I'm playing around with bcc (which I find awesome, by the way) and I'm trying to embed a pcap filter inside another BPF program so that I can have the user-friendlyness of tcpdump-like expressions and the coolness of BPF-maps, for example.
Is that possible without going down into LLVM or writing BPF code directly? Can someone give me a hit?
I tried to inline the pcap-filter in a C program using __asm__() but LLVM fails with: "LLVM ERROR: Inline asm not supported by this streamer because we don't have an asm parser for this target"
