pppd + precompiled-active-filter

OpenWRT has long had some patches against pppd 2.4.4 for what’s called ‘Precompiled Active Filter’.  This is a file, which contains the libpcap compiled filter on what should be considered ‘active’ or ‘interesting’ traffic.  In the Cisco world, it’s the access-list you reference with dialer-list and dialer-group commands.

The default file that’s shipped tends to ignore icmp requests and a few other odds and ends, and is either never used, or works for everyone else.  Sadly, I needed to change it.

Finding #1)  tcpdump -ddd not icmp and not udp 123 and …. generates a precompiled file nicely

Finding #2)  After several hours - this is not the right way to generate it.  Files generated do not do what you think they do.

Finding #3)  Included in the buildroot is a tool from http://www.fli4l.de/en/home/news/ called pfc.c which will build the correct filters.  That’s the Floppy Linux ISDN… Floppies and ISDN - something I haven’t run into for several years.

Building it (gcc -o pfc -lpcap pfc.c) gives you a nice little tool to generate them using command line libpcap filter syntax - and guess what - they work!

Comments

• Twitter Feed

  • @ajarvela00 Haven't had time to determine the right audio settings for MP4 encoding to get true 5.1 from the Home Theater in reply to ajarvela00 1 hr ago
  • AppleTV vs. Sony Receiver - 5.1 Channel - Fight! 4 hrs ago
  • Foraging for food, snailmail, and fresh air. 6 hrs ago
  • More updates...

  Powered by Twitter Tools.

• Google Reader Feed

  • Vietnam Imposes New Blogging Restrictions
     via: Slashdot
  • Last Major Supplier Calls It Quits For VHS
     via: Slashdot
  • Borrowing To Invest Vs. Saving To Invest
     via: John Chow dot Com
  • How the Great Firewall of Britain works
     via: Boing Boing
  • What the heck is an IT Architect anyway?
     via: The Register
  Shared Items

• Flickr Photos

  

• Tags

  43folders blackhat Code Day to Day dns googlereader inbox zero Links linux me Openswan openswan osx OS X parallels Photos Preston productivity Reviews rss security tcpdump Tech Tech Toys ubuntu Wedding Bells

• Meta

  • Log in
  • Entries RSS
  • Comments RSS
  • WordPress.org

Recently Written

• ESX & ESXi - Windows XP Guest Install reports no hard disk found
• Google Reader Stats and Thoughts
• Debian VMWare Guest - eth0 broken after cloning
• pppd + precompiled-active-filter
• Who Moved My Brain?
• 4 Features/Changes Google Reader Needs to Move Forward
• Google Reader - 1 year later
• Dan’s DNS Talk from Blackhat
• I’m back
• Ubuntu 8 on Parallels 3 (and some other VM packages)

Monthly Archives

• January 2009
• December 2008
• October 2008
• August 2008
• November 2007
• October 2007
• July 2007
• June 2007
• May 2007
• December 2006
• October 2006
• May 2006
• February 2006
• January 2006
• December 2005
• November 2005
• September 2005
• August 2005
• June 2005
• April 2005
• March 2005
• February 2005
• January 2005
• December 2004
• November 2004
• October 2004

Blogroll

• Development Blog
• Documentation
• Ken’s Photos on Flickr
• Plugins
• Suggest Ideas
• Support Forum
• Themes
• WordPress Planet

Find It

Admin

• Log in
• WordPress
• XHTML

Credits

Powered by Vertigo & WordPress
WordPress Themes by Brian Gardner