP)); 1080 gen_and(b0, b1); 1081 return b1; |
797 | 1082 |
798 case LLCSAP_NETBEUI: 799 /* 800 * NetBEUI always uses 802.2 encapsulation. 801 * XXX - should we check both the DSAP and the 802 * SSAP, like this, or should we check just the 803 * DSAP? 804 */ 805 b0 = gen_cmp_gt(off_linktype, BPF_H, ETHERMTU); 806 gen_not(b0); 807 b1 = gen_cmp(off_linktype + 2, BPF_H, (bpf_int32) 808 ((LLCSAP_NETBEUI << 8) | LLCSAP_NETBEUI)); 809 gen_and(b0, b1); 810 return b1; | 1083 case LLCSAP_NETBEUI: 1084 /* 1085 * NetBEUI always uses 802.2 encapsulation. 1086 * XXX - should we check both the DSAP and the 1087 * SSAP, like this, or should we check just the 1088 * DSAP? 1089 */ 1090 b0 = gen_cmp_gt(off_linktype, BPF_H, ETHERMTU); 1091 gen_not(b0); 1092 b1 = gen_cmp(off_linktype + 2, BPF_H, (bpf_int32) 1093 ((LLCSAP_NETBEUI << 8) | LLCSAP_NETBEUI)); 1094 gen_and(b0, b1); 1095 return b1; |
811 | 1096 |
812 case LLCSAP_IPX: 813 /* 814 * Check for; 815 * 816 * Ethernet_II frames, which are Ethernet 817 * frames with a frame type of ETHERTYPE_IPX; 818 * 819 * Ethernet_802.3 frames, which are 802.3 820 * frames (i.e., the type/length field is 821 * a length field, <= ETHERMTU, rather than 822 * a type field) with the first two bytes 823 * after the Ethernet/802.3 header being 824 * 0xFFFF; 825 * 826 * Ethernet_802.2 frames, which are 802.3 827 * frames with an 802.2 LLC header and 828 * with the IPX LSAP as the DSAP in the LLC 829 * header; 830 * 831 * Ethernet_SNAP frames, which are 802.3 832 * frames with an LLC header and a SNAP 833 * header and with an OUI of 0x000000 834 * (encapsulated Ethernet) and a protocol 835 * ID of ETHERTYPE_IPX in the SNAP header. 836 * 837 * XXX - should we generate the same code both 838 * for tests for LLCSAP_IPX and for ETHERTYPE_IPX? 839 */ | 1097 case LLCSAP_IPX: 1098 /* 1099 * Check for; 1100 * 1101 * Ethernet_II frames, which are Ethernet 1102 * frames with a frame type of ETHERTYPE_IPX; 1103 * 1104 * Ethernet_802.3 frames, which are 802.3 1105 * frames (i.e., the type/length field is 1106 * a length field, <= ETHERMTU, rather than 1107 * a type field) with the first two bytes 1108 * after the Ethernet/802.3 header being 1109 * 0xFFFF; 1110 * 1111 * Ethernet_802.2 frames, which are 802.3 1112 * frames with an 802.2 LLC header and 1113 * with the IPX LSAP as the DSAP in the LLC 1114 * header; 1115 * 1116 * Ethernet_SNAP frames, which are 802.3 1117 * frames with an LLC header and a SNAP 1118 * header and with an OUI of 0x000000 1119 * (encapsulated Ethernet) and a protocol 1120 * ID of ETHERTYPE_IPX in the SNAP header. 1121 * 1122 * XXX - should we generate the same code both 1123 * for tests for LLCSAP_IPX and for ETHERTYPE_IPX? 1124 */ |
840 | 1125 |
841 /* 842 * This generates code to check both for the 843 * IPX LSAP (Ethernet_802.2) and for Ethernet_802.3. 844 */ 845 b0 = gen_cmp(off_linktype + 2, BPF_B, 846 (bpf_int32)LLCSAP_IPX); 847 b1 = gen_cmp(off_linktype + 2, BPF_H, 848 (bpf_int32)0xFFFF); 849 gen_or(b0, b1); | 1126 /* 1127 * This generates code to check both for the 1128 * IPX LSAP (Ethernet_802.2) and for Ethernet_802.3. 1129 */ 1130 b0 = gen_cmp(off_linktype + 2, BPF_B, (bpf_int32)LLCSAP_IPX); 1131 b1 = gen_cmp(off_linktype + 2, BPF_H, (bpf_int32)0xFFFF); 1132 gen_or(b0, b1); |
850 | 1133 |
851 /* 852 * Now we add code to check for SNAP frames with 853 * ETHERTYPE_IPX, i.e. Ethernet_SNAP. 854 */ 855 b0 = gen_snap(0x000000, ETHERTYPE_IPX, 14); 856 gen_or(b0, b1); | 1134 /* 1135 * Now we add code to check for SNAP frames with 1136 * ETHERTYPE_IPX, i.e. Ethernet_SNAP. 1137 */ 1138 b0 = gen_snap(0x000000, ETHERTYPE_IPX, 14); 1139 gen_or(b0, b1); |
857 | 1140 |
858 /* 859 * Now we generate code to check for 802.3 860 * frames in general. 861 */ 862 b0 = gen_cmp_gt(off_linktype, BPF_H, ETHERMTU); 863 gen_not(b0); | 1141 /* 1142 * Now we generate code to check for 802.3 1143 * frames in general. 1144 */ 1145 b0 = gen_cmp_gt(off_linktype, BPF_H, ETHERMTU); 1146 gen_not(b0); |
864 | 1147 |
865 /* 866 * Now add the check for 802.3 frames before the 867 * check for Ethernet_802.2 and Ethernet_802.3, 868 * as those checks should only be done on 802.3 869 * frames, not on Ethernet frames. 870 */ 871 gen_and(b0, b1); | 1148 /* 1149 * Now add the check for 802.3 frames before the 1150 * check for Ethernet_802.2 and Ethernet_802.3, 1151 * as those checks should only be done on 802.3 1152 * frames, not on Ethernet frames. 1153 */ 1154 gen_and(b0, b1); |
872 | 1155 |
873 /* 874 * Now add the check for Ethernet_II frames, and 875 * do that before checking for the other frame 876 * types. 877 */ 878 b0 = gen_cmp(off_linktype, BPF_H, 879 (bpf_int32)ETHERTYPE_IPX); 880 gen_or(b0, b1); 881 return b1; | 1156 /* 1157 * Now add the check for Ethernet_II frames, and 1158 * do that before checking for the other frame 1159 * types. 1160 */ 1161 b0 = gen_cmp(off_linktype, BPF_H, (bpf_int32)ETHERTYPE_IPX); 1162 gen_or(b0, b1); 1163 return b1; |
882 | 1164 |
883 case ETHERTYPE_ATALK: 884 case ETHERTYPE_AARP: 885 /* 886 * EtherTalk (AppleTalk protocols on Ethernet link 887 * layer) may use 802.2 encapsulation. 888 */ | 1165 case ETHERTYPE_ATALK: 1166 case ETHERTYPE_AARP: 1167 /* 1168 * EtherTalk (AppleTalk protocols on Ethernet link 1169 * layer) may use 802.2 encapsulation. 1170 */ |
889 | 1171 |
1172 /* 1173 * Check for 802.2 encapsulation (EtherTalk phase 2?); 1174 * we check for an Ethernet type field less than 1175 * 1500, which means it's an 802.3 length field. 1176 */ 1177 b0 = gen_cmp_gt(off_linktype, BPF_H, ETHERMTU); 1178 gen_not(b0); 1179 1180 /* 1181 * 802.2-encapsulated ETHERTYPE_ATALK packets are 1182 * SNAP packets with an organization code of 1183 * 0x080007 (Apple, for Appletalk) and a protocol 1184 * type of ETHERTYPE_ATALK (Appletalk). 1185 * 1186 * 802.2-encapsulated ETHERTYPE_AARP packets are 1187 * SNAP packets with an organization code of 1188 * 0x000000 (encapsulated Ethernet) and a protocol 1189 * type of ETHERTYPE_AARP (Appletalk ARP). 1190 */ 1191 if (proto == ETHERTYPE_ATALK) 1192 b1 = gen_snap(0x080007, ETHERTYPE_ATALK, 14); 1193 else /* proto == ETHERTYPE_AARP */ 1194 b1 = gen_snap(0x000000, ETHERTYPE_AARP, 14); 1195 gen_and(b0, b1); 1196 1197 /* 1198 * Check for Ethernet encapsulation (Ethertalk 1199 * phase 1?); we just check for the Ethernet 1200 * protocol type. 1201 */ 1202 b0 = gen_cmp(off_linktype, BPF_H, (bpf_int32)proto); 1203 1204 gen_or(b0, b1); 1205 return b1; 1206 1207 default: 1208 if (proto <= ETHERMTU) { |
|
890 /* | 1209 /* |
891 * Check for 802.2 encapsulation (EtherTalk phase 2?); 892 * we check for an Ethernet type field less than 893 * 1500, which means it's an 802.3 length field. | 1210 * This is an LLC SAP value, so the frames 1211 * that match would be 802.2 frames. 1212 * Check that the frame is an 802.2 frame 1213 * (i.e., that the length/type field is 1214 * a length field, <= ETHERMTU) and 1215 * then check the DSAP. |
894 */ 895 b0 = gen_cmp_gt(off_linktype, BPF_H, ETHERMTU); 896 gen_not(b0); | 1216 */ 1217 b0 = gen_cmp_gt(off_linktype, BPF_H, ETHERMTU); 1218 gen_not(b0); |
897 898 /* 899 * 802.2-encapsulated ETHERTYPE_ATALK packets are 900 * SNAP packets with an organization code of 901 * 0x080007 (Apple, for Appletalk) and a protocol 902 * type of ETHERTYPE_ATALK (Appletalk). 903 * 904 * 802.2-encapsulated ETHERTYPE_AARP packets are 905 * SNAP packets with an organization code of 906 * 0x000000 (encapsulated Ethernet) and a protocol 907 * type of ETHERTYPE_AARP (Appletalk ARP). 908 */ 909 if (proto == ETHERTYPE_ATALK) 910 b1 = gen_snap(0x080007, ETHERTYPE_ATALK, 14); 911 else /* proto == ETHERTYPE_AARP */ 912 b1 = gen_snap(0x000000, ETHERTYPE_AARP, 14); | 1219 b1 = gen_cmp(off_linktype + 2, BPF_B, (bpf_int32)proto); |
913 gen_and(b0, b1); | 1220 gen_and(b0, b1); |
914 | 1221 return b1; 1222 } else { |
915 /* | 1223 /* |
916 * Check for Ethernet encapsulation (Ethertalk 917 * phase 1?); we just check for the Ethernet 918 * protocol type. | 1224 * This is an Ethernet type, so compare 1225 * the length/type field with it (if 1226 * the frame is an 802.2 frame, the length 1227 * field will be <= ETHERMTU, and, as 1228 * "proto" is > ETHERMTU, this test 1229 * will fail and the frame won't match, 1230 * which is what we want). |
919 */ | 1231 */ |
920 b0 = gen_cmp(off_linktype, BPF_H, (bpf_int32)proto); | 1232 return gen_cmp(off_linktype, BPF_H, (bpf_int32)proto); 1233 } 1234 } 1235} |
921 | 1236 |
922 gen_or(b0, b1); 923 return b1; | 1237static struct block * 1238gen_linktype(proto) 1239 register int proto; 1240{ 1241 struct block *b0, *b1, *b2; |
924 | 1242 |
1243 switch (linktype) { 1244 1245 case DLT_EN10MB: 1246 return gen_ether_linktype(proto); 1247 break; 1248 1249 case DLT_C_HDLC: 1250 switch (proto) { 1251 1252 case LLCSAP_ISONS: 1253 proto = (proto << 8 | LLCSAP_ISONS); 1254 /* fall through */ 1255 |
|
925 default: | 1256 default: |
926 if (proto <= ETHERMTU) { 927 /* 928 * This is an LLC SAP value, so the frames 929 * that match would be 802.2 frames. 930 * Check that the frame is an 802.2 frame 931 * (i.e., that the length/type field is 932 * a length field, <= ETHERMTU) and 933 * then check the DSAP. 934 */ 935 b0 = gen_cmp_gt(off_linktype, BPF_H, ETHERMTU); 936 gen_not(b0); 937 b1 = gen_cmp(off_linktype + 2, BPF_B, 938 (bpf_int32)proto); 939 gen_and(b0, b1); 940 return b1; 941 } else { 942 /* 943 * This is an Ethernet type, so compare 944 * the length/type field with it (if 945 * the frame is an 802.2 frame, the length 946 * field will be <= ETHERMTU, and, as 947 * "proto" is > ETHERMTU, this test 948 * will fail and the frame won't match, 949 * which is what we want). 950 */ 951 return gen_cmp(off_linktype, BPF_H, 952 (bpf_int32)proto); 953 } | 1257 return gen_cmp(off_linktype, BPF_H, (bpf_int32)proto); 1258 break; |
954 } 955 break; 956 957 case DLT_IEEE802_11: | 1259 } 1260 break; 1261 1262 case DLT_IEEE802_11: |
958 return gen_snap(0x000000, proto, off_linktype); | |
959 case DLT_PRISM_HEADER: | 1263 case DLT_PRISM_HEADER: |
1264 case DLT_IEEE802_11_RADIO: |
|
960 case DLT_FDDI: 961 case DLT_IEEE802: 962 case DLT_ATM_RFC1483: 963 case DLT_ATM_CLIP: | 1265 case DLT_FDDI: 1266 case DLT_IEEE802: 1267 case DLT_ATM_RFC1483: 1268 case DLT_ATM_CLIP: |
1269 case DLT_IP_OVER_FC: 1270 return gen_llc(proto); 1271 break; 1272 1273 case DLT_SUNATM: |
|
964 /* | 1274 /* |
965 * XXX - handle token-ring variable-length header. | 1275 * If "is_lane" is set, check for a LANE-encapsulated 1276 * version of this protocol, otherwise check for an 1277 * LLC-encapsulated version of this protocol. 1278 * 1279 * We assume LANE means Ethernet, not Token Ring. |
966 */ | 1280 */ |
967 switch (proto) { 968 969 case LLCSAP_ISONS: 970 return gen_cmp(off_linktype, BPF_H, (long) 971 ((LLCSAP_ISONS << 8) | LLCSAP_ISONS)); 972 973 case LLCSAP_NETBEUI: 974 return gen_cmp(off_linktype, BPF_H, (long) 975 ((LLCSAP_NETBEUI << 8) | LLCSAP_NETBEUI)); 976 977 case LLCSAP_IPX: | 1281 if (is_lane) { |
978 /* | 1282 /* |
979 * XXX - are there ever SNAP frames for IPX on 980 * non-Ethernet 802.x networks? | 1283 * Check that the packet doesn't begin with an 1284 * LE Control marker. (We've already generated 1285 * a test for LANE.) |
981 */ | 1286 */ |
982 return gen_cmp(off_linktype, BPF_B, 983 (bpf_int32)LLCSAP_IPX); | 1287 b0 = gen_cmp(SUNATM_PKT_BEGIN_POS, BPF_H, 0xFF00); 1288 gen_not(b0); |
984 | 1289 |
985 case ETHERTYPE_ATALK: | |
986 /* | 1290 /* |
987 * 802.2-encapsulated ETHERTYPE_ATALK packets are 988 * SNAP packets with an organization code of 989 * 0x080007 (Apple, for Appletalk) and a protocol 990 * type of ETHERTYPE_ATALK (Appletalk). 991 * 992 * XXX - check for an organization code of 993 * encapsulated Ethernet as well? | 1291 * Now generate an Ethernet test. |
994 */ | 1292 */ |
995 return gen_snap(0x080007, ETHERTYPE_ATALK, 996 off_linktype); 997 break; 998 999 default: | 1293 b1 = gen_ether_linktype(proto); 1294 gen_and(b0, b1); 1295 return b1; 1296 } else { |
1000 /* | 1297 /* |
1001 * XXX - we don't have to check for IPX 802.3 1002 * here, but should we check for the IPX Ethertype? | 1298 * Check for LLC encapsulation and then check the 1299 * protocol. |
1003 */ | 1300 */ |
1004 if (proto <= ETHERMTU) { 1005 /* 1006 * This is an LLC SAP value, so check 1007 * the DSAP. 1008 */ 1009 return gen_cmp(off_linktype, BPF_B, 1010 (bpf_int32)proto); 1011 } else { 1012 /* 1013 * This is an Ethernet type; we assume 1014 * that it's unlikely that it'll 1015 * appear in the right place at random, 1016 * and therefore check only the 1017 * location that would hold the Ethernet 1018 * type in a SNAP frame with an organization 1019 * code of 0x000000 (encapsulated Ethernet). 1020 * 1021 * XXX - if we were to check for the SNAP DSAP 1022 * and LSAP, as per XXX, and were also to check 1023 * for an organization code of 0x000000 1024 * (encapsulated Ethernet), we'd do 1025 * 1026 * return gen_snap(0x000000, proto, 1027 * off_linktype); 1028 * 1029 * here; for now, we don't, as per the above. 1030 * I don't know whether it's worth the 1031 * extra CPU time to do the right check 1032 * or not. 1033 */ 1034 return gen_cmp(off_linktype+6, BPF_H, 1035 (bpf_int32)proto); 1036 } | 1301 b0 = gen_atmfield_code(A_PROTOTYPE, PT_LLC, BPF_JEQ, 0); 1302 b1 = gen_llc(proto); 1303 gen_and(b0, b1); 1304 return b1; |
1037 } | 1305 } |
1038 break; | |
1039 1040 case DLT_LINUX_SLL: 1041 switch (proto) { 1042 | 1306 1307 case DLT_LINUX_SLL: 1308 switch (proto) { 1309 |
1310 case LLCSAP_IP: 1311 b0 = gen_cmp(off_linktype, BPF_H, LINUX_SLL_P_802_2); 1312 b1 = gen_cmp(off_linktype + 2, BPF_H, (bpf_int32) 1313 ((LLCSAP_IP << 8) | LLCSAP_IP)); 1314 gen_and(b0, b1); 1315 return b1; 1316 |
|
1043 case LLCSAP_ISONS: 1044 /* 1045 * OSI protocols always use 802.2 encapsulation. 1046 * XXX - should we check both the DSAP and the 1047 * LSAP, like this, or should we check just the 1048 * DSAP? 1049 */ 1050 b0 = gen_cmp(off_linktype, BPF_H, LINUX_SLL_P_802_2); --- 168 unchanged lines hidden (view full) --- 1219 case DLT_PPP_ETHER: 1220 /* 1221 * We use Ethernet protocol types inside libpcap; 1222 * map them to the corresponding PPP protocol types. 1223 */ 1224 switch (proto) { 1225 1226 case ETHERTYPE_IP: | 1317 case LLCSAP_ISONS: 1318 /* 1319 * OSI protocols always use 802.2 encapsulation. 1320 * XXX - should we check both the DSAP and the 1321 * LSAP, like this, or should we check just the 1322 * DSAP? 1323 */ 1324 b0 = gen_cmp(off_linktype, BPF_H, LINUX_SLL_P_802_2); --- 168 unchanged lines hidden (view full) --- 1493 case DLT_PPP_ETHER: 1494 /* 1495 * We use Ethernet protocol types inside libpcap; 1496 * map them to the corresponding PPP protocol types. 1497 */ 1498 switch (proto) { 1499 1500 case ETHERTYPE_IP: |
1227 proto = PPP_IP; /* XXX was 0x21 */ | 1501 proto = PPP_IP; |
1228 break; 1229 1230#ifdef INET6 1231 case ETHERTYPE_IPV6: 1232 proto = PPP_IPV6; 1233 break; 1234#endif 1235 --- 78 unchanged lines hidden (view full) --- 1314 case LLCSAP_IPX: 1315 proto = PPP_IPX; 1316 break; 1317 } 1318 break; 1319 1320 case DLT_NULL: 1321 case DLT_LOOP: | 1502 break; 1503 1504#ifdef INET6 1505 case ETHERTYPE_IPV6: 1506 proto = PPP_IPV6; 1507 break; 1508#endif 1509 --- 78 unchanged lines hidden (view full) --- 1588 case LLCSAP_IPX: 1589 proto = PPP_IPX; 1590 break; 1591 } 1592 break; 1593 1594 case DLT_NULL: 1595 case DLT_LOOP: |
1596 case DLT_ENC: |
|
1322 /* 1323 * For DLT_NULL, the link-layer header is a 32-bit | 1597 /* 1598 * For DLT_NULL, the link-layer header is a 32-bit |
1324 * word containing an AF_ value in *host* byte order. | 1599 * word containing an AF_ value in *host* byte order, 1600 * and for DLT_ENC, the link-layer header begins 1601 * with a 32-bit work containing an AF_ value in 1602 * host byte order. |
1325 * 1326 * In addition, if we're reading a saved capture file, 1327 * the host byte order in the capture may not be the 1328 * same as the host byte order on this machine. 1329 * 1330 * For DLT_LOOP, the link-layer header is a 32-bit 1331 * word containing an AF_ value in *network* byte order. 1332 * --- 21 unchanged lines hidden (view full) --- 1354 /* 1355 * Not a type on which we support filtering. 1356 * XXX - support those that have AF_ values 1357 * #defined on this platform, at least? 1358 */ 1359 return gen_false(); 1360 } 1361 | 1603 * 1604 * In addition, if we're reading a saved capture file, 1605 * the host byte order in the capture may not be the 1606 * same as the host byte order on this machine. 1607 * 1608 * For DLT_LOOP, the link-layer header is a 32-bit 1609 * word containing an AF_ value in *network* byte order. 1610 * --- 21 unchanged lines hidden (view full) --- 1632 /* 1633 * Not a type on which we support filtering. 1634 * XXX - support those that have AF_ values 1635 * #defined on this platform, at least? 1636 */ 1637 return gen_false(); 1638 } 1639 |
1362 if (linktype == DLT_NULL) { | 1640 if (linktype == DLT_NULL || linktype == DLT_ENC) { |
1363 /* 1364 * The AF_ value is in host byte order, but 1365 * the BPF interpreter will convert it to 1366 * network byte order. 1367 * 1368 * If this is a save file, and it's from a 1369 * machine with the opposite byte order to 1370 * ours, we byte-swap the AF_ value. 1371 * 1372 * Then we run it through "htonl()", and 1373 * generate code to compare against the result. 1374 */ 1375 if (bpf_pcap->sf.rfile != NULL && 1376 bpf_pcap->sf.swapped) 1377 proto = SWAPLONG(proto); 1378 proto = htonl(proto); 1379 } 1380 return (gen_cmp(0, BPF_W, (bpf_int32)proto)); 1381 | 1641 /* 1642 * The AF_ value is in host byte order, but 1643 * the BPF interpreter will convert it to 1644 * network byte order. 1645 * 1646 * If this is a save file, and it's from a 1647 * machine with the opposite byte order to 1648 * ours, we byte-swap the AF_ value. 1649 * 1650 * Then we run it through "htonl()", and 1651 * generate code to compare against the result. 1652 */ 1653 if (bpf_pcap->sf.rfile != NULL && 1654 bpf_pcap->sf.swapped) 1655 proto = SWAPLONG(proto); 1656 proto = htonl(proto); 1657 } 1658 return (gen_cmp(0, BPF_W, (bpf_int32)proto)); 1659 |
1660 case DLT_PFLOG: 1661 /* 1662 * af field is host byte order in contrast to the rest of 1663 * the packet. 1664 */ 1665 if (proto == ETHERTYPE_IP) 1666 return (gen_cmp(offsetof(struct pfloghdr, af), BPF_B, 1667 (bpf_int32)AF_INET)); 1668#ifdef INET6 1669 else if (proto == ETHERTYPE_IPV6) 1670 return (gen_cmp(offsetof(struct pfloghdr, af), BPF_B, 1671 (bpf_int32)AF_INET6)); 1672#endif /* INET6 */ 1673 else 1674 return gen_false(); 1675 break; 1676 |
|
1382 case DLT_ARCNET: | 1677 case DLT_ARCNET: |
1678 case DLT_ARCNET_LINUX: |
|
1383 /* 1384 * XXX should we check for first fragment if the protocol 1385 * uses PHDS? 1386 */ | 1679 /* 1680 * XXX should we check for first fragment if the protocol 1681 * uses PHDS? 1682 */ |
1387 switch(proto) { | 1683 switch (proto) { 1684 |
1388 default: 1389 return gen_false(); | 1685 default: 1686 return gen_false(); |
1687 |
|
1390#ifdef INET6 1391 case ETHERTYPE_IPV6: | 1688#ifdef INET6 1689 case ETHERTYPE_IPV6: |
1392 return(gen_cmp(2, BPF_B, 1393 (bpf_int32)htonl(ARCTYPE_INET6))); | 1690 return (gen_cmp(off_linktype, BPF_B, 1691 (bpf_int32)ARCTYPE_INET6)); |
1394#endif /* INET6 */ | 1692#endif /* INET6 */ |
1693 |
|
1395 case ETHERTYPE_IP: | 1694 case ETHERTYPE_IP: |
1396 b0 = gen_cmp(2, BPF_B, (bpf_int32)htonl(ARCTYPE_IP)); 1397 b1 = gen_cmp(2, BPF_B, 1398 (bpf_int32)htonl(ARCTYPE_IP_OLD)); | 1695 b0 = gen_cmp(off_linktype, BPF_B, 1696 (bpf_int32)ARCTYPE_IP); 1697 b1 = gen_cmp(off_linktype, BPF_B, 1698 (bpf_int32)ARCTYPE_IP_OLD); |
1399 gen_or(b0, b1); | 1699 gen_or(b0, b1); |
1400 return(b1); | 1700 return (b1); 1701 |
1401 case ETHERTYPE_ARP: | 1702 case ETHERTYPE_ARP: |
1402 b0 = gen_cmp(2, BPF_B, (bpf_int32)htonl(ARCTYPE_ARP)); 1403 b1 = gen_cmp(2, BPF_B, 1404 (bpf_int32)htonl(ARCTYPE_ARP_OLD)); | 1703 b0 = gen_cmp(off_linktype, BPF_B, 1704 (bpf_int32)ARCTYPE_ARP); 1705 b1 = gen_cmp(off_linktype, BPF_B, 1706 (bpf_int32)ARCTYPE_ARP_OLD); |
1405 gen_or(b0, b1); | 1707 gen_or(b0, b1); |
1406 return(b1); | 1708 return (b1); 1709 |
1407 case ETHERTYPE_REVARP: | 1710 case ETHERTYPE_REVARP: |
1408 return(gen_cmp(2, BPF_B, 1409 (bpf_int32)htonl(ARCTYPE_REVARP))); | 1711 return (gen_cmp(off_linktype, BPF_B, 1712 (bpf_int32)ARCTYPE_REVARP)); 1713 |
1410 case ETHERTYPE_ATALK: | 1714 case ETHERTYPE_ATALK: |
1411 return(gen_cmp(2, BPF_B, 1412 (bpf_int32)htonl(ARCTYPE_ATALK))); | 1715 return (gen_cmp(off_linktype, BPF_B, 1716 (bpf_int32)ARCTYPE_ATALK)); |
1413 } 1414 break; 1415 1416 case DLT_LTALK: 1417 switch (proto) { 1418 case ETHERTYPE_ATALK: 1419 return gen_true(); 1420 default: 1421 return gen_false(); 1422 } 1423 break; | 1717 } 1718 break; 1719 1720 case DLT_LTALK: 1721 switch (proto) { 1722 case ETHERTYPE_ATALK: 1723 return gen_true(); 1724 default: 1725 return gen_false(); 1726 } 1727 break; |
1728 1729 case DLT_FRELAY: 1730 /* 1731 * XXX - assumes a 2-byte Frame Relay header with 1732 * DLCI and flags. What if the address is longer? 1733 */ 1734 switch (proto) { 1735 1736 case ETHERTYPE_IP: 1737 /* 1738 * Check for the special NLPID for IP. 1739 */ 1740 return gen_cmp(2, BPF_H, (0x03<<8) | 0xcc); 1741 1742#ifdef INET6 1743 case ETHERTYPE_IPV6: 1744 /* 1745 * Check for the special NLPID for IPv6. 1746 */ 1747 return gen_cmp(2, BPF_H, (0x03<<8) | 0x8e); 1748#endif 1749 1750 case LLCSAP_ISONS: 1751 /* 1752 * Check for several OSI protocols. 1753 * 1754 * Frame Relay packets typically have an OSI 1755 * NLPID at the beginning; we check for each 1756 * of them. 1757 * 1758 * What we check for is the NLPID and a frame 1759 * control field of UI, i.e. 0x03 followed 1760 * by the NLPID. 1761 */ 1762 b0 = gen_cmp(2, BPF_H, (0x03<<8) | ISO8473_CLNP); 1763 b1 = gen_cmp(2, BPF_H, (0x03<<8) | ISO9542_ESIS); 1764 b2 = gen_cmp(2, BPF_H, (0x03<<8) | ISO10589_ISIS); 1765 gen_or(b1, b2); 1766 gen_or(b0, b2); 1767 return b2; 1768 1769 default: 1770 return gen_false(); 1771 } 1772 break; 1773 1774 case DLT_LINUX_IRDA: 1775 bpf_error("IrDA link-layer type filtering not implemented"); |
|
1424 } 1425 1426 /* 1427 * All the types that have no encapsulation should either be 1428 * handled as DLT_SLIP, DLT_SLIP_BSDOS, and DLT_RAW are, if 1429 * all packets are IP packets, or should be handled in some 1430 * special case, if none of them are (if some are and some 1431 * aren't, the lack of encapsulation is a problem, as we'd 1432 * have to find some other way of determining the packet type). 1433 * 1434 * Therefore, if "off_linktype" is -1, there's an error. 1435 */ | 1776 } 1777 1778 /* 1779 * All the types that have no encapsulation should either be 1780 * handled as DLT_SLIP, DLT_SLIP_BSDOS, and DLT_RAW are, if 1781 * all packets are IP packets, or should be handled in some 1782 * special case, if none of them are (if some are and some 1783 * aren't, the lack of encapsulation is a problem, as we'd 1784 * have to find some other way of determining the packet type). 1785 * 1786 * Therefore, if "off_linktype" is -1, there's an error. 1787 */ |
1436 if (off_linktype == -1) | 1788 if (off_linktype == (u_int)-1) |
1437 abort(); 1438 1439 /* 1440 * Any type not handled above should always have an Ethernet 1441 * type at an offset of "off_linktype". (PPP is partially 1442 * handled above - the protocol type is mapped from the 1443 * Ethernet and LLC types we use internally to the corresponding 1444 * PPP type - but the PPP type is always specified by a value --- 15 unchanged lines hidden (view full) --- 1460 bpf_u_int32 orgcode; 1461 bpf_u_int32 ptype; 1462 u_int offset; 1463{ 1464 u_char snapblock[8]; 1465 1466 snapblock[0] = LLCSAP_SNAP; /* DSAP = SNAP */ 1467 snapblock[1] = LLCSAP_SNAP; /* SSAP = SNAP */ | 1789 abort(); 1790 1791 /* 1792 * Any type not handled above should always have an Ethernet 1793 * type at an offset of "off_linktype". (PPP is partially 1794 * handled above - the protocol type is mapped from the 1795 * Ethernet and LLC types we use internally to the corresponding 1796 * PPP type - but the PPP type is always specified by a value --- 15 unchanged lines hidden (view full) --- 1812 bpf_u_int32 orgcode; 1813 bpf_u_int32 ptype; 1814 u_int offset; 1815{ 1816 u_char snapblock[8]; 1817 1818 snapblock[0] = LLCSAP_SNAP; /* DSAP = SNAP */ 1819 snapblock[1] = LLCSAP_SNAP; /* SSAP = SNAP */ |
1468 snapblock[2] = 0x03; /* control = UI */ | 1820 snapblock[2] = 0x03; /* control = UI */ |
1469 snapblock[3] = (orgcode >> 16); /* upper 8 bits of organization code */ 1470 snapblock[4] = (orgcode >> 8); /* middle 8 bits of organization code */ 1471 snapblock[5] = (orgcode >> 0); /* lower 8 bits of organization code */ 1472 snapblock[6] = (ptype >> 8); /* upper 8 bits of protocol type */ 1473 snapblock[7] = (ptype >> 0); /* lower 8 bits of protocol type */ 1474 return gen_bcmp(offset, 8, snapblock); 1475} 1476 | 1821 snapblock[3] = (orgcode >> 16); /* upper 8 bits of organization code */ 1822 snapblock[4] = (orgcode >> 8); /* middle 8 bits of organization code */ 1823 snapblock[5] = (orgcode >> 0); /* lower 8 bits of organization code */ 1824 snapblock[6] = (ptype >> 8); /* upper 8 bits of protocol type */ 1825 snapblock[7] = (ptype >> 0); /* lower 8 bits of protocol type */ 1826 return gen_bcmp(offset, 8, snapblock); 1827} 1828 |
1829/* 1830 * Check for a given protocol value assuming an 802.2 LLC header. 1831 */ |
|
1477static struct block * | 1832static struct block * |
1833gen_llc(proto) 1834 int proto; 1835{ 1836 /* 1837 * XXX - handle token-ring variable-length header. 1838 */ 1839 switch (proto) { 1840 1841 case LLCSAP_IP: 1842 return gen_cmp(off_linktype, BPF_H, (long) 1843 ((LLCSAP_IP << 8) | LLCSAP_IP)); 1844 1845 case LLCSAP_ISONS: 1846 return gen_cmp(off_linktype, BPF_H, (long) 1847 ((LLCSAP_ISONS << 8) | LLCSAP_ISONS)); 1848 1849 case LLCSAP_NETBEUI: 1850 return gen_cmp(off_linktype, BPF_H, (long) 1851 ((LLCSAP_NETBEUI << 8) | LLCSAP_NETBEUI)); 1852 1853 case LLCSAP_IPX: 1854 /* 1855 * XXX - are there ever SNAP frames for IPX on 1856 * non-Ethernet 802.x networks? 1857 */ 1858 return gen_cmp(off_linktype, BPF_B, (bpf_int32)LLCSAP_IPX); 1859 1860 case ETHERTYPE_ATALK: 1861 /* 1862 * 802.2-encapsulated ETHERTYPE_ATALK packets are 1863 * SNAP packets with an organization code of 1864 * 0x080007 (Apple, for Appletalk) and a protocol 1865 * type of ETHERTYPE_ATALK (Appletalk). 1866 * 1867 * XXX - check for an organization code of 1868 * encapsulated Ethernet as well? 1869 */ 1870 return gen_snap(0x080007, ETHERTYPE_ATALK, off_linktype); 1871 1872 default: 1873 /* 1874 * XXX - we don't have to check for IPX 802.3 1875 * here, but should we check for the IPX Ethertype? 1876 */ 1877 if (proto <= ETHERMTU) { 1878 /* 1879 * This is an LLC SAP value, so check 1880 * the DSAP. 1881 */ 1882 return gen_cmp(off_linktype, BPF_B, (bpf_int32)proto); 1883 } else { 1884 /* 1885 * This is an Ethernet type; we assume that it's 1886 * unlikely that it'll appear in the right place 1887 * at random, and therefore check only the 1888 * location that would hold the Ethernet type 1889 * in a SNAP frame with an organization code of 1890 * 0x000000 (encapsulated Ethernet). 1891 * 1892 * XXX - if we were to check for the SNAP DSAP and 1893 * LSAP, as per XXX, and were also to check for an 1894 * organization code of 0x000000 (encapsulated 1895 * Ethernet), we'd do 1896 * 1897 * return gen_snap(0x000000, proto, 1898 * off_linktype); 1899 * 1900 * here; for now, we don't, as per the above. 1901 * I don't know whether it's worth the extra CPU 1902 * time to do the right check or not. 1903 */ 1904 return gen_cmp(off_linktype+6, BPF_H, (bpf_int32)proto); 1905 } 1906 } 1907} 1908 1909static struct block * |
|
1478gen_hostop(addr, mask, dir, proto, src_off, dst_off) 1479 bpf_u_int32 addr; 1480 bpf_u_int32 mask; 1481 int dir, proto; 1482 u_int src_off, dst_off; 1483{ 1484 struct block *b0, *b1; 1485 u_int offset; --- 88 unchanged lines hidden (view full) --- 1574gen_ehostop(eaddr, dir) 1575 register const u_char *eaddr; 1576 register int dir; 1577{ 1578 register struct block *b0, *b1; 1579 1580 switch (dir) { 1581 case Q_SRC: | 1910gen_hostop(addr, mask, dir, proto, src_off, dst_off) 1911 bpf_u_int32 addr; 1912 bpf_u_int32 mask; 1913 int dir, proto; 1914 u_int src_off, dst_off; 1915{ 1916 struct block *b0, *b1; 1917 u_int offset; --- 88 unchanged lines hidden (view full) --- 2006gen_ehostop(eaddr, dir) 2007 register const u_char *eaddr; 2008 register int dir; 2009{ 2010 register struct block *b0, *b1; 2011 2012 switch (dir) { 2013 case Q_SRC: |
1582 return gen_bcmp(6, 6, eaddr); | 2014 return gen_bcmp(off_mac + 6, 6, eaddr); |
1583 1584 case Q_DST: | 2015 2016 case Q_DST: |
1585 return gen_bcmp(0, 6, eaddr); | 2017 return gen_bcmp(off_mac + 0, 6, eaddr); |
1586 1587 case Q_AND: 1588 b0 = gen_ehostop(eaddr, Q_SRC); 1589 b1 = gen_ehostop(eaddr, Q_DST); 1590 gen_and(b0, b1); 1591 return b1; 1592 1593 case Q_DEFAULT: --- 79 unchanged lines hidden (view full) --- 1673 gen_or(b0, b1); 1674 return b1; 1675 } 1676 abort(); 1677 /* NOTREACHED */ 1678} 1679 1680/* | 2018 2019 case Q_AND: 2020 b0 = gen_ehostop(eaddr, Q_SRC); 2021 b1 = gen_ehostop(eaddr, Q_DST); 2022 gen_and(b0, b1); 2023 return b1; 2024 2025 case Q_DEFAULT: --- 79 unchanged lines hidden (view full) --- 2105 gen_or(b0, b1); 2106 return b1; 2107 } 2108 abort(); 2109 /* NOTREACHED */ 2110} 2111 2112/* |
1681 * Like gen_ehostop, but for DLT_IEEE802_11 (Wireless) | 2113 * Like gen_ehostop, but for DLT_IEEE802_11 (802.11 wireless LAN) |
1682 */ 1683static struct block * | 2114 */ 2115static struct block * |
1684gen_whostop(eaddr, dir) | 2116gen_wlanhostop(eaddr, dir) |
1685 register const u_char *eaddr; 1686 register int dir; 1687{ | 2117 register const u_char *eaddr; 2118 register int dir; 2119{ |
2120 register struct block *b0, *b1, *b2; 2121 register struct slist *s; 2122 2123 switch (dir) { 2124 case Q_SRC: 2125 /* 2126 * Oh, yuk. 2127 * 2128 * For control frames, there is no SA. 2129 * 2130 * For management frames, SA is at an 2131 * offset of 10 from the beginning of 2132 * the packet. 2133 * 2134 * For data frames, SA is at an offset 2135 * of 10 from the beginning of the packet 2136 * if From DS is clear, at an offset of 2137 * 16 from the beginning of the packet 2138 * if From DS is set and To DS is clear, 2139 * and an offset of 24 from the beginning 2140 * of the packet if From DS is set and To DS 2141 * is set. 2142 */ 2143 2144 /* 2145 * Generate the tests to be done for data frames 2146 * with From DS set. 2147 * 2148 * First, check for To DS set, i.e. check "link[1] & 0x01". 2149 */ 2150 s = new_stmt(BPF_LD|BPF_B|BPF_ABS); 2151 s->s.k = 1; 2152 b1 = new_block(JMP(BPF_JSET)); 2153 b1->s.k = 0x01; /* To DS */ 2154 b1->stmts = s; 2155 2156 /* 2157 * If To DS is set, the SA is at 24. 2158 */ 2159 b0 = gen_bcmp(24, 6, eaddr); 2160 gen_and(b1, b0); 2161 2162 /* 2163 * Now, check for To DS not set, i.e. check 2164 * "!(link[1] & 0x01)". 2165 */ 2166 s = new_stmt(BPF_LD|BPF_B|BPF_ABS); 2167 s->s.k = 1; 2168 b2 = new_block(JMP(BPF_JSET)); 2169 b2->s.k = 0x01; /* To DS */ 2170 b2->stmts = s; 2171 gen_not(b2); 2172 2173 /* 2174 * If To DS is not set, the SA is at 16. 2175 */ 2176 b1 = gen_bcmp(16, 6, eaddr); 2177 gen_and(b2, b1); 2178 2179 /* 2180 * Now OR together the last two checks. That gives 2181 * the complete set of checks for data frames with 2182 * From DS set. 2183 */ 2184 gen_or(b1, b0); 2185 2186 /* 2187 * Now check for From DS being set, and AND that with 2188 * the ORed-together checks. 2189 */ 2190 s = new_stmt(BPF_LD|BPF_B|BPF_ABS); 2191 s->s.k = 1; 2192 b1 = new_block(JMP(BPF_JSET)); 2193 b1->s.k = 0x02; /* From DS */ 2194 b1->stmts = s; 2195 gen_and(b1, b0); 2196 2197 /* 2198 * Now check for data frames with From DS not set. 2199 */ 2200 s = new_stmt(BPF_LD|BPF_B|BPF_ABS); 2201 s->s.k = 1; 2202 b2 = new_block(JMP(BPF_JSET)); 2203 b2->s.k = 0x02; /* From DS */ 2204 b2->stmts = s; 2205 gen_not(b2); 2206 2207 /* 2208 * If From DS isn't set, the SA is at 10. 2209 */ 2210 b1 = gen_bcmp(10, 6, eaddr); 2211 gen_and(b2, b1); 2212 2213 /* 2214 * Now OR together the checks for data frames with 2215 * From DS not set and for data frames with From DS 2216 * set; that gives the checks done for data frames. 2217 */ 2218 gen_or(b1, b0); 2219 2220 /* 2221 * Now check for a data frame. 2222 * I.e, check "link[0] & 0x08". 2223 */ 2224 s = new_stmt(BPF_LD|BPF_B|BPF_ABS); 2225 s->s.k = 0; 2226 b1 = new_block(JMP(BPF_JSET)); 2227 b1->s.k = 0x08; 2228 b1->stmts = s; 2229 2230 /* 2231 * AND that with the checks done for data frames. 2232 */ 2233 gen_and(b1, b0); 2234 2235 /* 2236 * If the high-order bit of the type value is 0, this 2237 * is a management frame. 2238 * I.e, check "!(link[0] & 0x08)". 2239 */ 2240 s = new_stmt(BPF_LD|BPF_B|BPF_ABS); 2241 s->s.k = 0; 2242 b2 = new_block(JMP(BPF_JSET)); 2243 b2->s.k = 0x08; 2244 b2->stmts = s; 2245 gen_not(b2); 2246 2247 /* 2248 * For management frames, the SA is at 10. 2249 */ 2250 b1 = gen_bcmp(10, 6, eaddr); 2251 gen_and(b2, b1); 2252 2253 /* 2254 * OR that with the checks done for data frames. 2255 * That gives the checks done for management and 2256 * data frames. 2257 */ 2258 gen_or(b1, b0); 2259 2260 /* 2261 * If the low-order bit of the type value is 1, 2262 * this is either a control frame or a frame 2263 * with a reserved type, and thus not a 2264 * frame with an SA. 2265 * 2266 * I.e., check "!(link[0] & 0x04)". 2267 */ 2268 s = new_stmt(BPF_LD|BPF_B|BPF_ABS); 2269 s->s.k = 0; 2270 b1 = new_block(JMP(BPF_JSET)); 2271 b1->s.k = 0x04; 2272 b1->stmts = s; 2273 gen_not(b1); 2274 2275 /* 2276 * AND that with the checks for data and management 2277 * frames. 2278 */ 2279 gen_and(b1, b0); 2280 return b0; 2281 2282 case Q_DST: 2283 /* 2284 * Oh, yuk. 2285 * 2286 * For control frames, there is no DA. 2287 * 2288 * For management frames, DA is at an 2289 * offset of 4 from the beginning of 2290 * the packet. 2291 * 2292 * For data frames, DA is at an offset 2293 * of 4 from the beginning of the packet 2294 * if To DS is clear and at an offset of 2295 * 16 from the beginning of the packet 2296 * if To DS is set. 2297 */ 2298 2299 /* 2300 * Generate the tests to be done for data frames. 2301 * 2302 * First, check for To DS set, i.e. "link[1] & 0x01". 2303 */ 2304 s = new_stmt(BPF_LD|BPF_B|BPF_ABS); 2305 s->s.k = 1; 2306 b1 = new_block(JMP(BPF_JSET)); 2307 b1->s.k = 0x01; /* To DS */ 2308 b1->stmts = s; 2309 2310 /* 2311 * If To DS is set, the DA is at 16. 2312 */ 2313 b0 = gen_bcmp(16, 6, eaddr); 2314 gen_and(b1, b0); 2315 2316 /* 2317 * Now, check for To DS not set, i.e. check 2318 * "!(link[1] & 0x01)". 2319 */ 2320 s = new_stmt(BPF_LD|BPF_B|BPF_ABS); 2321 s->s.k = 1; 2322 b2 = new_block(JMP(BPF_JSET)); 2323 b2->s.k = 0x01; /* To DS */ 2324 b2->stmts = s; 2325 gen_not(b2); 2326 2327 /* 2328 * If To DS is not set, the DA is at 4. 2329 */ 2330 b1 = gen_bcmp(4, 6, eaddr); 2331 gen_and(b2, b1); 2332 2333 /* 2334 * Now OR together the last two checks. That gives 2335 * the complete set of checks for data frames. 2336 */ 2337 gen_or(b1, b0); 2338 2339 /* 2340 * Now check for a data frame. 2341 * I.e, check "link[0] & 0x08". 2342 */ 2343 s = new_stmt(BPF_LD|BPF_B|BPF_ABS); 2344 s->s.k = 0; 2345 b1 = new_block(JMP(BPF_JSET)); 2346 b1->s.k = 0x08; 2347 b1->stmts = s; 2348 2349 /* 2350 * AND that with the checks done for data frames. 2351 */ 2352 gen_and(b1, b0); 2353 2354 /* 2355 * If the high-order bit of the type value is 0, this 2356 * is a management frame. 2357 * I.e, check "!(link[0] & 0x08)". 2358 */ 2359 s = new_stmt(BPF_LD|BPF_B|BPF_ABS); 2360 s->s.k = 0; 2361 b2 = new_block(JMP(BPF_JSET)); 2362 b2->s.k = 0x08; 2363 b2->stmts = s; 2364 gen_not(b2); 2365 2366 /* 2367 * For management frames, the DA is at 4. 2368 */ 2369 b1 = gen_bcmp(4, 6, eaddr); 2370 gen_and(b2, b1); 2371 2372 /* 2373 * OR that with the checks done for data frames. 2374 * That gives the checks done for management and 2375 * data frames. 2376 */ 2377 gen_or(b1, b0); 2378 2379 /* 2380 * If the low-order bit of the type value is 1, 2381 * this is either a control frame or a frame 2382 * with a reserved type, and thus not a 2383 * frame with an SA. 2384 * 2385 * I.e., check "!(link[0] & 0x04)". 2386 */ 2387 s = new_stmt(BPF_LD|BPF_B|BPF_ABS); 2388 s->s.k = 0; 2389 b1 = new_block(JMP(BPF_JSET)); 2390 b1->s.k = 0x04; 2391 b1->stmts = s; 2392 gen_not(b1); 2393 2394 /* 2395 * AND that with the checks for data and management 2396 * frames. 2397 */ 2398 gen_and(b1, b0); 2399 return b0; 2400 2401 case Q_AND: 2402 b0 = gen_wlanhostop(eaddr, Q_SRC); 2403 b1 = gen_wlanhostop(eaddr, Q_DST); 2404 gen_and(b0, b1); 2405 return b1; 2406 2407 case Q_DEFAULT: 2408 case Q_OR: 2409 b0 = gen_wlanhostop(eaddr, Q_SRC); 2410 b1 = gen_wlanhostop(eaddr, Q_DST); 2411 gen_or(b0, b1); 2412 return b1; 2413 } 2414 abort(); 2415 /* NOTREACHED */ 2416} 2417 2418/* 2419 * Like gen_ehostop, but for RFC 2625 IP-over-Fibre-Channel. 2420 * (We assume that the addresses are IEEE 48-bit MAC addresses, 2421 * as the RFC states.) 2422 */ 2423static struct block * 2424gen_ipfchostop(eaddr, dir) 2425 register const u_char *eaddr; 2426 register int dir; 2427{ |
|
1688 register struct block *b0, *b1; 1689 1690 switch (dir) { 1691 case Q_SRC: 1692 return gen_bcmp(10, 6, eaddr); 1693 1694 case Q_DST: | 2428 register struct block *b0, *b1; 2429 2430 switch (dir) { 2431 case Q_SRC: 2432 return gen_bcmp(10, 6, eaddr); 2433 2434 case Q_DST: |
1695 return gen_bcmp(4, 6, eaddr); | 2435 return gen_bcmp(2, 6, eaddr); |
1696 1697 case Q_AND: | 2436 2437 case Q_AND: |
1698 b0 = gen_whostop(eaddr, Q_SRC); 1699 b1 = gen_whostop(eaddr, Q_DST); | 2438 b0 = gen_ipfchostop(eaddr, Q_SRC); 2439 b1 = gen_ipfchostop(eaddr, Q_DST); |
1700 gen_and(b0, b1); 1701 return b1; 1702 1703 case Q_DEFAULT: 1704 case Q_OR: | 2440 gen_and(b0, b1); 2441 return b1; 2442 2443 case Q_DEFAULT: 2444 case Q_OR: |
1705 b0 = gen_whostop(eaddr, Q_SRC); 1706 b1 = gen_whostop(eaddr, Q_DST); | 2445 b0 = gen_ipfchostop(eaddr, Q_SRC); 2446 b1 = gen_ipfchostop(eaddr, Q_DST); |
1707 gen_or(b0, b1); 1708 return b1; 1709 } 1710 abort(); 1711 /* NOTREACHED */ 1712} 1713 1714/* --- 48 unchanged lines hidden (view full) --- 1763 /* Inefficient because we do our Calvinball dance twice */ 1764 b0 = gen_dnhostop(addr, Q_SRC, base_off); 1765 b1 = gen_dnhostop(addr, Q_DST, base_off); 1766 gen_or(b0, b1); 1767 return b1; 1768 1769 case Q_ISO: 1770 bpf_error("ISO host filtering not implemented"); | 2447 gen_or(b0, b1); 2448 return b1; 2449 } 2450 abort(); 2451 /* NOTREACHED */ 2452} 2453 2454/* --- 48 unchanged lines hidden (view full) --- 2503 /* Inefficient because we do our Calvinball dance twice */ 2504 b0 = gen_dnhostop(addr, Q_SRC, base_off); 2505 b1 = gen_dnhostop(addr, Q_DST, base_off); 2506 gen_or(b0, b1); 2507 return b1; 2508 2509 case Q_ISO: 2510 bpf_error("ISO host filtering not implemented"); |
1771 | 2511 |
1772 default: 1773 abort(); 1774 } 1775 b0 = gen_linktype(ETHERTYPE_DN); 1776 /* Check for pad = 1, long header case */ 1777 tmp = gen_mcmp(base_off + 2, BPF_H, 1778 (bpf_int32)ntohs(0x0681), (bpf_int32)ntohs(0x07FF)); 1779 b1 = gen_cmp(base_off + 2 + 1 + offset_lh, --- 30 unchanged lines hidden (view full) --- 1810 int dir; 1811{ 1812 struct block *b0, *b1; 1813 1814 switch (proto) { 1815 1816 case Q_DEFAULT: 1817 b0 = gen_host(addr, mask, Q_IP, dir); | 2512 default: 2513 abort(); 2514 } 2515 b0 = gen_linktype(ETHERTYPE_DN); 2516 /* Check for pad = 1, long header case */ 2517 tmp = gen_mcmp(base_off + 2, BPF_H, 2518 (bpf_int32)ntohs(0x0681), (bpf_int32)ntohs(0x07FF)); 2519 b1 = gen_cmp(base_off + 2 + 1 + offset_lh, --- 30 unchanged lines hidden (view full) --- 2550 int dir; 2551{ 2552 struct block *b0, *b1; 2553 2554 switch (proto) { 2555 2556 case Q_DEFAULT: 2557 b0 = gen_host(addr, mask, Q_IP, dir); |
1818 if (off_linktype != -1) { | 2558 if (off_linktype != (u_int)-1) { |
1819 b1 = gen_host(addr, mask, Q_ARP, dir); 1820 gen_or(b0, b1); 1821 b0 = gen_host(addr, mask, Q_RARP, dir); 1822 gen_or(b1, b0); 1823 } 1824 return b0; 1825 1826 case Q_IP: --- 222 unchanged lines hidden (view full) --- 2049 case Q_RARP: 2050 if (linktype == DLT_EN10MB) 2051 b0 = gen_ehostop(eaddr, Q_OR); 2052 else if (linktype == DLT_FDDI) 2053 b0 = gen_fhostop(eaddr, Q_OR); 2054 else if (linktype == DLT_IEEE802) 2055 b0 = gen_thostop(eaddr, Q_OR); 2056 else if (linktype == DLT_IEEE802_11) | 2559 b1 = gen_host(addr, mask, Q_ARP, dir); 2560 gen_or(b0, b1); 2561 b0 = gen_host(addr, mask, Q_RARP, dir); 2562 gen_or(b1, b0); 2563 } 2564 return b0; 2565 2566 case Q_IP: --- 222 unchanged lines hidden (view full) --- 2789 case Q_RARP: 2790 if (linktype == DLT_EN10MB) 2791 b0 = gen_ehostop(eaddr, Q_OR); 2792 else if (linktype == DLT_FDDI) 2793 b0 = gen_fhostop(eaddr, Q_OR); 2794 else if (linktype == DLT_IEEE802) 2795 b0 = gen_thostop(eaddr, Q_OR); 2796 else if (linktype == DLT_IEEE802_11) |
2057 b0 = gen_whostop(eaddr, Q_OR); | 2797 b0 = gen_wlanhostop(eaddr, Q_OR); 2798 else if (linktype == DLT_SUNATM && is_lane) { 2799 /* 2800 * Check that the packet doesn't begin with an 2801 * LE Control marker. (We've already generated 2802 * a test for LANE.) 2803 */ 2804 b1 = gen_cmp(SUNATM_PKT_BEGIN_POS, BPF_H, 0xFF00); 2805 gen_not(b1); 2806 2807 /* 2808 * Now check the MAC address. 2809 */ 2810 b0 = gen_ehostop(eaddr, Q_OR); 2811 gen_and(b1, b0); 2812 } else if (linktype == DLT_IP_OVER_FC) 2813 b0 = gen_ipfchostop(eaddr, Q_OR); |
2058 else 2059 bpf_error( | 2814 else 2815 bpf_error( |
2060 "'gateway' supported only on ethernet, FDDI or token ring"); | 2816 "'gateway' supported only on ethernet/FDDI/token ring/802.11/Fibre Channel"); |
2061 2062 b1 = gen_host(**alist++, 0xffffffff, proto, Q_OR); 2063 while (*alist) { 2064 tmp = gen_host(**alist++, 0xffffffff, proto, Q_OR); 2065 gen_or(b1, tmp); 2066 b1 = tmp; 2067 } 2068 gen_not(b1); --- 4 unchanged lines hidden (view full) --- 2073 /* NOTREACHED */ 2074} 2075#endif 2076 2077struct block * 2078gen_proto_abbrev(proto) 2079 int proto; 2080{ | 2817 2818 b1 = gen_host(**alist++, 0xffffffff, proto, Q_OR); 2819 while (*alist) { 2820 tmp = gen_host(**alist++, 0xffffffff, proto, Q_OR); 2821 gen_or(b1, tmp); 2822 b1 = tmp; 2823 } 2824 gen_not(b1); --- 4 unchanged lines hidden (view full) --- 2829 /* NOTREACHED */ 2830} 2831#endif 2832 2833struct block * 2834gen_proto_abbrev(proto) 2835 int proto; 2836{ |
2081#ifdef INET6 | |
2082 struct block *b0; | 2837 struct block *b0; |
2083#endif | |
2084 struct block *b1; 2085 2086 switch (proto) { 2087 2088 case Q_SCTP: 2089 b1 = gen_proto(IPPROTO_SCTP, Q_IP, Q_DEFAULT); 2090#ifdef INET6 2091 b0 = gen_proto(IPPROTO_SCTP, Q_IPV6, Q_DEFAULT); --- 141 unchanged lines hidden (view full) --- 2233 case Q_ESIS: 2234 b1 = gen_proto(ISO9542_ESIS, Q_ISO, Q_DEFAULT); 2235 break; 2236 2237 case Q_ISIS: 2238 b1 = gen_proto(ISO10589_ISIS, Q_ISO, Q_DEFAULT); 2239 break; 2240 | 2838 struct block *b1; 2839 2840 switch (proto) { 2841 2842 case Q_SCTP: 2843 b1 = gen_proto(IPPROTO_SCTP, Q_IP, Q_DEFAULT); 2844#ifdef INET6 2845 b0 = gen_proto(IPPROTO_SCTP, Q_IPV6, Q_DEFAULT); --- 141 unchanged lines hidden (view full) --- 2987 case Q_ESIS: 2988 b1 = gen_proto(ISO9542_ESIS, Q_ISO, Q_DEFAULT); 2989 break; 2990 2991 case Q_ISIS: 2992 b1 = gen_proto(ISO10589_ISIS, Q_ISO, Q_DEFAULT); 2993 break; 2994 |
2995 case Q_ISIS_L1: /* all IS-IS Level1 PDU-Types */ 2996 b0 = gen_proto(ISIS_L1_LAN_IIH, Q_ISIS, Q_DEFAULT); 2997 b1 = gen_proto(ISIS_PTP_IIH, Q_ISIS, Q_DEFAULT); /* FIXME extract the circuit-type bits */ 2998 gen_or(b0, b1); 2999 b0 = gen_proto(ISIS_L1_LSP, Q_ISIS, Q_DEFAULT); 3000 gen_or(b0, b1); 3001 b0 = gen_proto(ISIS_L1_CSNP, Q_ISIS, Q_DEFAULT); 3002 gen_or(b0, b1); 3003 b0 = gen_proto(ISIS_L1_PSNP, Q_ISIS, Q_DEFAULT); 3004 gen_or(b0, b1); 3005 break; 3006 3007 case Q_ISIS_L2: /* all IS-IS Level2 PDU-Types */ 3008 b0 = gen_proto(ISIS_L2_LAN_IIH, Q_ISIS, Q_DEFAULT); 3009 b1 = gen_proto(ISIS_PTP_IIH, Q_ISIS, Q_DEFAULT); /* FIXME extract the circuit-type bits */ 3010 gen_or(b0, b1); 3011 b0 = gen_proto(ISIS_L2_LSP, Q_ISIS, Q_DEFAULT); 3012 gen_or(b0, b1); 3013 b0 = gen_proto(ISIS_L2_CSNP, Q_ISIS, Q_DEFAULT); 3014 gen_or(b0, b1); 3015 b0 = gen_proto(ISIS_L2_PSNP, Q_ISIS, Q_DEFAULT); 3016 gen_or(b0, b1); 3017 break; 3018 3019 case Q_ISIS_IIH: /* all IS-IS Hello PDU-Types */ 3020 b0 = gen_proto(ISIS_L1_LAN_IIH, Q_ISIS, Q_DEFAULT); 3021 b1 = gen_proto(ISIS_L2_LAN_IIH, Q_ISIS, Q_DEFAULT); 3022 gen_or(b0, b1); 3023 b0 = gen_proto(ISIS_PTP_IIH, Q_ISIS, Q_DEFAULT); 3024 gen_or(b0, b1); 3025 break; 3026 3027 case Q_ISIS_LSP: 3028 b0 = gen_proto(ISIS_L1_LSP, Q_ISIS, Q_DEFAULT); 3029 b1 = gen_proto(ISIS_L2_LSP, Q_ISIS, Q_DEFAULT); 3030 gen_or(b0, b1); 3031 break; 3032 3033 case Q_ISIS_SNP: 3034 b0 = gen_proto(ISIS_L1_CSNP, Q_ISIS, Q_DEFAULT); 3035 b1 = gen_proto(ISIS_L2_CSNP, Q_ISIS, Q_DEFAULT); 3036 gen_or(b0, b1); 3037 b0 = gen_proto(ISIS_L1_PSNP, Q_ISIS, Q_DEFAULT); 3038 gen_or(b0, b1); 3039 b0 = gen_proto(ISIS_L2_PSNP, Q_ISIS, Q_DEFAULT); 3040 gen_or(b0, b1); 3041 break; 3042 3043 case Q_ISIS_CSNP: 3044 b0 = gen_proto(ISIS_L1_CSNP, Q_ISIS, Q_DEFAULT); 3045 b1 = gen_proto(ISIS_L2_CSNP, Q_ISIS, Q_DEFAULT); 3046 gen_or(b0, b1); 3047 break; 3048 3049 case Q_ISIS_PSNP: 3050 b0 = gen_proto(ISIS_L1_PSNP, Q_ISIS, Q_DEFAULT); 3051 b1 = gen_proto(ISIS_L2_PSNP, Q_ISIS, Q_DEFAULT); 3052 gen_or(b0, b1); 3053 break; 3054 |
|
2241 case Q_CLNP: 2242 b1 = gen_proto(ISO8473_CLNP, Q_ISO, Q_DEFAULT); 2243 break; 2244 2245 case Q_STP: 2246 b1 = gen_linktype(LLCSAP_8021D); 2247 break; 2248 --- 103 unchanged lines hidden (view full) --- 2352static struct block * 2353gen_port(port, ip_proto, dir) 2354 int port; 2355 int ip_proto; 2356 int dir; 2357{ 2358 struct block *b0, *b1, *tmp; 2359 | 3055 case Q_CLNP: 3056 b1 = gen_proto(ISO8473_CLNP, Q_ISO, Q_DEFAULT); 3057 break; 3058 3059 case Q_STP: 3060 b1 = gen_linktype(LLCSAP_8021D); 3061 break; 3062 --- 103 unchanged lines hidden (view full) --- 3166static struct block * 3167gen_port(port, ip_proto, dir) 3168 int port; 3169 int ip_proto; 3170 int dir; 3171{ 3172 struct block *b0, *b1, *tmp; 3173 |
2360 /* ether proto ip */ | 3174 /* 3175 * ether proto ip 3176 * 3177 * For FDDI, RFC 1188 says that SNAP encapsulation is used, 3178 * not LLC encapsulation with LLCSAP_IP. 3179 * 3180 * For IEEE 802 networks - which includes 802.5 token ring 3181 * (which is what DLT_IEEE802 means) and 802.11 - RFC 1042 3182 * says that SNAP encapsulation is used, not LLC encapsulation 3183 * with LLCSAP_IP. 3184 * 3185 * For LLC-encapsulated ATM/"Classical IP", RFC 1483 and 3186 * RFC 2225 say that SNAP encapsulation is used, not LLC 3187 * encapsulation with LLCSAP_IP. 3188 * 3189 * So we always check for ETHERTYPE_IP. 3190 */ |
2361 b0 = gen_linktype(ETHERTYPE_IP); 2362 2363 switch (ip_proto) { 2364 case IPPROTO_UDP: 2365 case IPPROTO_TCP: 2366 case IPPROTO_SCTP: 2367 b1 = gen_portop(port, ip_proto, dir); 2368 break; --- 448 unchanged lines hidden (view full) --- 2817 b0 = gen_proto(v, Q_IP, dir); 2818 b1 = gen_proto(v, Q_IPV6, dir); 2819 gen_or(b0, b1); 2820 return b1; 2821#else 2822 /*FALLTHROUGH*/ 2823#endif 2824 case Q_IP: | 3191 b0 = gen_linktype(ETHERTYPE_IP); 3192 3193 switch (ip_proto) { 3194 case IPPROTO_UDP: 3195 case IPPROTO_TCP: 3196 case IPPROTO_SCTP: 3197 b1 = gen_portop(port, ip_proto, dir); 3198 break; --- 448 unchanged lines hidden (view full) --- 3647 b0 = gen_proto(v, Q_IP, dir); 3648 b1 = gen_proto(v, Q_IPV6, dir); 3649 gen_or(b0, b1); 3650 return b1; 3651#else 3652 /*FALLTHROUGH*/ 3653#endif 3654 case Q_IP: |
3655 /* 3656 * For FDDI, RFC 1188 says that SNAP encapsulation is used, 3657 * not LLC encapsulation with LLCSAP_IP. 3658 * 3659 * For IEEE 802 networks - which includes 802.5 token ring 3660 * (which is what DLT_IEEE802 means) and 802.11 - RFC 1042 3661 * says that SNAP encapsulation is used, not LLC encapsulation 3662 * with LLCSAP_IP. 3663 * 3664 * For LLC-encapsulated ATM/"Classical IP", RFC 1483 and 3665 * RFC 2225 say that SNAP encapsulation is used, not LLC 3666 * encapsulation with LLCSAP_IP. 3667 * 3668 * So we always check for ETHERTYPE_IP. 3669 */ |
|
2825 b0 = gen_linktype(ETHERTYPE_IP); 2826#ifndef CHASE_CHAIN 2827 b1 = gen_cmp(off_nl + 9, BPF_B, (bpf_int32)v); 2828#else 2829 b1 = gen_protochain(v, Q_IP); 2830#endif 2831 gen_and(b0, b1); 2832 return b1; 2833 2834 case Q_ISO: | 3670 b0 = gen_linktype(ETHERTYPE_IP); 3671#ifndef CHASE_CHAIN 3672 b1 = gen_cmp(off_nl + 9, BPF_B, (bpf_int32)v); 3673#else 3674 b1 = gen_protochain(v, Q_IP); 3675#endif 3676 gen_and(b0, b1); 3677 return b1; 3678 3679 case Q_ISO: |
2835 b0 = gen_linktype(LLCSAP_ISONS); 2836 b1 = gen_cmp(off_nl + 3, BPF_B, (long)v); | 3680 switch (linktype) { 3681 3682 case DLT_FRELAY: 3683 /* 3684 * Frame Relay packets typically have an OSI 3685 * NLPID at the beginning; "gen_linktype(LLCSAP_ISONS)" 3686 * generates code to check for all the OSI 3687 * NLPIDs, so calling it and then adding a check 3688 * for the particular NLPID for which we're 3689 * looking is bogus, as we can just check for 3690 * the NLPID. 3691 * 3692 * What we check for is the NLPID and a frame 3693 * control field value of UI, i.e. 0x03 followed 3694 * by the NLPID. 3695 * 3696 * XXX - assumes a 2-byte Frame Relay header with 3697 * DLCI and flags. What if the address is longer? 3698 * 3699 * XXX - what about SNAP-encapsulated frames? 3700 */ 3701 return gen_cmp(2, BPF_H, (0x03<<8) | v); 3702 break; 3703 3704 case DLT_C_HDLC: 3705 /* 3706 * Cisco uses an Ethertype lookalike - for OSI, 3707 * it's 0xfefe. 3708 */ 3709 b0 = gen_linktype(LLCSAP_ISONS<<8 | LLCSAP_ISONS); 3710 /* OSI in C-HDLC is stuffed with a fudge byte */ 3711 b1 = gen_cmp(off_nl_nosnap+1, BPF_B, (long)v); 3712 gen_and(b0, b1); 3713 return b1; 3714 3715 default: 3716 b0 = gen_linktype(LLCSAP_ISONS); 3717 b1 = gen_cmp(off_nl_nosnap, BPF_B, (long)v); 3718 gen_and(b0, b1); 3719 return b1; 3720 } 3721 3722 case Q_ISIS: 3723 b0 = gen_proto(ISO10589_ISIS, Q_ISO, Q_DEFAULT); 3724 /* 3725 * 4 is the offset of the PDU type relative to the IS-IS 3726 * header. 3727 */ 3728 b1 = gen_cmp(off_nl_nosnap+4, BPF_B, (long)v); |
2837 gen_and(b0, b1); 2838 return b1; 2839 2840 case Q_ARP: 2841 bpf_error("arp does not encapsulate another protocol"); 2842 /* NOTREACHED */ 2843 2844 case Q_RARP: --- 163 unchanged lines hidden (view full) --- 3008 b = gen_thostop(eaddr, dir); 3009 free(eaddr); 3010 return b; 3011 3012 case DLT_IEEE802_11: 3013 eaddr = pcap_ether_hostton(name); 3014 if (eaddr == NULL) 3015 bpf_error( | 3729 gen_and(b0, b1); 3730 return b1; 3731 3732 case Q_ARP: 3733 bpf_error("arp does not encapsulate another protocol"); 3734 /* NOTREACHED */ 3735 3736 case Q_RARP: --- 163 unchanged lines hidden (view full) --- 3900 b = gen_thostop(eaddr, dir); 3901 free(eaddr); 3902 return b; 3903 3904 case DLT_IEEE802_11: 3905 eaddr = pcap_ether_hostton(name); 3906 if (eaddr == NULL) 3907 bpf_error( |
3016 "unknown ether host '%s'", name); 3017 b = gen_whostop(eaddr, dir); | 3908 "unknown 802.11 host '%s'", name); 3909 b = gen_wlanhostop(eaddr, dir); |
3018 free(eaddr); 3019 return b; 3020 | 3910 free(eaddr); 3911 return b; 3912 |
3021 default: 3022 bpf_error( 3023 "only ethernet/FDDI/token ring supports link-level host name"); 3024 break; | 3913 case DLT_IP_OVER_FC: 3914 eaddr = pcap_ether_hostton(name); 3915 if (eaddr == NULL) 3916 bpf_error( 3917 "unknown Fibre Channel host '%s'", name); 3918 b = gen_ipfchostop(eaddr, dir); 3919 free(eaddr); 3920 return b; 3921 3922 case DLT_SUNATM: 3923 if (!is_lane) 3924 break; 3925 3926 /* 3927 * Check that the packet doesn't begin 3928 * with an LE Control marker. (We've 3929 * already generated a test for LANE.) 3930 */ 3931 tmp = gen_cmp(SUNATM_PKT_BEGIN_POS, BPF_H, 3932 0xFF00); 3933 gen_not(tmp); 3934 3935 eaddr = pcap_ether_hostton(name); 3936 if (eaddr == NULL) 3937 bpf_error( 3938 "unknown ether host '%s'", name); 3939 b = gen_ehostop(eaddr, dir); 3940 gen_and(tmp, b); 3941 free(eaddr); 3942 return b; |
3025 } | 3943 } |
3944 3945 bpf_error("only ethernet/FDDI/token ring/802.11/ATM LANE/Fibre Channel supports link-level host name"); |
|
3026 } else if (proto == Q_DECNET) { 3027 unsigned short dn_addr = __pcap_nametodnaddr(name); 3028 /* 3029 * I don't think DECNET hosts can be multihomed, so 3030 * there is no need to build up a list of addresses 3031 */ 3032 return (gen_host(dn_addr, 0, proto, dir)); 3033 } else { 3034#ifndef INET6 3035 alist = pcap_nametoaddr(name); 3036 if (alist == NULL || *alist == NULL) 3037 bpf_error("unknown host '%s'", name); 3038 tproto = proto; | 3946 } else if (proto == Q_DECNET) { 3947 unsigned short dn_addr = __pcap_nametodnaddr(name); 3948 /* 3949 * I don't think DECNET hosts can be multihomed, so 3950 * there is no need to build up a list of addresses 3951 */ 3952 return (gen_host(dn_addr, 0, proto, dir)); 3953 } else { 3954#ifndef INET6 3955 alist = pcap_nametoaddr(name); 3956 if (alist == NULL || *alist == NULL) 3957 bpf_error("unknown host '%s'", name); 3958 tproto = proto; |
3039 if (off_linktype == -1 && tproto == Q_DEFAULT) | 3959 if (off_linktype == (u_int)-1 && tproto == Q_DEFAULT) |
3040 tproto = Q_IP; 3041 b = gen_host(**alist++, 0xffffffff, tproto, dir); 3042 while (*alist) { 3043 tmp = gen_host(**alist++, 0xffffffff, 3044 tproto, dir); 3045 gen_or(b, tmp); 3046 b = tmp; 3047 } --- 319 unchanged lines hidden (view full) --- 3367} 3368#endif /*INET6*/ 3369 3370struct block * 3371gen_ecode(eaddr, q) 3372 register const u_char *eaddr; 3373 struct qual q; 3374{ | 3960 tproto = Q_IP; 3961 b = gen_host(**alist++, 0xffffffff, tproto, dir); 3962 while (*alist) { 3963 tmp = gen_host(**alist++, 0xffffffff, 3964 tproto, dir); 3965 gen_or(b, tmp); 3966 b = tmp; 3967 } --- 319 unchanged lines hidden (view full) --- 4287} 4288#endif /*INET6*/ 4289 4290struct block * 4291gen_ecode(eaddr, q) 4292 register const u_char *eaddr; 4293 struct qual q; 4294{ |
4295 struct block *b, *tmp; 4296 |
|
3375 if ((q.addr == Q_HOST || q.addr == Q_DEFAULT) && q.proto == Q_LINK) { 3376 if (linktype == DLT_EN10MB) 3377 return gen_ehostop(eaddr, (int)q.dir); 3378 if (linktype == DLT_FDDI) 3379 return gen_fhostop(eaddr, (int)q.dir); 3380 if (linktype == DLT_IEEE802) 3381 return gen_thostop(eaddr, (int)q.dir); 3382 if (linktype == DLT_IEEE802_11) | 4297 if ((q.addr == Q_HOST || q.addr == Q_DEFAULT) && q.proto == Q_LINK) { 4298 if (linktype == DLT_EN10MB) 4299 return gen_ehostop(eaddr, (int)q.dir); 4300 if (linktype == DLT_FDDI) 4301 return gen_fhostop(eaddr, (int)q.dir); 4302 if (linktype == DLT_IEEE802) 4303 return gen_thostop(eaddr, (int)q.dir); 4304 if (linktype == DLT_IEEE802_11) |
3383 return gen_whostop(eaddr, (int)q.dir); 3384 bpf_error("ethernet addresses supported only on ethernet, FDDI or token ring"); | 4305 return gen_wlanhostop(eaddr, (int)q.dir); 4306 if (linktype == DLT_SUNATM && is_lane) { 4307 /* 4308 * Check that the packet doesn't begin with an 4309 * LE Control marker. (We've already generated 4310 * a test for LANE.) 4311 */ 4312 tmp = gen_cmp(SUNATM_PKT_BEGIN_POS, BPF_H, 0xFF00); 4313 gen_not(tmp); 4314 4315 /* 4316 * Now check the MAC address. 4317 */ 4318 b = gen_ehostop(eaddr, (int)q.dir); 4319 gen_and(tmp, b); 4320 return b; 4321 } 4322 if (linktype == DLT_IP_OVER_FC) 4323 return gen_ipfchostop(eaddr, (int)q.dir); 4324 bpf_error("ethernet addresses supported only on ethernet/FDDI/token ring/802.11/ATM LANE/Fibre Channel"); |
3385 } 3386 bpf_error("ethernet address used in non-ether expression"); 3387 /* NOTREACHED */ 3388} 3389 3390void 3391sappend(s0, s1) 3392 struct slist *s0, *s1; --- 57 unchanged lines hidden (view full) --- 3450 size = BPF_W; 3451 break; 3452 } 3453 switch (proto) { 3454 default: 3455 bpf_error("unsupported index operation"); 3456 3457 case Q_LINK: | 4325 } 4326 bpf_error("ethernet address used in non-ether expression"); 4327 /* NOTREACHED */ 4328} 4329 4330void 4331sappend(s0, s1) 4332 struct slist *s0, *s1; --- 57 unchanged lines hidden (view full) --- 4390 size = BPF_W; 4391 break; 4392 } 4393 switch (proto) { 4394 default: 4395 bpf_error("unsupported index operation"); 4396 4397 case Q_LINK: |
4398 /* 4399 * XXX - what about ATM LANE? Should the index be 4400 * relative to the beginning of the AAL5 frame, so 4401 * that 0 refers to the beginning of the LE Control 4402 * field, or relative to the beginning of the LAN 4403 * frame, so that 0 refers, for Ethernet LANE, to 4404 * the beginning of the destination address? 4405 */ |
|
3458 s = xfer_to_x(index); 3459 tmp = new_stmt(BPF_LD|BPF_IND|size); 3460 sappend(s, tmp); 3461 sappend(index->s, s); 3462 break; 3463 3464 case Q_IP: 3465 case Q_ARP: --- 65 unchanged lines hidden (view full) --- 3531 struct arth *a0, *a1; 3532 int reversed; 3533{ 3534 struct slist *s0, *s1, *s2; 3535 struct block *b, *tmp; 3536 3537 s0 = xfer_to_x(a1); 3538 s1 = xfer_to_a(a0); | 4406 s = xfer_to_x(index); 4407 tmp = new_stmt(BPF_LD|BPF_IND|size); 4408 sappend(s, tmp); 4409 sappend(index->s, s); 4410 break; 4411 4412 case Q_IP: 4413 case Q_ARP: --- 65 unchanged lines hidden (view full) --- 4479 struct arth *a0, *a1; 4480 int reversed; 4481{ 4482 struct slist *s0, *s1, *s2; 4483 struct block *b, *tmp; 4484 4485 s0 = xfer_to_x(a1); 4486 s1 = xfer_to_a(a0); |
3539 s2 = new_stmt(BPF_ALU|BPF_SUB|BPF_X); 3540 b = new_block(JMP(code)); 3541 if (code == BPF_JGT || code == BPF_JGE) { 3542 reversed = !reversed; 3543 b->s.k = 0x80000000; | 4487 if (code == BPF_JEQ) { 4488 s2 = new_stmt(BPF_ALU|BPF_SUB|BPF_X); 4489 b = new_block(JMP(code)); 4490 sappend(s1, s2); |
3544 } | 4491 } |
4492 else 4493 b = new_block(BPF_JMP|code|BPF_X); |
|
3545 if (reversed) 3546 gen_not(b); 3547 | 4494 if (reversed) 4495 gen_not(b); 4496 |
3548 sappend(s1, s2); | |
3549 sappend(s0, s1); 3550 sappend(a1->s, s0); 3551 sappend(a0->s, a1->s); 3552 3553 b->stmts = a0->s; 3554 3555 free_reg(a0->regno); 3556 free_reg(a1->regno); --- 81 unchanged lines hidden (view full) --- 3638 s1 = xfer_to_a(a0); 3639 s2 = new_stmt(BPF_ALU|BPF_X|code); 3640 3641 sappend(s1, s2); 3642 sappend(s0, s1); 3643 sappend(a1->s, s0); 3644 sappend(a0->s, a1->s); 3645 | 4497 sappend(s0, s1); 4498 sappend(a1->s, s0); 4499 sappend(a0->s, a1->s); 4500 4501 b->stmts = a0->s; 4502 4503 free_reg(a0->regno); 4504 free_reg(a1->regno); --- 81 unchanged lines hidden (view full) --- 4586 s1 = xfer_to_a(a0); 4587 s2 = new_stmt(BPF_ALU|BPF_X|code); 4588 4589 sappend(s1, s2); 4590 sappend(s0, s1); 4591 sappend(a1->s, s0); 4592 sappend(a0->s, a1->s); 4593 |
4594 free_reg(a0->regno); |
|
3646 free_reg(a1->regno); 3647 3648 s0 = new_stmt(BPF_ST); 3649 a0->regno = s0->s.k = alloc_reg(); 3650 sappend(a0->s, s0); 3651 3652 return a0; 3653} --- 123 unchanged lines hidden (view full) --- 3777 bpf_u_int32 hostmask; 3778 struct block *b0, *b1, *b2; 3779 static u_char ebroadcast[] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff }; 3780 3781 switch (proto) { 3782 3783 case Q_DEFAULT: 3784 case Q_LINK: | 4595 free_reg(a1->regno); 4596 4597 s0 = new_stmt(BPF_ST); 4598 a0->regno = s0->s.k = alloc_reg(); 4599 sappend(a0->s, s0); 4600 4601 return a0; 4602} --- 123 unchanged lines hidden (view full) --- 4726 bpf_u_int32 hostmask; 4727 struct block *b0, *b1, *b2; 4728 static u_char ebroadcast[] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff }; 4729 4730 switch (proto) { 4731 4732 case Q_DEFAULT: 4733 case Q_LINK: |
3785 if (linktype == DLT_ARCNET) | 4734 if (linktype == DLT_ARCNET || linktype == DLT_ARCNET_LINUX) |
3786 return gen_ahostop(abroadcast, Q_DST); 3787 if (linktype == DLT_EN10MB) 3788 return gen_ehostop(ebroadcast, Q_DST); 3789 if (linktype == DLT_FDDI) 3790 return gen_fhostop(ebroadcast, Q_DST); 3791 if (linktype == DLT_IEEE802) 3792 return gen_thostop(ebroadcast, Q_DST); 3793 if (linktype == DLT_IEEE802_11) | 4735 return gen_ahostop(abroadcast, Q_DST); 4736 if (linktype == DLT_EN10MB) 4737 return gen_ehostop(ebroadcast, Q_DST); 4738 if (linktype == DLT_FDDI) 4739 return gen_fhostop(ebroadcast, Q_DST); 4740 if (linktype == DLT_IEEE802) 4741 return gen_thostop(ebroadcast, Q_DST); 4742 if (linktype == DLT_IEEE802_11) |
3794 return gen_whostop(ebroadcast, Q_DST); | 4743 return gen_wlanhostop(ebroadcast, Q_DST); 4744 if (linktype == DLT_IP_OVER_FC) 4745 return gen_ipfchostop(ebroadcast, Q_DST); 4746 if (linktype == DLT_SUNATM && is_lane) { 4747 /* 4748 * Check that the packet doesn't begin with an 4749 * LE Control marker. (We've already generated 4750 * a test for LANE.) 4751 */ 4752 b1 = gen_cmp(SUNATM_PKT_BEGIN_POS, BPF_H, 0xFF00); 4753 gen_not(b1); 4754 4755 /* 4756 * Now check the MAC address. 4757 */ 4758 b0 = gen_ehostop(ebroadcast, Q_DST); 4759 gen_and(b1, b0); 4760 return b0; 4761 } |
3795 bpf_error("not a broadcast link"); 3796 break; 3797 3798 case Q_IP: 3799 b0 = gen_linktype(ETHERTYPE_IP); 3800 hostmask = ~netmask; 3801 b1 = gen_mcmp(off_nl + 16, BPF_W, (bpf_int32)0, hostmask); 3802 b2 = gen_mcmp(off_nl + 16, BPF_W, 3803 (bpf_int32)(~0 & hostmask), hostmask); 3804 gen_or(b1, b2); 3805 gen_and(b0, b2); 3806 return b2; 3807 } | 4762 bpf_error("not a broadcast link"); 4763 break; 4764 4765 case Q_IP: 4766 b0 = gen_linktype(ETHERTYPE_IP); 4767 hostmask = ~netmask; 4768 b1 = gen_mcmp(off_nl + 16, BPF_W, (bpf_int32)0, hostmask); 4769 b2 = gen_mcmp(off_nl + 16, BPF_W, 4770 (bpf_int32)(~0 & hostmask), hostmask); 4771 gen_or(b1, b2); 4772 gen_and(b0, b2); 4773 return b2; 4774 } |
3808 bpf_error("only ether/ip broadcast filters supported"); | 4775 bpf_error("only link-layer/IP broadcast filters supported"); |
3809} 3810 | 4776} 4777 |
4778/* 4779 * Generate code to test the low-order bit of a MAC address (that's 4780 * the bottom bit of the *first* byte). 4781 */ 4782static struct block * 4783gen_mac_multicast(offset) 4784 int offset; 4785{ 4786 register struct block *b0; 4787 register struct slist *s; 4788 4789 /* link[offset] & 1 != 0 */ 4790 s = new_stmt(BPF_LD|BPF_B|BPF_ABS); 4791 s->s.k = offset; 4792 b0 = new_block(JMP(BPF_JSET)); 4793 b0->s.k = 1; 4794 b0->stmts = s; 4795 return b0; 4796} 4797 |
|
3811struct block * 3812gen_multicast(proto) 3813 int proto; 3814{ | 4798struct block * 4799gen_multicast(proto) 4800 int proto; 4801{ |
3815 register struct block *b0, *b1; | 4802 register struct block *b0, *b1, *b2; |
3816 register struct slist *s; 3817 3818 switch (proto) { 3819 3820 case Q_DEFAULT: 3821 case Q_LINK: | 4803 register struct slist *s; 4804 4805 switch (proto) { 4806 4807 case Q_DEFAULT: 4808 case Q_LINK: |
3822 if (linktype == DLT_ARCNET) | 4809 if (linktype == DLT_ARCNET || linktype == DLT_ARCNET_LINUX) |
3823 /* all ARCnet multicasts use the same address */ 3824 return gen_ahostop(abroadcast, Q_DST); 3825 3826 if (linktype == DLT_EN10MB) { 3827 /* ether[0] & 1 != 0 */ | 4810 /* all ARCnet multicasts use the same address */ 4811 return gen_ahostop(abroadcast, Q_DST); 4812 4813 if (linktype == DLT_EN10MB) { 4814 /* ether[0] & 1 != 0 */ |
3828 s = new_stmt(BPF_LD|BPF_B|BPF_ABS); 3829 s->s.k = 0; 3830 b0 = new_block(JMP(BPF_JSET)); 3831 b0->s.k = 1; 3832 b0->stmts = s; 3833 return b0; | 4815 return gen_mac_multicast(0); |
3834 } 3835 3836 if (linktype == DLT_FDDI) { | 4816 } 4817 4818 if (linktype == DLT_FDDI) { |
3837 /* XXX TEST THIS: MIGHT NOT PORT PROPERLY XXX */ | 4819 /* 4820 * XXX TEST THIS: MIGHT NOT PORT PROPERLY XXX 4821 * 4822 * XXX - was that referring to bit-order issues? 4823 */ |
3838 /* fddi[1] & 1 != 0 */ | 4824 /* fddi[1] & 1 != 0 */ |
4825 return gen_mac_multicast(1); 4826 } 4827 4828 if (linktype == DLT_IEEE802) { 4829 /* tr[2] & 1 != 0 */ 4830 return gen_mac_multicast(2); 4831 } 4832 4833 if (linktype == DLT_IEEE802_11) { 4834 /* 4835 * Oh, yuk. 4836 * 4837 * For control frames, there is no DA. 4838 * 4839 * For management frames, DA is at an 4840 * offset of 4 from the beginning of 4841 * the packet. 4842 * 4843 * For data frames, DA is at an offset 4844 * of 4 from the beginning of the packet 4845 * if To DS is clear and at an offset of 4846 * 16 from the beginning of the packet 4847 * if To DS is set. 4848 */ 4849 4850 /* 4851 * Generate the tests to be done for data frames. 4852 * 4853 * First, check for To DS set, i.e. "link[1] & 0x01". 4854 */ |
|
3839 s = new_stmt(BPF_LD|BPF_B|BPF_ABS); 3840 s->s.k = 1; | 4855 s = new_stmt(BPF_LD|BPF_B|BPF_ABS); 4856 s->s.k = 1; |
3841 b0 = new_block(JMP(BPF_JSET)); 3842 b0->s.k = 1; 3843 b0->stmts = s; | 4857 b1 = new_block(JMP(BPF_JSET)); 4858 b1->s.k = 0x01; /* To DS */ 4859 b1->stmts = s; 4860 4861 /* 4862 * If To DS is set, the DA is at 16. 4863 */ 4864 b0 = gen_mac_multicast(16); 4865 gen_and(b1, b0); 4866 4867 /* 4868 * Now, check for To DS not set, i.e. check 4869 * "!(link[1] & 0x01)". 4870 */ 4871 s = new_stmt(BPF_LD|BPF_B|BPF_ABS); 4872 s->s.k = 1; 4873 b2 = new_block(JMP(BPF_JSET)); 4874 b2->s.k = 0x01; /* To DS */ 4875 b2->stmts = s; 4876 gen_not(b2); 4877 4878 /* 4879 * If To DS is not set, the DA is at 4. 4880 */ 4881 b1 = gen_mac_multicast(4); 4882 gen_and(b2, b1); 4883 4884 /* 4885 * Now OR together the last two checks. That gives 4886 * the complete set of checks for data frames. 4887 */ 4888 gen_or(b1, b0); 4889 4890 /* 4891 * Now check for a data frame. 4892 * I.e, check "link[0] & 0x08". 4893 */ 4894 s = new_stmt(BPF_LD|BPF_B|BPF_ABS); 4895 s->s.k = 0; 4896 b1 = new_block(JMP(BPF_JSET)); 4897 b1->s.k = 0x08; 4898 b1->stmts = s; 4899 4900 /* 4901 * AND that with the checks done for data frames. 4902 */ 4903 gen_and(b1, b0); 4904 4905 /* 4906 * If the high-order bit of the type value is 0, this 4907 * is a management frame. 4908 * I.e, check "!(link[0] & 0x08)". 4909 */ 4910 s = new_stmt(BPF_LD|BPF_B|BPF_ABS); 4911 s->s.k = 0; 4912 b2 = new_block(JMP(BPF_JSET)); 4913 b2->s.k = 0x08; 4914 b2->stmts = s; 4915 gen_not(b2); 4916 4917 /* 4918 * For management frames, the DA is at 4. 4919 */ 4920 b1 = gen_mac_multicast(4); 4921 gen_and(b2, b1); 4922 4923 /* 4924 * OR that with the checks done for data frames. 4925 * That gives the checks done for management and 4926 * data frames. 4927 */ 4928 gen_or(b1, b0); 4929 4930 /* 4931 * If the low-order bit of the type value is 1, 4932 * this is either a control frame or a frame 4933 * with a reserved type, and thus not a 4934 * frame with an SA. 4935 * 4936 * I.e., check "!(link[0] & 0x04)". 4937 */ 4938 s = new_stmt(BPF_LD|BPF_B|BPF_ABS); 4939 s->s.k = 0; 4940 b1 = new_block(JMP(BPF_JSET)); 4941 b1->s.k = 0x04; 4942 b1->stmts = s; 4943 gen_not(b1); 4944 4945 /* 4946 * AND that with the checks for data and management 4947 * frames. 4948 */ 4949 gen_and(b1, b0); |
3844 return b0; 3845 } 3846 | 4950 return b0; 4951 } 4952 |
3847 /* TODO - check how token ring handles multicast */ 3848 /* if (linktype == DLT_IEEE802) ... */ | 4953 if (linktype == DLT_IP_OVER_FC) { 4954 b0 = gen_mac_multicast(2); 4955 return b0; 4956 } |
3849 | 4957 |
4958 if (linktype == DLT_SUNATM && is_lane) { 4959 /* 4960 * Check that the packet doesn't begin with an 4961 * LE Control marker. (We've already generated 4962 * a test for LANE.) 4963 */ 4964 b1 = gen_cmp(SUNATM_PKT_BEGIN_POS, BPF_H, 0xFF00); 4965 gen_not(b1); 4966 4967 /* ether[off_mac] & 1 != 0 */ 4968 b0 = gen_mac_multicast(off_mac); 4969 gen_and(b1, b0); 4970 return b0; 4971 } 4972 |
|
3850 /* Link not known to support multicasts */ 3851 break; 3852 3853 case Q_IP: 3854 b0 = gen_linktype(ETHERTYPE_IP); 3855 b1 = gen_cmp(off_nl + 16, BPF_B, (bpf_int32)224); 3856 b1->s.code = JMP(BPF_JGE); 3857 gen_and(b0, b1); 3858 return b1; 3859 3860#ifdef INET6 3861 case Q_IPV6: 3862 b0 = gen_linktype(ETHERTYPE_IPV6); 3863 b1 = gen_cmp(off_nl + 24, BPF_B, (bpf_int32)255); 3864 gen_and(b0, b1); 3865 return b1; 3866#endif /* INET6 */ 3867 } | 4973 /* Link not known to support multicasts */ 4974 break; 4975 4976 case Q_IP: 4977 b0 = gen_linktype(ETHERTYPE_IP); 4978 b1 = gen_cmp(off_nl + 16, BPF_B, (bpf_int32)224); 4979 b1->s.code = JMP(BPF_JGE); 4980 gen_and(b0, b1); 4981 return b1; 4982 4983#ifdef INET6 4984 case Q_IPV6: 4985 b0 = gen_linktype(ETHERTYPE_IPV6); 4986 b1 = gen_cmp(off_nl + 24, BPF_B, (bpf_int32)255); 4987 gen_and(b0, b1); 4988 return b1; 4989#endif /* INET6 */ 4990 } |
3868 bpf_error("only IP multicast filters supported on ethernet/FDDI"); | 4991 bpf_error("link-layer multicast filters supported only on ethernet/FDDI/token ring/ARCNET/802.11/ATM LANE/Fibre Channel"); |
3869} 3870 3871/* 3872 * generate command for inbound/outbound. It's here so we can 3873 * make it link-type specific. 'dir' = 0 implies "inbound", 3874 * = 1 implies "outbound". 3875 */ 3876struct block * 3877gen_inbound(dir) 3878 int dir; 3879{ 3880 register struct block *b0; 3881 3882 /* 3883 * Only some data link types support inbound/outbound qualifiers. 3884 */ 3885 switch (linktype) { 3886 case DLT_SLIP: | 4992} 4993 4994/* 4995 * generate command for inbound/outbound. It's here so we can 4996 * make it link-type specific. 'dir' = 0 implies "inbound", 4997 * = 1 implies "outbound". 4998 */ 4999struct block * 5000gen_inbound(dir) 5001 int dir; 5002{ 5003 register struct block *b0; 5004 5005 /* 5006 * Only some data link types support inbound/outbound qualifiers. 5007 */ 5008 switch (linktype) { 5009 case DLT_SLIP: |
3887 case DLT_PPP: | |
3888 b0 = gen_relation(BPF_JEQ, 3889 gen_load(Q_LINK, gen_loadi(0), 1), 3890 gen_loadi(0), 3891 dir); 3892 break; 3893 | 5010 b0 = gen_relation(BPF_JEQ, 5011 gen_load(Q_LINK, gen_loadi(0), 1), 5012 gen_loadi(0), 5013 dir); 5014 break; 5015 |
5016 case DLT_LINUX_SLL: 5017 if (dir) { 5018 /* 5019 * Match packets sent by this machine. 5020 */ 5021 b0 = gen_cmp(0, BPF_H, LINUX_SLL_OUTGOING); 5022 } else { 5023 /* 5024 * Match packets sent to this machine. 5025 * (No broadcast or multicast packets, or 5026 * packets sent to some other machine and 5027 * received promiscuously.) 5028 * 5029 * XXX - packets sent to other machines probably 5030 * shouldn't be matched, but what about broadcast 5031 * or multicast packets we received? 5032 */ 5033 b0 = gen_cmp(0, BPF_H, LINUX_SLL_HOST); 5034 } 5035 break; 5036 5037 case DLT_PFLOG: 5038 b0 = gen_cmp(offsetof(struct pfloghdr, dir), BPF_B, 5039 (bpf_int32)((dir == 0) ? PF_IN : PF_OUT)); 5040 break; 5041 |
|
3894 default: | 5042 default: |
3895 bpf_error("inbound/outbound not supported on linktype %d\n", | 5043 bpf_error("inbound/outbound not supported on linktype %d", |
3896 linktype); 3897 b0 = NULL; 3898 /* NOTREACHED */ 3899 } 3900 return (b0); 3901} 3902 | 5044 linktype); 5045 b0 = NULL; 5046 /* NOTREACHED */ 5047 } 5048 return (b0); 5049} 5050 |
5051/* PF firewall log matched interface */ |
|
3903struct block * | 5052struct block * |
5053gen_pf_ifname(const char *ifname) 5054{ 5055 struct block *b0; 5056 u_int len, off; 5057 5058 if (linktype == DLT_PFLOG) { 5059 len = sizeof(((struct pfloghdr *)0)->ifname); 5060 off = offsetof(struct pfloghdr, ifname); 5061 } else { 5062 bpf_error("ifname not supported on linktype 0x%x", linktype); 5063 /* NOTREACHED */ 5064 } 5065 if (strlen(ifname) >= len) { 5066 bpf_error("ifname interface names can only be %d characters", 5067 len-1); 5068 /* NOTREACHED */ 5069 } 5070 b0 = gen_bcmp(off, strlen(ifname), ifname); 5071 return (b0); 5072} 5073 5074/* PF firewall log matched interface */ 5075struct block * 5076gen_pf_ruleset(char *ruleset) 5077{ 5078 struct block *b0; 5079 5080 if (linktype != DLT_PFLOG) { 5081 bpf_error("ruleset not supported on linktype 0x%x", linktype); 5082 /* NOTREACHED */ 5083 } 5084 if (strlen(ruleset) >= sizeof(((struct pfloghdr *)0)->ruleset)) { 5085 bpf_error("ruleset names can only be %ld characters", 5086 (long)(sizeof(((struct pfloghdr *)0)->ruleset) - 1)); 5087 /* NOTREACHED */ 5088 } 5089 b0 = gen_bcmp(offsetof(struct pfloghdr, ruleset), 5090 strlen(ruleset), ruleset); 5091 return (b0); 5092} 5093 5094/* PF firewall log rule number */ 5095struct block * 5096gen_pf_rnr(int rnr) 5097{ 5098 struct block *b0; 5099 5100 if (linktype == DLT_PFLOG) { 5101 b0 = gen_cmp(offsetof(struct pfloghdr, rulenr), BPF_W, 5102 (bpf_int32)rnr); 5103 } else { 5104 bpf_error("rnr not supported on linktype 0x%x", linktype); 5105 /* NOTREACHED */ 5106 } 5107 5108 return (b0); 5109} 5110 5111/* PF firewall log sub-rule number */ 5112struct block * 5113gen_pf_srnr(int srnr) 5114{ 5115 struct block *b0; 5116 5117 if (linktype != DLT_PFLOG) { 5118 bpf_error("srnr not supported on linktype 0x%x", linktype); 5119 /* NOTREACHED */ 5120 } 5121 5122 b0 = gen_cmp(offsetof(struct pfloghdr, subrulenr), BPF_W, 5123 (bpf_int32)srnr); 5124 return (b0); 5125} 5126 5127/* PF firewall log reason code */ 5128struct block * 5129gen_pf_reason(int reason) 5130{ 5131 struct block *b0; 5132 5133 if (linktype == DLT_PFLOG) { 5134 b0 = gen_cmp(offsetof(struct pfloghdr, reason), BPF_B, 5135 (bpf_int32)reason); 5136 } else { 5137 bpf_error("reason not supported on linktype 0x%x", linktype); 5138 /* NOTREACHED */ 5139 } 5140 5141 return (b0); 5142} 5143 5144/* PF firewall log action */ 5145struct block * 5146gen_pf_action(int action) 5147{ 5148 struct block *b0; 5149 5150 if (linktype == DLT_PFLOG) { 5151 b0 = gen_cmp(offsetof(struct pfloghdr, action), BPF_B, 5152 (bpf_int32)action); 5153 } else { 5154 bpf_error("action not supported on linktype 0x%x", linktype); 5155 /* NOTREACHED */ 5156 } 5157 5158 return (b0); 5159} 5160 5161struct block * |
|
3904gen_acode(eaddr, q) 3905 register const u_char *eaddr; 3906 struct qual q; 3907{ 3908 if ((q.addr == Q_HOST || q.addr == Q_DEFAULT) && q.proto == Q_LINK) { | 5162gen_acode(eaddr, q) 5163 register const u_char *eaddr; 5164 struct qual q; 5165{ 5166 if ((q.addr == Q_HOST || q.addr == Q_DEFAULT) && q.proto == Q_LINK) { |
3909 if (linktype == DLT_ARCNET) | 5167 if (linktype == DLT_ARCNET || linktype == DLT_ARCNET_LINUX) |
3910 return gen_ahostop(eaddr, (int)q.dir); 3911 } 3912 bpf_error("ARCnet address used in non-arc expression"); 3913 /* NOTREACHED */ 3914} 3915 3916static struct block * 3917gen_ahostop(eaddr, dir) --- 38 unchanged lines hidden (view full) --- 3956 3957 /* 3958 * Change the offsets to point to the type and data fields within 3959 * the VLAN packet. This is somewhat of a kludge. 3960 */ 3961 if (orig_nl == (u_int)-1) { 3962 orig_linktype = off_linktype; /* save original values */ 3963 orig_nl = off_nl; | 5168 return gen_ahostop(eaddr, (int)q.dir); 5169 } 5170 bpf_error("ARCnet address used in non-arc expression"); 5171 /* NOTREACHED */ 5172} 5173 5174static struct block * 5175gen_ahostop(eaddr, dir) --- 38 unchanged lines hidden (view full) --- 5214 5215 /* 5216 * Change the offsets to point to the type and data fields within 5217 * the VLAN packet. This is somewhat of a kludge. 5218 */ 5219 if (orig_nl == (u_int)-1) { 5220 orig_linktype = off_linktype; /* save original values */ 5221 orig_nl = off_nl; |
5222 orig_nl_nosnap = off_nl_nosnap; |
|
3964 3965 switch (linktype) { 3966 3967 case DLT_EN10MB: 3968 off_linktype = 16; | 5223 5224 switch (linktype) { 5225 5226 case DLT_EN10MB: 5227 off_linktype = 16; |
5228 off_nl_nosnap = 18; |
|
3969 off_nl = 18; 3970 break; 3971 3972 default: 3973 bpf_error("no VLAN support for data link type %d", 3974 linktype); 3975 /*NOTREACHED*/ 3976 } --- 8 unchanged lines hidden (view full) --- 3985 3986 b1 = gen_cmp(orig_nl, BPF_H, (bpf_int32)vlan_num); 3987 gen_and(b0, b1); 3988 b0 = b1; 3989 } 3990 3991 return (b0); 3992} | 5229 off_nl = 18; 5230 break; 5231 5232 default: 5233 bpf_error("no VLAN support for data link type %d", 5234 linktype); 5235 /*NOTREACHED*/ 5236 } --- 8 unchanged lines hidden (view full) --- 5245 5246 b1 = gen_cmp(orig_nl, BPF_H, (bpf_int32)vlan_num); 5247 gen_and(b0, b1); 5248 b0 = b1; 5249 } 5250 5251 return (b0); 5252} |
5253 5254struct block * 5255gen_atmfield_code(atmfield, jvalue, jtype, reverse) 5256 int atmfield; 5257 bpf_u_int32 jvalue; 5258 bpf_u_int32 jtype; 5259 int reverse; 5260{ 5261 struct block *b0; 5262 5263 switch (atmfield) { 5264 5265 case A_VPI: 5266 if (!is_atm) 5267 bpf_error("'vpi' supported only on raw ATM"); 5268 if (off_vpi == (u_int)-1) 5269 abort(); 5270 b0 = gen_ncmp(BPF_B, off_vpi, 0xffffffff, (u_int)jtype, 5271 (u_int)jvalue, reverse); 5272 break; 5273 5274 case A_VCI: 5275 if (!is_atm) 5276 bpf_error("'vci' supported only on raw ATM"); 5277 if (off_vci == (u_int)-1) 5278 abort(); 5279 b0 = gen_ncmp(BPF_H, off_vci, 0xffffffff, (u_int)jtype, 5280 (u_int)jvalue, reverse); 5281 break; 5282 5283 case A_PROTOTYPE: 5284 if (off_proto == (u_int)-1) 5285 abort(); /* XXX - this isn't on FreeBSD */ 5286 b0 = gen_ncmp(BPF_B, off_proto, 0x0f, (u_int)jtype, 5287 (u_int)jvalue, reverse); 5288 break; 5289 5290 case A_MSGTYPE: 5291 if (off_payload == (u_int)-1) 5292 abort(); 5293 b0 = gen_ncmp(BPF_B, off_payload + MSG_TYPE_POS, 0xffffffff, 5294 (u_int)jtype, (u_int)jvalue, reverse); 5295 break; 5296 5297 case A_CALLREFTYPE: 5298 if (!is_atm) 5299 bpf_error("'callref' supported only on raw ATM"); 5300 if (off_proto == (u_int)-1) 5301 abort(); 5302 b0 = gen_ncmp(BPF_B, off_proto, 0xffffffff, (u_int)jtype, 5303 (u_int)jvalue, reverse); 5304 break; 5305 5306 default: 5307 abort(); 5308 } 5309 return b0; 5310} 5311 5312struct block * 5313gen_atmtype_abbrev(type) 5314 int type; 5315{ 5316 struct block *b0, *b1; 5317 5318 switch (type) { 5319 5320 case A_METAC: 5321 /* Get all packets in Meta signalling Circuit */ 5322 if (!is_atm) 5323 bpf_error("'metac' supported only on raw ATM"); 5324 b0 = gen_atmfield_code(A_VPI, 0, BPF_JEQ, 0); 5325 b1 = gen_atmfield_code(A_VCI, 1, BPF_JEQ, 0); 5326 gen_and(b0, b1); 5327 break; 5328 5329 case A_BCC: 5330 /* Get all packets in Broadcast Circuit*/ 5331 if (!is_atm) 5332 bpf_error("'bcc' supported only on raw ATM"); 5333 b0 = gen_atmfield_code(A_VPI, 0, BPF_JEQ, 0); 5334 b1 = gen_atmfield_code(A_VCI, 2, BPF_JEQ, 0); 5335 gen_and(b0, b1); 5336 break; 5337 5338 case A_OAMF4SC: 5339 /* Get all cells in Segment OAM F4 circuit*/ 5340 if (!is_atm) 5341 bpf_error("'oam4sc' supported only on raw ATM"); 5342 b0 = gen_atmfield_code(A_VPI, 0, BPF_JEQ, 0); 5343 b1 = gen_atmfield_code(A_VCI, 3, BPF_JEQ, 0); 5344 gen_and(b0, b1); 5345 break; 5346 5347 case A_OAMF4EC: 5348 /* Get all cells in End-to-End OAM F4 Circuit*/ 5349 if (!is_atm) 5350 bpf_error("'oam4ec' supported only on raw ATM"); 5351 b0 = gen_atmfield_code(A_VPI, 0, BPF_JEQ, 0); 5352 b1 = gen_atmfield_code(A_VCI, 4, BPF_JEQ, 0); 5353 gen_and(b0, b1); 5354 break; 5355 5356 case A_SC: 5357 /* Get all packets in connection Signalling Circuit */ 5358 if (!is_atm) 5359 bpf_error("'sc' supported only on raw ATM"); 5360 b0 = gen_atmfield_code(A_VPI, 0, BPF_JEQ, 0); 5361 b1 = gen_atmfield_code(A_VCI, 5, BPF_JEQ, 0); 5362 gen_and(b0, b1); 5363 break; 5364 5365 case A_ILMIC: 5366 /* Get all packets in ILMI Circuit */ 5367 if (!is_atm) 5368 bpf_error("'ilmic' supported only on raw ATM"); 5369 b0 = gen_atmfield_code(A_VPI, 0, BPF_JEQ, 0); 5370 b1 = gen_atmfield_code(A_VCI, 16, BPF_JEQ, 0); 5371 gen_and(b0, b1); 5372 break; 5373 5374 case A_LANE: 5375 /* Get all LANE packets */ 5376 if (!is_atm) 5377 bpf_error("'lane' supported only on raw ATM"); 5378 b1 = gen_atmfield_code(A_PROTOTYPE, PT_LANE, BPF_JEQ, 0); 5379 5380 /* 5381 * Arrange that all subsequent tests assume LANE 5382 * rather than LLC-encapsulated packets, and set 5383 * the offsets appropriately for LANE-encapsulated 5384 * Ethernet. 5385 * 5386 * "off_mac" is the offset of the Ethernet header, 5387 * which is 2 bytes past the ATM pseudo-header 5388 * (skipping the pseudo-header and 2-byte LE Client 5389 * field). The other offsets are Ethernet offsets 5390 * relative to "off_mac". 5391 */ 5392 is_lane = 1; 5393 off_mac = off_payload + 2; /* MAC header */ 5394 off_linktype = off_mac + 12; 5395 off_nl = off_mac + 14; /* Ethernet II */ 5396 off_nl_nosnap = off_mac + 17; /* 802.3+802.2 */ 5397 break; 5398 5399 case A_LLC: 5400 /* Get all LLC-encapsulated packets */ 5401 if (!is_atm) 5402 bpf_error("'llc' supported only on raw ATM"); 5403 b1 = gen_atmfield_code(A_PROTOTYPE, PT_LLC, BPF_JEQ, 0); 5404 is_lane = 0; 5405 break; 5406 5407 default: 5408 abort(); 5409 } 5410 return b1; 5411} 5412 5413 5414static struct block * 5415gen_msg_abbrev(type) 5416 int type; 5417{ 5418 struct block *b1; 5419 5420 /* 5421 * Q.2931 signalling protocol messages for handling virtual circuits 5422 * establishment and teardown 5423 */ 5424 switch (type) { 5425 5426 case A_SETUP: 5427 b1 = gen_atmfield_code(A_MSGTYPE, SETUP, BPF_JEQ, 0); 5428 break; 5429 5430 case A_CALLPROCEED: 5431 b1 = gen_atmfield_code(A_MSGTYPE, CALL_PROCEED, BPF_JEQ, 0); 5432 break; 5433 5434 case A_CONNECT: 5435 b1 = gen_atmfield_code(A_MSGTYPE, CONNECT, BPF_JEQ, 0); 5436 break; 5437 5438 case A_CONNECTACK: 5439 b1 = gen_atmfield_code(A_MSGTYPE, CONNECT_ACK, BPF_JEQ, 0); 5440 break; 5441 5442 case A_RELEASE: 5443 b1 = gen_atmfield_code(A_MSGTYPE, RELEASE, BPF_JEQ, 0); 5444 break; 5445 5446 case A_RELEASE_DONE: 5447 b1 = gen_atmfield_code(A_MSGTYPE, RELEASE_DONE, BPF_JEQ, 0); 5448 break; 5449 5450 default: 5451 abort(); 5452 } 5453 return b1; 5454} 5455 5456struct block * 5457gen_atmmulti_abbrev(type) 5458 int type; 5459{ 5460 struct block *b0, *b1; 5461 5462 switch (type) { 5463 5464 case A_OAM: 5465 if (!is_atm) 5466 bpf_error("'oam' supported only on raw ATM"); 5467 b1 = gen_atmmulti_abbrev(A_OAMF4); 5468 break; 5469 5470 case A_OAMF4: 5471 if (!is_atm) 5472 bpf_error("'oamf4' supported only on raw ATM"); 5473 /* OAM F4 type */ 5474 b0 = gen_atmfield_code(A_VCI, 3, BPF_JEQ, 0); 5475 b1 = gen_atmfield_code(A_VCI, 4, BPF_JEQ, 0); 5476 gen_or(b0, b1); 5477 b0 = gen_atmfield_code(A_VPI, 0, BPF_JEQ, 0); 5478 gen_and(b0, b1); 5479 break; 5480 5481 case A_CONNECTMSG: 5482 /* 5483 * Get Q.2931 signalling messages for switched 5484 * virtual connection 5485 */ 5486 if (!is_atm) 5487 bpf_error("'connectmsg' supported only on raw ATM"); 5488 b0 = gen_msg_abbrev(A_SETUP); 5489 b1 = gen_msg_abbrev(A_CALLPROCEED); 5490 gen_or(b0, b1); 5491 b0 = gen_msg_abbrev(A_CONNECT); 5492 gen_or(b0, b1); 5493 b0 = gen_msg_abbrev(A_CONNECTACK); 5494 gen_or(b0, b1); 5495 b0 = gen_msg_abbrev(A_RELEASE); 5496 gen_or(b0, b1); 5497 b0 = gen_msg_abbrev(A_RELEASE_DONE); 5498 gen_or(b0, b1); 5499 b0 = gen_atmtype_abbrev(A_SC); 5500 gen_and(b0, b1); 5501 break; 5502 5503 case A_METACONNECT: 5504 if (!is_atm) 5505 bpf_error("'metaconnect' supported only on raw ATM"); 5506 b0 = gen_msg_abbrev(A_SETUP); 5507 b1 = gen_msg_abbrev(A_CALLPROCEED); 5508 gen_or(b0, b1); 5509 b0 = gen_msg_abbrev(A_CONNECT); 5510 gen_or(b0, b1); 5511 b0 = gen_msg_abbrev(A_RELEASE); 5512 gen_or(b0, b1); 5513 b0 = gen_msg_abbrev(A_RELEASE_DONE); 5514 gen_or(b0, b1); 5515 b0 = gen_atmtype_abbrev(A_METAC); 5516 gen_and(b0, b1); 5517 break; 5518 5519 default: 5520 abort(); 5521 } 5522 return b1; 5523} |
|