1.\" $NetBSD: pfil.9,v 1.1 1996/09/06 05:27:47 mrg Exp $ 2.\" 3.\" Copyright (c) 1996 Matthew Green. 4.\" All rights reserved. 5.\" 6.\" Redistribution and use in source and binary forms, with or without 7.\" modification, are permitted provided that the following conditions 8.\" are met: 9.\" 1. Redistributions of source code must retain the above copyright 10.\" notice, this list of conditions and the following disclaimer. 11.\" 2. Redistributions in binary form must reproduce the above copyright 12.\" notice, this list of conditions and the following disclaimer in the 13.\" documentation and/or other materials provided with the distribution. 14.\" 3. All advertising materials mentioning features or use of this software 15.\" must display the following acknowledgement: 16.\" This product includes software developed by Matthew Green. 17.\" 4. Neither the name of The NetBSD Foundation nor the names of its 18.\" contributors may be used to endorse or promote products derived 19.\" from this software without specific prior written permission. 20.\" 21.\" THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 22.\" ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 23.\" TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 24.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE 25.\" LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 26.\" CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 27.\" SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 28.\" INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 29.\" CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 30.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 31.\" POSSIBILITY OF SUCH DAMAGE. 32.\" 33.Dd August 4, 1996 34.Dt PFIL 9 35.Os NetBSD 36.Sh NAME 37.Nm pfil 38.Nd packet filter interface 39.Sh SYNOPSIS 40.Fd #include <sys/param.h> 41.Fd #include <netinet/ip.h> 42.Ft struct packet_filter_hook * 43.Fn pfil_hook_get int 44.Ft void 45.Fn pfil_add_hook "int (*func)()" "int flags" 46.Ft void 47.Fn pfil_remove_hook "int (*func)()" "int flags" 48.\"(void *, int, struct ifnet *, int, struct mbuf **) 49.Sh DESCRIPTION 50The 51.Fn pfil 52interface allows a function to be called on every incoming, outgoing or 53bad packet. The hooks for these are embedded in the ip_input and ip_output 54routines. The 55.Fn pfil_hook_get 56function returns the first member of a particular hook, either the in, out 57or bad list. The 58.Fn pfil_add_hook 59function takes a function of the form below as it's first argument, and the 60flags for which lists to add the function to. The possible values for these 61flags are some combination of PFIL_IN, PFIL_OUT and PFIL_BAD. The 62.Fn pfil_remove_hook 63removes a hook from the specified lists. 64.Pp 65The 66.Va func 67argument is a function with the following prototype. 68.Pp 69.Fn func "void *data" "int hlen" "struct ifnet *net" "int dir" "struct mbuf **m" 70.Pp 71The 72.Va data 73describes the packet. Currently, this may only be a pointer to a ip structure. The 74.Va net 75and 76.Va m 77arguments describe the network interface and the mbuf holding data for this 78packet. The 79.Va dir 80is the direction; 0 for incoming packets and 1 for outgoing packets. 81.Pp 82The 83.Fn pfil 84interface is enabled in the kernel via the 85.Sy PACKET_FILTER 86option. 87.Sh RETURN VALUES 88If successful 89.Fn pfil_hook_get 90returns the first member of the packet filter list, 91.Fn pfil_add_hook 92and 93.Fn pfil_remove_hook 94are expected to always succeed. 95.Sh HISTORY 96The pfil interface first appeared in NetBSD 1.2A. 97.Sh SEE ALSO 98.Xr bpf 4 99