summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorVadim Kochan <vadim4j@gmail.com>2015-05-05 23:06:56 +0300
committerTobias Klauser <tklauser@distanz.ch>2015-05-06 09:05:47 +0200
commit096b043a8581ad43f030323a69b4e6c6e78530fa (patch)
tree99c488838fbce2ae93b107a6c43500a622c117b8
parentd8f6f8236b29ff573415d3730a66a4a39e2fb443 (diff)
sock: Fix capturing extra packets from other dev
Create PF_PACKET socket with proto=0 which does not setup packet handler and will not capture packets until bind() will be invoked. Also replaced pf_tx_socket by pf_socket as these funcs became the same, as proto arg is set to 0. Suggested-by: Daniel Borkmann <borkmann@iogearbox.net> Signed-off-by: Vadim Kochan <vadim4j@gmail.com> Acked-by: Daniel Borkmann <daniel@iogearbox.net> Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
-rw-r--r--sock.c11
-rw-r--r--sock.h1
-rw-r--r--trafgen.c2
3 files changed, 2 insertions, 12 deletions
diff --git a/sock.c b/sock.c
index fbf50d8..7cfa4a0 100644
--- a/sock.c
+++ b/sock.c
@@ -26,18 +26,9 @@ int af_socket(int af)
int pf_socket(void)
{
- int sock = socket(PF_PACKET, SOCK_RAW, htons(ETH_P_ALL));
- if (unlikely(sock < 0))
- panic("Creation of PF socket failed: %s\n", strerror(errno));
-
- return sock;
-}
-
-int pf_tx_socket(void)
-{
int sock = socket(PF_PACKET, SOCK_RAW, 0);
if (unlikely(sock < 0))
- panic("Creation of PF TX socket failed: %s\n", strerror(errno));
+ panic("Creation of PF socket failed: %s\n", strerror(errno));
return sock;
}
diff --git a/sock.h b/sock.h
index 0e680ef..50f7102 100644
--- a/sock.h
+++ b/sock.h
@@ -3,7 +3,6 @@
extern int af_socket(int af);
extern int pf_socket(void);
-extern int pf_tx_socket(void);
extern void set_nonblocking(int fd);
extern int set_nonblocking_sloppy(int fd);
extern int set_reuseaddr(int fd);
diff --git a/trafgen.c b/trafgen.c
index f981eaf..53320fe 100644
--- a/trafgen.c
+++ b/trafgen.c
@@ -822,7 +822,7 @@ static void main_loop(struct ctx *ctx, char *confname, bool slow,
fflush(stdout);
}
- sock = pf_tx_socket();
+ sock = pf_socket();
if (ctx->qdisc_path == false)
set_sock_qdisc_bypass(sock, ctx->verbose);