Subject: Re: BIOCLOCK ioctl for bpf or pcap?
To: Jeremy C.Reed <>
From: Jason Thorpe <>
List: current-users
Date: 04/09/2007 17:11:53
On Apr 9, 2007, at 3:49 PM, Jeremy C. Reed wrote:

> Do we have any implementation of BIOCLOCK ioctl for bpf or pcap?

I don't think so, but I'm sure they would be trivial to add.

> I am trying to port an OpenBSD program. (Older version works fine in
> pkgsrc but has been updated for over a year and now uses BIOCLOCK.)
> FreeBSD added it to bpf.h in 2005 (from commit message):
>  Introduce two new ioctl(2) commands, BIOCLOCK and BIOCSETWF. These
>  commands enhance the security of bpf(4) by further relinquishing the
>  privilege of the bpf(4) consumer (assuming the ioctl commands are  
> being
>  implemented).
>  Once BIOCLOCK is executed, the device becomes locked which  
> prevents the
>  execution of ioctl(2) commands which can change the underly  
> parameters of
>  the bpf(4) device. An example might be the setting of bpf(4) filter
>  programs or attaching to different network interfaces.
> I know nothing about it. Does this exist in NetBSD and I overlooked  
> it? Or
> is anyone working on it? Or what is the best way to workaround this?
> The code I am looking at has:
>         pcap_freecode(&bpfp);
>         if (ioctl(pcap_fileno(hpcap), BIOCLOCK) < 0) {
>                 logmsg(LOG_ERR, "BIOCLOCK: %s", strerror(errno));
>                 return (-1);
>         }
>   Jeremy C. Reed

-- thorpej