Age | Commit message (Collapse) | Author | Files | Lines |
|
Since frames are stored more compressed and contiguous, we can also
enable jumbo support in pcap dumps by default, since we have no further
restrictions in terms of ring buffer frame size.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
Lets migrate capturing to TPACKET_V3, since it will bring a better
performance due to fewer page cache misses caused by a higher density
of packets, since now they are contigous placed in the ring buffer.
It is said that TPACKET_V3 brings the following benefits:
*) ~15 - 20% reduction in CPU-usage
*) ~20% increase in packet capture rate
*) ~2x increase in packet density
*) Port aggregation analysis
*) Non static frame size to capture entire packet payload
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
Prepare TPACKET_V3 for allowing to transparently setting up the
frame structure such that we do not need to change much in the
netsniff-ng/trafgen code.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
Prepare setup_rx_ring_layout for both, v2 and v3. Also do some checks
during compile time if offsets stay the same as we operate on different
union mappings.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
The two functions timer_elapsed() and timer_next_dump() both take an
argument which they don't use. Annotate them appropriately using the
__maybe_unused attribute.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Include long version string into tools when called with --version.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
Add the __noreturn attribute to all functions which wont return but call
die() themselves to exit().
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Replace "on default" by "by default", make it a bit more clear what the
seed in the -E/--seed option is for and mention exit after display of
information on --version and --help.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Break out the timestamping part of the ring.h file, since it's not
directly related to the {t,r}x_ring. Also inlining doesn't make
sense here.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
For TX this call is completly useless and has no effect whatsoever.
Therefore, remove it. For the RX part, this call makes perfect
sense, not for the other one currently.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
When we're still root, we tell the kernel to lock/protect all current
and future pages in memory so that they will not be swapped out in
case the system uses up too much. Now when we do xzmalloc_aligned(),
it calls internally posix_memalign() that can call mmap(2), thus we
will get an EAGAIN as errno, since we're not root anymore and since
we wanted to touch sth. that belongs to root. Nasty. Fix this up by
only protecting these pages when we do not use -u/-g.
Reported-by: Doug Burks <doug.burks@gmail.com>
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
When using netsniff-ng with dropping priviledges, we have to introduce
another pcap helper function that is called once before we drop the
priviledges. In this function we have to invoke the disc I/O scheduler
policy, because it needs priviledges. Otherwise netsniff-ng will fail
with "Failed to set io prio for pid" on startup, since we're not root
anymore.
Reported-by: Doug Burks <doug.burks@gmail.com>
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
There is actually no reason why netsniff-ng should fail if the NIC is
down at startup. We still can setup everything and already capture at
the time it goes up. This might be useful when replugging cables on
servers, for instance.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
If we unmap TX ring buffers and still have timer shots that trigger
the kernel to traverse the TX_RING, it can send out random crap in
some situations. Prevent this by destroying the timer and flush the
TX_RING first in wait mode.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
Before we do calculations on statistics, check if we really got them.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
Let us check the return value when the timer triggers a TX flush
request to the kernel. However, ignore the case of BADFS and NOBUFS.
The socket could already have been closed before the timer triggers
in the first case, and in the second, we just let the next timer
continue processing if currently the buffer space is exhausted.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
Covertiy detected that when we redirect sdtin/stdout either via
``-i -'' or ``-o -'', we also need to properly close it when it
goes out of scope.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
We decided to get rid of the old Git history and start a new one for
several reasons:
*) Allow / enforce only high-quality commits (which was not the case
for many commits in the history), have a policy that is more close
to the one from the Linux kernel. With high quality commits, we
mean code that is logically split into commits and commit messages
that are signed-off and have a proper subject and message body.
We do not allow automatic Github merges anymore, since they are
total bullshit. However, we will either cherry-pick your patches
or pull them manually.
*) The old archive was about ~27MB for no particular good reason.
This basically derived from the bad decision that also some PDF
files where stored there. From this moment onwards, no binary
objects are allowed to be stored in this repository anymore.
The old archive is not wiped away from the Internet. You will still
be able to find it, e.g. on git.cryptoism.org etc.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|