From: Michael Richardson <mcr@sandelman.ca>
To: netdev@vger.kernel.org, tcpdump-workers@lists.tcpdump.org
Cc: Ani Sinha <ani@aristanetworks.com>,
Francesco Ruggeri <fruggeri@aristanetworks.com>
Subject: Re: [tcpdump-workers] vlan tagged packets and libpcap breakage
Date: Wed, 31 Oct 2012 18:42:08 -0400 [thread overview]
Message-ID: <21992.1351723328@obiwan.sandelman.ca> (raw)
In-Reply-To: <CAOxq_8PsXb-oUy85Eji7GSAbUZD_Bds8skmGNP4BWSewQWx8PA@mail.gmail.com>
[-- Attachment #1: Type: text/plain, Size: 2302 bytes --]
>>>>> "Ani" == Ani Sinha <ani@aristanetworks.com> writes:
Ani> cc'ing netdev.
>> Do you think that the existance of this behaviour could be exposed in
>> sysctl, /proc/net or /sys equivalent (we still don't have /sys/net...)?
>> As a read only file that had a 0/1 in it?
Ani> yes, we definitely need a run time check. Whether this could be in the
Ani> form of a socket option or a /proc entry I don't know.
unsigned int netdev_8021q_inskb = 1;
...
{
.ctl_name = NET_CORE_8021q_INSKB,
.procname = "netdev_8021q_inskb",
.data = &netdev_8021q_inskb,
.maxlen = sizeof(int),
.mode = 0444,
.proc_handler = proc_dointvec
},
would seem to do it to me.
Then pcap can fopen("/proc/sys/net/core/netdev_8021q_inskb") and if it
finds it, and it is >0, then do the cmsg thing.
>> It sounds like it's impossible to capture all traffic now, and do vlan
>> filtering later on?
Ani> pcap files that already have the tags reinsrted should work with
Ani> current filter code. However for live traffic, one has to get the tags
Ani> from CMSG() and then reinsert it back to the packet for the current
Ani> filter to work. This is slow.
I think that this better vlan handling will be much faster, and make
things much more consistent between systems with and without hardware
offload, so it's great news.
However, a number of people use Linux machines to do traffic captures of various
kinds using interfaces dedicated to that purpose.
It would be nice if there was a way to get the packet "whole", such as
by having a second PACKET_CAPTURE point, which was before the adjustment
of the vlan. (obviously, if you had hardware, you'd want to turn that
off)
Many would like this capture point to actually eat all packets for the
interfaces it was defined for, as people doing captures never want those
packets going up the stack.
--
] He who is tired of Weird Al is tired of life! | firewalls [
] Michael Richardson, Sandelman Software Works, Ottawa, ON |net architect[
] mcr@sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[
Kyoto Plus: watch the video <http://www.youtube.com/watch?v=kzx1ycLXQSE>
then sign the petition.
[-- Attachment #2: Type: application/pgp-signature, Size: 307 bytes --]
next prev parent reply other threads:[~2012-10-31 22:50 UTC|newest]
Thread overview: 41+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <CAOxq_8Nd8VP3MaNBfUt9v82nmGDpxZz5_5QMdsruET1tjwuQPw@mail.gmail.com>
[not found] ` <3246.1351717319@obiwan.sandelman.ca>
2012-10-31 21:50 ` [tcpdump-workers] vlan tagged packets and libpcap breakage Ani Sinha
2012-10-31 22:20 ` Guy Harris
2012-10-31 22:35 ` Ani Sinha
2012-11-01 0:50 ` [tcpdump-workers] " Guy Harris
2012-11-01 1:22 ` Ani Sinha
2012-12-06 21:20 ` Ani Sinha
2012-11-02 16:13 ` Bill Fenner
2012-11-13 22:41 ` Ani Sinha
2012-11-13 22:42 ` [tcpdump-workers] " Ani Sinha
2012-11-14 18:58 ` Michael Richardson
2012-10-31 22:42 ` Michael Richardson [this message]
2012-12-12 21:53 ` [tcpdump-workers] " Ani Sinha
2012-12-12 22:16 ` Ani Sinha
2012-12-13 8:35 ` [tcpdump-workers] " Daniel Borkmann
2012-12-13 17:34 ` Ani Sinha
2012-12-13 21:49 ` Daniel Borkmann
2012-12-13 22:07 ` Ani Sinha
2012-12-17 9:50 ` David Laight
2012-12-17 10:35 ` Guy Harris
2012-12-17 11:08 ` Daniel Borkmann
2012-12-17 19:49 ` [tcpdump-workers] " Ani Sinha
2012-11-16 6:51 ` Eric W. Biederman
2012-11-17 22:14 ` Michael Richardson
2012-11-17 23:16 ` Daniel Borkmann
2012-11-17 23:37 ` Eric W. Biederman
2012-11-17 23:33 ` Eric W. Biederman
2012-12-06 21:22 ` Ani Sinha
2012-12-06 22:19 ` Eric W. Biederman
2012-12-06 22:40 ` Ani Sinha
2012-12-07 0:55 ` Ani Sinha
2012-12-07 1:03 ` [tcpdump-workers] " Eric W. Biederman
2012-12-07 1:28 ` Ani Sinha
2012-12-07 1:31 ` Ani Sinha
2012-12-07 1:41 ` Eric W. Biederman
2012-12-07 1:59 ` Michael Richardson
2012-12-11 0:11 ` [tcpdump-workers] " Ani Sinha
2012-12-11 22:36 ` Ani Sinha
2012-12-11 23:04 ` Eric Dumazet
2012-12-12 0:46 ` Ani Sinha
2012-12-12 0:50 ` [tcpdump-workers] " Ani Sinha
2012-12-11 23:12 ` Stephen Hemminger
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=21992.1351723328@obiwan.sandelman.ca \
--to=mcr@sandelman.ca \
--cc=ani@aristanetworks.com \
--cc=fruggeri@aristanetworks.com \
--cc=netdev@vger.kernel.org \
--cc=tcpdump-workers@lists.tcpdump.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).