lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 16 Nov 2016 08:15:23 -0800
From:   Roopa Prabhu <roopa@...ulusnetworks.com>
To:     Jiri Pirko <jiri@...nulli.us>
CC:     netdev@...r.kernel.org, davem@...emloft.net, yotamg@...lanox.com,
        idosch@...lanox.com, eladr@...lanox.com, nogahf@...lanox.com,
        ogerlitz@...lanox.com, jhs@...atatu.com, geert+renesas@...der.be,
        stephen@...workplumber.org, xiyou.wangcong@...il.com,
        linux@...ck-us.net, john.fastabend@...il.com,
        simon.horman@...ronome.com
Subject: Re: [patch net-next v2 5/8] Introduce sample tc action

On 11/14/16, 7:00 AM, Jiri Pirko wrote:
> From: Yotam Gigi <yotamg@...lanox.com>
>
> This action allow the user to sample traffic matched by tc classifier.
> The sampling consists of choosing packets randomly, truncating them,
> adding some informative metadata regarding the interface and the original
> packet size and mark them with specific mark, to allow further tc rules to
> match and process. The marked sample packets are then injected into the
> device ingress qdisc using netif_receive_skb.
>
> The packets metadata is packed using the ife encapsulation protocol, and
> the outer packet's ethernet dest, source and eth_type, along with the
> rate, mark and the optional truncation size can be configured from
> userspace.
>
> Example:
> To sample ingress traffic from interface eth1, and redirect the sampled
> the sampled packets to interface dummy0, one may use the commands:
>
> tc qdisc add dev eth1 handle ffff: ingress
>
> tc filter add dev eth1 parent ffff: \
> 	   matchall action sample rate 12 mark 17

Yotham, I am guessing in the future if one does not want to use mark,
the sample api is extensible to allow for other actions to be added.
This is from the general concern we had on using mark: some may not want to use mark.
As long as the api is extensible to allow an alternate way in the future,
 we should be good. (We would prefer to not go down the path of having to introduce
a new  'action sample' if this limits us in some way).

>
> tc filter add parent ffff: dev eth1 protocol all \
> 	   u32 match mark 17 0xff \
> 	   action mirred egress redirect dev dummy0
>

thanks.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ