From: Brent Cook <bcook@bpointsys.com>
To: Gil Beniamini <gil.beniamini@gmail.com>
Cc: Patrick McHardy <kaber@trash.net>,
David Miller <davem@davemloft.net>,
linux-kernel@vger.kernel.org, netdev@vger.kernel.org
Subject: Re: SOCK_RAW does not receive broadcast (with VLAN unless PROMISC)
Date: Tue, 9 Jun 2009 14:30:31 -0500 [thread overview]
Message-ID: <200906091430.32294.bcook@bpointsys.com> (raw)
In-Reply-To: <91ac27070906090608me50af3bv23b150d8d0cd0080@mail.gmail.com>
On Tuesday 09 June 2009 08:08:01 am Gil Beniamini wrote:
> Patrick,
> On the specific NIC (eth1) no vlan is defined, and in the new Linux
> the application receive NOTHING at all. In order to debug, I start
> "wireshark as root" and "wireshark" set PROMISC on, and the
> application start receive the raw packets as expected. Later I started
> setting PROMISC by my application, and it can receive the packets even
> when "wireshark" is not running.
> The problem that I have with PROMISC mode, is that I need to do the
> irelevant unicast filtering in software rather than get it from the
> hardware (as it works in old kernel 2.6.20).
> Thanks a lot, Gil
One solution is to attach a BPF filter to the socket. Then you will only
receive packets for whatever you are filtering. This is still in software, but
it is higher up in the abstraction, and undoubtedly more efficient than doing
it at the app level.
Simply compile the BPF program you wish to filter, e.g:
# tcpdump -dd vlan 4
{ 0x28, 0, 0, 0x0000000c },
{ 0x15, 0, 4, 0x00008100 },
{ 0x28, 0, 0, 0x0000000e },
{ 0x54, 0, 0, 0x00000fff },
{ 0x15, 0, 1, 0x00000004 },
{ 0x6, 0, 0, 0x00000060 },
{ 0x6, 0, 0, 0x00000000 },
Then attach it to your socket:
struct sock_filter filter[] = {
{ 0x28, 0, 0, 0x0000000c },
{ 0x15, 0, 4, 0x00008100 },
{ 0x28, 0, 0, 0x0000000e },
{ 0x54, 0, 0, 0x00000fff },
{ 0x15, 0, 1, 0x00000004 },
{ 0x6, 0, 0, 0x00000060 },
{ 0x6, 0, 0, 0x00000000 },
};
struct sock_fprog inbound_filter = {
.len = 7, .filter = filter
};
if (setsockopt(fd, SOL_SOCKET, SO_ATTACH_FILTER,
&inbound_filter, sizeof(inbound_filter)) < 0) {
return -1;
}
Also, note, you can easily set promiscuous mode directly with socket opts too.
If you're more curious, just look at libpcap source.
- Brent
next prev parent reply other threads:[~2009-06-09 19:45 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <91ac27070906081105x30171bedra10d244d382a6934@mail.gmail.com>
2009-06-08 21:34 ` SOCK_RAW does not receive broadcast (with VLAN unless PROMISC) David Miller
2009-06-09 10:59 ` Patrick McHardy
2009-06-09 11:27 ` Gil Beniamini
2009-06-09 11:40 ` Patrick McHardy
2009-06-09 13:08 ` Gil Beniamini
2009-06-09 13:14 ` Patrick McHardy
2009-06-09 19:30 ` Brent Cook [this message]
2009-06-10 14:24 ` Gil Beniamini
2009-06-10 14:32 ` Patrick McHardy
2009-06-10 14:48 ` Gil Beniamini
2009-06-10 15:00 ` Patrick McHardy
[not found] ` <20090610170108.7710c64b@tux.DEF.witbe.net>
2009-06-10 15:29 ` Gil Beniamini
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200906091430.32294.bcook@bpointsys.com \
--to=bcook@bpointsys.com \
--cc=davem@davemloft.net \
--cc=gil.beniamini@gmail.com \
--cc=kaber@trash.net \
--cc=linux-kernel@vger.kernel.org \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).