Re: Embedding pcap filters in C

Home Messages Hashtags Subgroups

Adrian Moreno #958 On 08/19/2017 10:41 PM, Y Song wrote: On Sat, Aug 19, 2017 at 3:44 AM, Adrian Moreno via iovisor-dev <iovisor-dev@...> wrote: Hi all, I'm playing around with bcc (which I find awesome, by the way) and I'm trying to embed a pcap filter inside another BPF program so that I can have the user-friendlyness of tcpdump-like expressions and the coolness of BPF-maps, for example. Is that possible without going down into LLVM or writing BPF code directly? Can someone give me a hit? you may have to do that for an arbitrary filter. Maybe bpf code is simpler, there are some examples in how trace.py/argdist.py translating a simple spec to a bpf program. Thanks! I'll give it a try.
More All Messages By This Member

Join iovisor-dev@lists.iovisor.org to automatically receive all group messages.