On Thu, 29 Nov 2001, chakri wrote: > There are few differences though between the code given by you and what I am > trying to do. > > 1. I am using "socket(PF_PACKET, SOCK_RAW, htons(ETH_P_ALL)" for listening > on Ethernet directly. > 2. recvfrom() api receives all the packets destined to my machine (ie. on > all the NICs supported). > > My concern was that there could be packet loss when i have one recvfrom() to > capture packets on all the NICs. So wanted to have a separate process to > listen on each NIC. > For this purpose, I was looking for a way where in I could specify to > receive packets only from a single NIC (say eth2) and not from others. > > I think, i have got a solution for this now. > > Before i call recvfrom (), I am binding the socket (packet socket) to the > interface from where i want to receive the packets and this does the trick. One warning about this: when I did the very same thing a few weeks ago, I was very surprised to find packets from the wrong interface returned by recv. It turns out that some packets can come in between the call to socket and the call to bind: so the first packets may be from other interfaces, so you must still filter them according to sll_ifindex. > But will this solve my original purpose of reducing packet loss? Well I guess it will give you one queue per interface. It all depends on whether you actually can process all the packets you get fast enough, and whether you actually want packets from all interfaces or not. If you can't process them fast enough, having more queue space won't really solve your problem. OTOH if you want packets from only one interface, ignoring other interfaces will help a lot. And if you just have small bursts, you could try to use setsockopt to maximize the socket receive buffer size. > -----Original Message----- > From: Evgeniy Polyakov [mailto:johnpol@2ka.mipt.ru] > Sent: Wednesday, November 28, 2001 6:18 PM > To: chakraa@future.futsoft.com > Cc: linux-net@vger.kernel.org > Subject: Re: Sniffing on a specific NIC > > > On Wed, 28 Nov 2001 17:49:54 +0530 > "chakri" <chakraa@future.futsoft.com> wrote: > > > Hi, > > > > I have a machine with multiple NICs supported. > > I am trying to capture packets using the PACKET_SOCKET directly on the > > Ethernet. > > It is observed that recvfrom () captures packets received on all the > NICs > > supported in the host. > > I do have a mechanism of sorting the packets based on NIC (using sa_addr > > member of sockaddr structure). But how do I capture only those packets > > coming on a specific NIC (say eth1). Is there a way wherein I specify to > > receive packets coming at a particular interface only? > > int openintf(char *d) > > { > > int fd; > struct ifreq ifr; > int s; > > > fd=socket(AF_INET, SOCK_PACKET, htons(0x800)); > if(fd < 0) > { > > perror("cant get SOCK_PACKET socket"); > exit(0); > > } > strcpy(ifr.ifr_name, d); > > s=ioctl(fd, SIOCGIFFLAGS, &ifr); > if(s < 0) > { > > close(fd); > perror("cant get > flags"); > exit(0); > } > > ifr.ifr_flags |= IFF_PROMISC; > s= > ioctl(fd, SIOCSIFFLAGS, &ifr); > if(s < 0) > perror("cant set promiscuous mode"); > return fd; > } > > > May be it is what you want? > Parameter for openintf() must be the name of an interface to open, t.e. > for example "eth1". > And after it you can read()/write() from/to obtained socket. > > > > > Re, > > Chuks > > --- > WBR. //s0mbre > > - > : send the line "unsubscribe linux-net" in > the body of a message to majordomo@vger.kernel.org > More majordomo info at http://vger.kernel.org/majordomo-info.html > -- Stéphane Doyon <sdoyon@vipswitch.com> - : send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
