Hello,
I tried asking it on freebsd-ipfw@ but I got no luck. Maybe because
this is related to Netgraph and not ipfw essentially.
I want to use ng_bpf to use ng_tag to use ipfw-tag. Looks like lego,
where I have to assemble my toy, but I liked Lego when I was a child.
Following ng_bpf(4) man page I ran this script:
PATTERN="(ether[40:4]=0x134e5844 &&
ether[44:4]=0x6f6d6169 &&
ether[48:4]=0x6e0a)"
NODEPATH="my_node:"
INHOOK="hook1"
MATCHHOOK="hook2"
NOTMATCHHOOK="hook3"
cat > /tmp/bpf.awk << xxENDxx
{
if (!init) {
printf "bpf_prog_len=%d bpf_prog=[", \$1;
init=1;
} else {
printf " { code=%d jt=%d jf=%d k=%d }", \$1, \$2, \$3, \$4;
}
}
END {
print " ]"
}
xxENDxx
BPFPROG=`tcpdump -s 8192 -ddd ${PATTERN} | awk -f /tmp/bpf.awk`
ngctl msg ${NODEPATH} setprogram { thisHook=\"${INHOOK}\" \
ifMatch=\"${MATCHHOOK}\" \
ifNotMatch=\"${NOTMATCHHOOK}\" \
${BPFPROG} } }
But I got this message:
ngctl: send msg: No such file or directory
I printed the full commands that returns the error, it is:
ngctl msg setprogram { thisHook="" ifMatch=""
ifNotMatch=""
bpf_prog_len=8 bpf_prog=[ { code=32 jt=0 jf=0 k=40 } { code=21 jt=0
jf=5 k=323901508 } { code=32 jt=0 jf=0 k=44 } { code=21 jt=0 jf=3
k=1869439337 } { code=32 jt=0 jf=0 k=48 } { code=21 jt=0 jf=1 k=28170
} { code=6 jt=0 jf=0 k=8192 } { code=6 jt=0 jf=0 k=0 } ] } }
Running tcpdump -s 8192 -ddd $PATTERN manually I get:
8
32 0 0 40
21 0 5 323901508
32 0 0 44
21 0 3 1869439337
32 0 0 48
21 0 1 28170
6 0 0 8192
6 0 0 0
Which looks that the ngctl data (code, kt, jf and k) are correct. But
the command returns that error for some reason. The script was taken
from ng_blf(4) man page.
I am all new to this netgraph thing.
Can anyone help me to find out what is rong? Thank you.
--
==========Eduardo Meyer
pessoal: dudu.meyer@gmail.com
profissional: ddm.farmaciap@saude.gov.br
On 10/10/06, Eduardo Meyer <dudu.meyer@gmail.com> wrote:> Hello, > > I tried asking it on freebsd-ipfw@ but I got no luck. Maybe because > this is related to Netgraph and not ipfw essentially. > > I want to use ng_bpf to use ng_tag to use ipfw-tag. Looks like lego, > where I have to assemble my toy, but I liked Lego when I was a child. > > Following ng_bpf(4) man page I ran this script: > > PATTERN="(ether[40:4]=0x134e5844 && > ether[44:4]=0x6f6d6169 && > ether[48:4]=0x6e0a)" > > NODEPATH="my_node:" > INHOOK="hook1" > MATCHHOOK="hook2" > NOTMATCHHOOK="hook3" > > cat > /tmp/bpf.awk << xxENDxx > { > if (!init) { > printf "bpf_prog_len=%d bpf_prog=[", \$1; > init=1; > } else { > printf " { code=%d jt=%d jf=%d k=%d }", \$1, \$2, \$3, \$4; > } > } > END { > print " ]" > } > xxENDxx > > BPFPROG=`tcpdump -s 8192 -ddd ${PATTERN} | awk -f /tmp/bpf.awk` > ngctl msg ${NODEPATH} setprogram { thisHook=\"${INHOOK}\" \ > ifMatch=\"${MATCHHOOK}\" \ > ifNotMatch=\"${NOTMATCHHOOK}\" \ > ${BPFPROG} } } > > But I got this message: > > ngctl: send msg: No such file or directory >are you sure you are able to write to /tmp, this error looks like it is not able to read /tmp/bpf.awk.> I printed the full commands that returns the error, it is: > > ngctl msg setprogram { thisHook="" ifMatch="" ifNotMatch="" > bpf_prog_len=8 bpf_prog=[ { code=32 jt=0 jf=0 k=40 } { code=21 jt=0 > jf=5 k=323901508 } { code=32 jt=0 jf=0 k=44 } { code=21 jt=0 jf=3 > k=1869439337 } { code=32 jt=0 jf=0 k=48 } { code=21 jt=0 jf=1 k=28170 > } { code=6 jt=0 jf=0 k=8192 } { code=6 jt=0 jf=0 k=0 } ] } } >i suspect this is what the contents of /tmp/bpf.awk are. if not maybe post that to the thread.... -pete -- ~~o0OO0o~~ Pete Wright www.nycbug.org NYC's *BSD User Group
New try, now by hand:
# ngctl msg dcbpf: setprogram { thisHook="ipfw"
ifMatch="matched"
ifNotMatch="ipfw" bpf_prog_len=8 bpf_prog=[ { code=32 jt=0 jf=0 k=40 }
{ code=21 jt=0 jf=5 k=323901508 } { code=32 jt=0 jf=0 k=44 } { code=21
jt=0 jf=3 k=1869439337 } { code=32 jt=0 jf=0 k=48 } { code=21 jt=0
jf=1 k=28170 } { code=6 jt=0 jf=0 k=8192 } { code=6 jt=0 jf=0 k=0 } ]
} }
ngctl: send msg: No such file or directory
I cant figure out which "file or directory" was not found :(
Now exactly with the command originated from the man page - ng_bpf(4):
ngctl msg my_node: setprogram { thisHook="hook1"
ifMatch="hook2"
ifNotMatch="hook3" bpf_prog_len=16 bpf_prog=[ { code=40 jt=0 jf=0 k=12
} { code=21 jt=0 jf=4 k=34525 } { code=48 jt=0 jf=0 k=20 } { code=21
jt=0 jf=11 k=6 } { code=40 jt=0 jf=0 k=56 } { code=21 jt=8 jf=9 k=80 }
{ code=21 jt=0 jf=8 k=2048 } { code=48 jt=0 jf=0 k=23 } { code=21 jt=0
jf=6 k=6 } { code=40 jt=0 jf=0 k=20 } { code=69 jt=4 jf=0 k=8191 } {
code=177 jt=0 jf=0 k=14 } { code=72 jt=0 jf=0 k=16 } { code=21 jt=0
jf=1 k=80 } { code=6 jt=0 jf=0 k=8192 } { code=6 jt=0 jf=0 k=0 } ] } }
ngctl: send msg: No such file or directory
Exit 71
Same problem. With ngctl list the only node I see is:
There are 1 total nodes:
Name: ngctl19792 Type: socket ID: 0000003f Num hooks: 0
My kldstat:
Id Refs Address Size Name
1 10 0xc0400000 40e440 kernel
2 2 0xc080f000 22ae8 sound.ko
3 1 0xc0832000 51f8 snd_t4dwave.ko
4 1 0xc0838000 59e60 acpi.ko
5 1 0xc24e6000 1a000 usb.ko
6 1 0xc3754000 4000 ng_bpf.ko
7 3 0xc3758000 a000 netgraph.ko
8 1 0xc3766000 3000 ng_tag.ko
9 1 0xc3769000 4000 ng_socket.ko
What am I missing here, and why the example from the man page wont work?
On 10/10/06, Eduardo Meyer <dudu.meyer@gmail.com>
wrote:> Pete, thank you for asking.
>
> > are you sure you are able to write to /tmp, this error looks like it
> > is not able to read /tmp/bpf.awk.
>
> Yes, I can write. It is not the problem, since the generated code from
> the awk file is OK.
>
> >
> > > I printed the full commands that returns the error, it is:
> > >
> > > ngctl msg setprogram { thisHook="" ifMatch=""
ifNotMatch=""
> > > bpf_prog_len=8 bpf_prog=[ { code=32 jt=0 jf=0 k=40 } { code=21
jt=0
> > > jf=5 k=323901508 } { code=32 jt=0 jf=0 k=44 } { code=21 jt=0 jf=3
> > > k=1869439337 } { code=32 jt=0 jf=0 k=48 } { code=21 jt=0 jf=1
k=28170
> > > } { code=6 jt=0 jf=0 k=8192 } { code=6 jt=0 jf=0 k=0 } ] } }
> > >
> >
> > i suspect this is what the contents of /tmp/bpf.awk are. if not maybe
> > post that to the thread....
>
> No, this is the out from
>
> echo ngctl msg ${NODEPATH} setprogram { thisHook=\"${INHOOK}\"
> ifMatch=\"${MATCHHOOK}\" ifNotMatch=\"${NOTMATCHHOOK}\"
${BPFPROG} } }
>
> I added the echo command to see how it is getting executed. So I have
> the echo and on the next line the command itself. Note that this was
> just copied/pasted from the man page, with the exception of the
> PATTERN.
>
>
> --
> ==========> Eduardo Meyer
> pessoal: dudu.meyer@gmail.com
> profissional: ddm.farmaciap@saude.gov.br
>
--
==========Eduardo Meyer
pessoal: dudu.meyer@gmail.com
profissional: ddm.farmaciap@saude.gov.br
Pete, thank you for asking.> are you sure you are able to write to /tmp, this error looks like it > is not able to read /tmp/bpf.awk.Yes, I can write. It is not the problem, since the generated code from the awk file is OK.> > > I printed the full commands that returns the error, it is: > > > > ngctl msg setprogram { thisHook="" ifMatch="" ifNotMatch="" > > bpf_prog_len=8 bpf_prog=[ { code=32 jt=0 jf=0 k=40 } { code=21 jt=0 > > jf=5 k=323901508 } { code=32 jt=0 jf=0 k=44 } { code=21 jt=0 jf=3 > > k=1869439337 } { code=32 jt=0 jf=0 k=48 } { code=21 jt=0 jf=1 k=28170 > > } { code=6 jt=0 jf=0 k=8192 } { code=6 jt=0 jf=0 k=0 } ] } } > > > > i suspect this is what the contents of /tmp/bpf.awk are. if not maybe > post that to the thread....No, this is the out from echo ngctl msg ${NODEPATH} setprogram { thisHook=\"${INHOOK}\" ifMatch=\"${MATCHHOOK}\" ifNotMatch=\"${NOTMATCHHOOK}\" ${BPFPROG} } } I added the echo command to see how it is getting executed. So I have the echo and on the next line the command itself. Note that this was just copied/pasted from the man page, with the exception of the PATTERN. -- ==========Eduardo Meyer pessoal: dudu.meyer@gmail.com profissional: ddm.farmaciap@saude.gov.br
is there a need in ng_ether module? On 10/11/06, Eduardo Meyer <dudu.meyer@gmail.com> wrote:> > > > ngctl msg my_node: setprogram { thisHook="hook1" ifMatch="hook2" > > > ifNotMatch="hook3" bpf_prog_len=16 bpf_prog=[ { code=40 jt=0 jf=0 k=12 > > > } { code=21 jt=0 jf=4 k=34525 } { code=48 jt=0 jf=0 k=20 } { code=21 > > > jt=0 jf=11 k=6 } { code=40 jt=0 jf=0 k=56 } { code=21 jt=8 jf=9 k=80 } > > > { code=21 jt=0 jf=8 k=2048 } { code=48 jt=0 jf=0 k=23 } { code=21 jt=0 > > > jf=6 k=6 } { code=40 jt=0 jf=0 k=20 } { code=69 jt=4 jf=0 k=8191 } { > > > code=177 jt=0 jf=0 k=14 } { code=72 jt=0 jf=0 k=16 } { code=21 jt=0 > > > jf=1 k=80 } { code=6 jt=0 jf=0 k=8192 } { code=6 jt=0 jf=0 k=0 } ] } } > > > > > > How should I create "my_node" before? > > > > Absolutely. > > Absolutely what? I meant "how should I create", say "how to create" my > node. The man page does not mentions anything about it. > > Thanks again for the help. > > -- > ==========> Eduardo Meyer > pessoal: dudu.meyer@gmail.com > profissional: ddm.farmaciap@saude.gov.br > _______________________________________________ > freebsd-stable@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org" >