lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Wed, 14 Oct 2009 21:59:11 +0200
From:	Jarek Poplawski <jarkao2@...il.com>
To:	Denys Fedoryschenko <denys@...p.net.lb>
Cc:	hadi@...erus.ca, netdev@...r.kernel.org
Subject: Re: kernel mode pppoe ppp if + ifb + mirred redirect, ethernet
 packets in ifb?!

On Wed, Oct 14, 2009 at 09:11:55PM +0200, Jarek Poplawski wrote:
> Denys Fedoryschenko wrote, On 10/13/2009 12:44 AM:
> ...
> > As i understand, for pppoe case, he can just skip offset for ethernet and 
> > pppoe header, and he can filter by ip, or not?
> > Current way is maybe better, cause someone who want to count everything with 
> > ethernet and pppoe headers - can, and who want without - also can (by setting 
> > offset , just a bit more difficult.
> > 
> > Like 
> > /sbin/tc filter add dev eth1 protocol 0x8864  parent 2:0 prio 1 u32 \
> > match u32 0x$IPREMOTE_HEX 0xffffffff at 24 flowid 2:$ID
> > (found in LARTC)
> 
> Maybe I miss something, but generally (for IP, TCP etc. matches) it
> should work "as usual". I think you and those other users you quoted
> were mislead by that tcpdump on ifb. Probably in some configs you
> might needed this 'protocol 0x8864' or 'protocol all'. You should
> see it on ppp's tcpdump then, like yours:

Hmm... Of course, like yours, where we can't see it ;-)
so 'protocol ip' is enough.

> 
> > PPPoE_146 ~ # tcpdump -ni ppp0 -e -vvv -s 1500 -c 4
> > tcpdump: WARNING:
> > tcpdump: listening on ppp0, link-type LINUX_SLL (Linux cooked), capture size 
> > 1500 bytes
> > 17:03:17.015598 Out ethertype IPv4 (0x0800), length 68: (tos 0x0, ttl 111, id 

BTW, let's note this 'protocol 0x8864' was used with dev eth1, so it's
a different case.

Jarek P.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists