Skip to content

lsahn-gh/esbpf

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

12 Commits
resources/diagram
resources/diagram
 
 
tools
tools
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
es-core.c
es-core.c
 
 
es-core.h
es-core.h
 
 
es-ctrl.h
es-ctrl.h
 
 
es-proc.c
es-proc.c
 
 

Repository files navigation

               _______________________________
   ____   _____\______   \______   \_   _____/
 _/ __ \ /  ___/|    |  _/|     ___/|    __)
 \  ___/ \___ \ |    |   \|    |    |     \
  \___  >____  >|______  /|____|    \___  /
      \/     \/        \/               \/

esBPF

esBPF is a flexible, smallest packet filtering framework for ethernet drivers that uses cBPF virtual machine compatible with a set of BPF instructions tcpdump providing. The framework provides simple APIs to implement filtering feature at the driver layer.

Table of Contents

Architecture

diagram

API Overview

  • es-core.c/h: include core data structures, BPF interpreter, and APIs using in bottom-half handler.
  • es-proc.c: A procfs class giving APIs to users to attach a filter to drivers.
  • es-ctrl.h: A controller structure to keep handling core objects and locks for itself.

Generate Instructions

It's super easy, use tcpdump with an option -dd.

For instance, if you want to reject incoming ICMP packets,

tcpdump -dd -nn icmp

Please see tools/filter_icmp.c how to use the instructions in detail.

Who uses esBPF

  1. smsc95xx-esbpf - (Raspberry PI 3 B ethernet driver)

Contributing

Happy hacking!

License

Please see LICENSE file.

About

cBPF-based on-driver packet filtering framework

Topics

kernel packet filtering bpf

Resources

Readme

License

Apache-2.0 license
Activity

Stars

5 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages