man pbf(8)

could anyone recommend some good resource/books that specifically pertain FreeBSD?

ideally I would like one of those 1,000 pagers that melt your brain.. but provide everything you need to get crackin..

thanks!
 
Hey thanks, great book for general freebsd.. but I was I was referring specifically to BPF programming and kernel related material.
 
If you want to know what makes FreeBSD tick then there's nothing like "Design and Implementation of the FreeBSD OS." Second edition, first edition is good too but only covers up to FreeBSD 5, so it's a bit old now.

And you probably also want to get "TCP/IP Illustrated". All three volumes. Not specific to FreeBSD but contains a wealth of information about TCP/IP, you're going to need to know a lot about how it works. And volume two deals with BSD socket programming.

Those will certainly "melt" your brain ;)
 
Hey, wait, just to destroy your brain further, I suggest you also read all the relevant RFCs, starting with rfc793
;) :p

But seriously,I don't know of any BPF-specific book, but if you're not too skilled then the Unix Network Programming volumes series used to be the go-to books, but I don't know how easy they are to obtain in paper form as they're probably 20+ years old (a guess?)

They give you a good basis for programming the network because FreeBSD (and other BSDs) is the closest thing to Unix[tm] these days.
 
Ouch that's a steep price to pay for something that might be too linux-centric. I don't know what Linux kernels do, but don't they implement bpf with lots of extensions and call it ebpf? How close to bpf is ebpf , I guess, is the $90 question.


There was some talk of ebpf making it into FreeBSD: https://www.bsdcan.org/2018/schedule/track/Hacking/963.en.html, but I don't see any results (but I didn't look too hard :))

There's a small section in Unix Network Programming (Volume 1) about bpf but it's less informative that bpf(4).

There's always tcpdump to look at and gather some information on how they use bpf. Otherwise, I think it's a very poorly documented interface in a user-programming sense.
 
Back
Top