只是做個筆記.
在目前的 Debian 上 (2016/1/11) 要用到 sid 中 4.3 版的 kernel, 並且得更新 libc headers
$ sudo apt-get install linux-image-4.3.0-1-amd64 linux-headers-4.3.0-1-amd64 linux-libc-dev
接著試 build 下例
#include <sys/types.h>
#include <sys/socket.h>
#include <sys/time.h>
#include <unistd.h>
#include <string.h>
#include <errno.h>
#include <stdio.h>
#include <stdlib.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <linux/bpf.h>
#include <linux/filter.h>
int main()
{
int result = socket(AF_INET, SOCK_STREAM, 0);
if(0 > result) {
fprintf(stderr, "socket(): %s\n", strerror(errno));
abort();
}
int sfd = result;
struct sock_filter filter[] = {
{ BPF_RET, 0, 0, 0 }
};
struct sock_fprog bpf = {
.len = sizeof(filter) / sizeof(filter[0]),
.filter = filter
};
result = setsockopt(sfd, SOL_SOCKET, SO_ATTACH_FILTER, &bpf, sizeof(bpf));
if(0 > result) {
fprintf(stderr, "setsockopt(): %s\n", strerror(errno));
abort();
}
struct sockaddr_in addr = {
.sin_family = AF_INET,
.sin_port = htons(1234),
.sin_addr = { htonl(INADDR_LOOPBACK) }
};
result = connect(sfd, (const struct sockaddr *) &addr, sizeof(addr));
if(0 > result) {
fprintf(stderr, "connect(): %s\n", strerror(errno));
abort();
}
close(sfd);
return 0;
}
此例丟了所有的 packet, 所以 connect() 最終會 timeout.