Re: [libnetfilter_log] fix bug in race condition of calling nflog_open from different threads at same time

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Pablo Neira Ayuso <pablo@netfilter.org>
To: Evgen Bendyak <jman.box@gmail.com>
Cc: netfilter-devel@vger.kernel.org
Subject: Re: [libnetfilter_log] fix bug in race condition of calling nflog_open from different threads at same time
Date: Tue, 30 Apr 2024 17:29:13 +0200	[thread overview]
Message-ID: <ZjEOSVW9HG2xxBxx@calendula> (raw)
In-Reply-To: <CAM9G1EBgYqxBmVy_gsKDYkBD1X+rknKMABdjeF3u78vGb7Nt8g@mail.gmail.com>

Hi,

On Tue, Apr 30, 2024 at 06:25:47PM +0300, Evgen Bendyak wrote:
> In my firewall based on nftables, I use several different log
> subsystem groups for packet capturing. This setup is used for a server
> providing access to a large number of internet clients, with each
> client in a separate VLAN. To expand the number of virtual networks,
> QinQ technology is utilized. One group captures ARP packets (in
> certain situations for new clients) coming from the network, for
> further analysis. Another group captures DHCP packets sent by clients.
> Also present groups for other various subsystems. These are not
> heavily loaded groups in terms of packet volume. In the application
> where this is processed, each group is handled by its own subsystem.
> Each subsystem creates its own thread, where the relevant group for
> that service is opened. Sometimes, after a restart, one group or
> another would fail to function. It appeared as if data was coming
> through the netlink socket, but when nflog_handle_packet was called,
> the callback would not trigger. That's when I began investigating what
> was wrong.

Oh I see, this is log not queue. For some reason I considered this was
the queue subsystem instead.

Thanks for explaining.

     prev parent reply	other threads:[~2024-04-30 15:29 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-04-30 10:18 [libnetfilter_log] fix bug in race condition of calling nflog_open from different threads at same time Evgen Bendyak
2024-04-30 10:54 ` Phil Sutter
2024-04-30 13:58   ` Evgen Bendyak
2024-04-30 16:16     ` Phil Sutter
2024-04-30 14:46 ` Pablo Neira Ayuso
2024-04-30 15:25   ` Evgen Bendyak
2024-04-30 15:29     ` Pablo Neira Ayuso [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=ZjEOSVW9HG2xxBxx@calendula \
    --to=pablo@netfilter.org \
    --cc=jman.box@gmail.com \
    --cc=netfilter-devel@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.