1 // Copyright 2011 The Go Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style 3 // license that can be found in the LICENSE file. 4 5 // Linux socket filter 6 7 package syscall 8 9 import ( 10 "unsafe" 11 ) 12 13 func LsfStmt(code, k int) *SockFilter { 14 return &SockFilter{Code: uint16(code), K: uint32(k)} 15 } 16 17 func LsfJump(code, k, jt, jf int) *SockFilter { 18 return &SockFilter{Code: uint16(code), Jt: uint8(jt), Jf: uint8(jf), K: uint32(k)} 19 } 20 21 func LsfSocket(ifindex, proto int) (int, error) { 22 var lsall SockaddrLinklayer 23 s, e := Socket(AF_PACKET, SOCK_RAW, proto) 24 if e != nil { 25 return 0, e 26 } 27 p := (*[2]byte)(unsafe.Pointer(&lsall.Protocol)) 28 p[0] = byte(proto >> 8) 29 p[1] = byte(proto) 30 lsall.Ifindex = ifindex 31 e = Bind(s, &lsall) 32 if e != nil { 33 Close(s) 34 return 0, e 35 } 36 return s, nil 37 } 38 39 type iflags struct { 40 name [IFNAMSIZ]byte 41 flags uint16 42 } 43 44 func SetLsfPromisc(name string, m bool) error { 45 s, e := Socket(AF_INET, SOCK_DGRAM, 0) 46 if e != nil { 47 return e 48 } 49 defer Close(s) 50 var ifl iflags 51 copy(ifl.name[:], []byte(name)) 52 _, _, ep := Syscall(SYS_IOCTL, uintptr(s), SIOCGIFFLAGS, uintptr(unsafe.Pointer(&ifl))) 53 if ep != 0 { 54 return Errno(ep) 55 } 56 if m { 57 ifl.flags |= uint16(IFF_PROMISC) 58 } else { 59 ifl.flags &= ^uint16(IFF_PROMISC) 60 } 61 _, _, ep = Syscall(SYS_IOCTL, uintptr(s), SIOCSIFFLAGS, uintptr(unsafe.Pointer(&ifl))) 62 if ep != 0 { 63 return Errno(ep) 64 } 65 return nil 66 } 67 68 func AttachLsf(fd int, i []SockFilter) error { 69 var p SockFprog 70 p.Len = uint16(len(i)) 71 p.Filter = (*SockFilter)(unsafe.Pointer(&i[0])) 72 return setsockopt(fd, SOL_SOCKET, SO_ATTACH_FILTER, unsafe.Pointer(&p), unsafe.Sizeof(p)) 73 } 74 75 func DetachLsf(fd int) error { 76 var dummy int 77 return setsockopt(fd, SOL_SOCKET, SO_DETACH_FILTER, unsafe.Pointer(&dummy), unsafe.Sizeof(dummy)) 78 } 79