Re: [netsniff-ng] netsniff-ng: Do we need to set IO prio when do only read from pcap ?
On Wed, Apr 22, 2015 at 05:37:42PM +0200, Daniel Borkmann wrote: > On 04/22/2015 05:09 PM, Vadim Kochan wrote: > ... > >Sure, I will try to fix it, really I dont have a fix yet. The issue goes > >from pcap ops in init one function, where IO prio is set, the first > >think which came up in my mind is to have separate pcap ops for read > >only where set IO prio will be not called ... but I am not sure if it is > >correct. > > I think we have two options: > > 1) Don't panic on error, but perhaps just throw a warning to the user >instead in case of insufficient permissions. > > 2) Change init_once_pcap() into void (*init_once_pcap)(bool enforce_prio); >and push down the enforcement into the various functions, and inside >read_pcap(), you'd set __pcap_io->init_once_pcap(false). And in case >the enforcement is not set, we just move on silently. > > Perhaps 2nd option is cleaner? OK, I 've send a fix but it needs also to be applied the patch with a title: [PATCH] netsniff-ng: Seems typo in getting current group id https://groups.google.com/forum/?hl=en#!topic/netsniff-ng/7vKdK3FesSU Because of initializing wrong ctx->gid the user could not change the group because of the permissions when reading pcap file. Regards, -- You received this message because you are subscribed to the Google Groups "netsniff-ng" group. To unsubscribe from this group and stop receiving emails from it, send an email to netsniff-ng+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [netsniff-ng] netsniff-ng: Do we need to set IO prio when do only read from pcap ?
On Wed, Apr 22, 2015 at 05:37:42PM +0200, Daniel Borkmann wrote:
> On 04/22/2015 05:09 PM, Vadim Kochan wrote:
> ...
> >Sure, I will try to fix it, really I dont have a fix yet. The issue goes
> >from pcap ops in init one function, where IO prio is set, the first
> >think which came up in my mind is to have separate pcap ops for read
> >only where set IO prio will be not called ... but I am not sure if it is
> >correct.
>
> I think we have two options:
>
> 1) Don't panic on error, but perhaps just throw a warning to the user
>instead in case of insufficient permissions.
>
> 2) Change init_once_pcap() into void (*init_once_pcap)(bool enforce_prio);
>and push down the enforcement into the various functions, and inside
>read_pcap(), you'd set __pcap_io->init_once_pcap(false). And in case
>the enforcement is not set, we just move on silently.
>
> Perhaps 2nd option is cleaner?
Sure 2nd looks OK, but still what about this pcap_rw.c: ?
const struct pcap_file_ops pcap_rw_ops = {
.init_once_pcap = pcap_rw_init_once,
.pull_fhdr_pcap = pcap_generic_pull_fhdr,
.push_fhdr_pcap = pcap_generic_push_fhdr,
.read_pcap = pcap_rw_read,
.write_pcap = pcap_rw_write,
.fsync_pcap = pcap_rw_fsync,
};
New ops goes right after:
const struct pcap_file_ops pcap_ro_ops = {
.pull_fhdr_pcap = pcap_generic_pull_fhdr,
.read_pcap = pcap_rw_read,
};
Also it requires to use new pcap ops index in pcap_io.h:
static const struct pcap_file_ops *pcap_ops[] __maybe_unused = {
[PCAP_OPS_RW] = &pcap_rw_ops,
[PCAP_OPS_RO] = &pcap_ro_ops,
[PCAP_OPS_SG] = &pcap_sg_ops,
[PCAP_OPS_MM] = &pcap_mm_ops,
};
--
You received this message because you are subscribed to the Google Groups
"netsniff-ng" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to netsniff-ng+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Re: [netsniff-ng] netsniff-ng: Do we need to set IO prio when do only read from pcap ?
On 04/22/2015 05:09 PM, Vadim Kochan wrote: ... Sure, I will try to fix it, really I dont have a fix yet. The issue goes from pcap ops in init one function, where IO prio is set, the first think which came up in my mind is to have separate pcap ops for read only where set IO prio will be not called ... but I am not sure if it is correct. I think we have two options: 1) Don't panic on error, but perhaps just throw a warning to the user instead in case of insufficient permissions. 2) Change init_once_pcap() into void (*init_once_pcap)(bool enforce_prio); and push down the enforcement into the various functions, and inside read_pcap(), you'd set __pcap_io->init_once_pcap(false). And in case the enforcement is not set, we just move on silently. Perhaps 2nd option is cleaner? -- You received this message because you are subscribed to the Google Groups "netsniff-ng" group. To unsubscribe from this group and stop receiving emails from it, send an email to netsniff-ng+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [netsniff-ng] netsniff-ng: Do we need to set IO prio when do only read from pcap ?
On Wed, Apr 22, 2015 at 05:02:52PM +0200, Daniel Borkmann wrote: > On 04/22/2015 05:00 PM, Vadim Kochan wrote: > >Hi, > > > >It is not possible to just read pcap by netsniff-ng if user permissions > >does not allow to set processes IO prio, so it is really needed to do it > >just for print pcap file ? > > Thanks for the report Vadim! > > No, it's not a requirement. Do you mind sending a patch? > > Thanks, > Daniel > > -- > You received this message because you are subscribed to the Google Groups > "netsniff-ng" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to netsniff-ng+unsubscr...@googlegroups.com. > For more options, visit https://groups.google.com/d/optout. Sure, I will try to fix it, really I dont have a fix yet. The issue goes from pcap ops in init one function, where IO prio is set, the first think which came up in my mind is to have separate pcap ops for read only where set IO prio will be not called ... but I am not sure if it is correct. Regards, Vadim Kochan -- You received this message because you are subscribed to the Google Groups "netsniff-ng" group. To unsubscribe from this group and stop receiving emails from it, send an email to netsniff-ng+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [netsniff-ng] netsniff-ng: Do we need to set IO prio when do only read from pcap ?
On 04/22/2015 05:00 PM, Vadim Kochan wrote: Hi, It is not possible to just read pcap by netsniff-ng if user permissions does not allow to set processes IO prio, so it is really needed to do it just for print pcap file ? Thanks for the report Vadim! No, it's not a requirement. Do you mind sending a patch? Thanks, Daniel -- You received this message because you are subscribed to the Google Groups "netsniff-ng" group. To unsubscribe from this group and stop receiving emails from it, send an email to netsniff-ng+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[netsniff-ng] netsniff-ng: Do we need to set IO prio when do only read from pcap ?
Hi, It is not possible to just read pcap by netsniff-ng if user permissions does not allow to set processes IO prio, so it is really needed to do it just for print pcap file ? Thanks, Vadim Kochan -- You received this message because you are subscribed to the Google Groups "netsniff-ng" group. To unsubscribe from this group and stop receiving emails from it, send an email to netsniff-ng+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
