Documentation / networking / filter.txt

Custom Search

Based on kernel version 3.9. Page generated on 2013-05-02 23:11 EST.

	filter.txt: Linux Socket Filtering
	Written by: Jay Schulist <jschlst@samba.org>
	
	Introduction
	============
	
		Linux Socket Filtering is derived from the Berkeley
	Packet Filter. There are some distinct differences between
	the BSD and Linux Kernel Filtering.
	
	Linux Socket Filtering (LSF) allows a user-space program to
	attach a filter onto any socket and allow or disallow certain
	types of data to come through the socket. LSF follows exactly
	the same filter code structure as the BSD Berkeley Packet Filter
	(BPF), so referring to the BSD bpf.4 manpage is very helpful in
	creating filters.
	
	LSF is much simpler than BPF. One does not have to worry about
	devices or anything like that. You simply create your filter
	code, send it to the kernel via the SO_ATTACH_FILTER option and
	if your filter code passes the kernel check on it, you then
	immediately begin filtering data on that socket.
	
	You can also detach filters from your socket via the
	SO_DETACH_FILTER option. This will probably not be used much
	since when you close a socket that has a filter on it the
	filter is automagically removed. The other less common case
	may be adding a different filter on the same socket where you had another
	filter that is still running: the kernel takes care of removing
	the old one and placing your new one in its place, assuming your
	filter has passed the checks, otherwise if it fails the old filter
	will remain on that socket.
	
	SO_LOCK_FILTER option allows to lock the filter attached to a
	socket. Once set, a filter cannot be removed or changed. This allows
	one process to setup a socket, attach a filter, lock it then drop
	privileges and be assured that the filter will be kept until the
	socket is closed.
	
	Examples
	========
	
	Ioctls-
	setsockopt(sockfd, SOL_SOCKET, SO_ATTACH_FILTER, &Filter, sizeof(Filter));
	setsockopt(sockfd, SOL_SOCKET, SO_DETACH_FILTER, &value, sizeof(value));
	setsockopt(sockfd, SOL_SOCKET, SO_LOCK_FILTER, &value, sizeof(value));
	
	See the BSD bpf.4 manpage and the BSD Packet Filter paper written by
	Steven McCanne and Van Jacobson of Lawrence Berkeley Laboratory.

• [ networking ]
• 00-INDEX
• 3c505.txt
• 3c509.txt
• 6pack.txt
• alias.txt
• arcnet-hardware.txt
• arcnet.txt
• atm.txt
• ax25.txt
• batman-adv.txt
• baycom.txt
• bonding.txt
• bridge.txt
• [ caif ]
• can.txt
• cops.txt
• cs89x0.txt
• cxacru-cf.py
• cxacru.txt
• cxgb.txt
• dccp.txt
• de4x5.txt
• decnet.txt
• dl2k.txt
• dm9000.txt
• dmfe.txt
• dns_resolver.txt
• driver.txt
• e100.txt
• e1000.txt
• e1000e.txt
• eql.txt
• fib_trie.txt
• filter.txt
• fore200e.txt
• framerelay.txt
• gen_stats.txt
• generic-hdlc.txt
• generic_netlink.txt
• gianfar.txt
• ieee802154.txt
• ifenslave.c
• igb.txt
• igbvf.txt
• ip-sysctl.txt
• ip_dynaddr.txt
• ipddp.txt
• iphase.txt
• ipv6.txt
• ipvs-sysctl.txt
• irda.txt
• ixgb.txt
• ixgbe.txt
• ixgbevf.txt
• l2tp.txt
• lapb-module.txt
• LICENSE.qla3xxx
• LICENSE.qlcnic
• LICENSE.qlge
• ltpc.txt
• mac80211-auth-assoc-deauth.txt
• mac80211-injection.txt
• [ mac80211_hwsim ]
• Makefile
• multiqueue.txt
• netconsole.txt
• netdev-features.txt
• netdevices.txt
• netif-msg.txt
• nf_conntrack-sysctl.txt
• nfc.txt
• openvswitch.txt
• operstates.txt
• packet_mmap.txt
• phonet.txt
• phy.txt
• pktgen.txt
• PLIP.txt
• policy-routing.txt
• ppp_generic.txt
• proc_net_tcp.txt
• radiotap-headers.txt
• ray_cs.txt
• rds.txt
• README.ipw2100
• README.ipw2200
• README.sb1000
• regulatory.txt
• rxrpc.txt
• s2io.txt
• scaling.txt
• sctp.txt
• secid.txt
• skfp.txt
• smc9.txt
• spider_net.txt
• stmmac.txt
• tc-actions-env-rules.txt
• tcp-thin.txt
• tcp.txt
• team.txt
• [ timestamping ]
• timestamping.txt
• tlan.txt
• tproxy.txt
• tuntap.txt
• udplite.txt
• vortex.txt
• vxge.txt
• vxlan.txt
• x25-iface.txt
• x25.txt
• xfrm_proc.txt
• xfrm_sync.txt
• xfrm_sysctl.txt
• z8530drv.txt
•