bpf filter to prevent echo reply and request messages
- From: jdamelia@xxxxxxxxx
- Date: 12 Jun 2006 14:28:55 -0700
I am struggling to come up with a bpf filter (or lsf I guess because I
am using Linux) that will allow me to receive only the 5 necessary
messages for ipv6 neighbor discovery on my raw socket. These would
include neighbor solicitations, neighbor advertisements, router
solicitations, router advertisements, and redirects. The socket I am
creating in my C++ code is:
sock=socket(PF_PACKET, SOCK_RAW,htons(ETH_P_IPV6));
I have used tcpdump to make a filter to limit packets on this socket to
only icmp6 messages. However, I need to limit it further so my
application cannot be bombarded with echo requests and replies.
Tcpdump does not have support for the necessary type of expression
(i.e. icmp6[x]), so I cannot utilize it to create the bpf and must
instead come up with it on my own. Being a novice at bpf, this is
proving difficult.
Can anyone help or at least point me in the right direction?
My current filter (limiting to all icmp6 traffic) is:
struct sock_filter bpf[] = {
{ 0x28, 0, 0, 0x0000000c },
{ 0x15, 0, 3, 0x000086dd },
{ 0x30, 0, 0, 0x00000014 },
{ 0x15, 0, 1, 0x0000003a },
{ 0x6, 0, 0, 0x00000060 },
{ 0x6, 0, 0, 0x00000000 }
};
Thanks in advance for the help.
.
- Prev by Date: Re: Implementing a captive portal with iptables.
- Next by Date: eth0 and eth1 were missing when reboot cluster
- Previous by thread: Are sockets thread safe
- Next by thread: eth0 and eth1 were missing when reboot cluster
- Index(es):
Relevant Pages
|
Loading
