From owner-freebsd-net@freebsd.org Fri Dec 15 07:56:37 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 57B03E9EA1C for ; Fri, 15 Dec 2017 07:56:37 +0000 (UTC) (envelope-from v.maffione@gmail.com) Received: from mail-qk0-x230.google.com (mail-qk0-x230.google.com [IPv6:2607:f8b0:400d:c09::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 0E2C56C12E for ; Fri, 15 Dec 2017 07:56:37 +0000 (UTC) (envelope-from v.maffione@gmail.com) Received: by mail-qk0-x230.google.com with SMTP id d66so9377240qkg.1 for ; Thu, 14 Dec 2017 23:56:37 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=dAdcpw0ENxjksmJ4jm12WBzK9JydmFofk0ss5rLwAuU=; b=U5E1cxExDTC4F/X4e3ryZO9S1OneFqcNiRoHRBhrwBax/E5RwPQLYScfb/HZywHOmZ e7DCaMQbixshfI2UkU6qFrU3djFLZnImMMrd6bRQ12ACANC4AXfGjX6ppTnnLLVuvASd 0TmVO9VeRO9dCLU3Ry6Povy1c9lv6uRpM56Scvj3OSBy+ExtBKgjPKtPmeAEmYDGrcB0 ndvet8MDIjmZnWgpHJtrvRjoUl01nRHOS9rr+NdaF0AQ8gnimlbJs8sLQxQXyXoms1oq PGenfSL3CdlDo+5MBrmLmV/AsJN6yEtZ/I3q0+7MP7/hyxIS+GhpvFPsFoiYPIyOXef6 sTcw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=dAdcpw0ENxjksmJ4jm12WBzK9JydmFofk0ss5rLwAuU=; b=Ta3U/mVFYeybR1QPmAaFDGXFlNnjp4QVRNsKIXcGZc7ZWO5ksC+tCvi25bpwCV+b3t v4nj0oEH/jteXskS4XIGrJiiOfaky6vuke4Apxu3CLWzjrMW+KPZXWIlfbBSGM0F0zVl eVuP6fBC9V2GLhj4zZmGVCVc5auReEAS8FlPTwVLjz3eDBYkZxTfuu0gFWfoJTahjFwo 3PtpaDOTHSDwN5ELSNLkasLAIqPNJEn6czMw/8X0v8UQCpxulby2XV4tUDKNmJflOPQl +mJFCSeXPtsLswcGoJK1AQaLTwcoBJDqzIbZceFsVX+If1BTaEC+qOz7BAWHsf6sczrI qL/Q== X-Gm-Message-State: AKGB3mLktED/6cfpfmP3E/hP5KNAXdNq2Iu+Ydyj9Wa9qNxyB6H2p0bX y78A3f9f7U5RAtkwLr9yGnA1T0ucLJbDsSMKUz55Qg== X-Google-Smtp-Source: ACJfBosSPbSnFrpU9d0VKUvrC0TB3iwVgXFYm+LBlamWUG7IvvUnJT8UUwxrHUkHK5ug/ZGUNNkqBIdVA51qOgaYjI8= X-Received: by 10.55.56.137 with SMTP id f131mr16628364qka.91.1513324595727; Thu, 14 Dec 2017 23:56:35 -0800 (PST) MIME-Version: 1.0 Received: by 10.12.174.5 with HTTP; Thu, 14 Dec 2017 23:56:35 -0800 (PST) In-Reply-To: <3F8E159B-33FC-428E-9A18-64CC298EDBDD@netgate.com> References: <3F8E159B-33FC-428E-9A18-64CC298EDBDD@netgate.com> From: Vincenzo Maffione Date: Fri, 15 Dec 2017 08:56:35 +0100 Message-ID: Subject: Re: Netmap: Build a network SPAN/TAP from netmap To: Jim Thompson Cc: Ming Fu , "freebsd-net@freebsd.org" Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.25 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 15 Dec 2017 07:56:37 -0000 Yes, or if you prefer you can simply extend "bridge" forwarding logic to copy every packet to an additional TAP port. Copying a packet in netmap is just a matter of initialize the next struct netmap_slot in the destination (TAP) netmap ring, memcpy() the packet payload and incrementing ring->cur/ring->head (then you need to TXSYNC or poll() at the end of the batch. In any case the application will work on both FreeBSD and Linux, as the API is the same. You may also find useful to look at the netmap tutorial, to see more examples and explanations: https://github.com/vmaffione/netmap-tutorial Cheers, Vincenzo 2017-12-15 6:58 GMT+01:00 Jim Thompson : > > > > On Dec 14, 2017, at 12:00 PM, Ming Fu wrote: > > > > Hi, > > > > I am trying to explore the possibility to build a network SPAN/TAP from > netmap. Similar to the bridge sample, but all packet going through the > bridge also get copied to a SPAN port. How do I duplicate or clone an > incoming packet and send the original to bridge peer and the cloned one t= o > the SPAN port? Is there an API like FreeBsd m_copypacket() for netmap? > Would it work for Linux as well? > > > > Thanks > > Ming > > Ming, > > I=E2=80=99d look at adapting netmap monitors. > > https://github.com/luigirizzo/netmap/blob/master/sys/dev/ > netmap/netmap_monitor.c > > For the rest of the solution, look at netmap_user.h, where it explains ho= w > to open a port in monitor mode. > > https://github.com/luigirizzo/netmap/blob/master/sys/net/netmap_user.h > > Essentially, once you have an active netmap port e.g. netmap:ix0, you can > sniff the traffic by opening additional netmap ports > named netmap:ix0/r (for rx traffic) or netmap:ix0/t (for tx) or even > netmap:ix0/rt (for both tx and rx) > > The rest of the code (to inject frames back down another interface) can b= e > lifted from the bridge sample. > > You could also look at SF-TAP. http://sf-tap.github.io > > Jim > > _______________________________________________ > freebsd-net@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > --=20 Vincenzo Maffione