From d2c50858435eecb7f2d73574c7d03d44f1d02307 Mon Sep 17 00:00:00 2001 From: Michael Rash Date: Wed, 10 Aug 2011 22:38:01 -0400 Subject: [PATCH] Added --pcap-filter to the fwknopd command line To override the value of the PCAP_FILTER variable in the fwknopd.conf config file, a new fwknopd command line argument "--pcap-filter" was added. This assists in various activities by making it trivial to change how fwknopd acquires packet data without editing the fwknopd.conf file. Here is an example: fwknopd -i lo -f --pcap-filter "udp port 12345" --- doc/fwknopd.man.asciidoc | 11 ++++++++--- server/config_init.c | 5 +++++ server/config_init.h | 3 ++- 3 files changed, 15 insertions(+), 4 deletions(-) diff --git a/doc/fwknopd.man.asciidoc b/doc/fwknopd.man.asciidoc index fbc05f87..b5eb0b47 100644 --- a/doc/fwknopd.man.asciidoc +++ b/doc/fwknopd.man.asciidoc @@ -50,7 +50,7 @@ COMMAND-LINE OPTIONS *-D, --Dump-config*:: Dump the configuration values that *fwknopd* derives from the - 'fwknop.conf' (or override files) and 'access.conf' on stderr. + 'fwknopd.conf' (or override files) and 'access.conf' on stderr. *-i, --interface*='':: Manually specify interface on which to sniff, e.g. ``-i eth0''. This @@ -75,9 +75,14 @@ COMMAND-LINE OPTIONS *-O, --Override-config*='':: Override config variable values that are normally read from the - 'fwknop.conf' file with values from the specified file. Multiple + 'fwknopd.conf' file with values from the specified file. Multiple override config files can be given as a comma-separated list. +*-P, --pcap-filter*='':: + Specify a Berkeley packet filter statement on the *fwknopd* command + line. This overrides the value of the PCAP_FILTER variable taken + from the 'fwknopd.conf' file. + *-R, --Restart*:: Restart the currently running *fwknopd* processes. This option will preserve the command line options that were supplied to the @@ -369,7 +374,7 @@ directive starts a new stanza. FILES ----- -*fwknop.conf*:: +*fwknopd.conf*:: The main configuration file for fwknop. *access.conf*:: diff --git a/server/config_init.c b/server/config_init.c index e3a700b5..678df483 100644 --- a/server/config_init.c +++ b/server/config_init.c @@ -661,6 +661,9 @@ config_init(fko_srv_options_t *opts, int argc, char **argv) case 'O': /* This was handled earlier */ break; + case 'P': + set_config_entry(opts, CONF_PCAP_FILTER, optarg); + break; case ROTATE_DIGEST_CACHE: opts->rotate_digest_cache = 1; break; @@ -734,6 +737,8 @@ usage(void) " default.\n" " -O, --override-config - Specify a file with configuration entries that will\n" " overide those in fwknopd.conf\n" + " -P, --pcap-filter - Specify a Berkeley packet filter statement to\n" + " override the PCAP_FILTER variable in fwknopd.conf.\n" " -R, --restart - Force the currently running fwknopd to restart.\n" " --rotate-digest-cache\n" " - Rotate the digest cache file by renaming it to\n" diff --git a/server/config_init.h b/server/config_init.h index 33be73a2..6d38972f 100644 --- a/server/config_init.h +++ b/server/config_init.h @@ -66,7 +66,7 @@ enum { /* Our getopt_long options string. */ -#define GETOPTS_OPTION_STRING "a:c:C:Dfhi:Kl:O:RSvV" +#define GETOPTS_OPTION_STRING "a:c:C:Dfhi:Kl:O:P:RSvV" /* Our program command-line options... */ @@ -85,6 +85,7 @@ static struct option cmd_opts[] = {"locale", 1, NULL, 'l' }, {"rotate-digest-cache", 0, NULL, ROTATE_DIGEST_CACHE }, {"override-config", 1, NULL, 'O' }, + {"pcap-filter", 1, NULL, 'P'}, {"restart", 0, NULL, 'R'}, {"status", 0, NULL, 'S'}, {"verbose", 0, NULL, 'v'},