From b3305ae85e2120acb95d45939b6808aca0221d1b Mon Sep 17 00:00:00 2001 From: Samuel Thibault Date: Sun, 19 Feb 2012 14:14:03 +0000 Subject: Make pfinet use BPF filter when using a devnode * pfinet/ethernet.c (bpf_ether_filter, bpf_ether_filter_len): New variables. (ethernet_open): Use bpf_ether_filter and bpf_ether_filter_len for device_set_filter call in the devnode case. --- pfinet/ethernet.c | 29 ++++++++++++++++++++++++----- 1 file changed, 24 insertions(+), 5 deletions(-) diff --git a/pfinet/ethernet.c b/pfinet/ethernet.c index e4774e64..745a0e1d 100644 --- a/pfinet/ethernet.c +++ b/pfinet/ethernet.c @@ -83,6 +83,18 @@ static short ether_filter[] = }; static int ether_filter_len = sizeof (ether_filter) / sizeof (short); +/* The BPF instruction allows IP and ARP packets */ +static struct bpf_insn bpf_ether_filter[] = +{ + {NETF_IN|NETF_BPF, /* Header. */ 0, 0, 0}, + {40, 0, 0, 12}, + {21, 1, 0, 2054}, + {21, 0, 1, 2048}, + {6, 0, 0, 1500}, + {6, 0, 0, 0}, +}; +static int bpf_ether_filter_len = sizeof (bpf_ether_filter) / sizeof (short); + static struct port_bucket *etherport_bucket; @@ -177,6 +189,12 @@ ethernet_open (struct device *dev) mach_port_deallocate (mach_task_self (), master_device); if (err) error (2, err, "device_open on %s", dev->name); + + err = device_set_filter (edev->ether_port, ports_get_right (edev->readpt), + MACH_MSG_TYPE_MAKE_SEND, 0, + bpf_ether_filter, bpf_ether_filter_len); + if (err) + error (2, err, "device_set_filter on %s", dev->name); } else { @@ -195,13 +213,14 @@ ethernet_open (struct device *dev) error (0, errno, "file_name_lookup %s", dev->name); error (2, err, "device_open(%s)", dev->name); } + + err = device_set_filter (edev->ether_port, ports_get_right (edev->readpt), + MACH_MSG_TYPE_MAKE_SEND, 0, + ether_filter, ether_filter_len); + if (err) + error (2, err, "device_set_filter on %s", dev->name); } - err = device_set_filter (edev->ether_port, ports_get_right (edev->readpt), - MACH_MSG_TYPE_MAKE_SEND, 0, - ether_filter, ether_filter_len); - if (err) - error (2, err, "device_set_filter on %s", dev->name); return 0; } -- cgit v1.2.3