/*---------------------------------------------------------------------------*/
void
FreeMonListener(mtcp_manager_t mtcp, socket_map_t socket)
{
struct mon_listener *monitor = socket->monitor_listener;
#ifdef NEWEV
stree_dec_ref(mtcp->ev_store, monitor->stree_dontcare);
stree_dec_ref(mtcp->ev_store, monitor->stree_pre_rcv);
stree_dec_ref(mtcp->ev_store, monitor->stree_post_snd);
monitor->stree_dontcare = NULL;
monitor->stree_pre_rcv = NULL;
monitor->stree_post_snd = NULL;
#else
CleanupEvB(mtcp, &monitor->dontcare_evb);
CleanupEvB(mtcp, &monitor->pre_tcp_evb);
CleanupEvB(mtcp, &monitor->post_tcp_evb);
#endif
DestroyEventQueue(monitor->eq);
/* Clean up monitor filter */
if (ISSET_BPFFILTER(&monitor->stream_syn_fcode))
sfbpf_freecode(&monitor->stream_syn_fcode);
if (ISSET_BPFFILTER(&monitor->stream_orphan_fcode))
sfbpf_freecode(&monitor->stream_orphan_fcode);
memset(monitor, 0, sizeof(struct mon_listener));
}
static int afpacket_daq_set_filter(void *handle, const char *filter)
{
AFPacket_Context_t *afpc = (AFPacket_Context_t *) handle;
struct sfbpf_program fcode;
if (afpc->filter)
free(afpc->filter);
afpc->filter = strdup(filter);
if (!afpc->filter)
{
DPE(afpc->errbuf, "%s: Couldn't allocate memory for the filter string!", __FUNCTION__);
return DAQ_ERROR;
}
if (sfbpf_compile(afpc->snaplen, DLT_EN10MB, &fcode, afpc->filter, 1, 0) < 0)
{
DPE(afpc->errbuf, "%s: BPF state machine compilation failed!", __FUNCTION__);
return DAQ_ERROR;
}
sfbpf_freecode(&afpc->fcode);
afpc->fcode.bf_len = fcode.bf_len;
afpc->fcode.bf_insns = fcode.bf_insns;
return DAQ_SUCCESS;
}
static int pfring_daq_set_filter(void *handle, const char *filter) {
Pfring_Context_t *context = (Pfring_Context_t *) handle;
int ret, i;
struct sfbpf_program fcode;
if(context->ring_handles[DAQ_PF_RING_PASSIVE_DEV_IDX]) {
if(sfbpf_compile(context->snaplen, DLT_EN10MB, &fcode,
filter, 0 /* 1: optimize */, htonl(context->netmask)) < 0) {
DPE(context->errbuf, "%s: BPF state machine compilation failed!", __FUNCTION__);
return DAQ_ERROR;
}
ret = DAQ_SUCCESS;
for (i = 0; i < context->num_devices; i++) {
if(setsockopt(pfring_get_selectable_fd(context->ring_handles[i]), 0,
SO_ATTACH_FILTER, &fcode, sizeof(fcode)) != 0) {
ret = DAQ_ERROR;
}
}
sfbpf_freecode(&fcode);
} else {
/* Just check if the filter is valid */
if(sfbpf_compile(context->snaplen, DLT_EN10MB, &fcode,
filter, 0 /* 1: optimize */, 0 /* netmask */) < 0) {
DPE(context->errbuf, "%s: BPF state machine compilation failed!", __FUNCTION__);
return DAQ_ERROR;
}
ret = DAQ_SUCCESS;
if(context->filter_string)
free(context->filter_string);
context->filter_string = strdup(filter);
if(!context->filter_string) {
DPE(context->errbuf, "%s: Couldn't allocate memory for the filter string!",
__FUNCTION__);
ret = DAQ_ERROR;
}
sfbpf_freecode(&fcode);
}
return ret;
}
static int af_packet_close(AFPacket_Context_t *afpc)
{
AFPacketInstance *instance;
if (!afpc)
return -1;
/* Cache the latest hardware stats before stopping. */
update_hw_stats(afpc);
while ((instance = afpc->instances) != NULL)
{
afpc->instances = instance->next;
destroy_instance(instance);
}
sfbpf_freecode(&afpc->fcode);
afpc->state = DAQ_STATE_STOPPED;
return 0;
}
int
main()
{
struct sfbpf_program fcode;
const char *filter = "tcp";
char data[1514];
int len = 1514;
memset(data, 0, sizeof(data));
if (sfbpf_compile(1514, DLT_EN10MB, &fcode, filter, 1, 0) < 0) {
fprintf(stderr, "%s: BPF state machine compilation failed!", __FUNCTION__);
return EXIT_FAILURE;
}
if (fcode.bf_insns && sfbpf_filter(fcode.bf_insns, data, len, len) == 0) {
fprintf(stderr, "Packet ignored!\n");
}
sfbpf_freecode(&fcode);
return EXIT_SUCCESS;
}
