make: add flags and fix some warnings
[netsniff-ng.git] / src / bpf.h
blob1937fb3e22a6dfcc80ee7b43f6057e507c17d118
1 /*
2 * netsniff-ng - the packet sniffing beast
3 * By Daniel Borkmann <daniel@netsniff-ng.org>
4 * Copyright 2009, 2010 Daniel Borkmann.
5 * Subject to the GPL, version 2.
6 */
8 #ifndef BPF_H
9 #define BPF_H
11 #include <linux/filter.h>
12 #include <stdint.h>
13 #include <stdlib.h>
15 #include "xmalloc.h"
17 extern void bpf_dump_op_table(void);
18 extern void bpf_dump_all(struct sock_fprog *bpf);
19 extern int bpf_validate(const struct sock_fprog *bpf);
20 extern uint32_t bpf_run_filter(const struct sock_fprog *bpf, uint8_t *packet,
21 size_t plen);
22 extern void bpf_attach_to_sock(int sock, struct sock_fprog *bpf);
23 extern void bpf_detach_from_sock(int sock);
24 extern int enable_kernel_bpf_jit_compiler(void);
25 extern void bpf_parse_rules(char *rulefile, struct sock_fprog *bpf);
27 static inline void bpf_release(struct sock_fprog *bpf)
29 free(bpf->filter);
33 * The instruction encodings.
35 /* instruction classes */
36 #define BPF_CLASS(code) ((code) & 0x07)
37 #define BPF_LD 0x00
38 #define BPF_LDX 0x01
39 #define BPF_ST 0x02
40 #define BPF_STX 0x03
41 #define BPF_ALU 0x04
42 #define BPF_JMP 0x05
43 #define BPF_RET 0x06
44 #define BPF_MISC 0x07
46 /* ld/ldx fields */
47 #define BPF_SIZE(code) ((code) & 0x18)
48 #define BPF_W 0x00
49 #define BPF_H 0x08
50 #define BPF_B 0x10
52 #define BPF_MODE(code) ((code) & 0xe0)
53 #define BPF_IMM 0x00
54 #define BPF_ABS 0x20
55 #define BPF_IND 0x40
56 #define BPF_MEM 0x60
57 #define BPF_LEN 0x80
58 #define BPF_MSH 0xa0
60 /* alu/jmp fields */
61 #define BPF_OP(code) ((code) & 0xf0)
62 #define BPF_ADD 0x00
63 #define BPF_SUB 0x10
64 #define BPF_MUL 0x20
65 #define BPF_DIV 0x30
66 #define BPF_OR 0x40
67 #define BPF_AND 0x50
68 #define BPF_LSH 0x60
69 #define BPF_RSH 0x70
70 #define BPF_NEG 0x80
71 #define BPF_MOD 0x90
72 #define BPF_XOR 0xa0
74 #define BPF_JA 0x00
75 #define BPF_JEQ 0x10
76 #define BPF_JGT 0x20
77 #define BPF_JGE 0x30
78 #define BPF_JSET 0x40
80 #define BPF_SRC(code) ((code) & 0x08)
81 #define BPF_K 0x00
82 #define BPF_X 0x08
84 /* ret - BPF_K and BPF_X also apply */
85 #define BPF_RVAL(code) ((code) & 0x18)
86 #define BPF_A 0x10
88 /* misc */
89 #define BPF_MISCOP(code) ((code) & 0xf8)
90 #define BPF_TAX 0x00
91 #define BPF_TXA 0x80
93 /* Hidden Linux kernel BPF extensions */
95 * RATIONALE. Negative offsets are invalid in BPF.
96 * We use them to reference ancillary data.
97 * Unlike introduction new instructions, it does not break
98 * existing compilers/optimizers.
101 #ifndef SKF_AD_OFF
102 # define SKF_AD_OFF (-0x1000)
103 #endif
104 #ifndef SKF_AD_PROTOCOL
105 # define SKF_AD_PROTOCOL 0
106 #endif
107 #ifndef SKF_AD_PKTTYPE
108 # define SKF_AD_PKTTYPE 4
109 #endif
110 #ifndef SKF_AD_IFINDEX
111 # define SKF_AD_IFINDEX 8
112 #endif
113 #ifndef SKF_AD_NLATTR
114 # define SKF_AD_NLATTR 12
115 #endif
116 #ifndef SKF_AD_NLATTR_NEST
117 # define SKF_AD_NLATTR_NEST 16
118 #endif
119 #ifndef SKF_AD_MARK
120 # define SKF_AD_MARK 20
121 #endif
122 #ifndef SKF_AD_QUEUE
123 # define SKF_AD_QUEUE 24
124 #endif
125 #ifndef SKF_AD_HATYPE
126 # define SKF_AD_HATYPE 28
127 #endif
128 #ifndef SKF_AD_RXHASH
129 # define SKF_AD_RXHASH 32
130 #endif
131 #ifndef SKF_AD_CPU
132 # define SKF_AD_CPU 36
133 #endif
134 #ifndef SKF_AD_VLAN_TAG
135 # define SKF_AD_VLAN_TAG 44
136 #endif
137 #ifndef SKF_AD_VLAN_TAG_PRESENT
138 # define SKF_AD_VLAN_TAG_PRESENT 48
139 #endif
141 #endif /* BPF_H */