Packet Filtering

In principle, the pseudo-devices involved with packet filtering are as follows:

The pf pseudo-device is implemented using pfil hooks; bpf is implemented as a tap in all the network drivers. We'll discuss them briefly from the point of view of their attachment to the rest of the stack.

Note: If you're using QNX Neutrino 6.4.1 or earlier, you should use ioctl_socket() instead of ioctl() in your packet-filtering code. With the microkernel message-passing architecture, ioctl() calls that have pointers embedded in them need to be handled specially. The ioctl_socket() function uses ioctl() for functionality that doesn't require special handling.

In QNX Neutrino 6.5.0 and later, ioctl() handles embedded pointers, so you don't have to use ioctl_socket() instead.