socket() datalink bug

Ricardo (rjpp@mega.ist.utl.pt)
Thu, 20 Mar 2003 17:01:20 +0000 (WET)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Chris Friesen: "Re: Non-__init functions calling __init functions"
Previous message: Philippe Gramoullé: "Re: Hard freeze with 2.5.65-mm1"

This was found while experimenting with a sniffer, so I have IFF_PROMISC
set when doing the recv(). And my kernel is a 2.4.19-gentoo-r9, but a
normal 2.4.18 from slackware 8.1 has the same behavior.

socket(PF_PACKET,SOCK_RAW,htons(ETH_P_IP));

Does not return a copy of the packets send by the computer you are on. It
returns the IP traffic that other people send normally. So the sniffer
can't see packets from the computer it is running on. This shouldn't be so
as htons(ETH_P_IP) should only be a filter that would return IP only
packets.

socket(PF_PACKET,SOCK_RAW,htons(ETH_P_ALL));

Works just fine, so I think the filter is excluding too much.
Or isn't it a bug?

Please Cc it to me as I haven't subscribed the mailing list.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Chris Friesen: "Re: Non-__init functions calling __init functions"
Previous message: Philippe Gramoullé: "Re: Hard freeze with 2.5.65-mm1"