Re: tcp/ip stack in user space (possible FAQ addition?)

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Eric Weigle <ehw@lanl.gov>
To: "X.Xiao" <joyhaa@yahoo.com>
Cc: linux-kernel@vger.kernel.org, rgooch@atnf.csiro.au
Subject: Re: tcp/ip stack in user space (possible FAQ addition?)
Date: Tue, 16 Apr 2002 14:00:45 -0600	[thread overview]
Message-ID: <20020416200045.GO3651@lanl.gov> (raw)
In-Reply-To: <20020416185419.52395.qmail@web13208.mail.yahoo.com>

> i want to move tcp/ip stack(including routing and
> netfilter) to userspace, my goal is to trace all the
> instructions involved in a firewall and router since i
> don't know how to trace these instructions inside the
> kernel. i want to get something like:
> 
> incoming ip packets(a file)-->fake ISR-->tcp/ip
> stack-->outgoing ip packets( to /dev/null).
> 
> my question is: is it possible and relatively easy to
> move tcp/ip stack to user space?
This comes up fairly frequently, it might be a good addition to the FAQ.
Here's my attempt at an answer culled from prior messages.

Several people have user-mode network stacks at various levels of
development, but it is *highly* unlikely for them ever to get into
the kernel proper (see the monolithic versus microkernel debate at
http://www.kernel.org/pub/linux/docs/lkml/#s15-4).

Here are some URLs to which you can refer for more information:
	http://www.cl.cam.ac.uk/Research/SRG/netos/arsenic/
	http://www.cs.nwu.edu/~pdinda/minet/minet.html
	http://www.joerch.org/tcpip/
	http://freshmeat.net/projects/libutcp/

However, for security purposes, you probably do not want a user-mode stack.
You want an extensible packet handling mechanism, and can be found with:
	iptables/ipchains -- the native Linux firewalling tools,
		http://netfilter.samba.org/
	tc -- the Traffic control program,
		http://www.sparre.dk/pub/linux/tc/
	libpcap -- packet capture library,
		http://www.tcpdump.org

Thanks,
-Eric

-- 
--------------------------------------------
 Eric H. Weigle   CCS-1, RADIANT team
 ehw@lanl.gov     Los Alamos National Lab
 (505) 665-4937   http://home.lanl.gov/ehw/
--------------------------------------------

next prev parent reply	other threads:[~2002-04-16 20:00 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2002-04-16 18:54 tcp/ip stack in user space X.Xiao
2002-04-16 20:00 ` Eric Weigle [this message]
2002-04-17  7:51 ` Frank Schaefer

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20020416200045.GO3651@lanl.gov \
    --to=ehw@lanl.gov \
    --cc=joyhaa@yahoo.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=rgooch@atnf.csiro.au \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.