- Contact: tech-userlevel
- Mentors: Christos Zoulas, Mindaugas Rasiukevicius
- Duration estimate: 3 months
NPF is a packet filter for the NetBSD system. For the packet classification engine it uses rules which are compiled into a byte-code. Recently, support for the BPF code has been added (see bpf(4) and pcap(3) manual pages). NPF has syntax parser which generates intermediate structures. Combined with pcap(3) library, generating BPF byte-code is almost trivial. However, there is no code to perform the inverse process i.e. generate npf.conf(5) syntax from the BPF byte-code.
The goal of this project is to write an unparser which would generate NPF configuration in npf.conf(5) syntax from the BPF byte-code and which would use the techniques researched in academia. It is important to note that the key deliverable of this project is a good design, which would be structured and easy to maintain. Therefore, academic experience with parsers and unparsers is a prerequisite.
High level deliverables are the following:
- Academic reasoning on the design and the structure of the unparser, taking into account the flexibility of the configuration syntax.
- Implementation of the BPF byte-code unparser into npf.conf(5).
- Integration into the npfctl(8) utility.