* Netlink error datagrams
@ 2007-04-10 4:08 Ross Vandegrift
2007-04-10 7:57 ` Patrick McHardy
0 siblings, 1 reply; 5+ messages in thread
From: Ross Vandegrift @ 2007-04-10 4:08 UTC (permalink / raw)
To: netfilter-devel
Hello everyone,
I have a libipq application that I'm using with netfilter. I have the
following fragment of code, mostly from the FAQ:
status = ipq_read(h, buf, BUFSIZE, 0);
if (status < 0)
rr_err ("%s", ipq_errstr ());
switch (ipq_message_type(buf))
{
case IPQM_PACKET:
/* Do stuff with the packet */
break;
case NLMSG_ERROR:
ipq_perror ("rrfilter");
In my production boxes, I'm hitting the NLMSG_ERROR case pretty
frequently - as often as every minute. It doesn't seem to adversely
affect packet processing, but I'm not sure because I can only
reproduce it with real traffic.
I've attached via gdb and the netlink messages I'm getting are just a
header and the four bytes of padding. ipq_perror reports "Unknown
failure".
Any hints as to what's causing me to receive these netlink messages?
How can I figure out what's gone wrong and if it's worth worrying
about?
Thanks in advance!
--
Ross Vandegrift
ross@kallisti.us
"The good Christian should beware of mathematicians, and all those who
make empty prophecies. The danger already exists that the mathematicians
have made a covenant with the devil to darken the spirit and to confine
man in the bonds of Hell."
--St. Augustine, De Genesi ad Litteram, Book II, xviii, 37
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Netlink error datagrams
2007-04-10 4:08 Netlink error datagrams Ross Vandegrift
@ 2007-04-10 7:57 ` Patrick McHardy
2007-04-10 16:25 ` Ross Vandegrift
0 siblings, 1 reply; 5+ messages in thread
From: Patrick McHardy @ 2007-04-10 7:57 UTC (permalink / raw)
To: Ross Vandegrift; +Cc: netfilter-devel
Ross Vandegrift wrote:
> Hello everyone,
>
> I have a libipq application that I'm using with netfilter. I have the
> following fragment of code, mostly from the FAQ:
>
> status = ipq_read(h, buf, BUFSIZE, 0);
> if (status < 0)
> rr_err ("%s", ipq_errstr ());
>
> switch (ipq_message_type(buf))
> {
> case IPQM_PACKET:
> /* Do stuff with the packet */
> break;
>
> case NLMSG_ERROR:
> ipq_perror ("rrfilter");
>
>
> In my production boxes, I'm hitting the NLMSG_ERROR case pretty
> frequently - as often as every minute. It doesn't seem to adversely
> affect packet processing, but I'm not sure because I can only
> reproduce it with real traffic.
>
> I've attached via gdb and the netlink messages I'm getting are just a
> header and the four bytes of padding. ipq_perror reports "Unknown
> failure".
What error code does the header contain?
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Netlink error datagrams
2007-04-10 7:57 ` Patrick McHardy
@ 2007-04-10 16:25 ` Ross Vandegrift
2007-04-10 16:50 ` Patrick McHardy
0 siblings, 1 reply; 5+ messages in thread
From: Ross Vandegrift @ 2007-04-10 16:25 UTC (permalink / raw)
To: Patrick McHardy; +Cc: netfilter-devel, Ross Vandegrift
On Tue, Apr 10, 2007 at 09:57:04AM +0200, Patrick McHardy wrote:
> Ross Vandegrift wrote:
> > I have a libipq application that I'm using with netfilter. I have the
> > following fragment of code, mostly from the FAQ:
> >
> > status = ipq_read(h, buf, BUFSIZE, 0);
> > if (status < 0)
> > rr_err ("%s", ipq_errstr ());
> >
> > switch (ipq_message_type(buf))
> > {
> > case IPQM_PACKET:
> > /* Do stuff with the packet */
> > break;
> >
> > case NLMSG_ERROR:
> > ipq_perror ("rrfilter");
> > [snip, hitting error case]
>
>
> What error code does the header contain?
Reading through libipq source, ipq_read seems to hand me a (struct nlmsghdr *),
so I've been treating it like so. I'm kind of a newbie at netlink as
well as netfilter, and I don't really see an error code field in
struct nlmsgdr. I'm guessing it's in the ancillary data field, but
I'm not sure how to interpret the data:
(gdb) hexdump buf
BFFE0E80 : 24 00 00 00 02 00 00 00 - 00 00 00 00 4A 37 00 00 $...........J7..
BFFE0E90 : FE FF FF FF 1C 00 00 00 - 12 00 01 00 00 00 00 00 ................
BFFE0EA0 : 4A 37 00 00 65 74 68 30 - 00 00 00 00 00 00 00 00 J7..eth0........
I've been going off of http://people.redhat.com/nhorman/papers/netlink.pdf,
which seems to match up with my <linux/netlink.h>. Sorry for the
newbieish questions - if there's a different doc, feel free to point me
there.
Thanks again,
Ross
--
Ross Vandegrift
ross@kallisti.us
"The good Christian should beware of mathematicians, and all those who
make empty prophecies. The danger already exists that the mathematicians
have made a covenant with the devil to darken the spirit and to confine
man in the bonds of Hell."
--St. Augustine, De Genesi ad Litteram, Book II, xviii, 37
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Netlink error datagrams
2007-04-10 16:25 ` Ross Vandegrift
@ 2007-04-10 16:50 ` Patrick McHardy
2007-04-10 18:19 ` Ross Vandegrift
0 siblings, 1 reply; 5+ messages in thread
From: Patrick McHardy @ 2007-04-10 16:50 UTC (permalink / raw)
To: Ross Vandegrift; +Cc: netfilter-devel, Ross Vandegrift
Ross Vandegrift wrote:
> On Tue, Apr 10, 2007 at 09:57:04AM +0200, Patrick McHardy wrote:
>
>>What error code does the header contain?
>
>
> Reading through libipq source, ipq_read seems to hand me a (struct nlmsghdr *),
> so I've been treating it like so. I'm kind of a newbie at netlink as
> well as netfilter, and I don't really see an error code field in
> struct nlmsgdr. I'm guessing it's in the ancillary data field, but
> I'm not sure how to interpret the data:
An error contains a struct nlmsghdr followed by a struct nlmsgerr
followed by the message that caused the error.
> (gdb) hexdump buf
> BFFE0E80 : 24 00 00 00 02 00 00 00 - 00 00 00 00 4A 37 00 00 $...........J7..
^^ nlmsghdr
> BFFE0E90 : FE FF FF FF 1C 00 00 00 - 12 00 01 00 00 00 00 00 ................
nlmsgerr: ^^ error ^^ original msg
> BFFE0EA0 : 4A 37 00 00 65 74 68 30 - 00 00 00 00 00 00 00 00 J7..eth0........
So the error is 0xFEFFFFFF, which (assuming your machine is big-endian)
is -2 or -ENOENT. The only case where this can happen is if you send
a verdict for a non-existant queue entry.
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Netlink error datagrams
2007-04-10 16:50 ` Patrick McHardy
@ 2007-04-10 18:19 ` Ross Vandegrift
0 siblings, 0 replies; 5+ messages in thread
From: Ross Vandegrift @ 2007-04-10 18:19 UTC (permalink / raw)
To: Patrick McHardy; +Cc: netfilter-devel, Ross Vandegrift
On Tue, Apr 10, 2007 at 06:50:02PM +0200, Patrick McHardy wrote:
> Ross Vandegrift wrote:
> An error contains a struct nlmsghdr followed by a struct nlmsgerr
> followed by the message that caused the error.
>
> > (gdb) hexdump buf
> > BFFE0E80 : 24 00 00 00 02 00 00 00 - 00 00 00 00 4A 37 00 00 $...........J7..
>
> ^^ nlmsghdr
>
> > BFFE0E90 : FE FF FF FF 1C 00 00 00 - 12 00 01 00 00 00 00 00 ................
>
> nlmsgerr: ^^ error ^^ original msg
>
> > BFFE0EA0 : 4A 37 00 00 65 74 68 30 - 00 00 00 00 00 00 00 00 J7..eth0........
Aha! Now I get it - thanks a ton!
>
>
> So the error is 0xFEFFFFFF, which (assuming your machine is big-endian)
> is -2 or -ENOENT. The only case where this can happen is if you send
> a verdict for a non-existant queue entry.
>
--
Ross Vandegrift
ross@kallisti.us
"The good Christian should beware of mathematicians, and all those who
make empty prophecies. The danger already exists that the mathematicians
have made a covenant with the devil to darken the spirit and to confine
man in the bonds of Hell."
--St. Augustine, De Genesi ad Litteram, Book II, xviii, 37
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2007-04-10 18:19 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2007-04-10 4:08 Netlink error datagrams Ross Vandegrift
2007-04-10 7:57 ` Patrick McHardy
2007-04-10 16:25 ` Ross Vandegrift
2007-04-10 16:50 ` Patrick McHardy
2007-04-10 18:19 ` Ross Vandegrift
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.