Hi Folks!
Im trying to write a packet capture filter on a opnet device. The syntax there to write this filter is BPF.
What I wanna do is to capture everything, but from a certain ip-range I just wanna capture the header and not the payload. For your understanding: We are writing our backup to... (1 Reply)
Exercise:
Protection of WEB and DNS servers using the context-free rules for packet filtering:
- Protect your WEB-server, so that would be for him can be accessed by browsers, and could go to dns.
- Protect your primary DNS-server so that it could be to contact clients and secondary servers.... (1 Reply)
Exercise:
Protection of WEB and DNS servers using the context-free rules for packet filtering:
- Protect your WEB-server, so that would be for him can be accessed by browsers, and could go to dns.
- Protect your primary DNS-server so that it could be to contact clients and secondary servers.... (1 Reply)
seccomp_export_bpf(3) libseccomp Documentation seccomp_export_bpf(3)NAME
seccomp_export_bpf, seccomp_export_pfc - Export the seccomp filter
SYNOPSIS
#include <seccomp.h>
typedef void * scmp_filter_ctx;
int seccomp_export_bpf(const scmp_filter_ctx ctx, int fd);
int seccomp_export_pfc(const scmp_filter_ctx ctx, int fd);
Link with -lseccomp.
DESCRIPTION
The seccomp_export_bpf() and seccomp_export_pfc() functions generate and output the current seccomp filter in either BPF (Berkley Packet
Filter) or PFC (Pseudo Filter Code). The output of seccomp_export_bpf() is suitable for loading into the kernel, while the output of sec-
comp_export_pfc() is human readable and is intended primarily as a debugging tool for developers using libseccomp. Both functions write
the filter to the fd file descriptor.
The filter context ctx is the value returned by the call to seccomp_init(3).
While the two output formats are guaranteed to be functionally equivalent for the given seccomp filter configuration, the filter instruc-
tions, and their ordering, are not guaranteed to be the same in both the BPF and PFC formats.
RETURN VALUE
Returns zero on success, negative errno values on failure.
EXAMPLES
#include <seccomp.h>
int main(int argc, char *argv[])
{
int rc = -1;
scmp_filter_ctx ctx;
int filter_fd;
ctx = seccomp_init(SCMP_ACT_KILL);
if (ctx == NULL)
goto out;
/* ... */
filter_fd = open("/tmp/seccomp_filter.bpf", O_WRONLY);
if (filter_fd == -1) {
rc = -errno;
goto out;
}
rc = seccomp_export_bpf(ctx, filter_fd);
if (rc < 0) {
close(filter_fd);
goto out;
}
close(filter_fd);
/* ... */
out:
seccomp_release(ctx);
return -rc;
}
NOTES
While the seccomp filter can be generated independent of the kernel, kernel support is required to load and enforce the seccomp filter gen-
erated by libseccomp.
The libseccomp project site, with more information and the source code repository, can be found at http://libseccomp.sf.net. This library
is currently under development, please report any bugs at the project site or directly to the author.
AUTHOR
Paul Moore <paul@paul-moore.com>
SEE ALSO seccomp_init(3), seccomp_release(3)paul@paul-moore.com 25 July 2012 seccomp_export_bpf(3)