| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAM_iQpWnxTuHQfXzxQ6Cg5Ec=D7yJQsvw+3WpnzDuDXAUow7fg@mail.gmail.com> Date: Mon, 15 May 2017 13:14:54 -0700 From: Cong Wang <xiyou.wangcong@...il.com> To: Morgan Yang <morgan.yang1982@...il.com> Cc: Linux Kernel Network Developers <netdev@...r.kernel.org> Subject: Re: Advice on user space application integration with tc On Thu, May 11, 2017 at 1:45 PM, Morgan Yang <morgan.yang1982@...il.com> wrote: > Hi All: > > I want to build a solution that leverages the filtering and actions of > tc in kernel space, but have the ability to hook to a userspace > application that can additional packet processing (such as payload > masking). I'm curious what are the best ways to go about doing that? I > have been looking into tc-skbmod and tc-pedit, but as good as they > are, they would require newer kernels. I have also tried using tc to > mirror filterd packets to a dummy or tap interface, and have the > userspace application pick up there, but the performance has been > supar. I'm hoping to have a solution that avoids the extra mirroring. act pedit exists for a rather long time, I don't think you need a new kernel to use it, unless of course you have a different definition of "new kernel". ;)
Powered by blists - more mailing lists