| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 19 Jul 2007 00:57:12 +0200 From: Patrick McHardy <kaber@...sh.net> To: andrei radulescu-banu <iubica2@...oo.com> CC: linux-kernel@...r.kernel.org, Linux Netdev List <netdev@...r.kernel.org> Subject: Re: Linux, tcpdump and vlan andrei radulescu-banu wrote: > [...] > > In conclusion, here is the buglist: > 1). If set promiscuous, the e1000 should disable any vlan rx filtering, so that it can receive vlan frames of other vlan id's. Other ethernet drivers probably need fixed as well. > 2). The packet layer should change the rx skb device from the vlan 'fake' device (eth0.2) to the corresponding physical device (eth0), so when we run tcpdump on eth0 we see all vlan-tagged and non-vlan-tagged frames > 3). The packet socket layer should insert the vlan tag header before passing frames to the upper layer, so tcpdump can display them. Put another way, once you enable VLAN header stripping, you won't see the headers for *any* VLAN, not only for those you're actually running locally. This is also a problem for devices like macvlan, where it would be desirable to make use of hardware VLAN accerlation. I was thinking about storing the information somewhere in the packets meta-data on both RX and TX paths, that would also allow tcpdump to properly display packets. I have planned to look into this when I find some time. Your suggestion of disabling VLAN acceleration in promiscous mode sounds like a reasonable solution until then .. - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists