Skip to content

sock_diag(7): Netlink support for AF_INET & IPPROTO_TCP #25

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
saminiir wants to merge 35 commits into
base: master
Choose a base branch
from
Draft

sock_diag(7): Netlink support for AF_INET & IPPROTO_TCP #25

saminiir wants to merge 35 commits into from

Conversation

@saminiir
Copy link
Owner

@saminiir saminiir commented Apr 26, 2019

This PR introduces support for Netlink AF_INET/IPPROTO_TCP socket information gathering. See man sock_diag.

Useful with the ss tool (from iproute2):

$ ./tools/level-ip ss -n4t
State                             Recv-Q                          Send-Q                                                    Local Address:Port                                                      Peer Address:Port
TIME-WAIT                         0                               0                                                              10.0.0.4:43241                                                   216.58.211.142:80
TIME-WAIT                         0                               0                                                              10.0.0.4:42332                                                   216.58.211.142:80

saminiir added 30 commits March 8, 2019 19:52
@saminiir
Add addr to interface as CIDR
b9d85cd
@saminiir
Add exit_with_error macro
b390243
@saminiir
Make code blocks in README easier to copy
e2cb38e
@saminiir
Support NETLINK socket type in liblevelip
37950a3
@saminiir
Start adding AF_NETLINK socket type
2cff64b
@saminiir
Add bind syscall
5bea9bf
@saminiir
Add sendmsg recvmsg placeholders
8c7b80f
@saminiir
Start adding sendmsg mocked syscall
cb3b387
@saminiir
Start implementing Netlink & sock_diag API
1623c79
@saminiir
Start implementing recvmsg
e15d0b3
@saminiir
Mock recvmsg MSG_DONE
4543798
@saminiir
Support MSG_PEEK in recvmsg
fa0a651
@saminiir
Improve recvmsg debug prints
ad680cc
@saminiir
Set Netlink pid to 0 for kernel-like communication
6779d90 
This is enforced by e.g. the `ss` tool.
@saminiir
Do not take a pointer to packed struct member
06da9ff 
This is an error with clang, so avoid it.
@saminiir
Add Troubleshooting to getting-started document
589076e
@saminiir
Add "dummy" protocol for TCP
e3c7282
@saminiir
Store Netlink messages to a list
95984d4
@saminiir
Find socket's netlink request from list
69c6a6a
@saminiir
Add stub function for demuxing netlink request
ec0bcd3
@saminiir
Start demuxing Netlink request into response
59fc461
@saminiir
Implement basic Netlink socket filtering callback
52c239b
@saminiir
Free allocated sock_diag memory properly
dff7272
@saminiir
Consume Netlink request after use
b4fd720
@saminiir
Make ss print proper idiag_state
894d7b1 
This is the order Linux header uses, so let's switch to it.
@saminiir
Grab proper port and address info from TCPv4 socket
4ba8702
@saminiir
Use socket type for filtering
4220ab6 
This is more accurate than protocol, since e.g. SOCK_STREAM implies TCP
@saminiir
Add note about possible false deadlock detected by TSan
c84b0ca
@saminiir
Delete debug printfs
3fa611c
@saminiir
Start as root but change to uid nobody before starting stack
e6f531f 
This change is introduced because suddenly CAP_NET_ADMIN
stopped working for my Arch Linux. In essence, doing

$ sudo setcap cap_net_admin=ep $(which ip)

Has no effect anymore:

$ ip link set dev tap0 up
RTNETLINK answers: Operation not permitted

Searching the Internet, one error case is if the directory is mounted
with `nosuid`, but this does not seem to be the case in my Linux.
saminiir added 5 commits April 26, 2019 09:56
@saminiir
Killall lvl-ip processes after test suite
72e4c27
@saminiir
Print lvl-ip logs on test failure
b7f38f8
@saminiir
Manually create tap device
f9d118f 
Since iproute2 changed its capability handling, seems like it is
simpler to just guide the user to create the tap device itself.

This is also what Google's Netstack does.

iproute2/iproute2@9b13cc9
@saminiir
Revert "Killall lvl-ip processes after test suite"
34b227c 
This reverts commit 72e4c27.
@saminiir
Add more descriptive error messages on IPC socket init errors
9b7d7aa
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@saminiir @Excited-ccccly