Date: Sat, 16 Sep 2000 00:53:33 -0700 From: Julian Elischer <julian@elischer.org> To: Ben Schumacher <webmaster@cyalchemy.com> Cc: freebsd-net@freebsd.org Subject: Re: netgraph based MAC authentication Message-ID: <39C326FD.41C67EA6@elischer.org> References: <5.0.0.25.2.20000913221340.00a04950@pop.henshaw.net> <5.0.0.25.2.20000915183859.026c2310@pop.henshaw.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Ben Schumacher wrote:
>
> Alright, I have starting working on a daemon that connects to the upper and
> lower hooks on my interface, and pulls the MAC address from the packet and
> sends the packet on its way. This all seems to be working properly, most
> of the time. The two problems I'm having right now is that ARP packets
> don't seem to be forwarding correctly through my daemon and more
> importantly, DHCP packets seem to cause kernel panics.
Can you do one of the following?
Put have DDB in the kernel (and can get to it by running
the test case from the console) so you can do a stack trace..
OR
Enable kernel core-dumps
and compile your kernel with -g so that you can examine
the core-dump and see where the crash was.
(these are the first things to do when you have a kernel crash)
Are you talking about incoming or outgoing arp packets and DHCP
packets? DHCP (from memory) uses the BPF interface to shove
packets out on the wire, and it may be that they get put on after
the point where Netgraph hooks in..
check if_ethersubr.c for illumination...
not sure about arp.. once again, incoming or outgoing?
I think ARP packets SHOULD be captured.. I'll have a look
at the code and mail again later..
>
> Basically my code is a slight modified version of nghook. Here's the
> relavent portions:
>
> while(1) {
> fd_set rfds;
>
> FD_ZERO(&rfds);
> FD_SET(0, &rfds);
> FD_SET(dsock, &rfds);
>
> if (select(FD_SETSIZE, &rfds, NULL, NULL, NULL) < 0)
> err(EX_OSERR, "select");
>
> if (FD_ISSET(dsock, &rfds)) {
> time_t now;
> u_char buf[BUF_SIZE];
> char ihook[NG_HOOKLEN+1];
> char *ohook;
> int rl;
>
> if ((rl = NgRecvData(dsock,
> buf, sizeof(buf), ihook)) < 0)
> err(EX_OSERR, "read(hook)");
> if (rl == 0)
> errx(EX_OSERR, "read EOF from hook?!");
>
> now = time(NULL);
> printf("%ld: RECV - HOOK: %s, BYTES: %d "
> "(SRC: %02x:%02x:%02x:%02x:%02x:%02x)\n",
> now, ihook, rl,
> buf[6], buf[7], buf[8],
> buf[9], buf[10], buf[11]);
>
> if (!strcmp(ihook, NG_SOCK_UHOOK_NAME)) {
> ohook = NG_SOCK_LHOOK_NAME;
> }
> else if (!strcmp(ihook, NG_SOCK_LHOOK_NAME)) {
> ohook = NG_SOCK_UHOOK_NAME;
> }
> else {
> errx(EX_OSERR,
> "data received on unknown hook?!");
> }
>
> if (NgSendData(dsock, ohook, buf, rl) < 0) {
> err(EX_OSERR, "NgSendData(%s)", ohook);
> }
>
> now = time(NULL);
> printf("%ld: SENT - HOOK: %s, BYTES: %d "
> "(TAR: %02x:%02x:%02x:%02x:%02x:%02x)\n",
> now, ohook, rl,
> buf[0], buf[1], buf[2],
> buf[3], buf[4], buf[5]);
> }
> }
Looks right to me...
I think if there is a problem it would be in the ng_ether kernel
module as it's pretty new..
>
> Can anybody give me any insight as to why this might be having the problems
> I mentioned above? I realize it might be better to do what I'm trying to
> do as a node, but since I have little experience using mbuf's, and haven't
> been able to figure out where MAC address are stored in these, I thought
> this might be an easier way to do what I'm proposing.
Well, it's easier, but it's also going to be quite a bit slower as it
will require a process schedule for each packet.
(this may or may not be ok in production,
but it's definitly ok for a prototype)
>
> Thanks in advance,
> - Ben Schumacher
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-net" in the body of the message
--
__--_|\ Julian Elischer
/ \ julian@elischer.org
( OZ ) World tour 2000
---> X_.---._/ presently in: Perth
v
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?39C326FD.41C67EA6>