Great! Thanks,
On Wed, Jan 7, 2015 at 12:47 PM, Alfredo Cardigliano <[email protected]> wrote: > Hi Behrooz > your patch has been merged with the code in svn, I just renamed the field > to eth_type for consistency with the kernel data structures. > > Thank you > Alfredo > > On 05 Jan 2015, at 23:51, Behrooz Shafiee <[email protected]> wrote: > > I made the following patch to support eth_type filter. Can anyone comment > on it or possibly merge it? > > Thanks, > > On Mon, Jan 5, 2015 at 4:49 PM, Behrooz Shafiee <[email protected]> > wrote: > >> Actually, I was wrong. core_fields.proto seems to be only a byte and I >> guess represents IP packet type not ethernet packet type. Does anyone know >> how can I specify ethernet packet type? >> >> On Mon, Jan 5, 2015 at 3:36 PM, Behrooz Shafiee <[email protected]> >> wrote: >> >>> I guess I figured it out. I should have just used .proto=0 as a wildcard >>> for the second rule so every other protocol type would be dropped. >>> >>> Thanks, >>> >>> On Mon, Jan 5, 2015 at 3:31 PM, Behrooz Shafiee <[email protected]> >>> wrote: >>> >>>> Hello Everyone, >>>> >>>> I want to add a rule to only pass a certain type of Ethernet packet. >>>> Right know, I just drop every type of known protocol (blacklisting). As >>>> follows: >>>> >>>> //My desired protocol >>>> filtering_rule rule; >>>> memset(&rule, 0, sizeof(rule)); >>>> rule.rule_id = 1; >>>> * rule.rule_action = >>>> rule_action_behaviour::forward_packet_and_stop_rule_evaluation;* >>>> * rule.core_fields.proto = 0xAAAA;* >>>> pfring_add_filtering_rule((pfring*)pd,&rule) < 0) >>>> LOG(FATAL)<<"Failed to add filtering rule"; >>>> //Unwanted ones >>>> filtering_rule ruleIP; >>>> memset(&ruleIP, 0, sizeof(ruleIP)); >>>> ruleIP.rule_id = 2; >>>> * ruleIP.rule_action = >>>> rule_action_behaviour::dont_forward_packet_and_stop_rule_evaluation;* >>>> * ruleIP.core_fields.proto = (uint8_t)0x0800;* >>>> if(pfring_add_filtering_rule((pfring*)pd,&ruleIP) < 0) >>>> LOG(FATAL)<<"Failed to add filtering ruleIP."; >>>> ...same for ARP, other types. >>>> >>>> Is it possible to specify a white list mode? So I can only specify to >>>> allow 0xAAAA protocol? >>>> >>>> Thanks in advance, >>>> -- >>>> Behrooz >>>> >>> >>> >>> >>> -- >>> Behrooz >>> >> >> >> >> -- >> Behrooz >> > > > > -- > Behrooz > <eth_type.patch>_______________________________________________ > Ntop-misc mailing list > [email protected] > http://listgateway.unipi.it/mailman/listinfo/ntop-misc > > > > _______________________________________________ > Ntop-misc mailing list > [email protected] > http://listgateway.unipi.it/mailman/listinfo/ntop-misc > -- Behrooz
_______________________________________________ Ntop-misc mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop-misc
