Correct the explanations on using the BPF functionality on FreeBSD.
PR: 57813 Submitted by: maintainer
This commit is contained in:
Peter Pentchev
parent
b771e79fd3
commit
a7a15bac7f
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=90765
2 changed files with 12 additions and 44 deletions
|
|
@ -1,21 +1,12 @@
|
|||
Nessus uses the pcap library, which uses the
|
||||
berkeley packet filter (bpf) to do its job.
|
||||
Nessus uses the pcap library, which uses the berkeley packet filter (bpf)
|
||||
to do its job.
|
||||
|
||||
Since Nessus used multiple processes, several pcap-aware plugins will
|
||||
need to access the the bpf at the same time.
|
||||
|
||||
This means that you need to recompile your kernel with the
|
||||
following option :
|
||||
This means that you need to recompile your kernel with the following option:
|
||||
|
||||
For FreeBSD 5.x:
|
||||
pseudo-device bpfilter
|
||||
|
||||
For FreeBSD 4.x:
|
||||
pseudo-device bpfilter NUM
|
||||
|
||||
Where 'NUM' is the number of bpf you want -- it should be equal to
|
||||
the 'max hosts number' option you enter in nessusd x the
|
||||
'max plugins' option.
|
||||
pseudo-device bpf
|
||||
|
||||
If for instance you want to have 10 nessusd running at the same time,
|
||||
each running 5 plugins in parallel, you should create 50 (10 * 5) bpfs
|
||||
|
|
@ -28,16 +19,9 @@ If you plan to scan a whole network, we recommand you create at least
|
|||
Once your kernel has been rebuilt, get root, cd to /dev
|
||||
and do:
|
||||
|
||||
i=0; while [ $i -lt 100];
|
||||
do
|
||||
./MAKEDEV bpf$i
|
||||
let i=$i+1
|
||||
done
|
||||
|
||||
On FreeBSD, you can directly do :
|
||||
./MAKEDEV bpf+100
|
||||
|
||||
(For FreeBSD 5.x this is not needed since the devfs creates devices when needed)
|
||||
For FreeBSD 5.x this is not needed since the devfs creates devices when needed.
|
||||
|
||||
If you can not recompile your kernel, you can try to run the configure
|
||||
script with the option --enable-bpf-sharing. In this case, nessusd will
|
||||
|
|
|
|||
|
|
@ -1,21 +1,12 @@
|
|||
Nessus uses the pcap library, which uses the
|
||||
berkeley packet filter (bpf) to do its job.
|
||||
Nessus uses the pcap library, which uses the berkeley packet filter (bpf)
|
||||
to do its job.
|
||||
|
||||
Since Nessus used multiple processes, several pcap-aware plugins will
|
||||
need to access the the bpf at the same time.
|
||||
|
||||
This means that you need to recompile your kernel with the
|
||||
following option :
|
||||
This means that you need to recompile your kernel with the following option:
|
||||
|
||||
For FreeBSD 5.x:
|
||||
pseudo-device bpfilter
|
||||
|
||||
For FreeBSD 4.x:
|
||||
pseudo-device bpfilter NUM
|
||||
|
||||
Where 'NUM' is the number of bpf you want -- it should be equal to
|
||||
the 'max hosts number' option you enter in nessusd x the
|
||||
'max plugins' option.
|
||||
pseudo-device bpf
|
||||
|
||||
If for instance you want to have 10 nessusd running at the same time,
|
||||
each running 5 plugins in parallel, you should create 50 (10 * 5) bpfs
|
||||
|
|
@ -28,16 +19,9 @@ If you plan to scan a whole network, we recommand you create at least
|
|||
Once your kernel has been rebuilt, get root, cd to /dev
|
||||
and do:
|
||||
|
||||
i=0; while [ $i -lt 100];
|
||||
do
|
||||
./MAKEDEV bpf$i
|
||||
let i=$i+1
|
||||
done
|
||||
|
||||
On FreeBSD, you can directly do :
|
||||
./MAKEDEV bpf+100
|
||||
|
||||
(For FreeBSD 5.x this is not needed since the devfs creates devices when needed)
|
||||
For FreeBSD 5.x this is not needed since the devfs creates devices when needed.
|
||||
|
||||
If you can not recompile your kernel, you can try to run the configure
|
||||
script with the option --enable-bpf-sharing. In this case, nessusd will
|
||||
|
|
|
|||
Loading…
Reference in a new issue