Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse code

Add an example of filtering an inet socket

Filter responses to a TCP socket on Linux. Bizarrely, when the
connection is sniffed, the GET request is sent 5 times. Each time a
response is returned but dropped by the filter before it gets to the
socket.
  • Loading branch information...
commit 31da3bdaf6b13001d7e3212f59f46c93ab7a173a 1 parent a963cb5
Michael Santos authored

Showing 2 changed files with 101 additions and 3 deletions. Show diff stats Hide diff stats

  1. +36 3 README.md
  2. +65 0 examples/lsf_inet.erl
39 README.md
Source Rendered
@@ -28,7 +28,8 @@ These libraries are not required can be used with epcap\_compile:
28 28
29 29 * procket: https://github.com/msantos/procket.git
30 30
31   - Set the BPF filter on a socket (Linux) or BPF device (BSD).
  31 + Set a BPF filter on any kind of socket (Linux) or on a BPF device
  32 + (BSD).
32 33
33 34
34 35 ## COMPILING
@@ -62,7 +63,7 @@ These libraries are not required can be used with epcap\_compile:
62 63 compile/1 defaults to optimization enabled, an unspecified netmask
63 64 (filters specifying the broadcast will return an error), the
64 65 datalinktype set to ethernet (DLT_EN10MB) and a packet length
65   - of 65535 bytes. See pcap\_compile(7) for the meaning of each of
  66 + of 65535 bytes. See pcap_compile(7) for the meaning of each of
66 67 these options.
67 68
68 69
@@ -103,7 +104,7 @@ The same BPF program can be generated from Erlang by using the bpf module in pro
103 104 ].
104 105
105 106
106   -### Apply a BPF Filter to a Socket (Linux)
  107 +### Apply a BPF Filter to a PF\_PACKET Socket (Linux)
107 108
108 109 -module(lsf).
109 110 -export([f/0, f/1]).
@@ -128,6 +129,38 @@ The same BPF program can be generated from Erlang by using the bpf module in pro
128 129 loop(S)
129 130 end.
130 131
  132 +### Apply a BPF Filter to a TCP Socket (Linux)
  133 +
  134 + -module(lsf_inet).
  135 + -export([f/0]).
  136 +
  137 + f() ->
  138 + {ok, Fcode} = epcap_compile:compile("tcp and port 443"),
  139 + unfiltered(Fcode),
  140 + filtered(Fcode).
  141 +
  142 + unfiltered(Fcode) when is_list(Fcode) ->
  143 + {ok, S} = gen_tcp:connect("www.google.com", 80,
  144 + [binary, {packet, 0}, {active, false}]),
  145 +
  146 + ok = gen_tcp:send(S, "GET / HTTP/1.0\r\n\r\n"),
  147 + {ok, R} = gen_tcp:recv(S, 0, 5000),
  148 + error_logger:info_report([{unfiltered, R}]),
  149 + ok = gen_tcp:close(S).
  150 +
  151 + filtered(Fcode) when is_list(Fcode) ->
  152 + {ok, S} = gen_tcp:connect("www.google.com", 80,
  153 + [binary, {packet, 0}, {active, false}]),
  154 +
  155 + {ok, FD} = inet:getfd(S),
  156 + {ok, _} = packet:filter(FD, Fcode),
  157 +
  158 + ok = gen_tcp:send(S, "GET / HTTP/1.0\r\n\r\n"),
  159 + {error, timeout} = gen_tcp:recv(S, 0, 5000),
  160 + error_logger:info_report([{filtered, "connection timeout"}]),
  161 +
  162 + ok = gen_tcp:close(S).
  163 +
131 164
132 165 ## TODO
133 166
65 examples/lsf_inet.erl
... ... @@ -0,0 +1,65 @@
  1 +%% Copyright (c) 2012, Michael Santos <michael.santos@gmail.com>
  2 +%% All rights reserved.
  3 +%%
  4 +%% Redistribution and use in source and binary forms, with or without
  5 +%% modification, are permitted provided that the following conditions
  6 +%% are met:
  7 +%%
  8 +%% Redistributions of source code must retain the above copyright
  9 +%% notice, this list of conditions and the following disclaimer.
  10 +%%
  11 +%% Redistributions in binary form must reproduce the above copyright
  12 +%% notice, this list of conditions and the following disclaimer in the
  13 +%% documentation and/or other materials provided with the distribution.
  14 +%%
  15 +%% Neither the name of the author nor the names of its contributors
  16 +%% may be used to endorse or promote products derived from this software
  17 +%% without specific prior written permission.
  18 +%%
  19 +%% THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
  20 +%% "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
  21 +%% LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
  22 +%% FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
  23 +%% COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
  24 +%% INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
  25 +%% BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
  26 +%% LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
  27 +%% CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  28 +%% LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
  29 +%% ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
  30 +%% POSSIBILITY OF SUCH DAMAGE.
  31 +-module(lsf_inet).
  32 +-export([f/0]).
  33 +
  34 +f() ->
  35 + {ok, Fcode} = epcap_compile:compile("tcp and port 443"),
  36 + unfiltered(Fcode),
  37 + filtered(Fcode).
  38 +
  39 +
  40 +unfiltered(Fcode) when is_list(Fcode) ->
  41 + {ok, S} = gen_tcp:connect("www.google.com", 80, [
  42 + binary,
  43 + {packet, 0},
  44 + {active, false}
  45 + ]),
  46 +
  47 + ok = gen_tcp:send(S, "GET / HTTP/1.0\r\n\r\n"),
  48 + {ok, R} = gen_tcp:recv(S, 0, 5000),
  49 + error_logger:info_report([{unfiltered, R}]),
  50 + ok = gen_tcp:close(S).
  51 +
  52 +filtered(Fcode) when is_list(Fcode) ->
  53 + {ok, S} = gen_tcp:connect("www.google.com", 80, [
  54 + binary,
  55 + {packet, 0},
  56 + {active, false}
  57 + ]),
  58 +
  59 + {ok, FD} = inet:getfd(S),
  60 + {ok, _} = packet:filter(FD, Fcode),
  61 +
  62 + ok = gen_tcp:send(S, "GET /test HTTP/1.0\r\n\r\n"),
  63 + {error, timeout} = gen_tcp:recv(S, 0, 5000),
  64 + error_logger:info_report([{filtered, "connection timeout"}]),
  65 + ok = gen_tcp:close(S).

0 comments on commit 31da3bd

Please sign in to comment.
Something went wrong with that request. Please try again.