*BSD News Article 24524


Return to BSD News archive

Xref: sserve comp.protocols.tcp-ip:26249 comp.os.386bsd.questions:7197
Path: sserve!newshost.anu.edu.au!munnari.oz.au!uniwa!harbinger.cc.monash.edu.au!yeshua.marcam.com!news.kei.com!eff!news.umbc.edu!europa.eng.gtefsd.com!howland.reston.ans.net!math.ohio-state.edu!news2.uunet.ca!fw.novatel.ca!sidney!hpeyerl
From: hpeyerl@sidney (Herb Peyerl)
Newsgroups: comp.protocols.tcp-ip,comp.os.386bsd.questions
Subject: Re: bpf(4) examples, Where?
Followup-To: comp.protocols.tcp-ip,comp.os.386bsd.questions
Date: 30 Nov 1993 00:56:42 GMT
Organization: NovAtel Communications Ltd.
Lines: 19
Message-ID: <2de5oa$cbf@fw.novatel.ca>
References: <2dbgmg$27f@gazpacho.wariat.org> <vandys.754534581@cisco.com>
NNTP-Posting-Host: sidney.novatel.ca
X-Newsreader: TIN [version 1.2 PL1]

Andrew Valencia (vandys@cisco.com) wrote:
: In <2dbgmg$27f@gazpacho.wariat.org> dima@wariat.org (Dimitry A. Sazonov) writes:
: >I build FreeBSD kernel with bpf (Berkeley Packet Filter), and
: >what should I do next to play with bpf?
: I think tcpdump uses BPF.  Have a look at its source.  My FreeBSD system
: isn't powered on right now, but it'll be over in /usr/src/*/tcpdump, most
: likely.

I don't have any examples anymore but I recall it took me about 20 minutes
of creative experimenting to get something working with bpf.  I used the
man page and source for documentation. 

I recall it being pretty straight-forward and intuitive... I even found
a bug in the manpage at the time (patched in NetBSD).

--
hpeyerl@novatel.ca                           |  NovAtel Commnications Ltd.
hpeyerl@fsa.ca                               | <nothing I say matters anyway>
       <NetBSD: A drinking group with a serious computing problem!>