mogul@DECWRL.DEC.COM.UUCP (01/21/87)
Charles Hedrick writes:
Mike Brescia asks for a facility under Unix that will allow you to
receive any packet type that the kernel doesn't need. The Ethernet
packet filter (/dev/enet) will do this. There is supposedly a
copy of this software included with 4.3. We use it on a Pyramid
to implement PUP. (We can't give it to you, as our copy is covered
by a license with Xerox.)
Unfortunately, the packet filter (wonderful as it is) in its current
state won't solve Mike's problem; he wanted access to IP packets not
otherwise consumed by the kernel. The packet filter plugs in to the
network device drivers, and so only gets to look at data-link layer
packet types not wanted by the rest of the kernel. For example, an
ethernet driver takes a received packet, looks at its packet type,
and if it's not IP or ARP or XNS, it drops it into the packet filter
instead of on the floor.
I've toyed with the idea of creating a sort of pseudo-interface driver
that would do the same thing for IP packets that are about to be
dropped on the floor; the packet filter itself should handle this without
modifications, although I'm not sure if packet transmission is as easily
done this way. This is just a "small matter of programming"; i.e.,
don't hold your breath.
The sources shipped with 4.3BSD are almost usable; apparently, the
kind folks at Berkeley (1) failed to include any documentation or
test programs, and (2) modified the modifications to the network
interface drivers. This modified modifications might work, but I
don't know if anyone has ever proved this. I really should do something
about this; if anyone out there wants to use the packet filter but
can't get the 4.3 distribution to work, I'd like to here from you.
By the way, I doubt if the Xerox license agreement had any control
over the packet filter sources, since I'm pretty sure Xerox knew they
were public-domain when they got them.