lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 1 Mar 2016 11:11:46 +0000
From:	Brian Russell <brussell@...cade.com>
To:	<netdev@...r.kernel.org>
Subject: [PATCH net-next v3 0/3] NSH and VxLAN-GPE

These patches add a new module to support encap/decap of Network
Service Header (NSH) as defined in:

https://tools.ietf.org/html/draft-ietf-sfc-nsh-01

Both NSH Type 1 and Type 2 metadata are supported with a simple registration
hook to allow listeners to register to see packets with Type 1 or a specific
class of Type 2 metadata. NSH could be added to packets sent over a variety
of link types, eg. VxLAN, GRE, ethernet.

v2 - fix copyright notices and tidy up use of types

v3 - fix various style issues in nsh module
     remove VxLAN-GPE changes
     add nsh logging module as example
     add nsh netfilter encap target as example

The previous version included mods to allow NSH over VxLAN-GPE but I've
withdrawn this as VxLAN-GPE is currently being added in a much more complete
patchset. My intention would be to add NSH support on top of that once it's
applied.

I've added the NSH logging module to illustrate the use of the simple
mechanism to register for incoming decap'd NSH metadata.

I've added the NSH netfilter target to illustrate metadata being NSH
encap'd.

Brian Russell (3):
  nsh: encapsulation module
  nsh: logging module
  nsh: netfilter target

 include/net/nsh.h                     | 147 +++++++++++++++
 include/uapi/linux/if_ether.h         |   1 +
 include/uapi/linux/netfilter/xt_NSH.h |  25 +++
 net/ipv4/Kconfig                      |  18 ++
 net/ipv4/Makefile                     |   2 +
 net/ipv4/nsh.c                        | 335 ++++++++++++++++++++++++++++++++++
 net/ipv4/nsh_log.c                    | 135 ++++++++++++++
 net/netfilter/Kconfig                 |   9 +
 net/netfilter/Makefile                |   1 +
 net/netfilter/xt_NSH.c                |  95 ++++++++++
 10 files changed, 768 insertions(+)
 create mode 100644 include/net/nsh.h
 create mode 100644 include/uapi/linux/netfilter/xt_NSH.h
 create mode 100644 net/ipv4/nsh.c
 create mode 100644 net/ipv4/nsh_log.c
 create mode 100644 net/netfilter/xt_NSH.c

-- 
2.1.4

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ