Skip to content

Filter Architecture

Jump to bottom Edit New page
palesius edited this page Nov 11, 2013 · 3 revisions

###Overview These define filters that takes place in the code on the BBB, a particular implementation can certainly be talking to a different device which is making the actual decisions over TCP/IP, and it certainly doesn't stop something w/in the device or host implementation adding it's own filtering.

###Filter function Each packet filter will consist of a filter function that accepts a packet, optionally modifies it, then sets one or more flags on it.
transmit: true by default, this controls whether the packet is passed on to the host/device or is dropped after filtering. filter: true by default, this controls whether the packet is subject to subsequent filtering

###Filter endpoint criteria These control which endpoints a filter is attached to during relaying setup.
These all default to match any endpoint if not set, so some criteria could be: *any endpoint *only interrupt IN endpoints *only endpoints on a certain device

*General *min/max: a minimum and maximum value can be set for this value (or they can be equal to require an exact match) *mask: a bitmask is used in addition to the value to control which bits are signficant when matching *Endpoint attributes *Endpoint Address (mask) *Attributes (mask): the type of endpoint e.g. interrupt/bulk/etc *PacketSize min/max *Interval min/max *Interface attributes *Number *Alternate *Class *SubClass *Protocol *Configuration attributes *Number *Attributes (mask) *high speed: whether this is a high speed configuration *Device attributes *Class *SubClass *Protocol *EP0 packetsize min/max *Vendor *Product *Release

###Filter Packet criteria Rules can also be applied as the packets are received. An 8 byte value can be supplied as well as an 8 byte mask. The callback will only be called for a packet if the bits marked as significant by the mask match the 1st 8 bytes of a packet (for a setup packet it will match against the setup packet itself, rather than the data portion). NB: if the packet size is smaller than the significant bits defined in the mask it will not match.

examples (this is probably the biggest interface in terms of potential uses)

  • log traffic (TCP/IP or locally)
  • modify traffic on the fly
  • block certain requests
Add a custom footer
Add a custom sidebar
Clone this wiki locally