Re: pf for packet data?

[gabe f <gabe_1_(_at_)_mac_(_dot_)_com>]

On Monday, July 14, 2003, at 05:42 PM, Ted Unangst wrote:
> if you want to do it, use bpf.  pf.conf syntax would be like
> pass filter myfilter1.  then a new ioctl to attach bpf programs to the
> named filters.  you can either have pfctl use pcap_compile to convert 
> the
> rest of the line into a bpf program, or another program.

Okay, I read the bpf man, pcap man, and the pf.conf man (for the 
thousandth time).
What are these "filters" you mention in pf, that I could attach a bpf 
program to?

> this would be no more work than hard coding "byte X matches value Y" 
> type
> rules, and far more flexible.

flexibility is essential.

______________________________________________________________________
        Ode On A Sugar Sweet LAN

   I love my 'pooters, and my 'pooters love me.
   We're just a big digital family.

   Me and my 'pooters, we get along fine.
   I'm super tickled, my 'pooters are mine.
______________________________________________________________________