lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 15 Dec 2009 12:02:49 -0500
From:	Neil Horman <nhorman@...driver.com>
To:	Stephen Hemminger <shemminger@...tta.com>
Cc:	netdev@...r.kernel.org, davem@...emloft.net
Subject: Re: [RFC PATCH 1/4] net: port mirroring: add tracepoints to
	appropriate network paths

On Tue, Dec 15, 2009 at 08:44:24AM -0800, Stephen Hemminger wrote:
> On Tue, 15 Dec 2009 11:36:04 -0500
> Neil Horman <nhorman@...driver.com> wrote:
> 
> > Add net_dev_xmit & net_dev_receive tracepoints
> > 
> > Add tracepoints at the end of the network stack xmit path and the start of the
> > stack receive path.  Among other uses, these tracepoints can be used to tap the
> > raw input and output streams for any given network device for the purposes of
> > mirroring that traffic to other ports.
> > 
> 
> There already is a mirroring solution but people don't know how to use it.
> Using mirred on ingress qdisc does that.
> 
I wish that had been easier to find.  That only appears to mirror inbound frames
though, what about outbound frames? can you attach mirred to an outbound qdisc?

> Why would we want to add another hook to the already complex networking
> code path?
> 
Because tracepoints offer a low/zero impact hook (when not in use) that is
extensible to future debug needs.  Given that mirroring is largely a feature to
enable debugging, I thought tracepoints appropriate.

> https://svn.openfabrics.org/svn/openib/gen2/branches/1.1/src/userspace/ipoibtools/iproute2/doc/actions/mirred-usage
Reading over this, I'm still left wondering if this ony mirrors inbound frames.
Is the expectation that outbound frames can be mirrored using some other method?
Or can you just attach this tc action to an outbound qdisc?

Regards
Neil

> --
> To unsubscribe from this list: send the line "unsubscribe netdev" in
> the body of a message to majordomo@...r.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> 
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ