Re: [ULOGD PATCH] rework, fill MAC address in ULOG for ethernet.

Linux Netfilter development
 help / color / mirror / Atom feed

From: Patrick McHardy <kaber@trash.net>
To: Pablo Neira Ayuso <pablo@netfilter.org>
Cc: Eric Leblond <eric@inl.fr>, netfilter-devel@vger.kernel.org
Subject: Re: [ULOGD PATCH] rework, fill MAC address in ULOG for ethernet.
Date: Wed, 09 Jul 2008 13:10:34 +0200	[thread overview]
Message-ID: <48749CAA.3030306@trash.net> (raw)
In-Reply-To: <48749AF1.60900@netfilter.org>

Pablo Neira Ayuso wrote:
> Patrick McHardy wrote:
>> Pablo Neira Ayuso wrote:
>>> Eric Leblond wrote:
>>>> This patch introduces a parsing of the hardware header field based on
>>>> the length of the field. It currently only detects ethernet header and
>>>> fill mac.saddr and mac.daddr properly.
>>>>
>>>> With this behaviour it may be impossible to support all kind of devices
>>>> but ULOG will soon be deprecated in favor of NFLOG.
>>> Since we do not have more information in ULOG, I see this as a best try
>>> to detect what kind of layer 2 header is there. The other choice is not
>>> to include layer 2 information at all if we use ulog as input which also
>>> seems reasonable to me. If users want new features they have to migrate
>>> from ulog to nflog IMO.
>>>
>>> I'm willing to finish the compatibility layer in libnetfilter_queue,
>>> this could probably help to deprecate it.
>>>
>>> If Patrick does not have any objection, I'll apply this and the previous
>>> layer 2 related patches.
>> One objection:
>>
>>> +static int parse_macheader(struct ulogd_key *ret, ulog_packet_msg_t
>>> *pkt,
>>> +               )
>>> +{
>>> +    int hwlen;
>>> +
>>> +    switch (pkt->mac_len) {
>>> +        case (2 * ETH_ALEN +2):
>>> +            hwlen = ETH_ALEN;
>>> +            break;
>>> +        default:
>>> +            ulogd_log(ULOGD_DEBUG, "Unknown mac_len (%d), "
>>> +                    "rejecting packet", pkt->mac_len);
>>> +            ret[ULOG_KEY_OOB_PROTOCOL].u.value.ui16 = 0;
>>> +            ret[ULOG_KEY_OOB_PROTOCOL].flags |= ULOGD_RETF_VALID;
>>> +            return ULOGD_IRET_OK;
>> This appears to be breaking logging for anything but ethernet
>> packets. We can't do that, especially since ulogd1 has long
>> been in maintenance-only mode.
> 
> Hm, this patch applies to ulogd2, probably you got confused with the
> subject?

Indeed, I mixed that up.

> But indeed, I agree with you. Eric, I think that it's better to drop any
> effort in trying to add layer 2 support for ulogd2 if the user use ULOG
> as input logger. If users want new features, eg. the layer 2 information
> in their log messages, they should upgrade to NFLOG.

Agreed, I really don't see how this can be done without breaking
things. The necessary information is not present in the ULOG
messages.

next prev parent reply	other threads:[~2008-07-09 11:10 UTC|newest]

Thread overview: 50+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2008-06-19 12:23 [ULOGD PATCH 0/6] Fix difference between ULOG and NFLOG Eric Leblond
2008-06-19 12:23 ` [ULOGD PATCH 1/6] Suppress spaces at end of line Eric Leblond
2008-06-23 14:23   ` Pablo Neira Ayuso
2008-06-19 12:23 ` [ULOGD PATCH 2/6] Convert struct to [KEY] = {} format Eric Leblond
2008-06-23 14:23   ` Pablo Neira Ayuso
2008-06-19 12:23 ` [ULOGD PATCH 3/6] Fix warning about unused variable if NFLOG_GID is not available Eric Leblond
2008-06-23 14:25   ` Pablo Neira Ayuso
2008-06-27 19:41     ` Eric Leblond
2008-06-27 20:29       ` Eric Leblond
2008-06-28  9:54         ` Pablo Neira Ayuso
2008-06-28 10:25           ` Eric Leblond
2008-06-28 10:45             ` Pablo Neira Ayuso
2008-06-28 10:45             ` Pablo Neira Ayuso
2008-06-19 12:23 ` [ULOGD PATCH 4/6] Introduce datatype and hwaddrlen param to MAC2STR plugin Eric Leblond
2008-06-23 14:42   ` Pablo Neira Ayuso
2008-06-27 23:02     ` [ULOGD PATCH 0/6] rework mac address related issues Eric Leblond
2008-06-27 23:02     ` [ULOGD PATCH 1/6] Specify that NFLOG only return mac saddr Eric Leblond
2008-06-27 23:02     ` [ULOGD PATCH 2/6] Adapt MAC2STR to NFLOG and ULOG input key change Eric Leblond
2008-06-27 23:02     ` [ULOGD PATCH 3/6] Output mac.saddr and mac.daddr in ULOG plugin Eric Leblond
2008-07-02 13:52       ` [ULOGD PATCH] Output mac.saddr, mac.daddr and oob.protocol " Eric Leblond
2008-07-02 13:56         ` Patrick McHardy
2008-07-08 21:56           ` [ULOGD PATCH] rework, fill MAC address in ULOG for ethernet Eric Leblond
2008-07-09 10:50             ` Pablo Neira Ayuso
2008-07-09 10:53               ` Patrick McHardy
2008-07-09 11:03                 ` Pablo Neira Ayuso
2008-07-09 11:10                   ` Patrick McHardy [this message]
2008-07-09 21:04                     ` Eric Leblond
2008-07-09 21:18                       ` Patrick McHardy
2008-07-10 20:39                         ` Eric Leblond
2008-07-11 14:08                           ` Patrick McHardy
2008-07-15 12:49                             ` Eric Leblond
2008-07-15 13:26                               ` Patrick McHardy
2008-07-16 22:24                                 ` netfilter: Send complete hardware header in NFLOG Eric Leblond
2008-07-17  9:01                                   ` Patrick McHardy
2008-07-17  9:12                                     ` Eric Leblond
2008-07-17  9:14                                       ` Patrick McHardy
2008-07-16 22:29                                 ` [libnetfilter_log PATCH] Add parsing function for raw hardware header Eric Leblond
2008-07-17  9:13                                   ` Patrick McHardy
2008-07-16 22:31                                 ` [ULOGD2 PATCH] Sync NFLOG input plugin with NFLOG modification related to " Eric Leblond
2008-07-20 23:51                                   ` Pablo Neira Ayuso
2008-06-27 23:02     ` [ULOGD PATCH 4/6] Parse oob protocol in ULOG when possible Eric Leblond
2008-06-27 23:02     ` [ULOGD PATCH 5/6] Add destination mac_addr to database Eric Leblond
2008-06-27 23:03     ` [ULOGD PATCH 6/6] Sync PRINTPKT with mac modification Eric Leblond
2008-06-19 12:23 ` [ULOGD PATCH 5/6] Add destination mac_addr to database Eric Leblond
2008-06-23 14:44   ` Pablo Neira Ayuso
2008-06-19 12:23 ` [ULOGD PATCH 6/6] Suppress verbose debug message in ULOG Eric Leblond
2008-06-23 14:46   ` Pablo Neira Ayuso
2008-06-19 12:25 ` netfilter: Make NFLOG dump all hardware header Eric Leblond
2008-06-19 12:30   ` Patrick McHardy
2008-06-19 12:55   ` [PATCH] Change packet hw header struct accordingly to NFLOG update Eric Leblond

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=48749CAA.3030306@trash.net \
    --to=kaber@trash.net \
    --cc=eric@inl.fr \
    --cc=netfilter-devel@vger.kernel.org \
    --cc=pablo@netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox