1Mon Jun 24 16:42:44 PDT 1991 2 3This directory contains the files necessary to install the 4Berkeley Packet Filter (BPF) in a BSD (or BSD-like) kernel. 5BPF is derived from the Stanford/CMU enet packet filter that was 6distributed with 4.3BSD release. We have made no efforts to keep 7the two interfaces compatible. 8 9BPF has been tested on hp300's running BSD Tahoe, on Sparcstations 10running SunOS 4.1, and on Sun 3's running SunOS 3.5. We have configured 11it into the BSD Lance ethernet driver, the Sun LANCE and Intel drivers, 12and our (soon to be released) SLIP driver (SunOS 3.5 and 4.1). The modified 13BSD driver is included in this distribution, however, the Sun drivers cannot 14be made available. There is a context diff in bpf/sunif/if_le.c-sunos4.1-diff 15for the SunOS 4.1 LANCE driver (if_le.c) [so you need SunOS source]. 16 17Here's what you need to do: 18 19(1) Add the following line to your config file. The parameter 20 is an upper bound for two things: the number of simultaneuous open 21 files, and the number of hardware interfaces attached to BPF. 22 23pseudo-device bpfilter 16 24 25 Add these lines to conf/files: 26 27net/bpf.c optional bpfilter 28net/bpf_filter.c optional bpfilter 29 30(2) Copy these files into /sys/net: 31 32bpf/net/bpf.c 33bpf/net/bpf_filter.c 34bpf/net/bpf.h 35bpf/net/bpfcodes.h 36bpf/net/bpfdesc.h 37 38(3) Install bpf.h and bpfcodes.h in /usr/include/net. 39 40(4) Add an entry for BPF in `cdevsw'. You need to add these 41 routines: bpfopen(), bpfclose(), bpfread(), bpfwrite(), 42 bpfioctl(), and bpfselect(). 43 44 Create the special device files /dev/bpf0, /dev/bpf1, etc. 45 Make sure the major device number correpsonds to the entry in 46 cdevsw; the minor device number should be the same as the 47 trailing digit of the file name. 48 49 Access to the packet interface is controlled by the permissions 50 on the device files. We recommend that access be restricted to 51 group `wheel'. For example, 52 53 /etc/mknod /dev/bpf0 c {major dev} 0 54 /etc/mknod /dev/bpf1 c {major dev} 1 55 /etc/mknod /dev/bpf2 c {major dev} 2 56 ... 57 chmod 440 /dev/bpf* 58 chgrp wheel /dev/bpf* 59 60 The highest allowable minor device number corresponds to the 61 number given in the "pseudo-device" config line (less one). 62 63(5) Modify the link level device drivers to interact with BPF. 64 hpdev/if_le.c is an example driver for a LANCE Ethernet 65 interface on an hp300 series machine. [If this is your 66 setup, go to (6).] 67 68 If you're starting from scratch, this is not too difficult. 69 All the BPF mods to hpdev/if_le.c are encapsulated with 70 `#ifdef NBPFILTER > 0', so they're easy to spot. You need to: 71 72 a) Add includes for bpfilter.h and ../net/bpf.h. 73 74 b) Add a caddr_t to the softc. This is the magic cookie 75 that tells bpf_tap() who is talking to it. 76 77 c) Modify the attach routine to set up some device parameters 78 [see hpdev/if_le.c:leattach()] and call bpfattach(). 79 80 d) Make sure the driver can handle promiscuous operation, 81 and that the routine ifpromisc() exists. Ifpromisc() 82 takes an ifp and a flag saying whether to enter or leave 83 promiscuous operation. It should reference count the 84 calls and take actions only the last `off' or first `on'. 85 The action it should take is setting/clearing the IFF_PROMISC 86 bit, and calling the driver's SIOCIFFLAGS ioctl. The 87 driver should inspect the IFF_PROMISC bit and do the right 88 thing. 89 90 d) Add calls to bpf_tap() at the following places: 91 92 i. Right after the device interrupts and the packet is 93 in contiguous interface memory. This is before 94 the packet has been copied in to mbufs. 95 96 ii. Right before the packet is transmitted. 97 This is after the packet has been copied out of mbufs. 98 99 If the packet never exists in contiguous memory 100 (some interfaces can follow chains), you need to 101 call bpf_mtap instead. 102 103 To minimize the cost of the filter when there are no 104 listeners, bpf_tap() is only called when the magic 105 cookie in the driver's softc is nonzero. (BPF will 106 set and clear it.) 107 108 Because BPF can force an interface into promiscuous mode, 109 you want to check that incoming packets are destined for 110 this host or are broadcast/multicast. If neither is the 111 case, the packet should be tossed (after calling bpf_tap()). 112 This check only needs to be done when there are listeners. 113 114(6) BPF calls the routine ifpromisc() to put an interface into 115 promiscuous mode. SunOS 4.1 provides this routine; we have 116 provided our versions for SunOS 3.5 and BSD in the files 117 bpf/net/if-sunos3.c and bpf/net/if-bsd.c. Merge this code 118 into net/if.c. Additionally, the `if_pcount' integer field 119 must be added to the `struct ifnet' in net/if.h. 120 121(7) That's it. Run config, make depend, and make, and you're ready to go. 122 123 124All the code in these directories is subject to the standard Berkeley 125network software copyright: 126 127 Copyright (c) 1990 The Regents of the University of California. 128 All rights reserved. 129 130 Redistribution and use in source and binary forms, with or without 131 modification, are permitted provided that: (1) source code distributions 132 retain the above copyright notice and this paragraph in its entirety, (2) 133 distributions including binary code include the above copyright notice and 134 this paragraph in its entirety in the documentation or other materials 135 provided with the distribution, and (3) all advertising materials mentioning 136 features or use of this software display the following acknowledgement: 137 ``This product includes software developed by the University of California, 138 Lawrence Berkeley Laboratory and its contributors.'' Neither the name of 139 the University nor the names of its contributors may be used to endorse 140 or promote products derived from this software without specific prior 141 written permission. 142 THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED 143 WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF 144 MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. 145 146 147 148