etterfilter - ETTERFILTER(8 ETTERFILTER(8 NAME etterfilter...

Info iconThis preview shows pages 1–3. Sign up to view the full content.

View Full Document Right Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: ETTERFILTER(8) ETTERFILTER(8) NAME etterfilter NG-0.7.3 - Filter compiler for ettercap content filtering engine SYNOPSIS etterfilter [ OPTIONS ] FILE DESCRIPTION The etterfilter utility is used to compile source filter files into binary filter files that can be interpreted by the JIT interpreter in the ettercap(8) filter engine. You have to compile your filter scripts in order to use them in ettercap. All syntax/parse errors will be checked at compile time, so you will be sure to produce a correct binary filter for ettercap. GENERAL OPTIONS-o ,--output <FILE> you can specify the output file for a source filter file. By default the output is filter.ef.-t ,--test <FILE> you can analyze a compiled filter file with this option. etterfilter will print in a human readable form all the instructions contained in it. It is a sort of "disassembler" for binary filter files.-d ,--debug prints some debug messages during the compilation. Use it more than once to increase the debug level ( etterfilter -ddd ... ).-w ,--suppress-warnings Don’t exit on warnings. With this option the compiler will compile the script even if it contains warnings. STANDARD OPTIONS-v ,--version Print the version and exit.-h ,--help prints the help screen with a short summary of the available options. SCRIPTS SYNTAX A script is a compound of instructions. It is executed sequentially and you can make branches with the ’if’ statements. ’if’ and ’if/else’ statements are the only supported. No loops are implemented. The syntax is almost like C code except that you have to put ’if’ blocks into graph parentheses ’{’ ’}’, even if they contain only one instruction. NOTE: you have to put a space between the ’if’ and the ’(’. You must not put the space between the function name and the ’(’. Example: if (conditions) { } func(args...); ettercap NG-0.7.3 1 ETTERFILTER(8) ETTERFILTER(8) The conditions for an ’if’ statement can be either functions or comparisons. Tw o or more condi- tions can be linked together with logical operators like OR ’||’ and AND ’&&’. Example: if (tcp.src == 21 && search(DAT, "ettercap")) { } Pay attention to the operator precedence. You cannot use parentheses to group conditions, so be careful with the order. An AND at the beginning of a conditions block will exclude all the other tests if it is evaluated as false. The parsing is left-to-right, when an operator is found: if it is an AND and the previous condition is false, all the statement is evaluated as false; if it is an OR the...
View Full Document

This note was uploaded on 07/15/2009 for the course NA MAT taught by Professor 100 during the Spring '09 term at University of Illinois at Urbana–Champaign.

Page1 / 5

etterfilter - ETTERFILTER(8 ETTERFILTER(8 NAME etterfilter...

This preview shows document pages 1 - 3. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online