[Oisf-devel] [PATCH 1/2] Add interface setting discovery via ioctl

Eric Leblond eleblond at edenwall.com
Mon Nov 29 22:58:09 UTC 2010


This patch adds support for MTU discovery of link following idea
of go.ph1g. It also adds some function to give a approximation of
link header length.

Signed-off-by: Eric Leblond <eleblond at edenwall.com>
---
 src/Makefile.am  |    3 +-
 src/util-ioctl.c |  118 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
 src/util-ioctl.h |   25 +++++++++++
 3 files changed, 145 insertions(+), 1 deletions(-)
 create mode 100644 src/util-ioctl.c
 create mode 100644 src/util-ioctl.h

diff --git a/src/Makefile.am b/src/Makefile.am
index 312bc9b..1ce796e 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -226,7 +226,8 @@ win32-service.c win32-service.h \
 util-action.c util-action.h \
 win32-syslog.h \
 util-profiling.c util-profiling.h \
-cuda-packet-batcher.c cuda-packet-batcher.h
+cuda-packet-batcher.c cuda-packet-batcher.h \
+util-ioctl.h util-ioctl.c
 
 # set the include path found by configure
 INCLUDES= $(all_includes)
diff --git a/src/util-ioctl.c b/src/util-ioctl.c
new file mode 100644
index 0000000..f52e210
--- /dev/null
+++ b/src/util-ioctl.c
@@ -0,0 +1,118 @@
+/* Copyright (C) 2010 Open Information Security Foundation
+ *
+ * You can copy, redistribute or modify this Program under the terms of
+ * the GNU General Public License version 2 as published by the Free
+ * Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * version 2 along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301, USA.
+ */
+
+/**
+ * \file
+ *
+ * \author Eric Leblond <eleblond at edenwall.com>
+ */
+
+#include "suricata-common.h"
+#include "conf.h"
+
+#include <sys/ioctl.h>
+#include <net/if.h>
+
+/** 
+ * \brief output a majorant of hardware header length
+ * 
+ * \param Name of a network interface
+ */
+int IfaceGetMaxHWHeaderLength(char *pcap_dev)
+{
+    if ((!strncmp("eth", pcap_dev, 3))
+            ||
+            (!strncmp("br", pcap_dev, 2))
+            ||
+            (!strncmp("bond", pcap_dev, 4))
+            ||
+            (!strncmp("wlan", pcap_dev, 4))
+            ||
+            (!strncmp("tun", pcap_dev, 3))
+            ||
+            (!strncmp("tap", pcap_dev, 3))
+            ||
+            (!strncmp("lo", pcap_dev, 2))
+       )
+        return ETHERNET_HEADER_LEN;
+    if (
+            (!strncmp("ppp", pcap_dev, 3))
+       )
+        return SLL_HEADER_LEN;
+    /* SLL_HEADER_LEN is the biggest one */
+    return SLL_HEADER_LEN;
+}
+
+/** 
+ * \brief output the link MTU
+ * 
+ * \param Name of link
+ * \retval -1 in case of error, 0 if MTU can not be found
+ */
+int IfaceGetMTU(char *pcap_dev)
+{
+#ifdef SIOCGIFMTU
+    struct ifreq ifr;
+    int fd;
+
+    (void) strlcpy(ifr.ifr_name, pcap_dev, sizeof(ifr.ifr_name));
+    fd = socket(AF_INET, SOCK_DGRAM, 0);
+    if (fd == -1)
+        return -1;
+
+    if (ioctl(fd, SIOCGIFMTU, (char *)&ifr) < 0) {
+        SCLogInfo("Failure when trying to get MTU via ioctl: %d",
+                errno);
+        close(fd);
+        return -1;
+    }
+    close(fd);
+    SCLogInfo("Found an MTU of %d for '%s'", ifr.ifr_mtu,
+            pcap_dev);
+    return ifr.ifr_mtu;
+#else
+    /* ioctl is not defined, let's pretend returning 0 is ok */
+    return 0;
+#endif
+}
+
+/** 
+ * \brief output max payload size for a link
+ *
+ * This does a best effort to find the maximum packet size
+ * for the link. In case of uncertainty, it will output a 
+ * majorant to be sure avoid the cost of dynamic allocation.
+ *
+ * \param Name of a network interface
+ * \retval 0 in case of error
+ */
+int IfaceGetMaxPayloadSize(char *pcap_dev)
+{
+    int ll_header = IfaceGetMaxHWHeaderLength(pcap_dev);
+    int mtu = IfaceGetMTU(pcap_dev);
+    switch (mtu) {
+        case 0:
+        case -1:
+            return 0;
+    }
+    if (ll_header == -1) {
+        /* be conservative, choose a big one */
+        ll_header = 16;
+    }
+    return ll_header + mtu;
+}
+
diff --git a/src/util-ioctl.h b/src/util-ioctl.h
new file mode 100644
index 0000000..c7549e0
--- /dev/null
+++ b/src/util-ioctl.h
@@ -0,0 +1,25 @@
+/* Copyright (C) 2010 Open Information Security Foundation
+ *
+ * You can copy, redistribute or modify this Program under the terms of
+ * the GNU General Public License version 2 as published by the Free
+ * Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * version 2 along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301, USA.
+ */
+
+/**
+ * \file
+ *
+ * \author Eric Leblond <eleblond at edenwall.com>
+ */
+
+int IfaceGetMTU(char *pcap_dev);
+int IfaceGetMaxPayloadSize(char *pcap_dev);
-- 
1.7.1




More information about the Oisf-devel mailing list