最近需要在内核态使用正则表达式,所以记录下找到的一些资料。
首先下面是别人移植好的源码:
,很不错,有posixAPI,以后有时间在研究pcre2API。
下面是别人的讨论帖,说的不错,可以参考:
下面是摘录:
Question:
I would like to use regexes in a linux kernel module. I have the regexes ready, and I tested them in user space with regex.h.
I know that regex.h is a user space library, but is there a kernel alternative?
Thanks!
Edit: I am trying to find C code in SMTP connections for a university project.
Answer:
The kernel already has a regexp engine; the functions are declared in kernel/trace/trace.h. It is part of the linux trace framework, and could relatively easily be adapted. You can see where it is currently used (identifier search).
Note also someone has got there before you. The l7-filter kernel component classifies L7 traffic based on (inter-alia) regex matching the packets. Their regex implementation has a man page.
You could also pass the packets to userspace via a socket using libipq, classify them, and pass them back. This is an easier approach, but slower, and apparently isn't what you want (but might be useful to another reader).
阅读(1658) | 评论(0) | 转发(0) |
