From: Pablo Neira Ayuso <pablo@netfilter.org>
To: Vikas <vikas.c.kumar@oracle.com>
Cc: coreteam@netfilter.org, eric@netfilter.org,
netfilter-devel@vger.kernel.org
Subject: Re: Fetching interface name
Date: Fri, 25 Sep 2015 12:22:52 +0200 [thread overview]
Message-ID: <20150925102252.GA3768@salvia> (raw)
In-Reply-To: <5604D75E.8000809@oracle.com>
Cc'ing netfilter-devel for development questions.
On Fri, Sep 25, 2015 at 10:40:54AM +0530, Vikas wrote:
> Hi,
>
> In the netlink infra I could see these attributes:
>
> enum nfqnl_attr_type {
> 0034 NFQA_UNSPEC,0035 NFQA_PACKET_HDR,
> 0036 NFQA_VERDICT_HDR, /* nfqnl_msg_verdict_hrd */
> 0037 NFQA_MARK, /* __u32 nfmark */
> 0038 NFQA_TIMESTAMP, /* nfqnl_msg_packet_timestamp */
> 0039*NFQA_IFINDEX_INDEV*, /* __u32 ifindex */
> 0040*NFQA_IFINDEX_OUTDEV*, /* __u32 ifindex */
> 0041 NFQA_IFINDEX_PHYSINDEV, /* __u32 ifindex */
> 0042 NFQA_IFINDEX_PHYSOUTDEV, /* __u32 ifindex */
> 0043 NFQA_HWADDR, /* nfqnl_msg_packet_hw */
> 0044 NFQA_PAYLOAD, /* opaque data payload */
> 0045 NFQA_CT, /* nf_conntrack_netlink.h */
> 0046 NFQA_CT_INFO, /* enum ip_conntrack_info */
> 0047 NFQA_CAP_LEN, /* __u32 length of captured packet */
> 0048 NFQA_SKB_INFO, /* __u32 skb meta information */
> 0049 NFQA_EXP, /* nf_conntrack_netlink.h */
> 0050
> 0051 __NFQA_MAX
> 0052 };
>
> Currently we are doing this to get the input/putput interface index:
> input_interface_index = mnl_attr_get_u32(tb[NFQA_IFINDEX_INDEV]); // where tb being a nlattr structure: struct nlattr *tb[NFQA_MAX]
> output_interface_index = mnl_attr_get_u32(tb[NFQA_IFINDEX_OUTDEV]);
>
> Is there a way(or any attribute like NFQA_IFINDEX_INDEV/OUTDEV) by
> which we can get the input/output interface*name*? I don't want to
> use kernel call: if_indextoname() to map index to name, because it
> may be time consuming.
It should be easy to build a cache of ifindex in userspace and
maintain it up to date. So you don't need to use if_indextoname()
since it generates quite a lot of netlink traffic between kernel and
userspace.
You can probably contribute some example to libmnl that we can apply
to the tree. You can use this change I made quite recently as
reference for that code:
http://git.netfilter.org/nftables/commit/?id=3ed296118a065caff5600e60d4f7ef18e137f9a0
next parent reply other threads:[~2015-09-25 10:16 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <5604D75E.8000809@oracle.com>
2015-09-25 10:22 ` Pablo Neira Ayuso [this message]
2015-09-25 11:07 ` Fetching interface name Vikas
[not found] ` <5605412B.4000505@oracle.com>
2015-09-25 13:53 ` Pablo Neira Ayuso
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20150925102252.GA3768@salvia \
--to=pablo@netfilter.org \
--cc=coreteam@netfilter.org \
--cc=eric@netfilter.org \
--cc=netfilter-devel@vger.kernel.org \
--cc=vikas.c.kumar@oracle.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).