I'm using OpenWRT on a TP-LINK TL-WR703N. I need to block large quantities of multicast data on the wired side from being transmitted on Wifi. I thought I could use IGMP Snooping for this, since I found a comment "starting from 2.6.34, the kernel has IGMP snooping feature for the software bridges (disabled by default in OpenWrt)" and my kernel is 3.6.11 running r34761, but I can't find anywhere that explains how to turn this feature on.
Finally got a response here:
echo "1" > /sys/devices/virtual/net/br-lan/bridge/multicast_snooping
or set it in file sysctl.conf
Related
I'm searching for help and an opinion-advice for a network project, in which I'm working lately. This requires a Linux machine to be a passive network appliance.
Network packets come in from one network interface and come out from another interface ( net--eth0-->Linux PC--eth1-->net) without making any modifications on data.
The application, which is going to run on the Linux system, will change only the order of the packets. It is going to be a "silly" network emulator application.
The first implementation was made with RAW sockets, where read() is called every time a packet arrives to user space and write() is called when an Ethernet packet should be sent down to the NIC.
I would like to know if there is a more practical and direct way than RAW sockets, bypassing Linux's network stack.
If what you want is to bypass the kernel, DPDK in Linux and NetMap in FreeBSD are options to do just that.
Indeed this can be done in dpdk in Linux. There are l3fw and l2fwd sample applications in the examples folder of the dpdk tree, which may inspire you. Also consider using vpp, a fd.io project hosted by Linux Foundation, which can use dpdk.
Rami Rosen
I'm attempting to get kernel debugging to work during boot. I've followed all the steps to install it (how to use kgdb over ethernet(kgdboe)?) and can connect fine when I insmod after loading, but if I add this
BOOT_IMAGE=/vmlinuz-4.0.0-rc7+ root=UUID=<my_root> ro drm.debug=0x04 kgdbwait kgdboe=#<src_ip>/eth1,#<target_ip>/ vt.handoff=7
to the kernel boot line, I don't see the module loaded, and it doesn't kgdbwait.
When I look at my kern.log, I see the following:
kgdboe: eth0 does not have a in_ifaddr struct associated. Cannot get default IP address.
I have both eth0 and eth1 by the way, but only eth1 is connected.
Any suggestions? Is it just that the pcie network card isn't loaded until after boot and it's causing me issues?
Also, why would I need to specify the source or target ip addresses? Is there any way to have kgdboe accept all ip addresses, even when trying to load it at boot?
Thanks
Yes, for early kernel debug kgdboe does not really work. There are several issues, some easy to solve, some not solveable. You can hard link the required modules rather than demand load them to solve the easy issue. But the core problem is that the kgdb early wait will pause all worker threads, and nearly all of the Ethernet PCIe card drivers require worker threads, or else require IRQs. Even on the polled Ethernet driver support (very limited), the IRQ's can be preempted (or illegally hold locks), and prevent the polled Ethernet driver from functioning. As a result early kernel debug does not function with kgdboe reliably, and with some Ethernet drivers, at all. (e.g. kgdbwait on the GRUB2 boot line.) There has been occasional talk about hacking up various Ethernet driver sources to attempt to provide kgdboe support over a special purpose Ethernet driver, but none that I know of that is distributed. You are still best off with using a serial port, and for full functionality, a serial console, which can be multiplexed onto a single serial port if need be with kgdboc (agent-proxy). If true remote access is required, then remote into the debugging system that initiates the serial connection.
You can also use the USB port, but requires a specific USB<->serial USB dongle that is no longer sold. (Ajays Blue dongle). These were discontinued about 6 months ago, and there is no replacement yet. (It was a Windows debugging device adapted to Linux, and Windows has moved on to native USB3.0 debugging features, and Linux has yet to catch up to that.) So, unless you have the needed USB converter, or have another source, or have an alternative adapter, you are out of luck on USB2.0.
Serial is still your best option, sadly, even in 2016.
See: http://kdbg.wiki.kernel.org
I need to know when a specific pc (which I know ip and MAC) is plugged on the LAN. I want to avoid all polling mechanisms, is it possible under linux to achieve this ? Maybe by sniffing icmp packet?
Thx
If you are in control of the gateway, you can just sniff traffic and see if there's any from/to that host (through MAC or IP address).
If not, things get complicated, and some sort of polling is needed in most cases - in a switched network, you generally won't see the traffic destined for another host; the surest way of checking "online-ness" would be ARP, possibly by using arping (or doing the ARP requests yourself and sniffing the traffic for ARP replies).
Note that neither of these approaches are "sure-fire" - with tools like powernap, (temporarily) offline hosts can appear to be online.
You can use NMAP to scan your network with a simple ping type scan to see what hosts are online and not. This is a polling mechanism, but unless you can program the routers/switches in your network to tell your when MAC or IP address XYZ has started sending traffic, I don't know of any other way to do this.
I'm working on a network security project and I noticed something that I can't explain:
Why do we need a source hardware address field in arp? Isn't it already contained in the ethernet header?
ARP is designed this way so that it can run over other hardware, not just Ethernet. Have a look here.
I have an ssh connection to a linux machine which is hibernated after some non-activity time.
I want to make it resume, how do I do that?
(writing to /dev/mouse to simulate mouse movement didn't do the trick)
A machine that is hibernating cannot come out of sleep without pressing the power button, or sending a magic packet if the ethernet adaptor has Wake On Lan (WOL) capability and the motherboard supports that. WOL packets can only be generated on the local network, not remotely from other networks.
-Adam
In addition to what Adam has stated, some motherboards support waking from various states when an interrupt is triggered.
The key here is which state you are referring to as hibernation; are you talking about an extremely low-power mode in hardware, or software hibernation where core memory is written to disk and the machine is turned off completely? If the latter, WOL is the only possibility; if the former, than you can tell your motherboard to watch for interrupts from various sources and you can use some other means to trigger a wake-up.
A good starting point for reading is the Wake-On-LAN article on Wikipedia.
To accomplish WOL you need a few things:
First, check the BIOS of the machine you're waking to see if it supports WOL. If it does, make sure it's turned on.
Then get a program that can send WOL packets:
In linux: sudo apt-get install wakeonlan
For windows just find one to download using google. There are probably 100 different apps that do it, I don't use Windows so I don't have one to reference.
If you want to receive WOL packets from outside of your local network. Configure your router to forward port 9 to 255.255.255.255 (IP Broadcast-To-All address).
For some really useful info on the WOL protocol as well as a sample capture file that can be loaded in wireshark, see this article.