diff options
| author | Josef Miegl <josef@miegl.cz> | 2023-03-12 16:15:27 +0100 |
|---|---|---|
| committer | Josef Miegl <josef@miegl.cz> | 2023-03-12 16:15:27 +0100 |
| commit | a0956b95222e6efcb9b00a45c32e5a2e8056d8da (patch) | |
| tree | 0bce1d51e4f3016972fd3999a64d9256b44d6a67 | |
| parent | 8e09dce6bfe39f5afd2967d20e6f855afb2a953d (diff) | |
isisd: pfpacket BPF filter with IS-IS over tunnel support
Signed-off-by: Josef Miegl <josef@miegl.cz>
| -rw-r--r-- | isisd/isis_pfpacket.c | 27 |
1 files changed, 19 insertions, 8 deletions
diff --git a/isisd/isis_pfpacket.c b/isisd/isis_pfpacket.c index 4f8ea4a5e7..af69fac1cd 100644 --- a/isisd/isis_pfpacket.c +++ b/isisd/isis_pfpacket.c @@ -35,14 +35,25 @@ /* tcpdump -i eth0 'isis' -dd */ static const struct sock_filter isisfilter[] = { /* NB: we're in SOCK_DGRAM, so src/dst mac + length are stripped - * off! - * (OTOH it's a bit more lower-layer agnostic and might work - * over GRE?) */ - /* { 0x28, 0, 0, 0x0000000c - 14 }, */ - /* { 0x25, 5, 0, 0x000005dc }, */ - {0x28, 0, 0, 0x0000000e - 14}, {0x15, 0, 3, 0x0000fefe}, - {0x30, 0, 0, 0x00000011 - 14}, {0x15, 0, 1, 0x00000083}, - {0x6, 0, 0, 0x00040000}, {0x6, 0, 0, 0x00000000}, + * off! */ + /* The following BPF filter accepts IS-IS over LLC and IS-IS over + * ethertype 0x00fe. + * BPF assembly: + * l0: ldh [0] + * l1: jeq #0xfefe, l2, l4 + * l2: ldb [3] + * l3: jmp l7 + * l4: ldh proto + * l5: jeq #0x00fe, l6, l9 + * l6: ldb [0] + * l7: jeq #0x83, l8, l9 + * l8: ret #0x40000 + * l9: ret #0 */ + {0x28, 0, 0, 0000000000}, {0x15, 0, 2, 0x0000fefe}, + {0x30, 0, 0, 0x00000003}, {0x05, 0, 0, 0x00000003}, + {0x28, 0, 0, 0xfffff000}, {0x15, 0, 3, 0x000000fe}, + {0x30, 0, 0, 0000000000}, {0x15, 0, 1, 0x00000083}, + {0x06, 0, 0, 0x00040000}, {0x06, 0, 0, 0000000000}, }; static const struct sock_fprog bpf = { |