Further thoughts on BPF and IPv6

[Darren Reed <darren.reed () oracle com>]

It occurs to me that BPF needs a similar "special" instruction to chase
down a particular header. At present, BPF filters will fail to match any
TCP packet that has any extension header present.  Thus a "chase" or
"find" instruction is needed.

An example of such an instruction might be:
ldxbf  [8],6

where starting with the contents at offset 8, look for a byte value that
matches "6". If [8] contains another value, start at the end of the IPv6
header and search extension headers for the value "6".

At the end, "x" contains the offset to the start of the protocol header
that matches the value "6".

Thoughts?

Darren

-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.