From: Vikas <vikas.c.kumar@oracle.com>
To: Pablo Neira Ayuso <pablo@netfilter.org>
Cc: coreteam@netfilter.org, eric@netfilter.org,
netfilter-devel@vger.kernel.org
Subject: Re: Fetching interface name
Date: Fri, 25 Sep 2015 16:37:14 +0530 [thread overview]
Message-ID: <56052AE2.3040205@oracle.com> (raw)
In-Reply-To: <20150925102252.GA3768@salvia>
This will indeed help us. Thanx for the pointer.
Regards
Vikas
On 25/09/15 3:52 pm, Pablo Neira Ayuso wrote:
> Cc'ing netfilter-devel for development questions.
>
> On Fri, Sep 25, 2015 at 10:40:54AM +0530, Vikas wrote:
>> Hi,
>>
>> In the netlink infra I could see these attributes:
>>
>> enum nfqnl_attr_type {
>> 0034 NFQA_UNSPEC,0035 NFQA_PACKET_HDR,
>> 0036 NFQA_VERDICT_HDR, /* nfqnl_msg_verdict_hrd */
>> 0037 NFQA_MARK, /* __u32 nfmark */
>> 0038 NFQA_TIMESTAMP, /* nfqnl_msg_packet_timestamp */
>> 0039*NFQA_IFINDEX_INDEV*, /* __u32 ifindex */
>> 0040*NFQA_IFINDEX_OUTDEV*, /* __u32 ifindex */
>> 0041 NFQA_IFINDEX_PHYSINDEV, /* __u32 ifindex */
>> 0042 NFQA_IFINDEX_PHYSOUTDEV, /* __u32 ifindex */
>> 0043 NFQA_HWADDR, /* nfqnl_msg_packet_hw */
>> 0044 NFQA_PAYLOAD, /* opaque data payload */
>> 0045 NFQA_CT, /* nf_conntrack_netlink.h */
>> 0046 NFQA_CT_INFO, /* enum ip_conntrack_info */
>> 0047 NFQA_CAP_LEN, /* __u32 length of captured packet */
>> 0048 NFQA_SKB_INFO, /* __u32 skb meta information */
>> 0049 NFQA_EXP, /* nf_conntrack_netlink.h */
>> 0050
>> 0051 __NFQA_MAX
>> 0052 };
>>
>> Currently we are doing this to get the input/putput interface index:
>> input_interface_index = mnl_attr_get_u32(tb[NFQA_IFINDEX_INDEV]); // where tb being a nlattr structure: struct nlattr *tb[NFQA_MAX]
>> output_interface_index = mnl_attr_get_u32(tb[NFQA_IFINDEX_OUTDEV]);
>>
>> Is there a way(or any attribute like NFQA_IFINDEX_INDEV/OUTDEV) by
>> which we can get the input/output interface*name*? I don't want to
>> use kernel call: if_indextoname() to map index to name, because it
>> may be time consuming.
> It should be easy to build a cache of ifindex in userspace and
> maintain it up to date. So you don't need to use if_indextoname()
> since it generates quite a lot of netlink traffic between kernel and
> userspace.
>
> You can probably contribute some example to libmnl that we can apply
> to the tree. You can use this change I made quite recently as
> reference for that code:
>
> http://git.netfilter.org/nftables/commit/?id=3ed296118a065caff5600e60d4f7ef18e137f9a0
next prev parent reply other threads:[~2015-09-25 11:00 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <5604D75E.8000809@oracle.com>
2015-09-25 10:22 ` Fetching interface name Pablo Neira Ayuso
2015-09-25 11:07 ` Vikas [this message]
[not found] ` <5605412B.4000505@oracle.com>
2015-09-25 13:53 ` Pablo Neira Ayuso
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=56052AE2.3040205@oracle.com \
--to=vikas.c.kumar@oracle.com \
--cc=coreteam@netfilter.org \
--cc=eric@netfilter.org \
--cc=netfilter-devel@vger.kernel.org \
--cc=pablo@netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.