Re: Is it possible to get device information via CMSG?

["Eric S. Raymond" <esr@thyrsus.com>]

Michal Kubecek <mkubecek@suse.cz>:
> > 1. Is there a cmsg_level/cmsg_type combination that will return the
> > name of the device the packet arrived through?
> 
> Not name directly, AFAIK, but you can set SOL_IP / IP_PKTINFO (or
> SOL_IPV6 / IPV6_RECVPKTINFO) socket option and get IP_PKTINFO
> (IPV6_PKTINFO) message with recvmsg(). This will tell you incoming
> interface index so that you can look the name up. See ip(7) or ipv6(7)
> for format of the message (struct ip_pktinfo, struct in6_pktinfo).

Thanks, that confirms something I found on Stack Overflow after I
queried your list.

> However, I suspect that userspace application is not really interested
> in incoming interface name but rather in destination address of the
> incoming packet which is also provided in IP_PKTINFO / IPV6_PKTINFO
> message. 

NTP is weird that way.  My group, NTPsec, inherited the reference
Mills codebase (what we now call "NTP Classic") which really does have
a filter-by-interface-name feature *in addition to* local address
filtering.

We want to simplify the way it works without discarding that feature,
because we've made promises about backward compatibility that we mean
to keep.  We don't throw away features unless either they're security
holes or we are *dead certain* they are obsolete.

In case it's of interest to you, NTPsec is a drop-in replacement for
NTP Classic that solves its chronic security problems by stripping out
unused features and legacy code. We've actually shrunk the codebase
size by a factor of 4x.  We have better monitoring and admin tools, too.
-- 
		<a href="http://www.catb.org/~esr/">Eric S. Raymond</a>

My work is funded by the Internet Civil Engineering Institute: https://icei.org
Please visit their site and donate: the civilization you save might be your own.