kpriv/freebsd-ports
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Correct the explanations on using the BPF functionality on FreeBSD.

Browse source 
PR:		57813
Submitted by:	maintainer
This commit is contained in:
Peter Pentchev 2003-10-10 06:54:42 +00:00
parent b771e79fd3
commit a7a15bac7f
Notes: svn2git 2021-03-31 03:12:20 +00:00 
svn path=/head/; revision=90765
2 changed files with 12 additions and 44 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

28
security/nessus-libraries-devel/files/README.BPF
View file

@ -1,22 +1,13 @@
Nessus uses the pcap library, which uses the
berkeley packet filter (bpf) to do its job.
Nessus uses the pcap library, which uses the berkeley packet filter (bpf)
to do its job.
Since Nessus used multiple processes, several pcap-aware plugins will
need to access the the bpf at the same time.
This means that you need to recompile your kernel with the
following option :
This means that you need to recompile your kernel with the following option:
For FreeBSD 5.x:
pseudo-device bpfilter
pseudo-device bpf
For FreeBSD 4.x:
pseudo-device bpfilter NUM
Where 'NUM' is the number of bpf you want -- it should be equal to
the 'max hosts number' option you enter in nessusd x the
'max plugins' option.
If for instance you want to have 10 nessusd running at the same time,
each running 5 plugins in parallel, you should create 50 (10 * 5) bpfs
(as nessusd is extremely lightweight, you can expect to have this amount
@ -26,18 +17,11 @@ If you plan to scan a whole network, we recommand you create at least
100 of them.
Once your kernel has been rebuilt, get root, cd to /dev
and do :
and do:
i=0; while [ $i -lt 100];
do
./MAKEDEV bpf$i
let i=$i+1
done
On FreeBSD, you can directly do :
./MAKEDEV bpf+100
(For FreeBSD 5.x this is not needed since the devfs creates devices when needed)
For FreeBSD 5.x this is not needed since the devfs creates devices when needed.
If you can not recompile your kernel, you can try to run the configure
script with the option --enable-bpf-sharing. In this case, nessusd will

28
security/nessus-libraries/files/README.BPF
View file

@ -1,22 +1,13 @@
Nessus uses the pcap library, which uses the
berkeley packet filter (bpf) to do its job.
Nessus uses the pcap library, which uses the berkeley packet filter (bpf)
to do its job.
Since Nessus used multiple processes, several pcap-aware plugins will
need to access the the bpf at the same time.
This means that you need to recompile your kernel with the
following option :
This means that you need to recompile your kernel with the following option:
For FreeBSD 5.x:
pseudo-device bpfilter
pseudo-device bpf
For FreeBSD 4.x:
pseudo-device bpfilter NUM
Where 'NUM' is the number of bpf you want -- it should be equal to
the 'max hosts number' option you enter in nessusd x the
'max plugins' option.
If for instance you want to have 10 nessusd running at the same time,
each running 5 plugins in parallel, you should create 50 (10 * 5) bpfs
(as nessusd is extremely lightweight, you can expect to have this amount
@ -26,18 +17,11 @@ If you plan to scan a whole network, we recommand you create at least
100 of them.
Once your kernel has been rebuilt, get root, cd to /dev
and do :
and do:
i=0; while [ $i -lt 100];
do
./MAKEDEV bpf$i
let i=$i+1
done
On FreeBSD, you can directly do :
./MAKEDEV bpf+100
(For FreeBSD 5.x this is not needed since the devfs creates devices when needed)
For FreeBSD 5.x this is not needed since the devfs creates devices when needed.
If you can not recompile your kernel, you can try to run the configure
script with the option --enable-bpf-sharing. In this case, nessusd will