Return to BSD News archive
Xref: sserve comp.protocols.tcp-ip:26249 comp.os.386bsd.questions:7197 Path: sserve!newshost.anu.edu.au!munnari.oz.au!uniwa!harbinger.cc.monash.edu.au!yeshua.marcam.com!news.kei.com!eff!news.umbc.edu!europa.eng.gtefsd.com!howland.reston.ans.net!math.ohio-state.edu!news2.uunet.ca!fw.novatel.ca!sidney!hpeyerl From: hpeyerl@sidney (Herb Peyerl) Newsgroups: comp.protocols.tcp-ip,comp.os.386bsd.questions Subject: Re: bpf(4) examples, Where? Followup-To: comp.protocols.tcp-ip,comp.os.386bsd.questions Date: 30 Nov 1993 00:56:42 GMT Organization: NovAtel Communications Ltd. Lines: 19 Message-ID: <2de5oa$cbf@fw.novatel.ca> References: <2dbgmg$27f@gazpacho.wariat.org> <vandys.754534581@cisco.com> NNTP-Posting-Host: sidney.novatel.ca X-Newsreader: TIN [version 1.2 PL1] Andrew Valencia (vandys@cisco.com) wrote: : In <2dbgmg$27f@gazpacho.wariat.org> dima@wariat.org (Dimitry A. Sazonov) writes: : >I build FreeBSD kernel with bpf (Berkeley Packet Filter), and : >what should I do next to play with bpf? : I think tcpdump uses BPF. Have a look at its source. My FreeBSD system : isn't powered on right now, but it'll be over in /usr/src/*/tcpdump, most : likely. I don't have any examples anymore but I recall it took me about 20 minutes of creative experimenting to get something working with bpf. I used the man page and source for documentation. I recall it being pretty straight-forward and intuitive... I even found a bug in the manpage at the time (patched in NetBSD). -- hpeyerl@novatel.ca | NovAtel Commnications Ltd. hpeyerl@fsa.ca | <nothing I say matters anyway> <NetBSD: A drinking group with a serious computing problem!>