lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Mon, 12 Mar 2012 19:00:55 +0100
From:	Richard Weinberger <richard@....at>
To:	Pablo Neira Ayuso <pablo@...filter.org>
CC:	jengelh@...ozas.de, eric.dumazet@...il.com,
	linux-kernel@...r.kernel.org, netdev@...r.kernel.org,
	netfilter-devel@...r.kernel.org, rostedt@...dmis.org
Subject: Re: [PATCH v6] Netfilter ring buffer support

On 12.03.2012 15:12, Pablo Neira Ayuso wrote:
> On Mon, Mar 12, 2012 at 02:27:13PM +0100, Richard Weinberger wrote:
> [...]
>>> Looking at the code, those are included if bridging is enabled.
>>> Otherwise, I'll be happy to take a patch for this.
>>
>> Doesn't NFLOG just pass the packet header to userspace?
>
> It also passes several interesting metainformation regarding the
> packet to user-space as well. And it can be easily extended to add
> more metainformation without breaking backward compatibility.
>
>> How can you derive meta-information like "PHYSIN" and "PHYSOUT" from
>> the packet header?
>
> See nflog_get_physindev and nflog_get_physoutdev in libnetfilter_log.

Oh. This sounds great.

>> Iff NFLOG is able to produce same log string like LOG does I'm fine.
>
> This is a patch yet incomplete for libnetfilter_log:
>
> http://1984.lsi.us.es/git/rlogd/tree/libnflog.patch
>
> It allows you to print in LOG output format. It still need to add
> support for UDP, UDPlite, and so on, but that shouldn't be hard to
> make.
>
> I'd be happy if someone takes it over and finish it.

Okay. I'll take over it.
Stay tuned!

Thanks,
//richard
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ