~/netsniff-ng/Documentation/Bpfc: "Furthermore, the Linux kernel has undocumented BPF filter extensions that can be found in the virtual machine source code [123]" Link isn't listed for the reference point. Is there any sort of reference for the undocumented kernel extensions? Yes, I know they're officially undocumented but maybe someone has written about them?. What kernel source file has the code for these?
I'm interested in these two at the moment. #type Packet class1 , e.g. Broadcast, Multicast, Outgoing, ... #ifidx Network device index the packet was received on I'm trying to find out how to specify the values for each. e.g. what value represents "Outgoing"?. e.g. Outgoing. ld #type jeq ????L1,L2 ... I'm just plugging in numbers and while I'm seeing different results I'm not noticing a pattern. I went through bpf_parser.y and bpf_lexer.l a bit and I'm starting to see how the instructions are created but I don't know where to find the #defines (presuming here) for outgoing, multicast, broadcast etc. -- You received this message because you are subscribed to the Google Groups "netsniff-ng" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
