lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 16 Jul 2013 18:59:36 +0300
From:	Vladimir Kondratiev <qca_vkondrat@....qualcomm.com>
To:	Daniel Borkmann <dborkman@...hat.com>
CC:	<netdev@...r.kernel.org>, Jiri Pirko <jpirko@...hat.com>
Subject: Re: [patch net-next v2] nlmon: use standard rtnetlink link api for add/del devices

On Tuesday, July 16, 2013 04:49:53 PM Daniel Borkmann wrote:
> On 07/16/2013 04:08 PM, Vladimir Kondratiev wrote:
> > Jiri Pirko <jiri <at> resnulli.us> writes:
> >
> >> It is not nice when netdev is created right after module load and with
> >> some implicit name. So rather change nlmon to use standard rtnl link API.
> >
> > Could you please elaborate a bit - how to capture netlink skb's after your
> > patch? Before, it was netdev that may be used with tcpdump. Now, there is
> > no such netdev. How to create it?
> 
> modprobe nlmon
> ip link add type nlmon
> ip link set nlmon0 up
> 
> tcpdump -i nlmon0 ....
> 
> ip link set nlmon0 down
> ip link del dev nlmon0
> rmmod nlmon

Thanks a lot! I guess it is worth to have this mentioned somewhere.
It will save lots of questions. For example, in Kconfig:

diff --git a/drivers/net/Kconfig b/drivers/net/Kconfig
index b45b240..13acea2 100644
--- a/drivers/net/Kconfig
+++ b/drivers/net/Kconfig
@@ -247,8 +247,18 @@ config NLMON
          purpose of this is to analyze netlink messages with packet sockets.
          Thus applications like tcpdump will be able to see local netlink
          messages if they tap into the netlink device, record pcaps for further
-         diagnostics, etc. This is mostly intended for developers or support
-         to debug netlink issues. If unsure, say N.
+         diagnostics, etc. Typical flow is:
+
+           modprobe nlmon
+           ip link add type nlmon
+           ip link set nlmon0 up
+           tcpdump -i nlmon0 ....
+           ip link set nlmon0 down
+           ip link del dev nlmon0
+           rmmod nlmon
+
+         This is mostly intended for developers or support to debug netlink
+         issues. If unsure, say N.
 
 endif # NET_CORE

--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ