2 * netsniff-ng - the packet sniffing beast
3 * Copyright 2011 Daniel Borkmann <dborkma@tik.ee.ethz.ch>,
4 * Swiss federal institute of technology (ETH Zurich)
5 * Subject to the GPL, version 2.
14 #include <sys/fsuid.h>
22 static const char *short_options
= "vhi:Vdbf:pD:";
23 static const struct option long_options
[] = {
24 {"input", required_argument
, NULL
, 'i'},
25 {"format", required_argument
, NULL
, 'f'},
26 {"cpp", no_argument
, NULL
, 'p'},
27 {"define", required_argument
, NULL
, 'D'},
28 {"verbose", no_argument
, NULL
, 'V'},
29 {"bypass", no_argument
, NULL
, 'b'},
30 {"dump", no_argument
, NULL
, 'd'},
31 {"version", no_argument
, NULL
, 'v'},
32 {"help", no_argument
, NULL
, 'h'},
36 static const char *copyright
= "Please report bugs to <netsniff-ng@googlegroups.com>\n"
37 "Copyright (C) 2011-2013 Daniel Borkmann <dborkma@tik.ee.ethz.ch>,\n"
38 "Swiss federal institute of technology (ETH Zurich)\n"
39 "License: GNU GPL version 2.0\n"
40 "This is free software: you are free to change and redistribute it.\n"
41 "There is NO WARRANTY, to the extent permitted by law.";
43 extern int compile_filter(char *file
, bool verbose
, int bypass
, int format
,
44 bool invoke_cpp
, char **cpp_argv
);
46 static void __noreturn
help(void)
48 printf("bpfc %s, a tiny BPF compiler\n", VERSION_STRING
);
49 puts("http://www.netsniff-ng.org\n\n"
50 "Usage: bpfc [options] || bpfc <program>\n"
52 " -i|--input <program/-> Berkeley Packet Filter file/stdin\n"
53 " -p|--cpp Run bpf program through C preprocessor\n"
54 " -D|--define Add macro/define for C preprocessor\n"
55 " -f|--format <format> Output format: C|netsniff-ng|xt_bpf|tcpdump\n"
56 " -b|--bypass Bypass filter validation (e.g. for bug testing)\n"
57 " -V|--verbose Be more verbose\n"
58 " -d|--dump Dump supported instruction table\n"
59 " -v|--version Print version and exit\n"
60 " -h|--help Print this help and exit\n\n"
63 " bpfc fubar > foo (bpfc -f C -i fubar > foo) --> netsniff-ng -f foo ...\n"
64 " bpfc -f tcpdump -i fubar > foo --> tcpdump -ddd like ...\n"
65 " bpfc -f xt_bpf -b -p -i fubar\n"
66 " iptables -A INPUT -m bpf --bytecode \"`./bpfc -f xt_bpf -i fubar`\" -j LOG\n"
67 " bpfc - (read from stdin)\n"
69 " Generation of seccomp-BPF filters are fully supported as well.\n");
74 static void __noreturn
version(void)
76 printf("bpfc %s, Git id: %s\n", VERSION_LONG
, GITVERSION
);
77 puts("a tiny BPF compiler\n"
78 "http://www.netsniff-ng.org\n");
83 int main(int argc
, char **argv
)
85 int ret
, c
, bypass
= 0, format
= 0;
86 bool verbose
= false, invoke_cpp
= false;
87 char **cpp_argv
= NULL
;
97 while ((c
= getopt_long(argc
, argv
, short_options
, long_options
,
113 cpp_argv
= argv_insert(cpp_argv
, &cpp_argc
, "-D");
114 cpp_argv
= argv_insert(cpp_argv
, &cpp_argc
, optarg
);
117 if (!strncmp(optarg
, "C", 1) ||
118 !strncmp(optarg
, "netsniff-ng", 11))
120 else if (!strncmp(optarg
, "tcpdump", 7))
122 else if (!strncmp(optarg
, "xt_bpf", 6) ||
123 !strncmp(optarg
, "tc", 2))
135 file
= xstrdup(optarg
);
141 panic("Option -%c requires an argument!\n",
145 printf("Unknown option character `0x%X\'!\n", optopt
);
154 file
= xstrdup(argv
[1]);
156 panic("No Berkeley Packet Filter program specified!\n");
158 ret
= compile_filter(file
, verbose
, bypass
, format
, invoke_cpp
, cpp_argv
);