lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 3 Jul 2007 12:29:24 -0700
From:	"Javier Cardona" <javier@...ybit.com>
To:	netdev@...r.kernel.org
Subject: Proposed interface for per-packet mesh-ttl

David Woodhouse suggested that this list is a more appropriate forum
for my message...

---------- Forwarded message ----------
From: Javier Cardona <javier@...ybit.com>
Date: Jul 3, 2007 11:49 AM
Subject: Proposed interface for per-packet mesh-ttl
To: libertas-dev@...ts.infradead.org


Libertas-dev,

I'm currently working on per-packet mesh ttl.  My plan is to register
new mesh sockopts through netfilter.  The user interface will be:

#include <sys/types.h>
#include <sys/socket.h>

/* in mesh.h ? */
#define MESH_SO_SET_TTL         77
#define MESH_SO_GET_TTL         77

int main()
{
    int sock;
    int optlen;
    unsigned char ttl;

    ttl = 7;
    optlen = sizeof(ttl);

    sock = socket (PF_INET, SOCK_STREAM, 0);
    setsockopt(sock, SOL_IP, MESH_SO_SET_TTL, &ttl, optlen);
    getsockopt(sock, SOL_IP, MESH_SO_GET_TTL, &ttl, &optlen);

    /* from here on, all traffic from sock will be sent to the mesh
with ttl=7 */

    return 0;
}


Pros:

* it is non-intrusive (only need to reserve the socket option values,
no other changes to the net stack are needed)
* runtime configurable (this options may be supported only when a
mesh_opts module is loaded).
* familiar and intuitive (at least to me :)

Cons:

* netfilter only has hooks for IPv4 and IPv6.  If we want to make mesh
parameters configurable at other layers (e.g. packet) we'll have to
create the hooks.
* It is debatable whether a mesh option should be set at SOL_IP, as it
is a layer 2 protocol.    We do want (some) mesh options to be applied
to flows a that level, and the {g,s}etsockopt interface does not
support setting lower layer options to higher layer sockets.

Speak up if you would like to see this done in a different way.

Cheers,

Javier
-
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists