#!/usr/bin/env python # -*- coding: utf-8 -*- # # update-oui.py -- update netsniff-ng oui.conf from official IEEE OUI list # # Copyright (C) 2013 Tobias Klauser # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License version 2 as # published by the Free Software Foundation. import os import sys import re import getopt try: from urllib2 import urlopen # Python 2.x except ImportError: from urllib.request import urlopen # Python 3.x DEFAULT_OUPUT_FILE = "oui.conf" DEFAULT_OUI_URL = "http://standards.ieee.org/develop/regauth/oui/oui.txt" OUI_PATTERN = re.compile(b"^\s*([a-fA-F0-9]{2})-([a-fA-F0-9]{2})-([a-fA-F0-9]{2})\s+\(hex\)\s+(.*)$") def usage(): print("""usage: {0} [OPTION...] available options: -f force overwrite of existing file -o set output file (default: {1}) -u set URL to fetch OUI list from (default: {2}) -h show this help and exit""".format(os.path.basename(sys.argv[0]), DEFAULT_OUPUT_FILE, DEFAULT_OUI_URL)) def main(): try: opts, args = getopt.getopt(sys.argv[1:], "fo:u:h") except getopt.GetoptError as err: print(str(err)) usage() sys.exit(-1) overwrite = False output_file = DEFAULT_OUPUT_FILE oui_url = DEFAULT_OUI_URL for o, a in opts: if o == '-f': overwrite = True elif o == '-o': output_file = a elif o == '-u': oui_url = a elif o == '-h': usage() sys.exit(0) else: assert False, "unhandled option" if not overwrite and os.path.exists(output_file): print("Error: output file {} already exists".format(output_file)) sys.exit(-1) print("Updating OUI information in {} from {}... ".format(output_file, oui_url)) fh_file = open(output_file, 'w') fh_url = urlopen(oui_url) n = 0 for line in fh_url: m = OUI_PATTERN.match(line) if m: fh_file.write("0x{}{}{}, {}\n".format(m.group(1), m.group(2), m.group(3), m.group(4))) n += 1 print("{} OUIs written to {}".format(n, output_file)) fh_url.close() fh_file.close() if __name__ == '__main__': main() ommitter
diff options
context:
space:
mode:
authorLiping Zhang <zlpnobody@gmail.com>2017-01-07 21:33:55 +0800
committerPablo Neira Ayuso <pablo@netfilter.org>2017-01-18 20:32:43 +0100
commitf169fd695b192dd7b23aff8e69d25a1bc881bbfa (patch)
tree2fb01bb5f8a59e9c45949a84ca79af221614a49e
parent9a6d87626252496311cd122aaa9fbf21ae19e449 (diff)
netfilter: nft_meta: deal with PACKET_LOOPBACK in netdev family
After adding the following nft rule, then ping 224.0.0.1: # nft add rule netdev t c pkttype host counter The warning complain message will be printed out again and again: WARNING: CPU: 0 PID: 10182 at net/netfilter/nft_meta.c:163 \ nft_meta_get_eval+0x3fe/0x460 [nft_meta] [...] Call Trace: <IRQ> dump_stack+0x85/0xc2 __warn+0xcb/0xf0 warn_slowpath_null+0x1d/0x20 nft_meta_get_eval+0x3fe/0x460 [nft_meta] nft_do_chain+0xff/0x5e0 [nf_tables] So we should deal with PACKET_LOOPBACK in netdev family too. For ipv4, convert it to PACKET_BROADCAST/MULTICAST according to the destination address's type; For ipv6, convert it to PACKET_MULTICAST directly. Signed-off-by: Liping Zhang <zlpnobody@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat