[netgraph] ng_bpf filter large list of IP addresses
Eugene Grosbein
eugen at grosbein.net
Sun Apr 1 17:21:07 UTC 2018
01.04.2018 23:19, Reshad Patuck wrote:
> Yes I do remove the \" and replace it with just " in the file I use with the `ngctl -f` command.
>
> Here is the link to the file and everything that I am using to setup the BPF program.
>
> https://paste.ee/p/BHOoG
>
> It contains the following:
> - ngtl-command -> the ngctl command which runs correctly from a command line
> - ngctl-config -> the ngctl config file with the same filter
> - bpf.c -> a c file that takes netgraph node details a pcap-filter and converts it to a ngctl command
> - ngctl -> debug 5 in a ngctl shell for running the config file
Note that https://paste.ee/p/BHOoG#s=0&l=31 has garbage at the end of 31'st line.
I've just looked at ngctl's code and see I was wrong, it has some limitations:
total line length must be less than LINE_MAX (2048) and number of whitespace-separated
arguments in this line must be no more than 512.
More information about the freebsd-net
mailing list