Attachment #167947 for bug #207866

View | Details | Raw Unified | Return to bug 207866
Collapse All | Expand All




A given interface can be shared by multiple listeners, and the filter
underlying each descriptor will see an identical packet stream.
.Pp
A separate device file is required for each minor device.
If a file is in use, the open will fail and
.Va errno
will be set to
.Er EBUSY .
.Pp
Associated with each open instance of a
.Nm
file is a user-settable packet filter.

all file descriptors listening on that interface apply their filter.
Each descriptor that accepts the packet receives its own copy.
.Pp
The packet filter will support any link level protocol that has fixed length
headers.
Currently, only Ethernet,
.Tn SLIP ,
and
.Tn PPP
drivers have been modified to interact with
.Nm .
.Pp
Since packet data is in network byte order, applications should use the
.Xr byteorder 3
macros to extract multi-byte values.
.Pp
A packet can be sent out on the network by writing to a
.Nm
file descriptor.
The writes are unbuffered, meaning only one packet can be processed per write.
.Pp
Once a descriptor is configured, further changes to the configuration
can be prevented using the
.Dv BIOCLOCK
.Xr ioctl 2 .
.Sh BUFFER MODES
.Nm
devices deliver packet data to the application via memory buffers provided by

and
.In net/if.h .
.Pp
In addition to
.Dv FIONREAD
the following commands may be applied to any open
.Nm
file.
The (third) argument to
.Xr ioctl 2
should be a pointer to the type indicated.

If the requested buffer size cannot be accommodated, the closest
allowable size will be set and returned in the argument.
A read call will result in
.Er EINVAL
if it is passed a buffer that is not this size.
.It Dv BIOCGDLT
.Pq Li u_int

.Dq Li DLT_ ,
are defined in
.In net/bpf.h .
.It Dv BIOCGDLTLIST
.Pq Li "struct bpf_dltlist"
Returns an array of the available types of the data link layer
underlying the attached interface:
.Bd -literal -offset indent
struct bpf_dltlist {
	u_int bfl_len;
	u_int *bfl_list;
};
.Ed
.Pp
The available types are returned in the array pointed to by the
.Va bfl_list
field while their length in u_int is supplied to the
.Va bfl_len
field.
.Er ENOMEM
is returned if there is not enough buffer space and
.Er EFAULT
is returned if a bad address is encountered.
The
.Va bfl_len
field is modified on return to indicate the actual length in u_int
of the array returned.
If
.Va bfl_list
is
.Dv NULL ,
the
.Va bfl_len
field is set to indicate the required length of an array in u_int.
.It Dv BIOCSDLT
.Pq Li u_int
Changes the type of the data link layer underlying the attached interface.
.Er EINVAL
is returned if no interface has been specified or the specified
type is not available for the interface.
.It Dv BIOCPROMISC
Forces the interface into promiscuous mode.
All packets, not just those destined for the local host, are processed.

a listener that opened its interface non-promiscuously may receive
packets promiscuously.
This problem can be remedied with an appropriate filter.
.Pp
The interface remains in promiscuous mode until all files listening
promiscuously are closed.
.It Dv BIOCFLUSH
Flushes the buffer of incoming packets,
and resets the statistics that are returned by BIOCGSTATS.

All other fields are undefined.
.It Dv BIOCSETIF
.Pq Li "struct ifreq"
Sets the hardware interface associated with the file.
This
command must be performed before any packets can be read.
The device is indicated by name using the

.It Dv BIOCSRTIMEOUT
.It Dv BIOCGRTIMEOUT
.Pq Li "struct timeval"
Sets or gets the read timeout parameter.
The argument
specifies the length of time to wait before timing
out on a read request.

.El
.It Dv BIOCIMMEDIATE
.Pq Li u_int
Enables or disables
.Dq immediate mode ,
based on the truth value of the argument.
When immediate mode is enabled, reads return immediately upon packet

the following structure:
.Bd -literal
struct bpf_program {
	u_int bf_len;
	struct bpf_insn *bf_insns;
};
.Ed

may result in undefined behavior (most likely, an error returned by
.Fn ioctl
or haphazard packet matching).
.It Dv BIOCGRSIG
.It Dv BIOCSRSIG
.Pq Li u_int
Sets or gets the receive signal.
This signal will be sent to the process or process group specified by
.Dv FIOSETOWN .
It defaults to
.Dv SIGIO .
.It Dv BIOCSHDRCMPLT
.It Dv BIOCGHDRCMPLT
.Pq Li u_int
Sets or gets the status of the
.Dq header complete
flag.
Set to zero if the link level source address should be filled in automatically

and
.Dv BIOCGDIRECTION
instead.
Sets or gets the flag determining whether locally generated packets on the
interface should be returned by BPF.
Set to zero to see only incoming packets on the interface.
Set to one to see packets originating locally and remotely on the interface.

.It Dv BIOCSDIRECTION
.It Dv BIOCGDIRECTION
.Pq Li u_int
Sets or gets the setting determining whether incoming, outgoing, or all packets
on the interface should be returned by BPF.
Set to
.Dv BPF_D_IN

by default.
.It Dv BIOCFEEDBACK
.Pq Li u_int
Sets packet feedback mode.
This allows injected packets to be fed back as input to the interface when
output via the interface is successful.
When
.Dv BPF_D_INOUT
direction is set, injected outgoing packets are not returned by BPF to avoid
duplication. This flag is initialized to zero by default.
.It Dv BIOCLOCK
This ioctl is designed to prevent the security issues associated
with an open
.Nm
descriptor in unprivileged programs.
Even with dropped privileges, an open
.Nm
descriptor can be abused by a rogue program to listen on any interface
on the system, send packets on these interfaces if the descriptor was
opened read-write and send signals to arbitrary processes using the
signaling mechanism of
.Nm bpf .
By allowing only
.Dq known safe
ioctls, the
.Dv BIOCLOCK
ioctl prevents this abuse.
The allowable ioctls are
.Dv BIOCFEEDBACK ,
.Dv BIOCFLUSH ,
.Dv BIOCGBLEN ,
.Dv BIOCGDLT ,
.Dv BIOCGDIRFILT ,
.Dv BIOCGDLTLIST ,
.Dv BIOCGETIF ,
.Dv BIOCGHDRCMPLT ,
.Dv BIOCGRSIG ,
.Dv BIOCGRTIMEOUT ,
.Dv BIOCGSTATS ,
.Dv BIOCIMMEDIATE ,
.Dv BIOCLOCK ,
.Dv BIOCROTZBUF ,
.Dv BIOCSRTIMEOUT ,
.Dv BIOCSTSTAMP ,
.Dv BIOCVERSION ,
.Dv TIOCGPGRP ,
and
.Dv FIONREAD .
Use of any other ioctl is denied with error
.Er EPERM .
Once a descriptor is locked, it is not possible to unlock it.
A process with root privileges is not affected by the lock.
.Pp
A privileged program can open a
.Nm
device, drop privileges, set the interface, filters and modes on the
descriptor, and lock it.
Once the descriptor is locked, the system is safe
from further abuse through the descriptor.
Locking a descriptor does not prevent writes.
If the application does not need to send packets through
.Nm bpf ,
it can open the device read-only to prevent writing.
If sending packets is necessary, a write-filter can be set before locking the
descriptor to prevent arbitrary packets from being sent out.
.It Dv BIOCGETBUFMODE
.It Dv BIOCSETBUFMODE
.Pq Li u_int

.Nm
descriptors in use on 32-bit systems.
.It Dv BIOCROTZBUF
.Pq Li struct bpf_zbuf
Force ownership of the next buffer to be assigned to userspace, if any data
present in the buffer.
If no data is present, the buffer will remain owned by the kernel.

against
.Vt bzh_user_gen .
.El
.Sh STANDARD IOCTLS
.Nm
now supports several standard
.Xr ioctl 2 Ns 's
which allow the user to do async and/or non-blocking I/O to an open
.I bpf
file descriptor.
.Bl -tag -width FIONREAD
.It Dv FIONREAD
.Pq Li int
Returns the number of bytes that are immediately available for reading.
.It Dv FIONBIO
.Pq Li int
Sets or clears non-blocking I/O.
If arg is non-zero, then doing a
.Xr read 2
when no data is available will return -1 and
.Va errno
will be set to
.Er EAGAIN .
If arg is zero, non-blocking I/O is disabled.
Note: setting this
overrides the timeout set by
.Dv BIOCSRTIMEOUT .
.It Dv FIOASYNC
.Pq Li int
Enables or disables async I/O.
When enabled (arg is non-zero), the process or process group specified by
.Dv FIOSETOWN
will start receiving
.Dv SIGIO 's
when packets arrive.
Note that you must do an
.Dv FIOSETOWN
in order for this to take affect, as
the system will not default this for you.
The signal may be changed via
.Dv BIOCSRSIG .
.It Dv FIOSETOWN
.It Dv FIOGETOWN
.Pq Li int
Sets or gets the process or process group (if negative) that should
receive
.Dv SIGIO
when packets are available.
The signal may be changed using
.Dv BIOCSRSIG
(see above).
.El
.Sh BPF HEADER
One of the following structures is prepended to each packet returned by
.Xr read 2

};
.Ed
.Pp
The fields, whose values are stored in host order, are:
.Pp
.Bl -tag -compact -width bh_datalen
.It Li bh_tstamp

The following structure defines the instruction format:
.Bd -literal
struct bpf_insn {
	u_short     code;
	u_char      jt;
	u_char      jf;
	bpf_u_int32 k;
};
.Ed
.Pp

.Xr kqueue 2 ,
.Xr poll 2 ,
.Xr select 2 ,
.Xr byteorder 3 ,
.Xr ng_bpf 4 ,
.Xr bpf 9
.Rs

all files must assume that the interface is promiscuous, and if
so desired, must utilize a filter to reject foreign packets.
.Pp
Data link protocols with variable length headers are not currently supported.
.Pp
The
.Dv SEESENT ,
.Dv DIRECTION ,

Return to bug 207866

Lines 73-84 Link Here

(-)bpf.4 (-50 / +171 lines)
73	A given interface can be shared by multiple listeners, and the filter	73	A given interface can be shared by multiple listeners, and the filter
74	underlying each descriptor will see an identical packet stream.	74	underlying each descriptor will see an identical packet stream.
75	.Pp	75	.Pp
76	A separate device file is required for each minor device.
77	If a file is in use, the open will fail and
78	.Va errno
79	will be set to
80	.Er EBUSY .
81	.Pp
82	Associated with each open instance of a	76	Associated with each open instance of a
83	.Nm	77	.Nm
84	file is a user-settable packet filter.	78	file is a user-settable packet filter.
Lines 86-111 Link Here
86	all file descriptors listening on that interface apply their filter.	80	all file descriptors listening on that interface apply their filter.
87	Each descriptor that accepts the packet receives its own copy.	81	Each descriptor that accepts the packet receives its own copy.
88	.Pp	82	.Pp
89	The packet filter will support any link level protocol that has fixed length
90	headers.
91	Currently, only Ethernet,
92	.Tn SLIP ,
93	and
94	.Tn PPP
95	drivers have been modified to interact with
96	.Nm .
97	.Pp
98	Since packet data is in network byte order, applications should use the
99	.Xr byteorder 3
100	macros to extract multi-byte values.
101	.Pp
102	A packet can be sent out on the network by writing to a	83	A packet can be sent out on the network by writing to a
103	.Nm	84	.Nm
104	file descriptor.	85	file descriptor.
105	The writes are unbuffered, meaning only one packet can be processed per write.	86	The writes are unbuffered, meaning only one packet can be processed per write.
106	Currently, only writes to Ethernets and	87	.Pp
107	.Tn SLIP	88	Once a descriptor is configured, further changes to the configuration
108	links are supported.	89	can be prevented using the
		90	.Dv BIOCLOCK
		91	.Xr ioctl 2 .
109	.Sh BUFFER MODES	92	.Sh BUFFER MODES
110	.Nm	93	.Nm
111	devices deliver packet data to the application via memory buffers provided by	94	devices deliver packet data to the application via memory buffers provided by
Lines 288-298 Link Here
288	and	271	and
289	.In net/if.h .	272	.In net/if.h .
290	.Pp	273	.Pp
291	In addition to
292	.Dv FIONREAD
293	the following commands may be applied to any open
294	.Nm
295	file.
296	The (third) argument to	274	The (third) argument to
297	.Xr ioctl 2	275	.Xr ioctl 2
298	should be a pointer to the type indicated.	276	should be a pointer to the type indicated.
Lines 313-319 Link Here
313	If the requested buffer size cannot be accommodated, the closest	291	If the requested buffer size cannot be accommodated, the closest
314	allowable size will be set and returned in the argument.	292	allowable size will be set and returned in the argument.
315	A read call will result in	293	A read call will result in
316	.Er EIO	294	.Er EINVAL
317	if it is passed a buffer that is not this size.	295	if it is passed a buffer that is not this size.
318	.It Dv BIOCGDLT	296	.It Dv BIOCGDLT
319	.Pq Li u_int	297	.Pq Li u_int
Lines 324-329 Link Here
324	.Dq Li DLT_ ,	302	.Dq Li DLT_ ,
325	are defined in	303	are defined in
326	.In net/bpf.h .	304	.In net/bpf.h .
		305	.It Dv BIOCGDLTLIST
		306	.Pq Li "struct bpf_dltlist"
		307	Returns an array of the available types of the data link layer
		308	underlying the attached interface:
		309	.Bd -literal -offset indent
		310	struct bpf_dltlist {
		311	u_int bfl_len;
		312	u_int *bfl_list;
		313	};
		314	.Ed
		315	.Pp
		316	The available types are returned in the array pointed to by the
		317	.Va bfl_list
		318	field while their length in u_int is supplied to the
		319	.Va bfl_len
		320	field.
		321	.Er ENOMEM
		322	is returned if there is not enough buffer space and
		323	.Er EFAULT
		324	is returned if a bad address is encountered.
		325	The
		326	.Va bfl_len
		327	field is modified on return to indicate the actual length in u_int
		328	of the array returned.
		329	If
		330	.Va bfl_list
		331	is
		332	.Dv NULL ,
		333	the
		334	.Va bfl_len
		335	field is set to indicate the required length of an array in u_int.
		336	.It Dv BIOCSDLT
		337	.Pq Li u_int
		338	Changes the type of the data link layer underlying the attached interface.
		339	.Er EINVAL
		340	is returned if no interface has been specified or the specified
		341	type is not available for the interface.
327	.It Dv BIOCPROMISC	342	.It Dv BIOCPROMISC
328	Forces the interface into promiscuous mode.	343	Forces the interface into promiscuous mode.
329	All packets, not just those destined for the local host, are processed.	344	All packets, not just those destined for the local host, are processed.
Lines 331-336 Link Here
331	a listener that opened its interface non-promiscuously may receive	346	a listener that opened its interface non-promiscuously may receive
332	packets promiscuously.	347	packets promiscuously.
333	This problem can be remedied with an appropriate filter.	348	This problem can be remedied with an appropriate filter.
		349	.Pp
		350	The interface remains in promiscuous mode until all files listening
		351	promiscuously are closed.
334	.It Dv BIOCFLUSH	352	.It Dv BIOCFLUSH
335	Flushes the buffer of incoming packets,	353	Flushes the buffer of incoming packets,
336	and resets the statistics that are returned by BIOCGSTATS.	354	and resets the statistics that are returned by BIOCGSTATS.
Lines 344-350 Link Here
344	All other fields are undefined.	362	All other fields are undefined.
345	.It Dv BIOCSETIF	363	.It Dv BIOCSETIF
346	.Pq Li "struct ifreq"	364	.Pq Li "struct ifreq"
347	Sets the hardware interface associate with the file.	365	Sets the hardware interface associated with the file.
348	This	366	This
349	command must be performed before any packets can be read.	367	command must be performed before any packets can be read.
350	The device is indicated by name using the	368	The device is indicated by name using the
Lines 357-363 Link Here
357	.It Dv BIOCSRTIMEOUT	375	.It Dv BIOCSRTIMEOUT
358	.It Dv BIOCGRTIMEOUT	376	.It Dv BIOCGRTIMEOUT
359	.Pq Li "struct timeval"	377	.Pq Li "struct timeval"
360	Set or get the read timeout parameter.	378	Sets or gets the read timeout parameter.
361	The argument	379	The argument
362	specifies the length of time to wait before timing	380	specifies the length of time to wait before timing
363	out on a read request.	381	out on a read request.
Lines 387-393 Link Here
387	.El	405	.El
388	.It Dv BIOCIMMEDIATE	406	.It Dv BIOCIMMEDIATE
389	.Pq Li u_int	407	.Pq Li u_int
390	Enable or disable	408	Enables or disables
391	.Dq immediate mode ,	409	.Dq immediate mode ,
392	based on the truth value of the argument.	410	based on the truth value of the argument.
393	When immediate mode is enabled, reads return immediately upon packet	411	When immediate mode is enabled, reads return immediately upon packet
Lines 407-413 Link Here
407	the following structure:	425	the following structure:
408	.Bd -literal	426	.Bd -literal
409	struct bpf_program {	427	struct bpf_program {
410	int bf_len;	428	u_int bf_len;
411	struct bpf_insn *bf_insns;	429	struct bpf_insn *bf_insns;
412	};	430	};
413	.Ed	431	.Ed
Lines 469-478 Link Here
469	may result in undefined behavior (most likely, an error returned by	487	may result in undefined behavior (most likely, an error returned by
470	.Fn ioctl	488	.Fn ioctl
471	or haphazard packet matching).	489	or haphazard packet matching).
		490	.It Dv BIOCGRSIG
		491	.It Dv BIOCSRSIG
		492	.Pq Li u_int
		493	Sets or gets the receive signal.
		494	This signal will be sent to the process or process group specified by
		495	.Dv FIOSETOWN .
		496	It defaults to
		497	.Dv SIGIO .
472	.It Dv BIOCSHDRCMPLT	498	.It Dv BIOCSHDRCMPLT
473	.It Dv BIOCGHDRCMPLT	499	.It Dv BIOCGHDRCMPLT
474	.Pq Li u_int	500	.Pq Li u_int
475	Set or get the status of the	501	Sets or gets the status of the
476	.Dq header complete	502	.Dq header complete
477	flag.	503	flag.
478	Set to zero if the link level source address should be filled in automatically	504	Set to zero if the link level source address should be filled in automatically
Lines 489-495 Link Here
489	and	515	and
490	.Dv BIOCGDIRECTION	516	.Dv BIOCGDIRECTION
491	instead.	517	instead.
492	Set or get the flag determining whether locally generated packets on the	518	Sets or gets the flag determining whether locally generated packets on the
493	interface should be returned by BPF.	519	interface should be returned by BPF.
494	Set to zero to see only incoming packets on the interface.	520	Set to zero to see only incoming packets on the interface.
495	Set to one to see packets originating locally and remotely on the interface.	521	Set to one to see packets originating locally and remotely on the interface.
Lines 497-503 Link Here
497	.It Dv BIOCSDIRECTION	523	.It Dv BIOCSDIRECTION
498	.It Dv BIOCGDIRECTION	524	.It Dv BIOCGDIRECTION
499	.Pq Li u_int	525	.Pq Li u_int
500	Set or get the setting determining whether incoming, outgoing, or all packets	526	Sets or gets the setting determining whether incoming, outgoing, or all packets
501	on the interface should be returned by BPF.	527	on the interface should be returned by BPF.
502	Set to	528	Set to
503	.Dv BPF_D_IN	529	.Dv BPF_D_IN
Lines 571-590 Link Here
571	by default.	597	by default.
572	.It Dv BIOCFEEDBACK	598	.It Dv BIOCFEEDBACK
573	.Pq Li u_int	599	.Pq Li u_int
574	Set packet feedback mode.	600	Sets packet feedback mode.
575	This allows injected packets to be fed back as input to the interface when	601	This allows injected packets to be fed back as input to the interface when
576	output via the interface is successful.	602	output via the interface is successful.
577	When	603	When
578	.Dv BPF_D_INOUT	604	.Dv BPF_D_INOUT
579	direction is set, injected outgoing packet is not returned by BPF to avoid	605	direction is set, injected outgoing packets are not returned by BPF to avoid
580	duplication. This flag is initialized to zero by default.	606	duplication. This flag is initialized to zero by default.
581	.It Dv BIOCLOCK	607	.It Dv BIOCLOCK
582	Set the locked flag on the	608	This ioctl is designed to prevent the security issues associated
		609	with an open
583	.Nm	610	.Nm
584	descriptor.	611	descriptor in unprivileged programs.
585	This prevents the execution of	612	Even with dropped privileges, an open
586	ioctl commands which could change the underlying operating parameters of	613	.Nm
587	the device.	614	descriptor can be abused by a rogue program to listen on any interface
		615	on the system, send packets on these interfaces if the descriptor was
		616	opened read-write and send signals to arbitrary processes using the
		617	signaling mechanism of
		618	.Nm bpf .
		619	By allowing only
		620	.Dq known safe
		621	ioctls, the
		622	.Dv BIOCLOCK
		623	ioctl prevents this abuse.
		624	The allowable ioctls are
		625	.Dv BIOCFEEDBACK ,
		626	.Dv BIOCFLUSH ,
		627	.Dv BIOCGBLEN ,
		628	.Dv BIOCGDLT ,
		629	.Dv BIOCGDIRFILT ,
		630	.Dv BIOCGDLTLIST ,
		631	.Dv BIOCGETIF ,
		632	.Dv BIOCGHDRCMPLT ,
		633	.Dv BIOCGRSIG ,
		634	.Dv BIOCGRTIMEOUT ,
		635	.Dv BIOCGSTATS ,
		636	.Dv BIOCIMMEDIATE ,
		637	.Dv BIOCLOCK ,
		638	.Dv BIOCROTZBUF ,
		639	.Dv BIOCSRTIMEOUT ,
		640	.Dv BIOCSTSTAMP ,
		641	.Dv BIOCVERSION ,
		642	.Dv TIOCGPGRP ,
		643	and
		644	.Dv FIONREAD .
		645	Use of any other ioctl is denied with error
		646	.Er EPERM .
		647	Once a descriptor is locked, it is not possible to unlock it.
		648	A process with root privileges is not affected by the lock.
		649	.Pp
		650	A privileged program can open a
		651	.Nm
		652	device, drop privileges, set the interface, filters and modes on the
		653	descriptor, and lock it.
		654	Once the descriptor is locked, the system is safe
		655	from further abuse through the descriptor.
		656	Locking a descriptor does not prevent writes.
		657	If the application does not need to send packets through
		658	.Nm bpf ,
		659	it can open the device read-only to prevent writing.
		660	If sending packets is necessary, a write-filter can be set before locking the
		661	descriptor to prevent arbitrary packets from being sent out.
588	.It Dv BIOCGETBUFMODE	662	.It Dv BIOCGETBUFMODE
589	.It Dv BIOCSETBUFMODE	663	.It Dv BIOCSETBUFMODE
590	.Pq Li u_int	664	.Pq Li u_int
Lines 619-624 Link Here
619	.Nm	693	.Nm
620	descriptors in use on 32-bit systems.	694	descriptors in use on 32-bit systems.
621	.It Dv BIOCROTZBUF	695	.It Dv BIOCROTZBUF
		696	.Pq Li struct bpf_zbuf
622	Force ownership of the next buffer to be assigned to userspace, if any data	697	Force ownership of the next buffer to be assigned to userspace, if any data
623	present in the buffer.	698	present in the buffer.
624	If no data is present, the buffer will remain owned by the kernel.	699	If no data is present, the buffer will remain owned by the kernel.
Lines 630-635 Link Here
630	against	705	against
631	.Vt bzh_user_gen .	706	.Vt bzh_user_gen .
632	.El	707	.El
		708	.Sh STANDARD IOCTLS
		709	.Nm
		710	now supports several standard
		711	.Xr ioctl 2 Ns 's
		712	which allow the user to do async and/or non-blocking I/O to an open
		713	.I bpf
		714	file descriptor.
		715	.Bl -tag -width FIONREAD
		716	.It Dv FIONREAD
		717	.Pq Li int
		718	Returns the number of bytes that are immediately available for reading.
		719	.It Dv FIONBIO
		720	.Pq Li int
		721	Sets or clears non-blocking I/O.
		722	If arg is non-zero, then doing a
		723	.Xr read 2
		724	when no data is available will return -1 and
		725	.Va errno
		726	will be set to
		727	.Er EAGAIN .
		728	If arg is zero, non-blocking I/O is disabled.
		729	Note: setting this
		730	overrides the timeout set by
		731	.Dv BIOCSRTIMEOUT .
		732	.It Dv FIOASYNC
		733	.Pq Li int
		734	Enables or disables async I/O.
		735	When enabled (arg is non-zero), the process or process group specified by
		736	.Dv FIOSETOWN
		737	will start receiving
		738	.Dv SIGIO 's
		739	when packets arrive.
		740	Note that you must do an
		741	.Dv FIOSETOWN
		742	in order for this to take affect, as
		743	the system will not default this for you.
		744	The signal may be changed via
		745	.Dv BIOCSRSIG .
		746	.It Dv FIOSETOWN
		747	.It Dv FIOGETOWN
		748	.Pq Li int
		749	Sets or gets the process or process group (if negative) that should
		750	receive
		751	.Dv SIGIO
		752	when packets are available.
		753	The signal may be changed using
		754	.Dv BIOCSRSIG
		755	(see above).
		756	.El
633	.Sh BPF HEADER	757	.Sh BPF HEADER
634	One of the following structures is prepended to each packet returned by	758	One of the following structures is prepended to each packet returned by
635	.Xr read 2	759	.Xr read 2
Lines 652-658 Link Here
652	};	776	};
653	.Ed	777	.Ed
654	.Pp	778	.Pp
655	The fields, whose values are stored in host order, and are:	779	The fields, whose values are stored in host order, are:
656	.Pp	780	.Pp
657	.Bl -tag -compact -width bh_datalen	781	.Bl -tag -compact -width bh_datalen
658	.It Li bh_tstamp	782	.It Li bh_tstamp
Lines 749-758 Link Here
749	The following structure defines the instruction format:	873	The following structure defines the instruction format:
750	.Bd -literal	874	.Bd -literal
751	struct bpf_insn {	875	struct bpf_insn {
752	u_short code;	876	u_short code;
753	u_char jt;	877	u_char jt;
754	u_char jf;	878	u_char jf;
755	u_long k;	879	bpf_u_int32 k;
756	};	880	};
757	.Ed	881	.Ed
758	.Pp	882	.Pp
Lines 1047-1053 Link Here
1047	.Xr kqueue 2 ,	1171	.Xr kqueue 2 ,
1048	.Xr poll 2 ,	1172	.Xr poll 2 ,
1049	.Xr select 2 ,	1173	.Xr select 2 ,
1050	.Xr byteorder 3 ,
1051	.Xr ng_bpf 4 ,	1174	.Xr ng_bpf 4 ,
1052	.Xr bpf 9	1175	.Xr bpf 9
1053	.Rs	1176	.Rs
Lines 1096-1103 Link Here
1096	all files must assume that the interface is promiscuous, and if	1219	all files must assume that the interface is promiscuous, and if
1097	so desired, must utilize a filter to reject foreign packets.	1220	so desired, must utilize a filter to reject foreign packets.
1098	.Pp	1221	.Pp
1099	Data link protocols with variable length headers are not currently supported.
1100	.Pp
1101	The	1222	The
1102	.Dv SEESENT ,	1223	.Dv SEESENT ,
1103	.Dv DIRECTION ,	1224	.Dv DIRECTION ,