[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: BPF reading+writing

To: Craig Metz <cmetz@inner.net>
Subject: Re: BPF reading+writing
From: Theo de Raadt <deraadt@cvs.openbsd.org>
Date: Wed, 08 Dec 1999 05:33:13 -0700
Cc: tech@openbsd.org

>   Has anyone worked with BPF doing both reading and writing?
> 
>   I'm finding that, if I have it set up to receive all packets off an interface
> and write a packet to that interface, it also loops the packet I just wrote
> back into the receive queue. Is there a way to prevent this from happenning?
> I can squash this in userland by keeping around a checksum of packets I
> recently wrote out, but that's a pretty gross hack.

You can use bpf for writing.

The LBL people for the longest time have had the stance that you shouldn't
use bpf for writing.  They tried to keep people from using it in that way,
because, well you know, the crackers would use it for that.

Perhaps there's a way to flag the mbufs inside the kernel, but this problem
is going to get even worse once you get to tunnels..

References:
- BPF reading+writing
  - From: Craig Metz <cmetz@inner.net>

Prev by Date: Re: updating remote 2.5 to current
Next by Date: BPF reading+writing
Prev by thread: BPF reading+writing
Next by thread: Re: BPF reading+writing
Index(es):
- Date
- Thread