Date: Thu, 14 Dec 2017 23:58:54 -0600 From: Jim Thompson <jim@netgate.com> To: Ming Fu <Ming.Fu@esentire.com> Cc: "freebsd-net@freebsd.org" <freebsd-net@freebsd.org> Subject: Re: Netmap: Build a network SPAN/TAP from netmap Message-ID: <3F8E159B-33FC-428E-9A18-64CC298EDBDD@netgate.com> In-Reply-To: <c861f08553874dc6b242be45ec6e4ef0@mbx02cmb01p.esentire.local> References: <c861f08553874dc6b242be45ec6e4ef0@mbx02cmb01p.esentire.local>
next in thread | previous in thread | raw e-mail | index | archive | help
> On Dec 14, 2017, at 12:00 PM, Ming Fu <Ming.Fu@esentire.com> wrote:
>=20
> Hi,
>=20
> I am trying to explore the possibility to build a network SPAN/TAP =
from netmap. Similar to the bridge sample, but all packet going through =
the bridge also get copied to a SPAN port. How do I duplicate or clone =
an incoming packet and send the original to bridge peer and the cloned =
one to the SPAN port? Is there an API like FreeBsd m_copypacket() for =
netmap? Would it work for Linux as well?
>=20
> Thanks
> Ming
Ming,
I=E2=80=99d look at adapting netmap monitors.
=
https://github.com/luigirizzo/netmap/blob/master/sys/dev/netmap/netmap_mon=
itor.c
For the rest of the solution, look at netmap_user.h, where it explains =
how to open a port in monitor mode.
https://github.com/luigirizzo/netmap/blob/master/sys/net/netmap_user.h
Essentially, once you have an active netmap port e.g. netmap:ix0, you =
can sniff the traffic by opening additional netmap ports
named netmap:ix0/r (for rx traffic) or netmap:ix0/t (for tx) or even =
netmap:ix0/rt (for both tx and rx)
The rest of the code (to inject frames back down another interface) can =
be lifted from the bridge sample.
You could also look at SF-TAP. http://sf-tap.github.io
Jim
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3F8E159B-33FC-428E-9A18-64CC298EDBDD>