search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
AUTHORS: drop e-mail addresses, update with latest contributors
[netsniff-ng-new.git] / bpfc.c
blob5dd84cf14e788c6ac5cec7d4bf972194e444a1f1
1 /*
2 * netsniff-ng - the packet sniffing beast
3 * Copyright 2011 Daniel Borkmann <dborkma@tik.ee.ethz.ch>,
4 * Swiss federal institute of technology (ETH Zurich)
5 * Subject to the GPL, version 2.
6 */
7
8 #include <stdio.h>
9 #include <stdlib.h>
10 #include <stdbool.h>
11 #include <getopt.h>
12 #include <ctype.h>
13 #include <unistd.h>
14 #include <sys/fsuid.h>
15
16 #include "xmalloc.h"
17 #include "die.h"
18 #include "bpf.h"
19 #include "config.h"
20 #include "str.h"
21
22 static const char *short_options = "vhi:Vdbf:pD:";
23 static const struct option long_options[] = {
24 {"input", required_argument, NULL, 'i'},
25 {"format", required_argument, NULL, 'f'},
26 {"cpp", no_argument, NULL, 'p'},
27 {"define", required_argument, NULL, 'D'},
28 {"verbose", no_argument, NULL, 'V'},
29 {"bypass", no_argument, NULL, 'b'},
30 {"dump", no_argument, NULL, 'd'},
31 {"version", no_argument, NULL, 'v'},
32 {"help", no_argument, NULL, 'h'},
33 {NULL, 0, NULL, 0}
34 };
35
36 static const char *copyright =
37 "Please report bugs at https://github.com/netsniff-ng/netsniff-ng/issues\n"
38 "Copyright (C) 2011-2013 Daniel Borkmann <dborkma@tik.ee.ethz.ch>,\n"
39 "Swiss federal institute of technology (ETH Zurich)\n"
40 "License: GNU GPL version 2.0\n"
41 "This is free software: you are free to change and redistribute it.\n"
42 "There is NO WARRANTY, to the extent permitted by law.";
43
44 extern int compile_filter(char *file, bool verbose, int bypass, int format,
45 bool invoke_cpp, char **cpp_argv);
46
47 static void __noreturn help(void)
48 {
49 printf("bpfc %s, a tiny BPF compiler\n", VERSION_STRING);
50 puts("http://www.netsniff-ng.org\n\n"
51 "Usage: bpfc [options] || bpfc <program>\n"
52 "Options:\n"
53 " -i|--input <program/-> Berkeley Packet Filter file/stdin\n"
54 " -p|--cpp Run bpf program through C preprocessor\n"
55 " -D|--define Add macro/define for C preprocessor\n"
56 " -f|--format <format> Output format: C|netsniff-ng|xt_bpf|tcpdump\n"
57 " -b|--bypass Bypass filter validation (e.g. for bug testing)\n"
58 " -V|--verbose Be more verbose\n"
59 " -d|--dump Dump supported instruction table\n"
60 " -v|--version Print version and exit\n"
61 " -h|--help Print this help and exit\n\n"
62 "Examples:\n"
63 " bpfc fubar\n"
64 " bpfc fubar > foo (bpfc -f C -i fubar > foo) --> netsniff-ng -f foo ...\n"
65 " bpfc -f tcpdump -i fubar > foo --> tcpdump -ddd like ...\n"
66 " bpfc -f xt_bpf -b -p -i fubar\n"
67 " iptables -A INPUT -m bpf --bytecode \"`./bpfc -f xt_bpf -i fubar`\" -j LOG\n"
68 " bpfc - (read from stdin)\n"
69 "Note:\n"
70 " Generation of seccomp-BPF filters are fully supported as well.\n");
71 puts(copyright);
72 die();
73 }
74
75 static void __noreturn version(void)
76 {
77 printf("bpfc %s, Git id: %s\n", VERSION_LONG, GITVERSION);
78 puts("a tiny BPF compiler\n"
79 "http://www.netsniff-ng.org\n");
80 puts(copyright);
81 die();
82 }
83
84 int main(int argc, char **argv)
85 {
86 int ret, c, bypass = 0, format = 0;
87 bool verbose = false, invoke_cpp = false;
88 char **cpp_argv = NULL;
89 size_t cpp_argc = 0;
90 char *file = NULL;
91
92 setfsuid(getuid());
93 setfsgid(getgid());
94
95 if (argc == 1)
96 help();
97
98 while ((c = getopt_long(argc, argv, short_options, long_options,
99 NULL)) != EOF) {
100 switch (c) {
101 case 'h':
102 help();
103 break;
104 case 'v':
105 version();
106 break;
107 case 'V':
108 verbose = true;
109 break;
110 case 'p':
111 invoke_cpp = true;
112 break;
113 case 'D':
114 cpp_argv = argv_insert(cpp_argv, &cpp_argc, "-D");
115 cpp_argv = argv_insert(cpp_argv, &cpp_argc, optarg);
116 break;
117 case 'f':
118 if (!strncmp(optarg, "C", 1) ||
119 !strncmp(optarg, "netsniff-ng", 11))
120 format = 0;
121 else if (!strncmp(optarg, "tcpdump", 7))
122 format = 2;
123 else if (!strncmp(optarg, "xt_bpf", 6) ||
124 !strncmp(optarg, "tc", 2))
125 format = 1;
126 else
127 help();
128 break;
129 case 'b':
130 bypass = 1;
131 break;
132 case 'd':
133 bpf_dump_op_table();
134 die();
135 case 'i':
136 file = xstrdup(optarg);
137 break;
138 case '?':
139 switch (optopt) {
140 case 'i':
141 case 'f':
142 panic("Option -%c requires an argument!\n",
143 optopt);
144 default:
145 if (isprint(optopt))
146 printf("Unknown option character `0x%X\'!\n", optopt);
147 die();
148 }
149 default:
150 break;
151 }
152 }
153
154 if (argc == 2)
155 file = xstrdup(argv[1]);
156 if (!file)
157 panic("No Berkeley Packet Filter program specified!\n");
158
159 ret = compile_filter(file, verbose, bypass, format, invoke_cpp, cpp_argv);
160
161 argv_free(cpp_argv);
162 xfree(file);
163 return ret;
164 }
New netsniff-ng tree