lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 31 Mar 2008 21:40:51 +0200
From:	Patrick McHardy <kaber@...sh.net>
To:	Stephen Hemminger <shemminger@...tta.com>
CC:	David Miller <davem@...emloft.net>, Jamal <hadi@...erus.ca>,
	netdev@...r.kernel.org
Subject: Re: [PATCH net-2.6.26] netlink: make socket filters work on netlink

Stephen Hemminger wrote:
> On Wed, 26 Mar 2008 21:19:56 +0100
> Patrick McHardy <kaber@...sh.net> wrote:
> 
>> Stephen Hemminger wrote:
>>> Make socket filters work for netlink unicast and notifications.
>>> This is useful for applications like Zebra that get overrun with
>>> messages that are then ignored.
>>>
>>> Note: netlink messages are in host byte order, but packet filter
>>> state machine operations are done as network byte order.
>>
>> Do you have an example for a filter for this? I have a similar
>> patch that adds a new filter instruction for parsing netlink
>> attributes, which seemed necessary for getting at nested
>> attributes without too much trouble.
>>
>> Attached for reference together with a libnl testing
>> patch for ctnetlink.
>>
> 
> Here is the example program:
>    it uses netlink IPC and has one thread send route notifications
>    and the other filters.
> 
>    to test the mulitcast path used a hacked version of ip_monitor from iproute
> 
>    see attachment for the quagga patch.


Thanks. It seems it parses only top-level attributes, which
is probably why you didn't need the nlattr_find command I
used in my patch. The problem with this is that finding and
parsing nested attributes using the existing BPF commands is
complicated since you need to fully parse netlink headers
and walk through them. You can't even reuse that part for
multiple nested attributes since you can't jump backwards.
So I think it would be preferrable to have a simpler method
for this.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ