Lines Matching +full:ipv4 +full:- +full:simple +full:- +full:service +full:- +full:config
24 #include <config.h>
27 #include <pcap-types.h>
48 #include "pcap-dos.h"
51 #include "pcap-int.h"
82 #define offsetof(s, e) ((size_t)&((s *)0)->e)
122 int ai_protocol; /* 0 or IPPROTO_xxx for IPv4 and IPv6 */
163 #include "os-proto.h"
169 * "Push" the current value of the link-layer header type and link-layer
171 * full-blown stack; we keep only the top two items.)
175 (cs)->prevlinktype = (cs)->linktype; \
176 (cs)->off_prevlinkhdr = (cs)->off_linkhdr; \
177 (cs)->linktype = (new_linktype); \
178 (cs)->off_linkhdr.is_variable = (new_is_variable); \
179 (cs)->off_linkhdr.constant_part = (new_constant_part); \
180 (cs)->off_linkhdr.reg = (new_reg); \
181 (cs)->is_geneve = 0; \
204 * and -1 otherwise.
218 OR_LINKHDR, /* link-layer header */
219 OR_PREVLINKHDR, /* previous link-layer header */
222 OR_LINKTYPE, /* link-layer type */
223 OR_LINKPL, /* link-layer payload */
224 OR_LINKPL_NOSNAP, /* link-layer payload, with no SNAP header at the link layer */
225 OR_TRAN_IPV4, /* transport-layer header, with IPv4 network layer */
226 OR_TRAN_IPV6 /* transport-layer header, with IPv6 network layer */
235 * XXX - this *is* in a library....
286 * Absolute offset of the beginning of the link-layer header.
291 * If we're checking a link-layer header for a packet encapsulated
293 * for the previous layers' link-layer header from the beginning
300 * link-layer header.
305 * Absolute offset of the beginning of the link-layer payload.
310 * "off_linktype" is the offset to information in the link-layer
317 * For link-layer types that always use 802.2 headers, it's the
335 * TRUE if the link layer includes an ATM pseudo-header.
352 * These are offsets for the ATM pseudo-header.
374 * or -1 if there is no ATM pseudo-header.
379 * These are offsets to the beginning of the network-layer header.
380 * They are relative to the beginning of the link-layer payload
407 * Here we handle simple allocation of the scratch registers.
434 if (cstate->bpf_pcap != NULL) in bpf_error()
435 (void)pcap_vsnprintf(pcap_geterr(cstate->bpf_pcap), in bpf_error()
438 longjmp(cstate->top_ctx, 1); in bpf_error()
554 cstate->chunks[i].n_left = 0; in initchunks()
555 cstate->chunks[i].m = NULL; in initchunks()
557 cstate->cur_chunk = 0; in initchunks()
569 n = (n + sizeof(long) - 1) & ~(sizeof(long) - 1); in newchunk()
575 cp = &cstate->chunks[cstate->cur_chunk]; in newchunk()
576 if (n > cp->n_left) { in newchunk()
578 k = ++cstate->cur_chunk; in newchunk()
582 cp->m = (void *)malloc(size); in newchunk()
583 if (cp->m == NULL) in newchunk()
585 memset((char *)cp->m, 0, size); in newchunk()
586 cp->n_left = size; in newchunk()
590 cp->n_left -= n; in newchunk()
591 return (void *)((char *)cp->m + cp->n_left); in newchunk()
600 if (cstate->chunks[i].m != NULL) in freechunks()
601 free(cstate->chunks[i].m); in freechunks()
623 p->s.code = code; in new_block()
624 p->head = p; in new_block()
635 p->s.code = code; in new_stmt()
645 b->s.k = v; in gen_retblk()
671 * link-layer type, so we can't use it. in pcap_compile()
673 if (!p->activated) { in pcap_compile()
674 pcap_snprintf(p->errbuf, PCAP_ERRBUF_SIZE, in pcap_compile()
675 "not-yet-activated pcap_t passed to pcap_compile"); in pcap_compile()
676 return (-1); in pcap_compile()
695 * XXX - the fact that we happen to be compiling a filter in pcap_compile()
702 if (p->save_current_filter_op != NULL) in pcap_compile()
703 (p->save_current_filter_op)(p, buf); in pcap_compile()
721 rc = -1; in pcap_compile()
729 pcap_snprintf(p->errbuf, PCAP_ERRBUF_SIZE, in pcap_compile()
731 rc = -1; in pcap_compile()
736 pcap_fmt_errmsg_for_errno(p->errbuf, PCAP_ERRBUF_SIZE, in pcap_compile()
755 (cstate.ic.root->s.code == (BPF_RET|BPF_K) && cstate.ic.root->s.k == 0)) in pcap_compile()
758 program->bf_insns = icode_to_fcode(&cstate, &cstate.ic, cstate.ic.root, &len); in pcap_compile()
759 program->bf_len = len; in pcap_compile()
794 return (-1); in pcap_compile_nopcap()
807 program->bf_len = 0; in pcap_freecode()
808 if (program->bf_insns != NULL) { in pcap_freecode()
809 free((char *)program->bf_insns); in pcap_freecode()
810 program->bf_insns = NULL; in pcap_freecode()
826 if (!list->sense) { in backpatch()
848 p = !((*p)->sense) ? &JT(*p) : &JF(*p); in merge()
861 * statements needed to load the lengths of any variable-length in finish_parse()
864 * XXX - a fancier strategy would be to insert those before the in finish_parse()
878 insert_compute_vloffsets(cstate, p->head); in finish_parse()
881 * For DLT_PPI captures, generate a check of the per-packet in finish_parse()
884 * XXX - TurboCap cards use DLT_PPI for Ethernet. in finish_parse()
885 * Can we just define some DLT_ETHERNET_WITH_PHDR pseudo-header in finish_parse()
888 * the link-layer header type until runtime, which, in the in finish_parse()
897 backpatch(p, gen_retblk(cstate, cstate->snaplen)); in finish_parse()
898 p->sense = !p->sense; in finish_parse()
900 cstate->ic.root = p->head; in finish_parse()
906 backpatch(b0, b1->head); in gen_and()
907 b0->sense = !b0->sense; in gen_and()
908 b1->sense = !b1->sense; in gen_and()
910 b1->sense = !b1->sense; in gen_and()
911 b1->head = b0->head; in gen_and()
917 b0->sense = !b0->sense; in gen_or()
918 backpatch(b0, b1->head); in gen_or()
919 b0->sense = !b0->sense; in gen_or()
921 b1->head = b0->head; in gen_or()
927 b->sense = !b->sense; in gen_not()
980 register const u_char *p = &v[size - 4]; in gen_bcmp()
984 tmp = gen_cmp(cstate, offrel, offset + size - 4, BPF_W, w); in gen_bcmp()
988 size -= 4; in gen_bcmp()
991 register const u_char *p = &v[size - 2]; in gen_bcmp()
994 tmp = gen_cmp(cstate, offrel, offset + size - 2, BPF_H, w); in gen_bcmp()
998 size -= 2; in gen_bcmp()
1027 s2->s.k = mask; in gen_ncmp()
1032 b->stmts = s; in gen_ncmp()
1033 b->s.k = v; in gen_ncmp()
1042 cstate->pcap_fddipad = p->fddipad; in init_linktype()
1045 * We start out with only one link-layer header. in init_linktype()
1047 cstate->outermostlinktype = pcap_datalink(p); in init_linktype()
1048 cstate->off_outermostlinkhdr.constant_part = 0; in init_linktype()
1049 cstate->off_outermostlinkhdr.is_variable = 0; in init_linktype()
1050 cstate->off_outermostlinkhdr.reg = -1; in init_linktype()
1052 cstate->prevlinktype = cstate->outermostlinktype; in init_linktype()
1053 cstate->off_prevlinkhdr.constant_part = 0; in init_linktype()
1054 cstate->off_prevlinkhdr.is_variable = 0; in init_linktype()
1055 cstate->off_prevlinkhdr.reg = -1; in init_linktype()
1057 cstate->linktype = cstate->outermostlinktype; in init_linktype()
1058 cstate->off_linkhdr.constant_part = 0; in init_linktype()
1059 cstate->off_linkhdr.is_variable = 0; in init_linktype()
1060 cstate->off_linkhdr.reg = -1; in init_linktype()
1065 cstate->off_linkpl.constant_part = 0; in init_linktype()
1066 cstate->off_linkpl.is_variable = 0; in init_linktype()
1067 cstate->off_linkpl.reg = -1; in init_linktype()
1069 cstate->off_linktype.constant_part = 0; in init_linktype()
1070 cstate->off_linktype.is_variable = 0; in init_linktype()
1071 cstate->off_linktype.reg = -1; in init_linktype()
1074 * Assume it's not raw ATM with a pseudo-header, for now. in init_linktype()
1076 cstate->is_atm = 0; in init_linktype()
1077 cstate->off_vpi = OFFSET_NOT_SET; in init_linktype()
1078 cstate->off_vci = OFFSET_NOT_SET; in init_linktype()
1079 cstate->off_proto = OFFSET_NOT_SET; in init_linktype()
1080 cstate->off_payload = OFFSET_NOT_SET; in init_linktype()
1085 cstate->is_geneve = 0; in init_linktype()
1090 cstate->is_vlan_vloffset = 0; in init_linktype()
1095 cstate->off_li = OFFSET_NOT_SET; in init_linktype()
1096 cstate->off_li_hsl = OFFSET_NOT_SET; in init_linktype()
1097 cstate->off_sio = OFFSET_NOT_SET; in init_linktype()
1098 cstate->off_opc = OFFSET_NOT_SET; in init_linktype()
1099 cstate->off_dpc = OFFSET_NOT_SET; in init_linktype()
1100 cstate->off_sls = OFFSET_NOT_SET; in init_linktype()
1102 cstate->label_stack_depth = 0; in init_linktype()
1103 cstate->vlan_stack_depth = 0; in init_linktype()
1105 switch (cstate->linktype) { in init_linktype()
1108 cstate->off_linktype.constant_part = 2; in init_linktype()
1109 cstate->off_linkpl.constant_part = 6; in init_linktype()
1110 cstate->off_nl = 0; /* XXX in reality, variable! */ in init_linktype()
1111 cstate->off_nl_nosnap = 0; /* no 802.2 LLC */ in init_linktype()
1115 cstate->off_linktype.constant_part = 4; in init_linktype()
1116 cstate->off_linkpl.constant_part = 8; in init_linktype()
1117 cstate->off_nl = 0; /* XXX in reality, variable! */ in init_linktype()
1118 cstate->off_nl_nosnap = 0; /* no 802.2 LLC */ in init_linktype()
1122 cstate->off_linktype.constant_part = 12; in init_linktype()
1123 cstate->off_linkpl.constant_part = 14; /* Ethernet header length */ in init_linktype()
1124 cstate->off_nl = 0; /* Ethernet II */ in init_linktype()
1125 cstate->off_nl_nosnap = 3; /* 802.3+802.2 */ in init_linktype()
1133 cstate->off_linktype.constant_part = OFFSET_NOT_SET; in init_linktype()
1134 cstate->off_linkpl.constant_part = 16; in init_linktype()
1135 cstate->off_nl = 0; in init_linktype()
1136 cstate->off_nl_nosnap = 0; /* no 802.2 LLC */ in init_linktype()
1141 cstate->off_linktype.constant_part = OFFSET_NOT_SET; in init_linktype()
1143 cstate->off_linkpl.constant_part = 24; in init_linktype()
1144 cstate->off_nl = 0; in init_linktype()
1145 cstate->off_nl_nosnap = 0; /* no 802.2 LLC */ in init_linktype()
1150 cstate->off_linktype.constant_part = 0; in init_linktype()
1151 cstate->off_linkpl.constant_part = 4; in init_linktype()
1152 cstate->off_nl = 0; in init_linktype()
1153 cstate->off_nl_nosnap = 0; /* no 802.2 LLC */ in init_linktype()
1157 cstate->off_linktype.constant_part = 0; in init_linktype()
1158 cstate->off_linkpl.constant_part = 12; in init_linktype()
1159 cstate->off_nl = 0; in init_linktype()
1160 cstate->off_nl_nosnap = 0; /* no 802.2 LLC */ in init_linktype()
1167 cstate->off_linktype.constant_part = 2; /* skip HDLC-like framing */ in init_linktype()
1168 cstate->off_linkpl.constant_part = 4; /* skip HDLC-like framing and protocol field */ in init_linktype()
1169 cstate->off_nl = 0; in init_linktype()
1170 cstate->off_nl_nosnap = 0; /* no 802.2 LLC */ in init_linktype()
1178 cstate->off_linktype.constant_part = 6; in init_linktype()
1179 cstate->off_linkpl.constant_part = 8; in init_linktype()
1180 cstate->off_nl = 0; in init_linktype()
1181 cstate->off_nl_nosnap = 0; /* no 802.2 LLC */ in init_linktype()
1185 cstate->off_linktype.constant_part = 5; in init_linktype()
1186 cstate->off_linkpl.constant_part = 24; in init_linktype()
1187 cstate->off_nl = 0; in init_linktype()
1188 cstate->off_nl_nosnap = 0; /* no 802.2 LLC */ in init_linktype()
1193 * FDDI doesn't really have a link-level type field. in init_linktype()
1198 * XXX - should we generate code to check for SNAP? in init_linktype()
1200 cstate->off_linktype.constant_part = 13; in init_linktype()
1201 cstate->off_linktype.constant_part += cstate->pcap_fddipad; in init_linktype()
1202 cstate->off_linkpl.constant_part = 13; /* FDDI MAC header length */ in init_linktype()
1203 cstate->off_linkpl.constant_part += cstate->pcap_fddipad; in init_linktype()
1204 cstate->off_nl = 8; /* 802.2+SNAP */ in init_linktype()
1205 cstate->off_nl_nosnap = 3; /* 802.2 */ in init_linktype()
1210 * Token Ring doesn't really have a link-level type field. in init_linktype()
1215 * XXX - should we generate code to check for SNAP? in init_linktype()
1217 * XXX - the header is actually variable-length. in init_linktype()
1221 * information, i.e. is not source-routed, the correct in init_linktype()
1224 * A packet is source-routed iff the uppermost bit in init_linktype()
1227 * packet is source-routed, the total number of bytes in init_linktype()
1229 * the 16-bit value at an offset of 14 (shifted right in init_linktype()
1230 * 8 - figure out which byte that is). in init_linktype()
1232 cstate->off_linktype.constant_part = 14; in init_linktype()
1233 cstate->off_linkpl.constant_part = 14; /* Token Ring MAC header length */ in init_linktype()
1234 cstate->off_nl = 8; /* 802.2+SNAP */ in init_linktype()
1235 cstate->off_nl_nosnap = 3; /* 802.2 */ in init_linktype()
1241 cstate->off_linkhdr.is_variable = 1; in init_linktype()
1247 * 802.11 doesn't really have a link-level type field. in init_linktype()
1253 * XXX - should we generate code to check for SNAP? in init_linktype()
1255 * We also handle variable-length radio headers here. in init_linktype()
1256 * The Prism header is in theory variable-length, but in in init_linktype()
1262 * variable-length. in init_linktype()
1264 cstate->off_linktype.constant_part = 24; in init_linktype()
1265 cstate->off_linkpl.constant_part = 0; /* link-layer header is variable-length */ in init_linktype()
1266 cstate->off_linkpl.is_variable = 1; in init_linktype()
1267 cstate->off_nl = 8; /* 802.2+SNAP */ in init_linktype()
1268 cstate->off_nl_nosnap = 3; /* 802.2 */ in init_linktype()
1281 cstate->off_linktype.constant_part = 24; in init_linktype()
1282 cstate->off_linkpl.constant_part = 0; /* link-layer header is variable-length */ in init_linktype()
1283 cstate->off_linkpl.is_variable = 1; in init_linktype()
1284 cstate->off_linkhdr.is_variable = 1; in init_linktype()
1285 cstate->off_nl = 8; /* 802.2+SNAP */ in init_linktype()
1286 cstate->off_nl_nosnap = 3; /* 802.2 */ in init_linktype()
1292 * assume routed, non-ISO PDUs in init_linktype()
1293 * (i.e., LLC = 0xAA-AA-03, OUT = 0x00-00-00) in init_linktype()
1295 * XXX - what about ISO PDUs, e.g. CLNP, ISIS, ESIS, in init_linktype()
1302 cstate->off_linktype.constant_part = 0; in init_linktype()
1303 cstate->off_linkpl.constant_part = 0; /* packet begins with LLC header */ in init_linktype()
1304 cstate->off_nl = 8; /* 802.2+SNAP */ in init_linktype()
1305 cstate->off_nl_nosnap = 3; /* 802.2 */ in init_linktype()
1311 * pseudo-header. in init_linktype()
1313 cstate->is_atm = 1; in init_linktype()
1314 cstate->off_vpi = SUNATM_VPI_POS; in init_linktype()
1315 cstate->off_vci = SUNATM_VCI_POS; in init_linktype()
1316 cstate->off_proto = PROTO_POS; in init_linktype()
1317 cstate->off_payload = SUNATM_PKT_BEGIN_POS; in init_linktype()
1318 cstate->off_linktype.constant_part = cstate->off_payload; in init_linktype()
1319 cstate->off_linkpl.constant_part = cstate->off_payload; /* if LLC-encapsulated */ in init_linktype()
1320 cstate->off_nl = 8; /* 802.2+SNAP */ in init_linktype()
1321 cstate->off_nl_nosnap = 3; /* 802.2 */ in init_linktype()
1327 cstate->off_linktype.constant_part = OFFSET_NOT_SET; in init_linktype()
1328 cstate->off_linkpl.constant_part = 0; in init_linktype()
1329 cstate->off_nl = 0; in init_linktype()
1330 cstate->off_nl_nosnap = 0; /* no 802.2 LLC */ in init_linktype()
1334 cstate->off_linktype.constant_part = 14; in init_linktype()
1335 cstate->off_linkpl.constant_part = 16; in init_linktype()
1336 cstate->off_nl = 0; in init_linktype()
1337 cstate->off_nl_nosnap = 0; /* no 802.2 LLC */ in init_linktype()
1342 * LocalTalk does have a 1-byte type field in the LLAP header, in init_linktype()
1346 cstate->off_linktype.constant_part = OFFSET_NOT_SET; in init_linktype()
1347 cstate->off_linkpl.constant_part = 0; in init_linktype()
1348 cstate->off_nl = 0; in init_linktype()
1349 cstate->off_nl_nosnap = 0; /* no 802.2 LLC */ in init_linktype()
1354 * RFC 2625 IP-over-Fibre-Channel doesn't really have a in init_linktype()
1355 * link-level type field. We set "off_linktype" to the in init_linktype()
1360 * XXX - should we generate code to check for SNAP? RFC in init_linktype()
1363 cstate->off_linktype.constant_part = 16; in init_linktype()
1364 cstate->off_linkpl.constant_part = 16; in init_linktype()
1365 cstate->off_nl = 8; /* 802.2+SNAP */ in init_linktype()
1366 cstate->off_nl_nosnap = 3; /* 802.2 */ in init_linktype()
1371 * XXX - we should set this to handle SNAP-encapsulated in init_linktype()
1374 cstate->off_linktype.constant_part = OFFSET_NOT_SET; in init_linktype()
1375 cstate->off_linkpl.constant_part = 0; in init_linktype()
1376 cstate->off_nl = 0; in init_linktype()
1377 cstate->off_nl_nosnap = 0; /* no 802.2 LLC */ in init_linktype()
1381 * the only BPF-interesting FRF.16 frames are non-control frames; in init_linktype()
1382 * Frame Relay has a variable length link-layer in init_linktype()
1386 cstate->off_linktype.constant_part = OFFSET_NOT_SET; in init_linktype()
1387 cstate->off_linkpl.constant_part = 0; in init_linktype()
1388 cstate->off_nl = 4; in init_linktype()
1389 cstate->off_nl_nosnap = 0; /* XXX - for now -> no 802.2 LLC */ in init_linktype()
1393 cstate->off_linktype.constant_part = 16; in init_linktype()
1394 cstate->off_linkpl.constant_part = 18; in init_linktype()
1395 cstate->off_nl = 0; in init_linktype()
1396 cstate->off_nl_nosnap = 0; /* no 802.2 LLC */ in init_linktype()
1400 cstate->off_linktype.constant_part = 6; in init_linktype()
1401 cstate->off_linkpl.constant_part = 44; in init_linktype()
1402 cstate->off_nl = 0; /* Ethernet II */ in init_linktype()
1403 cstate->off_nl_nosnap = 0; /* XXX - what does it do with 802.3 packets? */ in init_linktype()
1408 cstate->off_linktype.constant_part = 0; in init_linktype()
1409 cstate->off_linkpl.constant_part = PFLOG_HDRLEN; in init_linktype()
1410 cstate->off_nl = 0; in init_linktype()
1411 cstate->off_nl_nosnap = 0; /* no 802.2 LLC */ in init_linktype()
1421 cstate->off_linktype.constant_part = 4; in init_linktype()
1422 cstate->off_linkpl.constant_part = 4; in init_linktype()
1423 cstate->off_nl = 0; in init_linktype()
1424 cstate->off_nl_nosnap = OFFSET_NOT_SET; /* no 802.2 LLC */ in init_linktype()
1428 cstate->off_linktype.constant_part = 4; /* in reality variable between 4-8 */ in init_linktype()
1429 cstate->off_linkpl.constant_part = 4; /* in reality variable between 4-8 */ in init_linktype()
1430 cstate->off_nl = 0; in init_linktype()
1431 cstate->off_nl_nosnap = 10; in init_linktype()
1435 cstate->off_linktype.constant_part = 8; /* in reality variable between 8-12 */ in init_linktype()
1436 cstate->off_linkpl.constant_part = 8; /* in reality variable between 8-12 */ in init_linktype()
1437 cstate->off_nl = 0; in init_linktype()
1438 cstate->off_nl_nosnap = 10; in init_linktype()
1441 /* frames captured on a Juniper PPPoE service PIC in init_linktype()
1445 cstate->off_linkpl.constant_part = 14; in init_linktype()
1446 cstate->off_linktype.constant_part = 16; in init_linktype()
1447 cstate->off_nl = 18; /* Ethernet II */ in init_linktype()
1448 cstate->off_nl_nosnap = 21; /* 802.3+802.2 */ in init_linktype()
1452 cstate->off_linktype.constant_part = 4; in init_linktype()
1453 cstate->off_linkpl.constant_part = 6; in init_linktype()
1454 cstate->off_nl = 0; in init_linktype()
1455 cstate->off_nl_nosnap = OFFSET_NOT_SET; /* no 802.2 LLC */ in init_linktype()
1459 cstate->off_linktype.constant_part = 6; in init_linktype()
1460 cstate->off_linkpl.constant_part = 12; in init_linktype()
1461 cstate->off_nl = 0; in init_linktype()
1462 cstate->off_nl_nosnap = OFFSET_NOT_SET; /* no 802.2 LLC */ in init_linktype()
1466 cstate->off_linktype.constant_part = 6; in init_linktype()
1467 …cstate->off_linkpl.constant_part = OFFSET_NOT_SET; /* not really a network layer but raw IP addres… in init_linktype()
1468 cstate->off_nl = OFFSET_NOT_SET; /* not really a network layer but raw IP addresses */ in init_linktype()
1469 cstate->off_nl_nosnap = OFFSET_NOT_SET; /* no 802.2 LLC */ in init_linktype()
1473 cstate->off_linktype.constant_part = 12; in init_linktype()
1474 cstate->off_linkpl.constant_part = 12; in init_linktype()
1475 cstate->off_nl = 0; /* raw IP/IP6 header */ in init_linktype()
1476 cstate->off_nl_nosnap = OFFSET_NOT_SET; /* no 802.2 LLC */ in init_linktype()
1480 cstate->off_linktype.constant_part = OFFSET_NOT_SET; in init_linktype()
1481 cstate->off_linkpl.constant_part = OFFSET_NOT_SET; in init_linktype()
1482 cstate->off_nl = OFFSET_NOT_SET; in init_linktype()
1483 cstate->off_nl_nosnap = OFFSET_NOT_SET; in init_linktype()
1487 cstate->off_linktype.constant_part = 12; in init_linktype()
1488 cstate->off_linkpl.constant_part = OFFSET_NOT_SET; /* L3 proto location dep. on cookie type */ in init_linktype()
1489 cstate->off_nl = OFFSET_NOT_SET; /* L3 proto location dep. on cookie type */ in init_linktype()
1490 cstate->off_nl_nosnap = OFFSET_NOT_SET; /* no 802.2 LLC */ in init_linktype()
1494 cstate->off_linktype.constant_part = 18; in init_linktype()
1495 cstate->off_linkpl.constant_part = OFFSET_NOT_SET; in init_linktype()
1496 cstate->off_nl = OFFSET_NOT_SET; in init_linktype()
1497 cstate->off_nl_nosnap = OFFSET_NOT_SET; in init_linktype()
1501 cstate->off_linktype.constant_part = 18; in init_linktype()
1502 cstate->off_linkpl.constant_part = OFFSET_NOT_SET; in init_linktype()
1503 cstate->off_nl = OFFSET_NOT_SET; in init_linktype()
1504 cstate->off_nl_nosnap = OFFSET_NOT_SET; in init_linktype()
1508 cstate->off_linktype.constant_part = 8; in init_linktype()
1509 cstate->off_linkpl.constant_part = OFFSET_NOT_SET; in init_linktype()
1510 cstate->off_nl = OFFSET_NOT_SET; in init_linktype()
1511 cstate->off_nl_nosnap = OFFSET_NOT_SET; in init_linktype()
1518 cstate->off_linktype.constant_part = 8; in init_linktype()
1519 cstate->off_linkpl.constant_part = OFFSET_NOT_SET; in init_linktype()
1520 cstate->off_nl = OFFSET_NOT_SET; in init_linktype()
1521 cstate->off_nl_nosnap = OFFSET_NOT_SET; in init_linktype()
1525 cstate->off_li = 2; in init_linktype()
1526 cstate->off_li_hsl = 4; in init_linktype()
1527 cstate->off_sio = 3; in init_linktype()
1528 cstate->off_opc = 4; in init_linktype()
1529 cstate->off_dpc = 4; in init_linktype()
1530 cstate->off_sls = 7; in init_linktype()
1531 cstate->off_linktype.constant_part = OFFSET_NOT_SET; in init_linktype()
1532 cstate->off_linkpl.constant_part = OFFSET_NOT_SET; in init_linktype()
1533 cstate->off_nl = OFFSET_NOT_SET; in init_linktype()
1534 cstate->off_nl_nosnap = OFFSET_NOT_SET; in init_linktype()
1538 cstate->off_li = 6; in init_linktype()
1539 cstate->off_li_hsl = 8; in init_linktype()
1540 cstate->off_sio = 7; in init_linktype()
1541 cstate->off_opc = 8; in init_linktype()
1542 cstate->off_dpc = 8; in init_linktype()
1543 cstate->off_sls = 11; in init_linktype()
1544 cstate->off_linktype.constant_part = OFFSET_NOT_SET; in init_linktype()
1545 cstate->off_linkpl.constant_part = OFFSET_NOT_SET; in init_linktype()
1546 cstate->off_nl = OFFSET_NOT_SET; in init_linktype()
1547 cstate->off_nl_nosnap = OFFSET_NOT_SET; in init_linktype()
1551 cstate->off_li = 22; in init_linktype()
1552 cstate->off_li_hsl = 24; in init_linktype()
1553 cstate->off_sio = 23; in init_linktype()
1554 cstate->off_opc = 24; in init_linktype()
1555 cstate->off_dpc = 24; in init_linktype()
1556 cstate->off_sls = 27; in init_linktype()
1557 cstate->off_linktype.constant_part = OFFSET_NOT_SET; in init_linktype()
1558 cstate->off_linkpl.constant_part = OFFSET_NOT_SET; in init_linktype()
1559 cstate->off_nl = OFFSET_NOT_SET; in init_linktype()
1560 cstate->off_nl_nosnap = OFFSET_NOT_SET; in init_linktype()
1564 cstate->off_linktype.constant_part = OFFSET_NOT_SET; in init_linktype()
1565 cstate->off_linkpl.constant_part = 4; in init_linktype()
1566 cstate->off_nl = 0; in init_linktype()
1567 cstate->off_nl_nosnap = 0; in init_linktype()
1574 cstate->off_linktype.constant_part = OFFSET_NOT_SET; /* variable, min 15, max 71 steps of 7 */ in init_linktype()
1575 cstate->off_linkpl.constant_part = OFFSET_NOT_SET; in init_linktype()
1576 cstate->off_nl = OFFSET_NOT_SET; /* variable, min 16, max 71 steps of 7 */ in init_linktype()
1577 cstate->off_nl_nosnap = OFFSET_NOT_SET; /* no 802.2 LLC */ in init_linktype()
1581 cstate->off_linktype.constant_part = 1; in init_linktype()
1582 cstate->off_linkpl.constant_part = 24; /* ipnet header length */ in init_linktype()
1583 cstate->off_nl = 0; in init_linktype()
1584 cstate->off_nl_nosnap = OFFSET_NOT_SET; in init_linktype()
1588 cstate->off_linkhdr.constant_part = 4; /* Ethernet header is past 4-byte pseudo-header */ in init_linktype()
1589 cstate->off_linktype.constant_part = cstate->off_linkhdr.constant_part + 12; in init_linktype()
1590 …cstate->off_linkpl.constant_part = cstate->off_linkhdr.constant_part + 14; /* pseudo-header+Ethern… in init_linktype()
1591 cstate->off_nl = 0; /* Ethernet II */ in init_linktype()
1592 cstate->off_nl_nosnap = 3; /* 802.3+802.2 */ in init_linktype()
1596 …cstate->off_linkhdr.constant_part = 12; /* MAC header is past 4-byte pseudo-header, preamble, and … in init_linktype()
1597 cstate->off_linktype.constant_part = cstate->off_linkhdr.constant_part + 12; in init_linktype()
1598 …cstate->off_linkpl.constant_part = cstate->off_linkhdr.constant_part + 14; /* pseudo-header+preamb… in init_linktype()
1599 cstate->off_nl = 0; /* Ethernet II */ in init_linktype()
1600 cstate->off_nl_nosnap = 3; /* 802.3+802.2 */ in init_linktype()
1608 if (cstate->linktype >= DLT_MATCHING_MIN && in init_linktype()
1609 cstate->linktype <= DLT_MATCHING_MAX) { in init_linktype()
1610 cstate->off_linktype.constant_part = OFFSET_NOT_SET; in init_linktype()
1611 cstate->off_linkpl.constant_part = OFFSET_NOT_SET; in init_linktype()
1612 cstate->off_nl = OFFSET_NOT_SET; in init_linktype()
1613 cstate->off_nl_nosnap = OFFSET_NOT_SET; in init_linktype()
1615 bpf_error(cstate, "unknown data link type %d", cstate->linktype); in init_linktype()
1620 cstate->off_outermostlinkhdr = cstate->off_prevlinkhdr = cstate->off_linkhdr; in init_linktype()
1635 * If "s" is non-null, it has code to arrange that the X register in gen_load_absoffsetrel()
1638 * abs_offset->constant_part + offset. in gen_load_absoffsetrel()
1641 * abs_offset->constant_part + offset. in gen_load_absoffsetrel()
1650 s2->s.k = abs_offset->constant_part + offset; in gen_load_absoffsetrel()
1658 s->s.k = abs_offset->constant_part + offset; in gen_load_absoffsetrel()
1676 s->s.k = offset; in gen_load_a()
1680 s = gen_load_absoffsetrel(cstate, &cstate->off_linkhdr, offset, size); in gen_load_a()
1684 s = gen_load_absoffsetrel(cstate, &cstate->off_prevlinkhdr, offset, size); in gen_load_a()
1688 s = gen_load_absoffsetrel(cstate, &cstate->off_linkpl, offset, size); in gen_load_a()
1692 s = gen_load_absoffsetrel(cstate, &cstate->off_linkpl, cstate->off_nl - 4 + offset, size); in gen_load_a()
1696 s = gen_load_absoffsetrel(cstate, &cstate->off_linkpl, cstate->off_nl + offset, size); in gen_load_a()
1700 s = gen_load_absoffsetrel(cstate, &cstate->off_linkpl, cstate->off_nl_nosnap + offset, size); in gen_load_a()
1704 s = gen_load_absoffsetrel(cstate, &cstate->off_linktype, offset, size); in gen_load_a()
1709 * Load the X register with the length of the IPv4 header in gen_load_a()
1710 * (plus the offset of the link-layer header, if it's in gen_load_a()
1711 * preceded by a variable-length header such as a radio in gen_load_a()
1717 * Load the item at {offset of the link-layer payload} + in gen_load_a()
1718 * {offset, relative to the start of the link-layer in gen_load_a()
1719 * paylod, of the IPv4 header} + {length of the IPv4 header} + in gen_load_a()
1722 * If the offset of the link-layer payload is variable, in gen_load_a()
1728 s2->s.k = cstate->off_linkpl.constant_part + cstate->off_nl + offset; in gen_load_a()
1733 s = gen_load_absoffsetrel(cstate, &cstate->off_linkpl, cstate->off_nl + 40 + offset, size); in gen_load_a()
1745 * the IPv4 header and the variable part of the offset of the link-layer
1753 s = gen_abs_offset_varpart(cstate, &cstate->off_linkpl); in gen_loadx_iphdrlen()
1756 * The offset of the link-layer payload has a variable in gen_loadx_iphdrlen()
1766 s2->s.k = cstate->off_linkpl.constant_part + cstate->off_nl; in gen_loadx_iphdrlen()
1769 s2->s.k = 0xf; in gen_loadx_iphdrlen()
1772 s2->s.k = 2; in gen_loadx_iphdrlen()
1778 * the link-layer payload, which is still in the X in gen_loadx_iphdrlen()
1785 * The offset of the link-layer payload is a constant, in gen_loadx_iphdrlen()
1786 * so no code was generated to load the (non-existent) in gen_loadx_iphdrlen()
1790 * mode. Load the length of the IPv4 header, which in gen_loadx_iphdrlen()
1791 * is at an offset of cstate->off_nl from the beginning of in gen_loadx_iphdrlen()
1792 * the link-layer payload, and thus at an offset of in gen_loadx_iphdrlen()
1793 * cstate->off_linkpl.constant_part + cstate->off_nl from the beginning in gen_loadx_iphdrlen()
1797 s->s.k = cstate->off_linkpl.constant_part + cstate->off_nl; in gen_loadx_iphdrlen()
1810 s->s.k = !rsense; in gen_uncond()
1812 b->stmts = s; in gen_uncond()
1830 * Byte-swap a 32-bit number.
1831 * ("htonl()" or "ntohl()" won't work - we want to byte-swap even on
1832 * big-endian platforms.)
1860 * LLCSAP_IP checks for IP-over-802.2, rather in gen_ether_linktype()
1861 * than IP-over-Ethernet or IP-over-SNAP. in gen_ether_linktype()
1863 * XXX - should we check both the DSAP and the in gen_ether_linktype()
1900 * XXX - should we generate the same code both in gen_ether_linktype()
1959 * 802.2-encapsulated ETHERTYPE_ATALK packets are in gen_ether_linktype()
1964 * 802.2-encapsulated ETHERTYPE_AARP packets are in gen_ether_linktype()
2020 * For DLT_NULL, the link-layer header is a 32-bit word in gen_loopback_linktype()
2022 * DLT_ENC, the link-layer header begins with a 32-bit in gen_loopback_linktype()
2029 * For DLT_LOOP, the link-layer header is a 32-bit in gen_loopback_linktype()
2032 if (cstate->linktype == DLT_NULL || cstate->linktype == DLT_ENC) { in gen_loopback_linktype()
2038 * with the opposite byte order to ours, we byte-swap in gen_loopback_linktype()
2044 if (cstate->bpf_pcap->rfile != NULL && cstate->bpf_pcap->swapped) in gen_loopback_linktype()
2052 * "proto" is an Ethernet type value and for IPNET, if it is not IPv4
2098 * LLCSAP_IP checks for IP-over-802.2, rather in gen_linux_sll_linktype()
2099 * than IP-over-Ethernet or IP-over-SNAP. in gen_linux_sll_linktype()
2101 * XXX - should we check both the DSAP and the in gen_linux_sll_linktype()
2175 * 802.2-encapsulated ETHERTYPE_ATALK packets are in gen_linux_sll_linktype()
2180 * 802.2-encapsulated ETHERTYPE_AARP packets are in gen_linux_sll_linktype()
2211 b1 = gen_cmp(cstate, OR_LINKHDR, cstate->off_linkpl.constant_part, BPF_B, in gen_linux_sll_linktype()
2242 cstate->no_optimize = 1; in gen_load_prism_llprefixlen()
2253 * We load a 4-byte big-endian value at the beginning of the in gen_load_prism_llprefixlen()
2256 * an AVS header (the masked-out bits are the version number). in gen_load_prism_llprefixlen()
2259 * XXX - the Prism header is also, in theory, variable-length, in gen_load_prism_llprefixlen()
2263 if (cstate->off_linkhdr.reg != -1) { in gen_load_prism_llprefixlen()
2268 s1->s.k = 0; in gen_load_prism_llprefixlen()
2274 s2->s.k = 0xFFFFF000; in gen_load_prism_llprefixlen()
2281 sjeq_avs_cookie->s.k = 0x80211000; in gen_load_prism_llprefixlen()
2289 * That field is big-endian. in gen_load_prism_llprefixlen()
2292 s2->s.k = 4; in gen_load_prism_llprefixlen()
2294 sjeq_avs_cookie->s.jt = s2; in gen_load_prism_llprefixlen()
2305 sjcommon->s.k = 1; in gen_load_prism_llprefixlen()
2315 s2->s.k = 144; in gen_load_prism_llprefixlen()
2317 sjeq_avs_cookie->s.jf = s2; in gen_load_prism_llprefixlen()
2325 s2->s.k = cstate->off_linkhdr.reg; in gen_load_prism_llprefixlen()
2327 sjcommon->s.jf = s2; in gen_load_prism_llprefixlen()
2352 if (cstate->off_linkhdr.reg != -1) { in gen_load_avs_llprefixlen()
2356 * That field is big-endian. in gen_load_avs_llprefixlen()
2359 s1->s.k = 4; in gen_load_avs_llprefixlen()
2366 s2->s.k = cstate->off_linkhdr.reg; in gen_load_avs_llprefixlen()
2392 if (cstate->off_linkhdr.reg != -1) { in gen_load_radiotap_llprefixlen()
2396 * header; unfortunately, it's little-endian, so we have in gen_load_radiotap_llprefixlen()
2401 * Load the high-order byte, at an offset of 3, shift it in gen_load_radiotap_llprefixlen()
2405 s1->s.k = 3; in gen_load_radiotap_llprefixlen()
2408 s2->s.k = 8; in gen_load_radiotap_llprefixlen()
2418 s2->s.k = 2; in gen_load_radiotap_llprefixlen()
2427 s2->s.k = cstate->off_linkhdr.reg; in gen_load_radiotap_llprefixlen()
2460 if (cstate->off_linkhdr.reg != -1) { in gen_load_ppi_llprefixlen()
2464 * header; unfortunately, it's little-endian, so we have in gen_load_ppi_llprefixlen()
2469 * Load the high-order byte, at an offset of 3, shift it in gen_load_ppi_llprefixlen()
2473 s1->s.k = 3; in gen_load_ppi_llprefixlen()
2476 s2->s.k = 8; in gen_load_ppi_llprefixlen()
2486 s2->s.k = 2; in gen_load_ppi_llprefixlen()
2495 s2->s.k = cstate->off_linkhdr.reg; in gen_load_ppi_llprefixlen()
2510 * Load a value relative to the beginning of the link-layer header after the 802.11
2512 * The link-layer header doesn't necessarily begin at the beginning
2513 * of the packet data; there might be a variable-length prefix containing
2529 if (cstate->off_linkpl.reg == -1) { in gen_load_802_11_header_len()
2532 * the link-layer payload, which means nobody needs in gen_load_802_11_header_len()
2533 * it; don't bother computing it - just return in gen_load_802_11_header_len()
2544 cstate->no_optimize = 1; in gen_load_802_11_header_len()
2547 * If "s" is non-null, it has code to arrange that the X register in gen_load_802_11_header_len()
2548 * contains the length of the prefix preceding the link-layer in gen_load_802_11_header_len()
2551 * Otherwise, the length of the prefix preceding the link-layer in gen_load_802_11_header_len()
2556 * There is no variable-length header preceding the in gen_load_802_11_header_len()
2557 * link-layer header. in gen_load_802_11_header_len()
2559 * Load the length of the fixed-length prefix preceding in gen_load_802_11_header_len()
2560 * the link-layer header (if any) into the X register, in gen_load_802_11_header_len()
2561 * and store it in the cstate->off_linkpl.reg register. in gen_load_802_11_header_len()
2565 s->s.k = cstate->off_outermostlinkhdr.constant_part; in gen_load_802_11_header_len()
2570 * link-layer header; add 24, which is the minimum length in gen_load_802_11_header_len()
2572 * in cstate->off_linkpl.reg, and then load the Frame Control field, in gen_load_802_11_header_len()
2578 s2->s.k = 24; in gen_load_802_11_header_len()
2581 s2->s.k = cstate->off_linkpl.reg; in gen_load_802_11_header_len()
2585 s2->s.k = 0; in gen_load_802_11_header_len()
2594 sjset_data_frame_1->s.k = 0x08; in gen_load_802_11_header_len()
2601 sjset_data_frame_1->s.jt = sjset_data_frame_2 = new_stmt(cstate, JMP(BPF_JSET)); in gen_load_802_11_header_len()
2602 sjset_data_frame_2->s.k = 0x04; in gen_load_802_11_header_len()
2604 sjset_data_frame_1->s.jf = snext; in gen_load_802_11_header_len()
2611 sjset_data_frame_2->s.jt = snext; in gen_load_802_11_header_len()
2612 sjset_data_frame_2->s.jf = sjset_qos = new_stmt(cstate, JMP(BPF_JSET)); in gen_load_802_11_header_len()
2613 sjset_qos->s.k = 0x80; /* QoS bit */ in gen_load_802_11_header_len()
2617 * If it's set, add 2 to cstate->off_linkpl.reg, to skip the QoS in gen_load_802_11_header_len()
2622 sjset_qos->s.jt = s2 = new_stmt(cstate, BPF_LD|BPF_MEM); in gen_load_802_11_header_len()
2623 s2->s.k = cstate->off_linkpl.reg; in gen_load_802_11_header_len()
2626 s2->s.k = 2; in gen_load_802_11_header_len()
2629 s2->s.k = cstate->off_linkpl.reg; in gen_load_802_11_header_len()
2634 * there's Atheros padding between the MAC-layer header in gen_load_802_11_header_len()
2638 * little-endian, so we byte-swap all of the values in gen_load_802_11_header_len()
2639 * we test against, as they will be loaded as big-endian in gen_load_802_11_header_len()
2642 * XXX - in the general case, we would have to scan through in gen_load_802_11_header_len()
2651 if (cstate->linktype == DLT_IEEE802_11_RADIO) { in gen_load_802_11_header_len()
2656 sjset_qos->s.jf = s2 = new_stmt(cstate, BPF_LD|BPF_ABS|BPF_W); in gen_load_802_11_header_len()
2657 s2->s.k = 4; in gen_load_802_11_header_len()
2661 sjset_radiotap_flags_present->s.k = SWAPLONG(0x00000002); in gen_load_802_11_header_len()
2667 sjset_radiotap_flags_present->s.jf = snext; in gen_load_802_11_header_len()
2673 sjset_radiotap_ext_present->s.k = SWAPLONG(0x80000000); in gen_load_802_11_header_len()
2675 sjset_radiotap_flags_present->s.jt = sjset_radiotap_ext_present; in gen_load_802_11_header_len()
2680 sjset_radiotap_ext_present->s.jt = snext; in gen_load_802_11_header_len()
2686 sjset_radiotap_tsft_present->s.k = SWAPLONG(0x00000001); in gen_load_802_11_header_len()
2688 sjset_radiotap_ext_present->s.jf = sjset_radiotap_tsft_present; in gen_load_802_11_header_len()
2700 s2->s.k = 16; in gen_load_802_11_header_len()
2702 sjset_radiotap_tsft_present->s.jt = s2; in gen_load_802_11_header_len()
2705 sjset_tsft_datapad->s.k = 0x20; in gen_load_802_11_header_len()
2717 s2->s.k = 8; in gen_load_802_11_header_len()
2719 sjset_radiotap_tsft_present->s.jf = s2; in gen_load_802_11_header_len()
2722 sjset_notsft_datapad->s.k = 0x20; in gen_load_802_11_header_len()
2733 s_roundup->s.k = cstate->off_linkpl.reg; in gen_load_802_11_header_len()
2736 s2->s.k = 3; in gen_load_802_11_header_len()
2739 s2->s.k = ~3; in gen_load_802_11_header_len()
2742 s2->s.k = cstate->off_linkpl.reg; in gen_load_802_11_header_len()
2745 sjset_tsft_datapad->s.jt = s_roundup; in gen_load_802_11_header_len()
2746 sjset_tsft_datapad->s.jf = snext; in gen_load_802_11_header_len()
2747 sjset_notsft_datapad->s.jt = s_roundup; in gen_load_802_11_header_len()
2748 sjset_notsft_datapad->s.jf = snext; in gen_load_802_11_header_len()
2750 sjset_qos->s.jf = snext; in gen_load_802_11_header_len()
2765 if (cstate->off_linkpl.reg != -1 && cstate->off_linkhdr.is_variable && in insert_compute_vloffsets()
2766 cstate->off_linkhdr.reg == -1) in insert_compute_vloffsets()
2767 cstate->off_linkhdr.reg = alloc_reg(cstate); in insert_compute_vloffsets()
2770 * For link-layer types that have a variable-length header in insert_compute_vloffsets()
2771 * preceding the link-layer header, generate code to load in insert_compute_vloffsets()
2772 * the offset of the link-layer header into the register in insert_compute_vloffsets()
2775 * XXX - this, and the next switch statement, won't handle in insert_compute_vloffsets()
2780 switch (cstate->outermostlinktype) { in insert_compute_vloffsets()
2804 * For link-layer types that have a variable-length link-layer in insert_compute_vloffsets()
2805 * header, generate code to load the offset of the link-layer in insert_compute_vloffsets()
2808 switch (cstate->outermostlinktype) { in insert_compute_vloffsets()
2815 s = gen_load_802_11_header_len(cstate, s, b->stmts); in insert_compute_vloffsets()
2823 if (s == NULL && cstate->is_vlan_vloffset) { in insert_compute_vloffsets()
2826 if (cstate->off_linkpl.reg == -1) in insert_compute_vloffsets()
2827 cstate->off_linkpl.reg = alloc_reg(cstate); in insert_compute_vloffsets()
2828 if (cstate->off_linktype.reg == -1) in insert_compute_vloffsets()
2829 cstate->off_linktype.reg = alloc_reg(cstate); in insert_compute_vloffsets()
2832 s->s.k = 0; in insert_compute_vloffsets()
2834 s2->s.k = cstate->off_linkpl.reg; in insert_compute_vloffsets()
2837 s2->s.k = cstate->off_linktype.reg; in insert_compute_vloffsets()
2842 * If we have any offset-loading code, append all the in insert_compute_vloffsets()
2848 sappend(s, b->stmts); in insert_compute_vloffsets()
2849 b->stmts = s; in insert_compute_vloffsets()
2859 if (cstate->linktype == DLT_PPI) in gen_ppi_dlt_check()
2864 s_load_dlt->s.k = 4; in gen_ppi_dlt_check()
2868 b->stmts = s_load_dlt; in gen_ppi_dlt_check()
2869 b->s.k = SWAPLONG(DLT_IEEE802_11); in gen_ppi_dlt_check()
2886 * a pointer to that code - if no register for that offset has
2897 if (off->is_variable) { in gen_abs_offset_varpart()
2898 if (off->reg == -1) { in gen_abs_offset_varpart()
2901 * variable part of the offset of the link-layer in gen_abs_offset_varpart()
2904 off->reg = alloc_reg(cstate); in gen_abs_offset_varpart()
2909 * offset of the link-layer header into the X register. in gen_abs_offset_varpart()
2912 s->s.k = off->reg; in gen_abs_offset_varpart()
2972 * Generate any tests that, for encapsulation of a link-layer packet
2974 * link-layer packets (and that haven't already been done by a check
2982 if (cstate->is_geneve) in gen_prevlinkhdr_check()
2985 switch (cstate->prevlinktype) { in gen_prevlinkhdr_check()
2989 * This is LANE-encapsulated Ethernet; check that the LANE in gen_prevlinkhdr_check()
3014 #define BSD_AFNUM_INET6_DARWIN 30 /* macOS, iOS, other Darwin-based OSes */
3018 * link-layer type field or fields in the 802.2 LLC header.
3029 /* are we checking MPLS-encapsulated packets? */ in gen_linktype()
3030 if (cstate->label_stack_depth > 0) { in gen_linktype()
3048 switch (cstate->linktype) { in gen_linktype()
3055 if (!cstate->is_geneve) in gen_linktype()
3092 * Now check for the specified link-layer type. in gen_linktype()
3102 * XXX - check for LLC frames. in gen_linktype()
3110 * XXX - check for LLC PDUs, as per IEEE 802.5. in gen_linktype()
3125 * Check for an LLC-encapsulated version of this protocol; in gen_linktype()
3148 * are always IPv4 or IPv6. in gen_linktype()
3150 * XXX - for IPv4, check for a version number of 4, and, in gen_linktype()
3171 * Raw IPv4, so no type field. in gen_linktype()
3176 /* Checking for something other than IPv4; always false */ in gen_linktype()
3215 * Also check for Van Jacobson-compressed IP. in gen_linktype()
3216 * XXX - do this for other forms of PPP? in gen_linktype()
3243 * AF_ values may, unfortunately, be platform- in gen_linktype()
3264 if (cstate->bpf_pcap->rfile != NULL) { in gen_linktype()
3266 * Savefile - check for all three in gen_linktype()
3305 * XXX - support those that have AF_ values in gen_linktype()
3383 * XXX - assumes a 2-byte Frame Relay header with in gen_linktype()
3426 bpf_error(cstate, "Multi-link Frame Relay link-layer type filtering not implemented"); in gen_linktype()
3451 /* just lets verify the magic number for now - in gen_linktype()
3467 bpf_error(cstate, "IrDA link-layer type filtering not implemented"); in gen_linktype()
3470 bpf_error(cstate, "DOCSIS link-layer type filtering not implemented"); in gen_linktype()
3474 bpf_error(cstate, "MTP2 link-layer type filtering not implemented"); in gen_linktype()
3477 bpf_error(cstate, "ERF link-layer type filtering not implemented"); in gen_linktype()
3480 bpf_error(cstate, "PFSYNC link-layer type filtering not implemented"); in gen_linktype()
3483 bpf_error(cstate, "LAPD link-layer type filtering not implemented"); in gen_linktype()
3489 bpf_error(cstate, "USB link-layer type filtering not implemented"); in gen_linktype()
3493 bpf_error(cstate, "Bluetooth link-layer type filtering not implemented"); in gen_linktype()
3497 bpf_error(cstate, "CAN link-layer type filtering not implemented"); in gen_linktype()
3503 bpf_error(cstate, "IEEE 802.15.4 link-layer type filtering not implemented"); in gen_linktype()
3506 bpf_error(cstate, "IEEE 802.16 link-layer type filtering not implemented"); in gen_linktype()
3509 bpf_error(cstate, "SITA link-layer type filtering not implemented"); in gen_linktype()
3512 bpf_error(cstate, "RAIF1 link-layer type filtering not implemented"); in gen_linktype()
3515 bpf_error(cstate, "IPMB link-layer type filtering not implemented"); in gen_linktype()
3518 bpf_error(cstate, "AX.25 link-layer type filtering not implemented"); in gen_linktype()
3521 /* Using the fixed-size NFLOG header it is possible to tell only in gen_linktype()
3525 bpf_error(cstate, "NFLOG link-layer type filtering not implemented"); in gen_linktype()
3529 * Does this link-layer header type have a field in gen_linktype()
3534 if (cstate->off_linktype.constant_part != OFFSET_NOT_SET) { in gen_linktype()
3545 description = pcap_datalink_val_to_description(cstate->linktype); in gen_linktype()
3547 bpf_error(cstate, "%s link-layer type filtering not implemented", in gen_linktype()
3550 bpf_error(cstate, "DLT %u link-layer type filtering not implemented", in gen_linktype()
3551 cstate->linktype); in gen_linktype()
3589 switch (cstate->linktype) { in gen_llc()
3601 * 0xFF, to rule out NetWare-over-802.3. in gen_llc()
3617 * XXX - check for LLC frames. in gen_llc()
3623 * XXX - check for LLC frames. in gen_llc()
3650 bpf_error(cstate, "'llc' not supported for linktype %d", cstate->linktype); in gen_llc()
3667 * Load the control byte and test the low-order bit; it must in gen_llc_i()
3672 b1->s.k = 0x01; in gen_llc_i()
3673 b1->stmts = s; in gen_llc_i()
3690 * Now compare the low-order 2 bit of the control byte against in gen_llc_s()
3709 * Now compare the low-order 2 bit of the control byte against in gen_llc_u()
3754 * Generate code to match a particular packet type, for link-layer types
3758 * for that - it handles the D/I/X Ethernet vs. 802.3+802.2 issues.
3769 * XXX - handle token-ring variable-length header. in gen_llc_linktype()
3777 * XXX - should we check both the DSAP and the in gen_llc_linktype()
3786 * XXX - are there ever SNAP frames for IPX on in gen_llc_linktype()
3787 * non-Ethernet 802.x networks? in gen_llc_linktype()
3794 * 802.2-encapsulated ETHERTYPE_ATALK packets are in gen_llc_linktype()
3799 * XXX - check for an organization code of in gen_llc_linktype()
3806 * XXX - we don't have to check for IPX 802.3 in gen_llc_linktype()
3824 * XXX - if we were to check for the SNAP DSAP and in gen_llc_linktype()
4041 return gen_bcmp(cstate, OR_LINKHDR, 6 + 1 + cstate->pcap_fddipad, 6, eaddr); in gen_fhostop()
4044 return gen_bcmp(cstate, OR_LINKHDR, 0 + 1 + cstate->pcap_fddipad, 6, eaddr); in gen_fhostop()
4160 cstate->no_optimize = 1; in gen_wlanhostop()
4192 b1->s.k = 0x01; /* To DS */ in gen_wlanhostop()
4193 b1->stmts = s; in gen_wlanhostop()
4207 b2->s.k = 0x01; /* To DS */ in gen_wlanhostop()
4208 b2->stmts = s; in gen_wlanhostop()
4226 * the ORed-together checks. in gen_wlanhostop()
4230 b1->s.k = 0x02; /* From DS */ in gen_wlanhostop()
4231 b1->stmts = s; in gen_wlanhostop()
4239 b2->s.k = 0x02; /* From DS */ in gen_wlanhostop()
4240 b2->stmts = s; in gen_wlanhostop()
4262 b1->s.k = 0x08; in gen_wlanhostop()
4263 b1->stmts = s; in gen_wlanhostop()
4271 * If the high-order bit of the type value is 0, this in gen_wlanhostop()
4277 b2->s.k = 0x08; in gen_wlanhostop()
4278 b2->stmts = s; in gen_wlanhostop()
4295 * If the low-order bit of the type value is 1, in gen_wlanhostop()
4304 b1->s.k = 0x04; in gen_wlanhostop()
4305 b1->stmts = s; in gen_wlanhostop()
4339 b1->s.k = 0x01; /* To DS */ in gen_wlanhostop()
4340 b1->stmts = s; in gen_wlanhostop()
4354 b2->s.k = 0x01; /* To DS */ in gen_wlanhostop()
4355 b2->stmts = s; in gen_wlanhostop()
4376 b1->s.k = 0x08; in gen_wlanhostop()
4377 b1->stmts = s; in gen_wlanhostop()
4385 * If the high-order bit of the type value is 0, this in gen_wlanhostop()
4391 b2->s.k = 0x08; in gen_wlanhostop()
4392 b2->stmts = s; in gen_wlanhostop()
4409 * If the low-order bit of the type value is 1, in gen_wlanhostop()
4418 b1->s.k = 0x04; in gen_wlanhostop()
4419 b1->stmts = s; in gen_wlanhostop()
4436 * If the high-order bit of the type value is 0, this in gen_wlanhostop()
4442 b1->s.k = 0x08; in gen_wlanhostop()
4443 b1->stmts = s; in gen_wlanhostop()
4478 * If the high-order bit of the type value is 0, this in gen_wlanhostop()
4484 b1->s.k = 0x08; in gen_wlanhostop()
4485 b1->stmts = s; in gen_wlanhostop()
4501 * XXX - add BSSID keyword? in gen_wlanhostop()
4567 * Like gen_ehostop, but for RFC 2625 IP-over-Fibre-Channel.
4568 * (We assume that the addresses are IEEE 48-bit MAC addresses,
4706 /* Combine with test for cstate->linktype */ in gen_dnhostop()
4712 * Generate a check for IPv4 or IPv6 for MPLS-encapsulated packets;
4713 * test the bottom-of-stack bit, and then check the version number
4724 /* match the bottom-of-stack bit */ in gen_mpls_linktype()
4725 b0 = gen_mcmp(cstate, OR_LINKPL, (u_int)-2, BPF_B, 0x01, 0x01); in gen_mpls_linktype()
4726 /* match the IPv4 version number */ in gen_mpls_linktype()
4732 /* match the bottom-of-stack bit */ in gen_mpls_linktype()
4733 b0 = gen_mcmp(cstate, OR_LINKPL, (u_int)-2, BPF_B, 0x01, 0x01); in gen_mpls_linktype()
4734 /* match the IPv4 version number */ in gen_mpls_linktype()
4761 * Only check for non-IPv4 addresses if we're not in gen_host()
4762 * checking MPLS-encapsulated packets. in gen_host()
4764 if (cstate->label_stack_depth == 0) { in gen_host()
4889 bpf_error(cstate, "link-layer modifier applied to ip6 %s", typestr); in gen_host6()
5008 switch (cstate->linktype) { in gen_gateway()
5032 * This is LLC-multiplexed traffic; if it were in gen_gateway()
5033 * LANE, cstate->linktype would have been set to in gen_gateway()
5047 for (ai = alist; ai != NULL; ai = ai->ai_next) { in gen_gateway()
5051 if (ai->ai_addr != NULL) { in gen_gateway()
5053 * Yes. Is it an IPv4 address? in gen_gateway()
5055 if (ai->ai_addr->sa_family == AF_INET) { in gen_gateway()
5059 sin = (struct sockaddr_in *)ai->ai_addr; in gen_gateway()
5061 ntohl(sin->sin_addr.s_addr), in gen_gateway()
5064 * Is it the *first* IPv4 address? in gen_gateway()
5085 * No IPv4 addresses found. in gen_gateway()
5253 case Q_ISIS_L1: /* all IS-IS Level1 PDU-Types */ in gen_proto_abbrev()
5255 b1 = gen_proto(cstate, ISIS_PTP_IIH, Q_ISIS, Q_DEFAULT); /* FIXME extract the circuit-type bits */ in gen_proto_abbrev()
5265 case Q_ISIS_L2: /* all IS-IS Level2 PDU-Types */ in gen_proto_abbrev()
5267 b1 = gen_proto(cstate, ISIS_PTP_IIH, Q_ISIS, Q_DEFAULT); /* FIXME extract the circuit-type bits */ in gen_proto_abbrev()
5277 case Q_ISIS_IIH: /* all IS-IS Hello PDU-Types */ in gen_proto_abbrev()
5344 /* not IPv4 frag other than the first frag */ in gen_ipfrag()
5347 b->s.k = 0x1fff; in gen_ipfrag()
5348 b->stmts = s; in gen_ipfrag()
5355 * Generate a comparison to a port value in the transport-layer header
5358 * XXX - this handles a variable-length prefix preceding the link-layer
5360 * variable-length link-layer headers (such as Token Ring or 802.11
5426 * For IEEE 802 networks - which includes 802.5 token ring in gen_port()
5427 * (which is what DLT_IEEE802 means) and 802.11 - RFC 1042 in gen_port()
5431 * For LLC-encapsulated ATM/"Classical IP", RFC 1483 and in gen_port()
5467 /* XXX - catch the first fragment of a fragmented packet? */ in gen_portop6()
5660 /* XXX - catch the first fragment of a fragmented packet? */ in gen_portrangeop6()
5740 /* XXX should look up h/w protocol type based on cstate->linktype */ in lookup_proto()
5806 * We don't handle variable-length prefixes before the link-layer in gen_protochain()
5807 * header, or variable-length link-layer headers, here yet. in gen_protochain()
5816 if (cstate->off_linkpl.is_variable) in gen_protochain()
5819 cstate->no_optimize = 1; /* this code is not compatible with optimizer yet */ in gen_protochain()
5834 /* A = ip->ip_p */ in gen_protochain()
5836 s[i]->s.k = cstate->off_linkpl.constant_part + cstate->off_nl + 9; in gen_protochain()
5838 /* X = ip->ip_hl << 2 */ in gen_protochain()
5840 s[i]->s.k = cstate->off_linkpl.constant_part + cstate->off_nl; in gen_protochain()
5847 /* A = ip6->ip_nxt */ in gen_protochain()
5849 s[i]->s.k = cstate->off_linkpl.constant_part + cstate->off_nl + 6; in gen_protochain()
5853 s[i]->s.k = 40; in gen_protochain()
5865 s[i]->s.k = v; in gen_protochain()
5866 s[i]->s.jt = NULL; /*later*/ in gen_protochain()
5867 s[i]->s.jf = NULL; /*update in next stmt*/ in gen_protochain()
5876 s[i]->s.jt = NULL; /*later*/ in gen_protochain()
5877 s[i]->s.jf = NULL; /*update in next stmt*/ in gen_protochain()
5878 s[i]->s.k = IPPROTO_NONE; in gen_protochain()
5879 s[fix5]->s.jf = s[i]; in gen_protochain()
5889 s[i]->s.jt = NULL; /*later*/ in gen_protochain()
5890 s[i]->s.jf = NULL; /*update in next stmt*/ in gen_protochain()
5891 s[i]->s.k = IPPROTO_HOPOPTS; in gen_protochain()
5892 s[fix2]->s.jf = s[i]; in gen_protochain()
5895 s[i - 1]->s.jf = s[i] = new_stmt(cstate, BPF_JMP|BPF_JEQ|BPF_K); in gen_protochain()
5896 s[i]->s.jt = NULL; /*later*/ in gen_protochain()
5897 s[i]->s.jf = NULL; /*update in next stmt*/ in gen_protochain()
5898 s[i]->s.k = IPPROTO_DSTOPTS; in gen_protochain()
5901 s[i - 1]->s.jf = s[i] = new_stmt(cstate, BPF_JMP|BPF_JEQ|BPF_K); in gen_protochain()
5902 s[i]->s.jt = NULL; /*later*/ in gen_protochain()
5903 s[i]->s.jf = NULL; /*update in next stmt*/ in gen_protochain()
5904 s[i]->s.k = IPPROTO_ROUTING; in gen_protochain()
5907 s[i - 1]->s.jf = s[i] = new_stmt(cstate, BPF_JMP|BPF_JEQ|BPF_K); in gen_protochain()
5908 s[i]->s.jt = NULL; /*later*/ in gen_protochain()
5909 s[i]->s.jf = NULL; /*later*/ in gen_protochain()
5910 s[i]->s.k = IPPROTO_FRAGMENT; in gen_protochain()
5925 s[i]->s.k = cstate->off_linkpl.constant_part + cstate->off_nl; in gen_protochain()
5929 s[i]->s.k = reg2; in gen_protochain()
5933 s[i]->s.k = cstate->off_linkpl.constant_part + cstate->off_nl + 1; in gen_protochain()
5937 s[i]->s.k = 1; in gen_protochain()
5941 s[i]->s.k = 8; in gen_protochain()
5945 s[i]->s.k = 0; in gen_protochain()
5952 s[i]->s.k = reg2; in gen_protochain()
5957 s[i]->s.k = again - i - 1; in gen_protochain()
5958 s[i - 1]->s.jf = s[i]; in gen_protochain()
5963 s[j]->s.jt = s[v6advance]; in gen_protochain()
5967 s[i]->s.k = 0; in gen_protochain()
5968 s[fix2]->s.jf = s[i]; in gen_protochain()
5976 s[i]->s.jt = NULL; /*later*/ in gen_protochain()
5977 s[i]->s.jf = NULL; /*later*/ in gen_protochain()
5978 s[i]->s.k = IPPROTO_AH; in gen_protochain()
5980 s[fix3]->s.jf = s[ahcheck]; in gen_protochain()
5990 s[i - 1]->s.jt = s[i] = new_stmt(cstate, BPF_MISC|BPF_TXA); in gen_protochain()
5994 s[i]->s.k = cstate->off_linkpl.constant_part + cstate->off_nl; in gen_protochain()
5998 s[i]->s.k = reg2; in gen_protochain()
6001 s[i - 1]->s.jt = s[i] = new_stmt(cstate, BPF_MISC|BPF_TXA); in gen_protochain()
6005 s[i]->s.k = 1; in gen_protochain()
6012 s[i]->s.k = cstate->off_linkpl.constant_part + cstate->off_nl; in gen_protochain()
6016 s[i]->s.k = 2; in gen_protochain()
6020 s[i]->s.k = 4; in gen_protochain()
6027 s[i]->s.k = reg2; in gen_protochain()
6032 s[i]->s.k = again - i - 1; in gen_protochain()
6038 s[i]->s.k = 0; in gen_protochain()
6039 s[fix2]->s.jt = s[end]; in gen_protochain()
6040 s[fix4]->s.jf = s[end]; in gen_protochain()
6041 s[fix5]->s.jt = s[end]; in gen_protochain()
6048 for (i = 0; i < max - 1; i++) in gen_protochain()
6049 s[i]->next = s[i + 1]; in gen_protochain()
6050 s[max - 1]->next = NULL; in gen_protochain()
6056 b->stmts = s[1]; /*remember, s[0] is dummy*/ in gen_protochain()
6057 b->s.k = v; in gen_protochain()
6078 b0->s.k = 0x08; in gen_check_802_11_data_frame()
6079 b0->stmts = s; in gen_check_802_11_data_frame()
6083 b1->s.k = 0x04; in gen_check_802_11_data_frame()
6084 b1->stmts = s; in gen_check_802_11_data_frame()
6124 * For IEEE 802 networks - which includes 802.5 token ring in gen_proto()
6125 * (which is what DLT_IEEE802 means) and 802.11 - RFC 1042 in gen_proto()
6129 * For LLC-encapsulated ATM/"Classical IP", RFC 1483 and in gen_proto()
6145 switch (cstate->linktype) { in gen_proto()
6161 * XXX - assumes a 2-byte Frame Relay header with in gen_proto()
6164 * XXX - what about SNAP-encapsulated frames? in gen_proto()
6172 * Cisco uses an Ethertype lookalike - for OSI, in gen_proto()
6176 /* OSI in C-HDLC is stuffed with a fudge byte */ in gen_proto()
6191 * 4 is the offset of the PDU type relative to the IS-IS in gen_proto()
6351 switch (cstate->linktype) { in gen_scode()
6408 …bpf_error(cstate, "only ethernet/FDDI/token ring/802.11/ATM LANE/Fibre Channel supports link-level… in gen_scode()
6432 cstate->ai = res; in gen_scode()
6438 if (cstate->off_linktype.constant_part == OFFSET_NOT_SET && in gen_scode()
6445 for (res = res0; res; res = res->ai_next) { in gen_scode()
6446 switch (res->ai_family) { in gen_scode()
6454 res->ai_addr; in gen_scode()
6455 tmp = gen_host(cstate, ntohl(sin4->sin_addr.s_addr), in gen_scode()
6464 res->ai_addr; in gen_scode()
6465 tmp = gen_host6(cstate, &sin6->sin6_addr, in gen_scode()
6476 cstate->ai = NULL; in gen_scode()
6583 cstate->ai = res; in gen_scode()
6587 cstate->ai = NULL; in gen_scode()
6627 n <<= 32 - nlen; in gen_mcode()
6632 m <<= 32 - mlen; in gen_mcode()
6634 bpf_error(cstate, "non-network bits set in \"%s mask %s\"", in gen_mcode()
6647 m = 0xffffffff << (32 - masklen); in gen_mcode()
6649 bpf_error(cstate, "non-network bits set in \"%s/%d\"", in gen_mcode()
6701 v <<= 32 - vlen; in gen_ncode()
6702 mask <<= 32 - vlen ; in gen_ncode()
6789 cstate->ai = res; in gen_mcode6()
6790 if (res->ai_next) in gen_mcode6()
6792 addr = &((struct sockaddr_in6 *)res->ai_addr)->sin6_addr; in gen_mcode6()
6800 (0xff << (8 - masklen % 8)) & 0xff; in gen_mcode6()
6807 bpf_error(cstate, "non-network bits set in \"%s/%d\"", s1, masklen); in gen_mcode6()
6820 cstate->ai = NULL; in gen_mcode6()
6837 switch (cstate->linktype) { in gen_ecode()
6863 bpf_error(cstate, "ethernet address used in non-ether expression"); in gen_ecode()
6874 while (s0->next) in sappend()
6875 s0 = s0->next; in sappend()
6876 s0->next = s1; in sappend()
6885 s->s.k = a->regno; in xfer_to_x()
6895 s->s.k = a->regno; in xfer_to_a()
6913 free_reg(cstate, inst->regno); in gen_load()
6941 if (cstate->linktype != DLT_IEEE802_11_RADIO_AVS && in gen_load()
6942 cstate->linktype != DLT_IEEE802_11_RADIO && in gen_load()
6943 cstate->linktype != DLT_PRISM_HEADER) in gen_load()
6957 sappend(inst->s, s); in gen_load()
6963 * the link-layer header. in gen_load()
6965 * XXX - what about ATM LANE? Should the index be in gen_load()
6972 s = gen_abs_offset_varpart(cstate, &cstate->off_linkhdr); in gen_load()
6975 * If "s" is non-null, it has code to arrange that the in gen_load()
6977 * the link-layer header. Add to it the offset computed in gen_load()
6994 * variable-length; that header length is what we put in gen_load()
6998 tmp->s.k = cstate->off_linkhdr.constant_part; in gen_load()
7000 sappend(inst->s, s); in gen_load()
7015 * the network-layer header. in gen_load()
7016 * XXX - are there any cases where we want in gen_load()
7017 * cstate->off_nl_nosnap? in gen_load()
7019 s = gen_abs_offset_varpart(cstate, &cstate->off_linkpl); in gen_load()
7022 * If "s" is non-null, it has code to arrange that the in gen_load()
7024 * of the link-layer payload. Add to it the offset in gen_load()
7040 * layer header from the beginning of the link-layer in gen_load()
7042 * start of the link-layer payload. in gen_load()
7045 tmp->s.k = cstate->off_linkpl.constant_part + cstate->off_nl; in gen_load()
7047 sappend(inst->s, s); in gen_load()
7054 if (inst->b) in gen_load()
7055 gen_and(inst->b, b); in gen_load()
7056 inst->b = b; in gen_load()
7070 * the transport-layer header. in gen_load()
7072 * Load the X register with the length of the IPv4 header in gen_load()
7073 * (plus the offset of the link-layer header, if it's in gen_load()
7074 * a variable-length header), in bytes. in gen_load()
7076 * XXX - are there any cases where we want in gen_load()
7077 * cstate->off_nl_nosnap? in gen_load()
7078 * XXX - we should, if we're built with in gen_load()
7080 * IPv4, IPv6, or both, as appropriate. in gen_load()
7086 * part of the offset of the link-layer payload and the in gen_load()
7087 * length of the network-layer header. in gen_load()
7094 * the offset of the link-layer payload and the offset, in gen_load()
7095 * relative to the beginning of the link-layer payload, in gen_load()
7096 * of the network-layer header. in gen_load()
7102 tmp->s.k = cstate->off_linkpl.constant_part + cstate->off_nl; in gen_load()
7103 sappend(inst->s, s); in gen_load()
7107 * the protocol in question - which is true only in gen_load()
7112 if (inst->b) in gen_load()
7113 gen_and(inst->b, b); in gen_load()
7115 inst->b = b; in gen_load()
7123 if (inst->b) { in gen_load()
7124 gen_and(inst->b, b); in gen_load()
7126 inst->b = b; in gen_load()
7132 if (inst->b) { in gen_load()
7133 gen_and(inst->b, b); in gen_load()
7135 inst->b = b; in gen_load()
7138 s = gen_abs_offset_varpart(cstate, &cstate->off_linkpl); in gen_load()
7140 * If "s" is non-null, it has code to arrange that the in gen_load()
7142 * of the link-layer payload. Add to it the offset in gen_load()
7159 * layer header from the beginning of the link-layer in gen_load()
7161 * start of the link-layer payload. in gen_load()
7164 tmp->s.k = cstate->off_linkpl.constant_part + cstate->off_nl + 40; in gen_load()
7167 sappend(inst->s, s); in gen_load()
7171 inst->regno = regno; in gen_load()
7173 s->s.k = regno; in gen_load()
7174 sappend(inst->s, s); in gen_load()
7199 sappend(a1->s, s0); in gen_relation()
7200 sappend(a0->s, a1->s); in gen_relation()
7202 b->stmts = a0->s; in gen_relation()
7204 free_reg(cstate, a0->regno); in gen_relation()
7205 free_reg(cstate, a1->regno); in gen_relation()
7208 if (a0->b) { in gen_relation()
7209 if (a1->b) { in gen_relation()
7210 gen_and(a0->b, tmp = a1->b); in gen_relation()
7213 tmp = a0->b; in gen_relation()
7215 tmp = a1->b; in gen_relation()
7231 s->next = new_stmt(cstate, BPF_ST); in gen_loadlen()
7232 s->next->s.k = regno; in gen_loadlen()
7233 a->s = s; in gen_loadlen()
7234 a->regno = regno; in gen_loadlen()
7251 s->s.k = val; in gen_loadi()
7252 s->next = new_stmt(cstate, BPF_ST); in gen_loadi()
7253 s->next->s.k = reg; in gen_loadi()
7254 a->s = s; in gen_loadi()
7255 a->regno = reg; in gen_loadi()
7266 sappend(a->s, s); in gen_neg()
7268 s->s.k = 0; in gen_neg()
7269 sappend(a->s, s); in gen_neg()
7271 s->s.k = a->regno; in gen_neg()
7272 sappend(a->s, s); in gen_neg()
7288 if (a1->s->s.code == (BPF_LD|BPF_IMM) && a1->s->s.k == 0) in gen_arth()
7291 if (a1->s->s.code == (BPF_LD|BPF_IMM) && a1->s->s.k == 0) in gen_arth()
7300 sappend(a1->s, s0); in gen_arth()
7301 sappend(a0->s, a1->s); in gen_arth()
7303 free_reg(cstate, a0->regno); in gen_arth()
7304 free_reg(cstate, a1->regno); in gen_arth()
7307 a0->regno = s0->s.k = alloc_reg(cstate); in gen_arth()
7308 sappend(a0->s, s0); in gen_arth()
7319 cstate->curreg = 0; in init_regs()
7320 memset(cstate->regused, 0, sizeof cstate->regused); in init_regs()
7331 while (--n >= 0) { in alloc_reg()
7332 if (cstate->regused[cstate->curreg]) in alloc_reg()
7333 cstate->curreg = (cstate->curreg + 1) % BPF_MEMWORDS; in alloc_reg()
7335 cstate->regused[cstate->curreg] = 1; in alloc_reg()
7336 return cstate->curreg; in alloc_reg()
7350 cstate->regused[n] = 0; in free_reg()
7361 b->stmts = s; in gen_len()
7362 b->s.k = n; in gen_len()
7389 * the beginning of the link-layer header.
7390 * XXX - that means you can't test values in the radiotap header, but
7426 s->s.k = val; in gen_byteop()
7428 b->stmts = s; in gen_byteop()
7447 switch (cstate->linktype) { in gen_broadcast()
7482 if (cstate->netmask == PCAP_NETMASK_UNKNOWN) in gen_broadcast()
7485 hostmask = ~cstate->netmask; in gen_broadcast()
7493 bpf_error(cstate, "only link-layer/IP broadcast filters supported"); in gen_broadcast()
7498 * Generate code to test the low-order bit of a MAC address (that's
7510 b0->s.k = 1; in gen_mac_multicast()
7511 b0->stmts = s; in gen_mac_multicast()
7525 switch (cstate->linktype) { in gen_multicast()
7543 * XXX - was that referring to bit-order issues? in gen_multicast()
7578 b1->s.k = 0x01; /* To DS */ in gen_multicast()
7579 b1->stmts = s; in gen_multicast()
7593 b2->s.k = 0x01; /* To DS */ in gen_multicast()
7594 b2->stmts = s; in gen_multicast()
7615 b1->s.k = 0x08; in gen_multicast()
7616 b1->stmts = s; in gen_multicast()
7624 * If the high-order bit of the type value is 0, this in gen_multicast()
7630 b2->s.k = 0x08; in gen_multicast()
7631 b2->stmts = s; in gen_multicast()
7648 * If the low-order bit of the type value is 1, in gen_multicast()
7657 b1->s.k = 0x04; in gen_multicast()
7658 b1->stmts = s; in gen_multicast()
7688 …bpf_error(cstate, "link-layer multicast filters supported only on ethernet/FDDI/token ring/ARCNET/… in gen_multicast()
7696 * unicast or multicast link-layer address we are not subscribing to).
7699 * better accomplished using a higher-layer filter.
7709 switch (cstate->linktype) { in gen_inbound()
7777 * the byte after the 3-byte magic number */ in gen_inbound()
7789 * If we have packet meta-data indicating a direction, in gen_inbound()
7791 * it. Otherwise, give up, as this link-layer type has in gen_inbound()
7795 * check that metadata is Linux with the in-kernel in gen_inbound()
7807 * special meta-data in the filter expression; in gen_inbound()
7810 if (cstate->bpf_pcap->rfile != NULL) { in gen_inbound()
7813 cstate->linktype); in gen_inbound()
7826 cstate->linktype); in gen_inbound()
7841 if (cstate->linktype != DLT_PFLOG) { in gen_pf_ifname()
7845 len = sizeof(((struct pfloghdr *)0)->ifname); in gen_pf_ifname()
7849 len-1); in gen_pf_ifname()
7862 if (cstate->linktype != DLT_PFLOG) { in gen_pf_ruleset()
7867 if (strlen(ruleset) >= sizeof(((struct pfloghdr *)0)->ruleset)) { in gen_pf_ruleset()
7869 (long)(sizeof(((struct pfloghdr *)0)->ruleset) - 1)); in gen_pf_ruleset()
7884 if (cstate->linktype != DLT_PFLOG) { in gen_pf_rnr()
7894 /* PF firewall log sub-rule number */
7900 if (cstate->linktype != DLT_PFLOG) { in gen_pf_srnr()
7916 if (cstate->linktype != DLT_PFLOG) { in gen_pf_reason()
7932 if (cstate->linktype != DLT_PFLOG) { in gen_pf_action()
7991 switch (cstate->linktype) { in gen_p80211_type()
8002 bpf_error(cstate, "802.11 link-layer types supported only on 802.11"); in gen_p80211_type()
8014 switch (cstate->linktype) { in gen_p80211_fcdir()
8036 switch (cstate->linktype) { in gen_acode()
8044 bpf_error(cstate, "ARCnet address used in non-arc expression"); in gen_acode()
8148 cstate->off_linkpl.constant_part += 4; in gen_vlan_no_bpf_extensions()
8149 cstate->off_linktype.constant_part += 4; in gen_vlan_no_bpf_extensions()
8161 if (!off->is_variable) in gen_vlan_vloffset_add()
8162 off->is_variable = 1; in gen_vlan_vloffset_add()
8163 if (off->reg == -1) in gen_vlan_vloffset_add()
8164 off->reg = alloc_reg(cstate); in gen_vlan_vloffset_add()
8167 s2->s.k = off->reg; in gen_vlan_vloffset_add()
8170 s2->s.k = v; in gen_vlan_vloffset_add()
8173 s2->s.k = off->reg; in gen_vlan_vloffset_add()
8188 cstate->is_vlan_vloffset = 1; in gen_vlan_patch_tpid_test()
8189 gen_vlan_vloffset_add(cstate, &cstate->off_linkpl, 4, &s); in gen_vlan_patch_tpid_test()
8190 gen_vlan_vloffset_add(cstate, &cstate->off_linktype, 4, &s); in gen_vlan_patch_tpid_test()
8192 /* we get a pointer to a chain of or-ed blocks, patch first of them */ in gen_vlan_patch_tpid_test()
8193 sappend(s.next, b_tpid->head->stmts); in gen_vlan_patch_tpid_test()
8194 b_tpid->head->stmts = s.next; in gen_vlan_patch_tpid_test()
8208 s->s.k = SKF_AD_OFF + SKF_AD_VLAN_TAG_PRESENT; in gen_vlan_patch_vid_test()
8210 /* true -> next instructions, false -> beginning of b_vid */ in gen_vlan_patch_vid_test()
8212 sjeq->s.k = 1; in gen_vlan_patch_vid_test()
8213 sjeq->s.jf = b_vid->stmts; in gen_vlan_patch_vid_test()
8217 s2->s.k = SKF_AD_OFF + SKF_AD_VLAN_TAG; in gen_vlan_patch_vid_test()
8219 sjeq->s.jt = s2; in gen_vlan_patch_vid_test()
8223 for (s2 = b_vid->stmts; s2; s2 = s2->next) in gen_vlan_patch_vid_test()
8226 s2->s.k = cnt; in gen_vlan_patch_vid_test()
8230 sappend(s, b_vid->stmts); in gen_vlan_patch_vid_test()
8231 b_vid->stmts = s; in gen_vlan_patch_vid_test()
8251 s->s.k = SKF_AD_OFF + SKF_AD_VLAN_TAG_PRESENT; in gen_vlan_bpf_extensions()
8254 b0->stmts = s; in gen_vlan_bpf_extensions()
8255 b0->s.k = 1; in gen_vlan_bpf_extensions()
8293 /* can't check for VLAN-encapsulated packets inside MPLS */ in gen_vlan()
8294 if (cstate->label_stack_depth > 0) in gen_vlan()
8304 * XXX - this is a bit of a kludge. If we were to split the in gen_vlan()
8318 * both for VLAN-encapsulated IP and IP-over-Ethernet, rather than in gen_vlan()
8319 * checking only for VLAN-encapsulated IP, so that could still in gen_vlan()
8328 switch (cstate->linktype) { in gen_vlan()
8336 if (cstate->vlan_stack_depth == 0 && !cstate->off_linkhdr.is_variable && in gen_vlan()
8337 cstate->off_linkhdr.constant_part == in gen_vlan()
8338 cstate->off_outermostlinkhdr.constant_part) { in gen_vlan()
8342 if (cstate->bpf_pcap->bpf_codegen_flags & BPF_SPECIAL_VLAN_HANDLING) in gen_vlan()
8360 cstate->linktype); in gen_vlan()
8364 cstate->vlan_stack_depth++; in gen_vlan()
8377 if (cstate->label_stack_depth > 0) { in gen_mpls()
8378 /* just match the bottom-of-stack bit clear */ in gen_mpls()
8382 * We're not in an MPLS stack yet, so check the link-layer in gen_mpls()
8385 switch (cstate->linktype) { in gen_mpls()
8399 * for Frame-Relay/and ATM this may get messy due to SNAP headers in gen_mpls()
8404 cstate->linktype); in gen_mpls()
8427 * we're checking MPLS-encapsulated headers, to make sure higher in gen_mpls()
8428 * level code generators don't try to match against IP-related in gen_mpls()
8431 * XXX - this is a bit of a kludge. See comments in gen_vlan(). in gen_mpls()
8433 cstate->off_nl_nosnap += 4; in gen_mpls()
8434 cstate->off_nl += 4; in gen_mpls()
8435 cstate->label_stack_depth++; in gen_mpls()
8455 * Test against the PPPoE session link-layer type. in gen_pppoes()
8472 * XXX - this is a bit of a kludge. If we were to split the in gen_pppoes()
8486 * both for VLAN-encapsulated IP and IP-over-Ethernet, rather than in gen_pppoes()
8487 * checking only for VLAN-encapsulated IP, so that could still in gen_pppoes()
8496 * The "network-layer" protocol is PPPoE, which has a 6-byte in gen_pppoes()
8500 * encapsulated in PPPoES instead), so the link-layer type in gen_pppoes()
8503 * link-layer payload, including any 802.2 LLC header, so in gen_pppoes()
8504 * it's 6 bytes past cstate->off_nl. in gen_pppoes()
8506 PUSH_LINKHDR(cstate, DLT_PPP, cstate->off_linkpl.is_variable, in gen_pppoes()
8507 cstate->off_linkpl.constant_part + cstate->off_nl + 6, /* 6 bytes past the PPPoE header */ in gen_pppoes()
8508 cstate->off_linkpl.reg); in gen_pppoes()
8510 cstate->off_linktype = cstate->off_linkhdr; in gen_pppoes()
8511 cstate->off_linkpl.constant_part = cstate->off_linkhdr.constant_part + 2; in gen_pppoes()
8513 cstate->off_nl = 0; in gen_pppoes()
8514 cstate->off_nl_nosnap = 0; /* no 802.2 LLC */ in gen_pppoes()
8520 * specified. Parameterized to handle both IPv4 and IPv6. */
8548 /* The IPv4 and IPv6 Geneve checks need to do two things:
8549 * - Verify that this actually is Geneve with the right VNI.
8550 * - Place the IP header length (plus variable link prefix if
8571 b1->stmts = s; in gen_geneve4()
8572 b1->s.k = 0; in gen_geneve4()
8589 s = gen_abs_offset_varpart(cstate, &cstate->off_linkpl); in gen_geneve6()
8592 s1->s.k = 40; in gen_geneve6()
8596 s1->s.k = 0; in gen_geneve6()
8600 s->s.k = 40; in gen_geneve6()
8610 b1->stmts = s; in gen_geneve6()
8611 b1->s.k = 0; in gen_geneve6()
8619 * - The offset of the linktype.
8620 * - The offset of the end of the Geneve header.
8621 * - The offset of the end of the encapsulated MAC header. */
8633 s->s.k = cstate->off_linkpl.constant_part + cstate->off_nl + 8; in gen_geneve_offsets()
8642 s1->s.k = 2; in gen_geneve_offsets()
8645 cstate->off_linktype.reg = alloc_reg(cstate); in gen_geneve_offsets()
8646 cstate->off_linktype.is_variable = 1; in gen_geneve_offsets()
8647 cstate->off_linktype.constant_part = 0; in gen_geneve_offsets()
8650 s1->s.k = cstate->off_linktype.reg; in gen_geneve_offsets()
8657 s1->s.k = 0; in gen_geneve_offsets()
8661 s1->s.k = 0x3f; in gen_geneve_offsets()
8665 s1->s.k = 4; in gen_geneve_offsets()
8670 s1->s.k = 8; in gen_geneve_offsets()
8675 s1->s.k = 0; in gen_geneve_offsets()
8681 * - The linktype field is always in EtherType format regardless in gen_geneve_offsets()
8683 * - The only link layer that we have specific support for is in gen_geneve_offsets()
8689 s1->s.k = cstate->off_linkhdr.reg; in gen_geneve_offsets()
8698 cstate->no_optimize = 1; in gen_geneve_offsets()
8702 s1->s.k = 2; in gen_geneve_offsets()
8707 s1->s.k = cstate->off_linkhdr.reg; in gen_geneve_offsets()
8712 * the non-Ethernet case, it's already there. */ in gen_geneve_offsets()
8714 s_proto->s.k = ETHERTYPE_TEB; in gen_geneve_offsets()
8719 s_proto->s.jt = s1; in gen_geneve_offsets()
8724 s1->s.k = 12; in gen_geneve_offsets()
8728 s1->s.k = cstate->off_linktype.reg; in gen_geneve_offsets()
8734 s1->s.k = 2; in gen_geneve_offsets()
8742 cstate->off_linkpl.reg = alloc_reg(cstate); in gen_geneve_offsets()
8743 cstate->off_linkpl.is_variable = 1; in gen_geneve_offsets()
8744 cstate->off_linkpl.constant_part = 0; in gen_geneve_offsets()
8747 s1->s.k = cstate->off_linkpl.reg; in gen_geneve_offsets()
8749 s_proto->s.jf = s1; in gen_geneve_offsets()
8751 cstate->off_nl = 0; in gen_geneve_offsets()
8775 sappend(s, b1->stmts); in gen_geneve()
8776 b1->stmts = s; in gen_geneve()
8780 cstate->is_geneve = 1; in gen_geneve()
8800 s->s.k = cstate->off_linkhdr.reg; in gen_geneve_ll_check()
8803 s1->s.k = cstate->off_linkpl.reg; in gen_geneve_ll_check()
8807 b0->stmts = s; in gen_geneve_ll_check()
8808 b0->s.k = 0; in gen_geneve_ll_check()
8823 if (!cstate->is_atm) in gen_atmfield_code()
8825 if (cstate->off_vpi == OFFSET_NOT_SET) in gen_atmfield_code()
8827 b0 = gen_ncmp(cstate, OR_LINKHDR, cstate->off_vpi, BPF_B, 0xffffffff, jtype, in gen_atmfield_code()
8832 if (!cstate->is_atm) in gen_atmfield_code()
8834 if (cstate->off_vci == OFFSET_NOT_SET) in gen_atmfield_code()
8836 b0 = gen_ncmp(cstate, OR_LINKHDR, cstate->off_vci, BPF_H, 0xffffffff, jtype, in gen_atmfield_code()
8841 if (cstate->off_proto == OFFSET_NOT_SET) in gen_atmfield_code()
8842 abort(); /* XXX - this isn't on FreeBSD */ in gen_atmfield_code()
8843 b0 = gen_ncmp(cstate, OR_LINKHDR, cstate->off_proto, BPF_B, 0x0f, jtype, in gen_atmfield_code()
8848 if (cstate->off_payload == OFFSET_NOT_SET) in gen_atmfield_code()
8850 b0 = gen_ncmp(cstate, OR_LINKHDR, cstate->off_payload + MSG_TYPE_POS, BPF_B, in gen_atmfield_code()
8855 if (!cstate->is_atm) in gen_atmfield_code()
8857 if (cstate->off_proto == OFFSET_NOT_SET) in gen_atmfield_code()
8859 b0 = gen_ncmp(cstate, OR_LINKHDR, cstate->off_proto, BPF_B, 0xffffffff, in gen_atmfield_code()
8878 if (!cstate->is_atm) in gen_atmtype_abbrev()
8887 if (!cstate->is_atm) in gen_atmtype_abbrev()
8896 if (!cstate->is_atm) in gen_atmtype_abbrev()
8904 /* Get all cells in End-to-End OAM F4 Circuit*/ in gen_atmtype_abbrev()
8905 if (!cstate->is_atm) in gen_atmtype_abbrev()
8914 if (!cstate->is_atm) in gen_atmtype_abbrev()
8923 if (!cstate->is_atm) in gen_atmtype_abbrev()
8932 if (!cstate->is_atm) in gen_atmtype_abbrev()
8938 * rather than LLC-encapsulated packets, and set in gen_atmtype_abbrev()
8939 * the offsets appropriately for LANE-encapsulated in gen_atmtype_abbrev()
8945 cstate->off_payload + 2, /* Ethernet header */ in gen_atmtype_abbrev()
8946 -1); in gen_atmtype_abbrev()
8947 cstate->off_linktype.constant_part = cstate->off_linkhdr.constant_part + 12; in gen_atmtype_abbrev()
8948 cstate->off_linkpl.constant_part = cstate->off_linkhdr.constant_part + 14; /* Ethernet */ in gen_atmtype_abbrev()
8949 cstate->off_nl = 0; /* Ethernet II */ in gen_atmtype_abbrev()
8950 cstate->off_nl_nosnap = 3; /* 802.3+802.2 */ in gen_atmtype_abbrev()
8954 /* Get all LLC-encapsulated packets */ in gen_atmtype_abbrev()
8955 if (!cstate->is_atm) in gen_atmtype_abbrev()
8958 cstate->linktype = cstate->prevlinktype; in gen_atmtype_abbrev()
8982 if ( (cstate->linktype != DLT_MTP2) && in gen_mtp2type_abbrev()
8983 (cstate->linktype != DLT_ERF) && in gen_mtp2type_abbrev()
8984 (cstate->linktype != DLT_MTP2_WITH_PHDR) ) in gen_mtp2type_abbrev()
8987 b0 = gen_ncmp(cstate, OR_PACKET, cstate->off_li, BPF_B, 0x3f, BPF_JEQ, 0, 0); in gen_mtp2type_abbrev()
8991 if ( (cstate->linktype != DLT_MTP2) && in gen_mtp2type_abbrev()
8992 (cstate->linktype != DLT_ERF) && in gen_mtp2type_abbrev()
8993 (cstate->linktype != DLT_MTP2_WITH_PHDR) ) in gen_mtp2type_abbrev()
8995 b0 = gen_ncmp(cstate, OR_PACKET, cstate->off_li, BPF_B, 0x3f, BPF_JGT, 1, 2); in gen_mtp2type_abbrev()
8996 b1 = gen_ncmp(cstate, OR_PACKET, cstate->off_li, BPF_B, 0x3f, BPF_JGT, 0, 0); in gen_mtp2type_abbrev()
9001 if ( (cstate->linktype != DLT_MTP2) && in gen_mtp2type_abbrev()
9002 (cstate->linktype != DLT_ERF) && in gen_mtp2type_abbrev()
9003 (cstate->linktype != DLT_MTP2_WITH_PHDR) ) in gen_mtp2type_abbrev()
9005 b0 = gen_ncmp(cstate, OR_PACKET, cstate->off_li, BPF_B, 0x3f, BPF_JGT, 0, 2); in gen_mtp2type_abbrev()
9009 if ( (cstate->linktype != DLT_MTP2) && in gen_mtp2type_abbrev()
9010 (cstate->linktype != DLT_ERF) && in gen_mtp2type_abbrev()
9011 (cstate->linktype != DLT_MTP2_WITH_PHDR) ) in gen_mtp2type_abbrev()
9014 b0 = gen_ncmp(cstate, OR_PACKET, cstate->off_li_hsl, BPF_H, 0xff80, BPF_JEQ, 0, 0); in gen_mtp2type_abbrev()
9018 if ( (cstate->linktype != DLT_MTP2) && in gen_mtp2type_abbrev()
9019 (cstate->linktype != DLT_ERF) && in gen_mtp2type_abbrev()
9020 (cstate->linktype != DLT_MTP2_WITH_PHDR) ) in gen_mtp2type_abbrev()
9022 b0 = gen_ncmp(cstate, OR_PACKET, cstate->off_li_hsl, BPF_H, 0xff80, BPF_JGT, 1, 0x0100); in gen_mtp2type_abbrev()
9023 b1 = gen_ncmp(cstate, OR_PACKET, cstate->off_li_hsl, BPF_H, 0xff80, BPF_JGT, 0, 0); in gen_mtp2type_abbrev()
9028 if ( (cstate->linktype != DLT_MTP2) && in gen_mtp2type_abbrev()
9029 (cstate->linktype != DLT_ERF) && in gen_mtp2type_abbrev()
9030 (cstate->linktype != DLT_MTP2_WITH_PHDR) ) in gen_mtp2type_abbrev()
9032 b0 = gen_ncmp(cstate, OR_PACKET, cstate->off_li_hsl, BPF_H, 0xff80, BPF_JGT, 0, 0x0100); in gen_mtp2type_abbrev()
9047 u_int newoff_sio = cstate->off_sio; in gen_mtp3field_code()
9048 u_int newoff_opc = cstate->off_opc; in gen_mtp3field_code()
9049 u_int newoff_dpc = cstate->off_dpc; in gen_mtp3field_code()
9050 u_int newoff_sls = cstate->off_sls; in gen_mtp3field_code()
9059 if (cstate->off_sio == OFFSET_NOT_SET) in gen_mtp3field_code()
9072 if (cstate->off_opc == OFFSET_NOT_SET) in gen_mtp3field_code()
9096 if (cstate->off_dpc == OFFSET_NOT_SET) in gen_mtp3field_code()
9116 if (cstate->off_sls == OFFSET_NOT_SET) in gen_mtp3field_code()
9184 if (!cstate->is_atm) in gen_atmmulti_abbrev()
9190 if (!cstate->is_atm) in gen_atmmulti_abbrev()
9205 if (!cstate->is_atm) in gen_atmmulti_abbrev()
9223 if (!cstate->is_atm) in gen_atmmulti_abbrev()