1 files changed, 27 insertions, 5 deletions

diff --git a/packaging/macosx/ChmodBPF/ChmodBPF b/packaging/macosx/ChmodBPF/ChmodBPF
index e89b587d67..3c1bc7fb73 100755
--- a/packaging/macosx/ChmodBPF/ChmodBPF
+++ b/packaging/macosx/ChmodBPF/ChmodBPF
@@ -1,18 +1,22 @@
-#! /bin/sh
+#! /bin/bash
 #
 # $Id$
 
 . /etc/rc.common
 
+
 StartService ()
 {
 	#
 	# Unfortunately, Mac OS X's devfs is based on the old FreeBSD
 	# one, not the current one, so there's no way to configure it
-	# to create BPF devices with particular owners or groups.
-	# This startup item will make it owned by the admin group,
-	# with permissions rw-rw----, so that anybody in the admin
-	# group can use programs that capture or send raw packets.
+	# to create BPF devices with particular owners or groups. BPF
+	# devices on Mac OS X are also non-cloning, that is they can
+	# be created on demand at any time. This startup item will
+	# pre-create a number of BPF devices, then make them owned by
+	# the access_bpf group, with permissions rw-rw----, so that
+	# anybody in the access_bpf group can use programs that capture
+	# or send raw packets.
 	#
 	# Change this as appropriate for your site, e.g. to make
 	# it owned by a particular user without changing the permissions,
@@ -21,6 +25,24 @@ StartService ()
 	# only the super-user can send raw packets but anybody in the
 	# admin group can capture packets.
 	#
+
+	# Pre-create BPF devices. Set to 0 to disable.
+	FORCE_CREATE_BPF_MAX=256
+
+	SYSCTL_MAX=$( sysctl -n debug.bpf_maxdevices )
+	if [ "$FORCE_CREATE_BPF_MAX" -gt "$SYSCTL_MAX" ] ; then
+		FORCE_CREATE_BPF_MAX=$SYSCTL_MAX
+	fi
+	
+        syslog -s -l notice "ChmodBPF: Forcing creation and setting permissions for /dev/bpf*"
+
+	CUR_DEV=0
+	while [ "$CUR_DEV" -lt "$FORCE_CREATE_BPF_MAX" ] ; do
+		# Try to do the minimum necessary to trigger the next device.
+		read -n 0 < /dev/bpf$CUR_DEV > /dev/null 2>&1
+		CUR_DEV=$(( $CUR_DEV + 1 ))
+	done
+	
 	chgrp access_bpf /dev/bpf*
 	chmod g+rw /dev/bpf*
 }