patch-2.1.75 linux/Documentation/networking/filter.txt
Next file: linux/Documentation/networking/ipddp.txt
Previous file: linux/Documentation/filesystems/vfat.txt
Back to the patch index
Back to the overall index
- Lines: 43
- Date:
Sun Dec 21 17:41:24 1997
- Orig file:
v2.1.74/linux/Documentation/networking/filter.txt
- Orig date:
Wed Dec 31 16:00:00 1969
diff -u --recursive --new-file v2.1.74/linux/Documentation/networking/filter.txt linux/Documentation/networking/filter.txt
@@ -0,0 +1,42 @@
+filter.txt: Linux Socket Filtering
+Written by: Jay Schulist <Jay.Schulist@spacs.k12.wi.us>
+
+Introduction
+============
+
+ Linux Socket Filtering is a deviation of the Berkely
+Packet Filter. There are some distinct differences between
+the BSD and Linux Kernel Filtering.
+
+Linux Socket Filtering (LSF) allows a user-space program to
+attach a filter onto any socket and allow or disallow certain
+types of data to come through the socket. LSF follows exactly
+the same filter code structure as the BSD Berkely Packet Filter
+(BPF), so refering to the BSD bpf.4 manpage is very helpful in
+creating filters.
+
+LSF is much simpler that BPF. One does not have to worry about
+devices or anything like that. You simply create your filter
+code, send it to the kernel via the SO_ATTACH_FILTER ioctl and
+if you filter code passes the kernel check on it, you then
+immediately begin filtering data on that socket.
+
+You can also detach filters from your socket via the
+SO_DETACH_FILTER ioctl. This will probably not be used much
+since when you close a socket that has a filter on it the
+filter is automagicly removed. The other less common case
+may be adding a differnt filter on the same socket you had another
+filter that is still running, the kernel takes care of removing
+the old one and placing your new one in its place, assumming your
+filter has passed the checks, otherwise if it fails the old filter
+will remain on that socket.
+
+Examples
+========
+
+Ioctls-
+setsockopt(sockfd, SOL_SOCKET, SO_ATTACH_FILTER, &Filter, sizeof(Filter));
+setsockopt(sockfd, SOL_SOCKET, SO_DETACH_FILTER, &value, sizeof(value));
+
+See the BSD bpf.4 manpage and the BSD Packet Filter paper written by
+Steven McCanne and Van Jacobson of Lawrence Berkely Laboratory.
FUNET's LINUX-ADM group, linux-adm@nic.funet.fi
TCL-scripts by Sam Shen, slshen@lbl.gov