1 pppd: Implement support for precompiled pcap filters
3 This patch implements support for precompiled pcap filters which is useful to
4 support dial-on-demand on memory constrained embedded devices without having
5 to link the full libpcap into pppd to generate the filters during runtime.
7 Two new options are introduced; "precompiled-pass-filter" specifies a pre-
8 compiled filter file containing rules to match packets which should be passed,
9 "precompiled-active-filter" specifies a filter file containing rules to match
10 packets which are treated as active.
12 Signed-off-by: Jo-Philipp Wich <jo@mein.io>
14 --- a/pppd/Makefile.linux
15 +++ b/pppd/Makefile.linux
16 @@ -51,6 +51,9 @@ MPPE=y
17 # and that the kernel driver support PPP packet filtering.
20 +# Support for precompiled filters
23 # Uncomment the next line to enable multilink PPP (enabled by default)
24 # Linux distributions: Please leave multilink ENABLED in your builds
26 @@ -214,6 +217,14 @@ LIBS += -lpcap -L$(STAGING_DIR)/usr/l
27 CFLAGS += -DPPP_FILTER -I$(STAGING_DIR)/usr/include
30 +ifdef PRECOMPILED_FILTER
31 +PPPDSRCS += pcap_pcc.c
32 +HEADERS += pcap_pcc.h
33 +PPPDOBJS += pcap_pcc.o
34 +LIBS += $(STAGING_DIR)/usr/lib/libpcap.a
35 +CFLAGS += -DPPP_FILTER -DPPP_PRECOMPILED_FILTER -I$(STAGING_DIR)/usr/include
39 PPPDSRCS += ipv6cp.c eui64.c
40 HEADERS += ipv6cp.h eui64.h
47 +#include <pcap-bpf.h>
49 * There have been 3 or 4 different names for this in libpcap CVS, but
50 * this seems to be what they have settled on...
51 @@ -168,6 +169,13 @@ static int setlogfile(char **);
52 static int loadplugin(char **);
55 +#ifdef PPP_PRECOMPILED_FILTER
56 +#include "pcap_pcc.h"
57 +static int setprecompiledpassfilter(char **);
58 +static int setprecompiledactivefilter(char **);
63 static int setpassfilter(char **);
64 static int setactivefilter(char **);
65 @@ -360,6 +368,14 @@ option_t general_options[] = {
66 "set filter for active pkts", OPT_PRIO },
69 +#ifdef PPP_PRECOMPILED_FILTER
70 + { "precompiled-pass-filter", 1, setprecompiledpassfilter,
71 + "set precompiled filter for packets to pass", OPT_PRIO },
73 + { "precompiled-active-filter", 1, setprecompiledactivefilter,
74 + "set precompiled filter for active pkts", OPT_PRIO },
78 { "maxoctets", o_int, &maxoctets,
79 "Set connection traffic limit",
80 @@ -1468,6 +1484,27 @@ callfile(char **argv)
84 +#ifdef PPP_PRECOMPILED_FILTER
86 + * setprecompiledpassfilter - Set the pass filter for packets using a
87 + * precompiled expression
90 +setprecompiledpassfilter(char **argv)
92 + return pcap_pre_compiled (*argv, &pass_filter);
96 + * setactivefilter - Set the active filter for packets
99 +setprecompiledactivefilter(char **argv)
101 + return pcap_pre_compiled (*argv, &active_filter);
107 * setpassfilter - Set the pass filter for packets
109 +++ b/pppd/pcap_pcc.c
112 +#include <pcap-bpf.h>
119 +int pcap_pre_compiled (char * fname, struct bpf_program *p)
122 + int line = 0, size = 0, index=0, ret=1;
123 + FILE *f = fopen (fname, "r");
126 + option_error("error opening precompiled active-filter '%s': %s",
127 + fname, strerror (errno));
130 + while (fgets (buf, 127, f))
145 + struct bpf_insn * insn = & p->bf_insns[index];
146 + unsigned code, jt, jf, k;
147 + if (sscanf (buf, "%u %u %u %u", &code, &jt, &jf, &k) != 4)
159 + if (sscanf (buf, "%u", &size) != 1)
164 + p->bf_insns = (struct bpf_insn *)
165 + malloc (size * sizeof (struct bpf_insn));
170 + option_error("error in precompiled active-filter,"
171 + " expected %d expressions, got %dn",
179 + option_error("error in precompiled active-filter"
180 + " expression line %s:%d (wrong size)\n",
186 +++ b/pppd/pcap_pcc.h
193 +int pcap_pre_compiled (char * fname, struct bpf_program *p);
194 +#endif /* PCAP_PCC_H */