lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20130620084653.4d11dd3e@nehalam.linuxnetplumber.net>
Date:	Thu, 20 Jun 2013 08:46:53 -0700
From:	Stephen Hemminger <stephen@...workplumber.org>
To:	Daniel Borkmann <dborkman@...hat.com>
Cc:	davem@...emloft.net, tgraf@...g.ch, netdev@...r.kernel.org
Subject: Re: [RFC PATCH net-next 3/3] packet: nlmon: virtual netlink
 monitoring device for packet sockets

On Thu, 20 Jun 2013 10:07:10 +0200
Daniel Borkmann <dborkman@...hat.com> wrote:

> On 06/19/2013 08:59 PM, Stephen Hemminger wrote:
> > On Wed, 19 Jun 2013 20:04:46 +0200
> > Daniel Borkmann <dborkman@...hat.com> wrote:
> >
> >> Currently, there is no good possibility to debug netlink traffic that
> >> is being exchanged between kernel and user space. Therefore, this patch
> >> implements a netlink virtual device, so that netlink messages will be
> >> made visible to PF_PACKET sockets. Once there was an approach with a
> >> similar idea [1], but it got forgotten somehow.
> >
> > ip monitor all
> 
> Well, but this is only restricted to debugging rtnl and there are many other
> subsystems using netlink. Also, it's not about low-level debugging netlink
> in general from what I see from the code. So it's not really the same resp.
> comparable to each other.

I was thinking that having a more general monitor is great, and maybe you
could reuse the similar concepts that already exist. I like the device idea
or maybe teaching libpcap how to handle another input source like Patrick's
mmap netlink would be better.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ