search for: bpf_asm

...pf isn't functioning at all. For example: > > iptables -A INPUT -p udp -m bpf --bytecode "`tcpdump -i lo -ddd udp | tr > '\n' ,`" -j LOG > > should log all UDP packets, but it logs none because -m bpf never matches. You may want to check out nfbpf_compile and bpf_asm: * nfbpf_compile: http://git.netfilter.org/iptables/commit/?id=1ac30c97c339957b6e3c5cf571de7bc38c827730 * bpf_asm: kernel tree under tools/net/ On which interface is iptables running? Does RAW linktype work for you? -- You are receiving this mail because: You are watching all bug changes....

...eader. I've spoken with the author of the > module, and he is probably going to just point this out more clearly in the > man pages. Right, what you can also try to do is to add SKF_LL_OFF or SKF_NET_OFF offset to you load offsets in the K constant. It would require to use something like bpf_asm to write your filters by hand. F.e. if you look at bpf_internal_load_pointer_neg_helper() helper function in the kernel, they check for SKF_NET_OFF/SKF_LL_OFF and then use K relative to skb_network_header(skb) or skb_mac_header(skb), respectively. This should resolve your use-case. The problem is...