|
 |
9b1536 |
From fe0d58905f9934bfc04a1aaf9393997c2bdbfb6c Mon Sep 17 00:00:00 2001
|
|
|
9b1536 |
From: rpm-build <rpm-build>
|
|
|
9b1536 |
Date: Fri, 27 Mar 2015 12:21:56 +0100
|
|
|
9b1536 |
Subject: [PATCH] Make sure the userland filtering happens correctly on cooked
|
|
|
9b1536 |
interfaces
|
|
|
9b1536 |
|
|
|
9b1536 |
If filtering in userland and capturing on a cooked interface, the packet buffer
|
|
|
9b1536 |
being sent to bpf_filter_with_aux_data did not include the sll header, so the
|
|
|
9b1536 |
filter was being applied improperly. The buffer would start at the layer3
|
|
|
9b1536 |
header.
|
|
|
9b1536 |
|
|
|
9b1536 |
This change moves the code to fill out the sll structure and update the bp
|
|
|
9b1536 |
pointer to point to it to before the call to bpf_filter_with_aux_data.
|
|
|
9b1536 |
---
|
|
|
9b1536 |
pcap-linux.c | 32 ++++++++++++++++++--------------
|
|
|
9b1536 |
1 file changed, 18 insertions(+), 14 deletions(-)
|
|
|
9b1536 |
|
|
|
9b1536 |
diff --git a/pcap-linux.c b/pcap-linux.c
|
|
|
9b1536 |
index 117405b..95c94df 100644
|
|
|
9b1536 |
--- a/pcap-linux.c
|
|
|
9b1536 |
+++ b/pcap-linux.c
|
|
|
9b1536 |
@@ -4206,22 +4206,9 @@ static int pcap_handle_packet_mmap(
|
|
|
9b1536 |
* the filter when the ring became empty, but it can possibly
|
|
|
9b1536 |
* happen a lot later... */
|
|
|
9b1536 |
bp = frame + tp_mac;
|
|
|
9b1536 |
- if (handlep->filter_in_userland && handle->fcode.bf_insns &&
|
|
|
9b1536 |
- (bpf_filter(handle->fcode.bf_insns, bp,
|
|
|
9b1536 |
- tp_len, tp_snaplen) == 0))
|
|
|
9b1536 |
- return 0;
|
|
|
9b1536 |
-
|
|
|
9b1536 |
- sll = (void *)frame + TPACKET_ALIGN(handlep->tp_hdrlen);
|
|
|
9b1536 |
- if (!linux_check_direction(handle, sll))
|
|
|
9b1536 |
- return 0;
|
|
|
9b1536 |
-
|
|
|
9b1536 |
- /* get required packet info from ring header */
|
|
|
9b1536 |
- pcaphdr.ts.tv_sec = tp_sec;
|
|
|
9b1536 |
- pcaphdr.ts.tv_usec = tp_usec;
|
|
|
9b1536 |
- pcaphdr.caplen = tp_snaplen;
|
|
|
9b1536 |
- pcaphdr.len = tp_len;
|
|
|
9b1536 |
|
|
|
9b1536 |
/* if required build in place the sll header*/
|
|
|
9b1536 |
+ sll = (void *)frame + TPACKET_ALIGN(handlep->tp_hdrlen);
|
|
|
9b1536 |
if (handlep->cooked) {
|
|
|
9b1536 |
struct sll_header *hdrp;
|
|
|
9b1536 |
|
|
|
9b1536 |
@@ -4259,7 +4246,24 @@ static int pcap_handle_packet_mmap(
|
|
|
9b1536 |
hdrp->sll_halen = htons(sll->sll_halen);
|
|
|
9b1536 |
memcpy(hdrp->sll_addr, sll->sll_addr, SLL_ADDRLEN);
|
|
|
9b1536 |
hdrp->sll_protocol = sll->sll_protocol;
|
|
|
9b1536 |
+ }
|
|
|
9b1536 |
+
|
|
|
9b1536 |
+ if (handlep->filter_in_userland && handle->fcode.bf_insns &&
|
|
|
9b1536 |
+ (bpf_filter(handle->fcode.bf_insns, bp,
|
|
|
9b1536 |
+ tp_len, tp_snaplen) == 0))
|
|
|
9b1536 |
+ return 0;
|
|
|
9b1536 |
+
|
|
|
9b1536 |
+ if (!linux_check_direction(handle, sll))
|
|
|
9b1536 |
+ return 0;
|
|
|
9b1536 |
+
|
|
|
9b1536 |
+ /* get required packet info from ring header */
|
|
|
9b1536 |
+ pcaphdr.ts.tv_sec = tp_sec;
|
|
|
9b1536 |
+ pcaphdr.ts.tv_usec = tp_usec;
|
|
|
9b1536 |
+ pcaphdr.caplen = tp_snaplen;
|
|
|
9b1536 |
+ pcaphdr.len = tp_len;
|
|
|
9b1536 |
|
|
|
9b1536 |
+ /* if required build in place the sll header*/
|
|
|
9b1536 |
+ if (handlep->cooked) {
|
|
|
9b1536 |
/* update packet len */
|
|
|
9b1536 |
pcaphdr.caplen += SLL_HDR_LEN;
|
|
|
9b1536 |
pcaphdr.len += SLL_HDR_LEN;
|
|
|
9b1536 |
--
|
|
|
9b1536 |
2.3.4
|
|
|
9b1536 |
|