Skip to content

Filter Architecture

Jump to bottom Edit New page
palesius edited this page Nov 11, 2013 · 3 revisions

###Overview These define filters that takes place in the code on the BBB, a particular implementation can certainly be talking to a different device which is making the actual decisions over TCP/IP, and it certainly doesn't stop something w/in the device or host implementation adding it's own filtering.

###Filter function Each packet filter will consist of a filter function that accepts a packet, optionally modifies it, then sets one or more flags on it.
transmit: true by default, this controls whether the packet is passed on to the host/device or is dropped after filtering. filter: true by default, this controls whether the packet is subject to subsequent filtering

###Filter endpoint criteria These control which endpoints a filter is attached to during relaying setup.
These all default to match any endpoint if not set, so some criteria could be:

  • any endpoint

  • only interrupt IN endpoints

  • only endpoints on a certain device

  • General

    • min/max: a minimum and maximum value can be set for this value (or they can be equal to require an exact match)
    • mask: a bitmask is used in addition to the value to control which bits are signficant when matching

  • Endpoint attributes

    • Endpoint Address (mask)
    • Attributes (mask): the type of endpoint e.g. interrupt/bulk/etc
    • PacketSize min/max
    • Interval min/max

  • Interface attributes

    • Number
    • Alternate
    • Class
    • SubClass
    • Protocol

  • Configuration attributes

    • Number
    • Attributes (mask)
    • high speed: whether this is a high speed configuration

  • Device attributes

    • Class
    • SubClass
    • Protocol
    • EP0 packetsize min/max
    • Vendor
    • Product
    • Release

###Filter Packet criteria Rules can also be applied as the packets are received. An 8 byte value can be supplied as well as an 8 byte mask. The callback will only be called for a packet if the bits marked as significant by the mask match the 1st 8 bytes of a packet (for a setup packet it will match against the setup packet itself, rather than the data portion). NB: if the packet size is smaller than the significant bits defined in the mask it will not match.

examples (this is probably the biggest interface in terms of potential uses)

  • log traffic (TCP/IP or locally)
  • modify traffic on the fly
  • block certain requests
Add a custom footer
Add a custom sidebar
Clone this wiki locally