On 10/10/06, Eduardo Meyer <[EMAIL PROTECTED]> wrote:
Hello,
I tried asking it on freebsd-ipfw@ but I got no luck. Maybe because
this is related to Netgraph and not ipfw essentially.
I want to use ng_bpf to use ng_tag to use ipfw-tag. Looks like lego,
where I have to assemble my toy, but I liked Lego when I was a child.
Following ng_bpf(4) man page I ran this script:
PATTERN="(ether[40:4]=0x134e5844 &&
ether[44:4]=0x6f6d6169 &&
ether[48:4]=0x6e0a)"
NODEPATH="my_node:"
INHOOK="hook1"
MATCHHOOK="hook2"
NOTMATCHHOOK="hook3"
cat > /tmp/bpf.awk << xxENDxx
{
if (!init) {
printf "bpf_prog_len=%d bpf_prog=[", \$1;
init=1;
} else {
printf " { code=%d jt=%d jf=%d k=%d }", \$1, \$2, \$3, \$4;
}
}
END {
print " ]"
}
xxENDxx
BPFPROG=`tcpdump -s 8192 -ddd ${PATTERN} | awk -f /tmp/bpf.awk`
ngctl msg ${NODEPATH} setprogram { thisHook=\"${INHOOK}\" \
ifMatch=\"${MATCHHOOK}\" \
ifNotMatch=\"${NOTMATCHHOOK}\" \
${BPFPROG} } }
But I got this message:
ngctl: send msg: No such file or directory
are you sure you are able to write to /tmp, this error looks like it
is not able to read /tmp/bpf.awk.
I printed the full commands that returns the error, it is:
ngctl msg setprogram { thisHook="" ifMatch="" ifNotMatch=""
bpf_prog_len=8 bpf_prog=[ { code=32 jt=0 jf=0 k=40 } { code=21 jt=0
jf=5 k=323901508 } { code=32 jt=0 jf=0 k=44 } { code=21 jt=0 jf=3
k=1869439337 } { code=32 jt=0 jf=0 k=48 } { code=21 jt=0 jf=1 k=28170
} { code=6 jt=0 jf=0 k=8192 } { code=6 jt=0 jf=0 k=0 } ] } }
i suspect this is what the contents of /tmp/bpf.awk are. if not maybe
post that to the thread....
-pete
--
~~o0OO0o~~
Pete Wright
www.nycbug.org
NYC's *BSD User Group
_______________________________________________
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
