| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20170912202617.ny3bbi2dthxxffh3@unicorn.suse.cz>
Date: Tue, 12 Sep 2017 22:26:17 +0200
From: Michal Kubecek <mkubecek@...e.cz>
To: Ben Greear <greearb@...delatech.com>
Cc: netdev <netdev@...r.kernel.org>
Subject: Re: Can libpcap filter on vlan tags when vlans are
hardware-accelerated?
On Tue, Sep 12, 2017 at 11:54:43AM -0700, Ben Greear wrote:
> It does not appear to work on Fedora-26, and I'm curious if someone
> knows what needs doing to get this support working?
It's rather complicated. The "vlan" and "vlan <id>" filters didn't
handle the case when vlan information is passed in metadata until commit
04660eb1e561 ("Use BPF extensions in compiled filters"), i.e. libpcap
1.7.0. Unfortunately that commit made libpcap always check only metadata
for the first outermost vlan tag so that it broke the case when vlan
information is passed in packet itself (which is less frequent today).
To handle both cases correctly, you would need libpcap with commits
d739b068ac29 ("Make VLAN filter handle both metadata and inline tags")
and 7c7a19fbd9af ("Fix logic of combined VLAN test") and also the
optimizer fix from
https://github.com/the-tcpdump-group/libpcap/pull/582/commits/075015a3d17a
(without it the filters generate incorrect BPF in some cases unless the
optimizer is disabled). As far as I can see, these commits are not in
any release yet.
Michal Kubecek
Powered by blists - more mailing lists