diff options
author | keramida <keramida@FreeBSD.org> | 2009-01-30 19:33:04 +0000 |
---|---|---|
committer | keramida <keramida@FreeBSD.org> | 2009-01-30 19:33:04 +0000 |
commit | 7dd553874268845ada55ac7f17d92bbefbc3a981 (patch) | |
tree | 9617b8565b16fcbac8663882db3cb419648e26f1 | |
parent | 7d88cc57bfb464896ea2e3fd2b0cffe6d6ea7ecd (diff) | |
download | FreeBSD-src-7dd553874268845ada55ac7f17d92bbefbc3a981.zip FreeBSD-src-7dd553874268845ada55ac7f17d92bbefbc3a981.tar.gz |
Sometimes, depending on the bpf filter rules used in $PATTERN,
the example script of the manpage feeds awk(1) with values larger
than UINT32_MAX. Then awk prints a negative value, and this
messes up $BPFPROG. Trying to load the resulting bpf byte codes
with ngctl then fails.
For example, the output for PATTERN="udp and dst net 255.255.0.0/16"
should be (all in one line):
bpf_prog_len=10
bpf_prog=[
{ code=40 jt=0 jf=0 k=12 }
{ code=21 jt=7 jf=0 k=34525 }
{ code=21 jt=0 jf=6 k=2048 }
{ code=48 jt=0 jf=0 k=23 }
{ code=21 jt=0 jf=4 k=17 }
{ code=32 jt=0 jf=0 k=30 }
{ code=84 jt=0 jf=0 k=4294901760 }
{ code=21 jt=0 jf=1 k=4294901760 }
{ code=6 jt=0 jf=0 k=8192 }
{ code=6 jt=0 jf=0 k=0 }
]
The two k=4294901760 values are displayed as k=-2147483648 by awk.
Replace the awk script of the manpage example with a slower but
safer version, that doesn't really attempt to convert the byte
code printed by tcpdump from string to number and back.
PR: docs/123255
Submitted by: Eugenio Maffione, eugenio.maffione at telecomitalia.it
MFC after: 3 days
-rw-r--r-- | share/man/man4/ng_bpf.4 | 23 |
1 files changed, 8 insertions, 15 deletions
diff --git a/share/man/man4/ng_bpf.4 b/share/man/man4/ng_bpf.4 index 9e6f3d5..4f89729 100644 --- a/share/man/man4/ng_bpf.4 +++ b/share/man/man4/ng_bpf.4 @@ -156,21 +156,14 @@ INHOOK="hook1" MATCHHOOK="hook2" NOTMATCHHOOK="hook3" -cat > /tmp/bpf.awk << xxENDxx -{ - if (!init) { - printf "bpf_prog_len=%d bpf_prog=[", \\$1; - init=1; - } else { - printf " { code=%d jt=%d jf=%d k=%d }", \\$1, \\$2, \\$3, \\$4; - } -} -END { - print " ]" -} -xxENDxx - -BPFPROG=`tcpdump -s 8192 -ddd ${PATTERN} | awk -f /tmp/bpf.awk` +BPFPROG=$( tcpdump -s 8192 -ddd ${PATTERN} | \\ + ( read len ; \\ + echo -n "bpf_prog_len=$len" ; \\ + echo -n "bpf_prog=[" ; \\ + while read code jt jf k ; do \\ + echo -n " { code=$code jt=$jt jf=$jf k=$k }" ; \\ + done ; \\ + echo " ]" ) ) ngctl msg ${NODEPATH} setprogram { thisHook=\\"${INHOOK}\\" \\ ifMatch=\\"${MATCHHOOK}\\" \\ |