search for: blaffablaffa

https://bugzilla.netfilter.org/show_bug.cgi?id=1048 blaffablaffa at gmail.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution|--- |FIXED --- Comment #4 from blaffablaf...

...hanged: What |Removed |Added ---------------------------------------------------------------------------- CC| |daniel at iogearbox.net --- Comment #1 from Daniel Borkmann <daniel at iogearbox.net> --- (In reply to blaffablaffa from comment #0) > It appears that xt_bpf isn't functioning at all. For example: > > iptables -A INPUT -p udp -m bpf --bytecode "`tcpdump -i lo -ddd udp | tr > '\n' ,`" -j LOG > > should log all UDP packets, but it logs none because -m bpf never matches. Y...

https://bugzilla.netfilter.org/show_bug.cgi?id=1048 --- Comment #2 from blaffablaffa at gmail.com --- It turns out that the problem is indeed the different 0 offset that xt_bpf and tcpdump use. In particular, it appears that offset 0 in tcpdump is at the very beginning of the packet (ethernet header included) whereas xt_bpf uses the beginning of the IP header. I've spoken with...

https://bugzilla.netfilter.org/show_bug.cgi?id=1048 --- Comment #3 from Daniel Borkmann <daniel at iogearbox.net> --- (In reply to blaffablaffa from comment #2) > It turns out that the problem is indeed the different 0 offset that xt_bpf > and tcpdump use. In particular, it appears that offset 0 in tcpdump is at > the very beginning of the packet (ethernet header included) whereas xt_bpf > uses the beginning of the IP header. I...