lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <CAJX4=r1Wh-EEwNJVFBqgbdZ7phdr9OxiPc6nUmCxNJDae5ChFQ@mail.gmail.com>
Date:	Mon, 3 Jun 2013 11:38:42 -0300
From:	Felipe Dias <felipediassss@...il.com>
To:	Ben Hutchings <bhutchings@...arflare.com>
Cc:	netdev@...r.kernel.org
Subject: Re: ETH_P_ALL and tcp ports

Thank you.

On Mon, Jun 3, 2013 at 11:30 AM, Ben Hutchings
<bhutchings@...arflare.com> wrote:
> On Sun, 2013-06-02 at 12:42 -0300, Felipe Dias wrote:
>> Hi, someone might try to tell me what I'm doing wrong, please?
>>
>> I have a simple module and I registered one packet handler, in init function:
>> ---
>>      pseudo_proto.type = htons(ETH_P_ALL);
>>      pseudo_proto.dev = NULL;
>>      pseudo_proto.func = packet_handler;
>>      dev_add_pack(&pseudo_proto);
>> ---
>>
>> My packet_handler, is a simple function just to print in dmesg info
>> about the packet, its check if protocol is TCP or UDP before.
>>
>> The problem is with TCP headers. I'm trying to get tcp ports with:
>>
>> ntohs(tcp_hdr(skb)->dest);
>>
>> But always come strange ports numbers.
>>
>> My question is: Are the TCP headers filled at this stage ?
>> Or I have to register another packet_handler with dev_add_pack() after
>> TCP code have done the heavy work?
>
> On the RX path, your packet handler is called before any network or
> transport layer processing has been done.  You can only assume that the
> network header pointer will be set.
>
> On the TX path, TCP packets generated by the TCP stack will have the
> transport header set.  But TCP packets that have been forwarded or
> generated by a raw socket won't.
>
> So in either case, you have to parse and validate the IP and TCP headers
> yourself.
>
> Ben.
>
> --
> Ben Hutchings, Staff Engineer, Solarflare
> Not speaking for my employer; that's the marketing department's job.
> They asked us to note that Solarflare product names are trademarked.
>
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ