From owner-freebsd-net@FreeBSD.ORG Mon Jan 14 16:38:59 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C992A16A4A1 for ; Mon, 14 Jan 2008 16:38:59 +0000 (UTC) (envelope-from tom@tomjudge.com) Received: from s200aog14.obsmtp.com (s200aog14.obsmtp.com [207.126.144.128]) by mx1.freebsd.org (Postfix) with SMTP id 11A4E13C46E for ; Mon, 14 Jan 2008 16:38:58 +0000 (UTC) (envelope-from tom@tomjudge.com) Received: from source ([217.206.187.80]) by eu1sys200aob014.postini.com ([207.126.147.11]) with SMTP; Mon, 14 Jan 2008 16:38:57 UTC Received: from bill.mintel.co.uk (bill.mintel.co.uk [10.0.0.89]) by rodney.mintel.co.uk (Postfix) with ESMTP id 2C46018141F; Mon, 14 Jan 2008 16:38:57 +0000 (GMT) Message-ID: <478B9020.3000402@tomjudge.com> Date: Mon, 14 Jan 2008 16:38:56 +0000 From: Tom Judge User-Agent: Thunderbird 2.0.0.6 (X11/20071022) MIME-Version: 1.0 To: "Bruce M. Simpson" References: <478B7AB7.5010208@tomjudge.com> <478B88EE.7090307@FreeBSD.org> In-Reply-To: <478B88EE.7090307@FreeBSD.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org Subject: Re: Programming interface MAC filter without enabling PROMISC on an interface from user space. X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Jan 2008 16:38:59 -0000 Bruce M. Simpson wrote: > Tom Judge wrote: >> Hi, >> >> I have just started experimenting with OpenLLDP and come across a >> little bit of a nasty. When it opens the interface, it puts it into >> PROMISC mode, which I don't really want to happen. Is there any way >> to add the LLDP MAC address (01-80-C2-00-00-0E) to the interface mac >> filter from user space, so that the interface does not have to be set >> to PROMISC? > > There *is* an API for this but it's not integrated into pcap or bpf; see > SIOCADDMULTI and SIOCDELMULTI. There are some issues with doing that > portably, Windows and Linux do things somewhat differently in this space. > > Really we could do with a KPI for this so that the references are > properly refcounted. If you have other link layer multicast listeners > it's not guaranteed that the stack will correctly restore the hash > filters at the driver level if it has to enable ALLMULTI mode. > > You almost certainly don't want to set PROMISC if you are ever going to > do any kind of IP forwarding, although I believe I fixed that historic > bug whereby the IP layer kept seeing its own packets about a year ago. > > later > BMS Hi Bruce, Thanks for the response. I have a quick grep of the src tree to find an example of this being used and only found the following from wpa_supplicant and I have a few questions: * I am presuming that this will do what I want, am I correct? * If I was only ever to add the address to an interface an never delete it would this cause any problems? I.e. when lldpd ends, or is restarted and tries to add the address again? * Alternatively is there a way to query the filter to ask what addresses it is currently programmed for? At this stage I am not looking for portability, I just want a working solution for a FreeBSD only shop. Thanks again Tom From contrib/wpa_supplicant/driver_wired.c: static int wpa_driver_wired_multi(const char *ifname, const u8 *addr, int add) { struct ifreq ifr; int s; s = socket(PF_INET, SOCK_DGRAM, 0); if (s < 0) { perror("socket"); return -1; } memset(&ifr, 0, sizeof(ifr)); strncpy(ifr.ifr_name, ifname, IFNAMSIZ); ifr.ifr_hwaddr.sa_family = AF_UNSPEC; memcpy(ifr.ifr_hwaddr.sa_data, addr, ETH_ALEN); if (ioctl(s, add ? SIOCADDMULTI : SIOCDELMULTI, (caddr_t) &ifr) < 0) { perror("ioctl[SIOC{ADD/DEL}MULTI]"); close(s); return -1; } close(s); return 0; }