You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
package main
import (
"bytes"
"encoding/binary"
"flag"
"fmt"
"io/ioutil"
"log"
"golang.org/x/net/bpf"
)
func main() {
flag.Parse()
args := flag.Args()
if len(args) == 0 {
log.Fatalln("You must specify the filename of a BPF filter")
}
// Read the file.
data, err := ioutil.ReadFile(args[0])
if err != nil {
log.Fatalln("failed to read file", err)
}
// Read the instructions.
raw := make([]bpf.RawInstruction, len(data)/8)
if err = binary.Read(bytes.NewReader(data), binary.LittleEndian, raw); err != nil {
log.Fatalln("failed to read bytes", err)
}
// Disassemble the instructions.
instructions, all := bpf.Disassemble(raw)
if !all {
log.Println("failed to decode all instructions")
}
// Log them.
for i, instruction := range instructions {
fmt.Printf("%d: %+v\n", i, instruction)
}
}
go run dissassembler.go bpf.bin
0: ld [4]
1: jneq #3221225534,5
2: ld [0]
3: jge #1073741824,3
4: jeq #59,1
5: ret #327680
6: ret #2147418112
7: ret #0