1 pppd: Implement support for precompiled pcap filters
3 This patch implements support for precompiled pcap filters which is useful to
4 support dial-on-demand on memory constrained embedded devices without having
5 to link the full libpcap into pppd to generate the filters during runtime.
7 Two new options are introduced; "precompiled-pass-filter" specifies a pre-
8 compiled filter file containing rules to match packets which should be passed,
9 "precompiled-active-filter" specifies a filter file containing rules to match
10 packets which are treated as active.
12 Signed-off-by: Jo-Philipp Wich <jo@mein.io>
14 --- a/pppd/Makefile.linux
15 +++ b/pppd/Makefile.linux
16 @@ -50,6 +50,9 @@ MPPE=y
17 # and that the kernel driver support PPP packet filtering.
20 +# Support for precompiled filters
23 # Uncomment the next line to enable multilink PPP (enabled by default)
24 # Linux distributions: Please leave multilink ENABLED in your builds
26 @@ -194,6 +197,14 @@ CFLAGS += -DPPP_FILTER -I$(STAGING_DIR)
30 +ifdef PRECOMPILED_FILTER
31 +PPPDSRCS += pcap_pcc.c
32 +HEADERS += pcap_pcc.h
33 +PPPDOBJS += pcap_pcc.o
34 +LIBS += $(STAGING_DIR)/usr/lib/libpcap.a
35 +CFLAGS += -DPPP_FILTER -DPPP_PRECOMPILED_FILTER -I$(STAGING_DIR)/usr/include
39 PPPDSRCS += ipv6cp.c eui64.c
40 HEADERS += ipv6cp.h eui64.h
47 +#include <pcap-bpf.h>
49 * There have been 3 or 4 different names for this in libpcap CVS, but
50 * this seems to be what they have settled on...
51 @@ -169,6 +170,13 @@ static int setlogfile __P((char **));
52 static int loadplugin __P((char **));
55 +#ifdef PPP_PRECOMPILED_FILTER
56 +#include "pcap_pcc.h"
57 +static int setprecompiledpassfilter __P((char **));
58 +static int setprecompiledactivefilter __P((char **));
63 static int setpassfilter __P((char **));
64 static int setactivefilter __P((char **));
65 @@ -361,6 +369,14 @@ option_t general_options[] = {
66 "set filter for active pkts", OPT_PRIO },
69 +#ifdef PPP_PRECOMPILED_FILTER
70 + { "precompiled-pass-filter", 1, setprecompiledpassfilter,
71 + "set precompiled filter for packets to pass", OPT_PRIO },
73 + { "precompiled-active-filter", 1, setprecompiledactivefilter,
74 + "set precompiled filter for active pkts", OPT_PRIO },
78 { "maxoctets", o_int, &maxoctets,
79 "Set connection traffic limit",
80 @@ -1511,6 +1527,29 @@ callfile(argv)
84 +#ifdef PPP_PRECOMPILED_FILTER
86 + * setprecompiledpassfilter - Set the pass filter for packets using a
87 + * precompiled expression
90 +setprecompiledpassfilter(argv)
93 + return pcap_pre_compiled (*argv, &pass_filter);
97 + * setactivefilter - Set the active filter for packets
100 +setprecompiledactivefilter(argv)
103 + return pcap_pre_compiled (*argv, &active_filter);
109 * setpassfilter - Set the pass filter for packets
111 +++ b/pppd/pcap_pcc.c
114 +#include <pcap-bpf.h>
121 +int pcap_pre_compiled (char * fname, struct bpf_program *p)
124 + int line = 0, size = 0, index=0, ret=1;
125 + FILE *f = fopen (fname, "r");
128 + option_error("error opening precompiled active-filter '%s': %s",
129 + fname, strerror (errno));
132 + while (fgets (buf, 127, f))
147 + struct bpf_insn * insn = & p->bf_insns[index];
148 + unsigned code, jt, jf, k;
149 + if (sscanf (buf, "%u %u %u %u", &code, &jt, &jf, &k) != 4)
161 + if (sscanf (buf, "%u", &size) != 1)
166 + p->bf_insns = (struct bpf_insn *)
167 + malloc (size * sizeof (struct bpf_insn));
172 + option_error("error in precompiled active-filter,"
173 + " expected %d expressions, got %dn",
181 + option_error("error in precompiled active-filter"
182 + " expression line %s:%d (wrong size)\n",
188 +++ b/pppd/pcap_pcc.h
195 +int pcap_pre_compiled (char * fname, struct bpf_program *p);
196 +#endif /* PCAP_PCC_H */