Re: User-space controlled raw ethernet - Is this the way to go?

Andy <ajg112@xxxxxxxxxxxxxx> writes:
Jan Kandziora wrote:
Essentially, libpcap does not neet root priviledge, but CAP_NET_RAW and
maybe CAP_NET_ADMIN capabilities.

Yes, I remember looking into this when I was considering the libpcap
route. But to be honest, I got totally lost, and could find little
examples/further explanation that helped. My conclusion (that might be
totally wrong) was that most of the capabilities stuff is deprecated
(or haeding that way).

That's quite an absurd assumption. If your application should operate
on its own, it would need the CAP_NET_RAW-capability to open a
PF_PACKET socket, which can be used to send and receive 'link-layer
SDUs'. Another options would be to let a suitably priviledged helper
application create the socket and pass it to the main application,
either by passing a descriptor over an PF_UNIX socket or implicitly by
inheritance.


[...]

With regards to the kernel module. Things _were_ going well. But with
further reading, it seems creating and using a socket from within a
kernel module isn't good practice, or even allowed. (Again, I may be
totally wrong here). When I try to compile a module using the socket
function I get:

warning: implicit declaration of function 'socket'

'socket' is the C-library name for an interface providing one of the
functions (AFAIK) implemented by the 'socketcall' system call. You
cannot use system calls from within the kernel. Interfacing with the
stack from inside the kernel requires using a different interface (I
unfortunately have no exact knowledge of).
.

Relevant Pages