Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> wrote:
> On Thu, Apr 25, 2013 at 12:43:29PM +0200, Florian Westphal wrote:
> > We ask for 0xffff copy size, so we need a buffer that can
> > hold 0xffff, plus a few more bytes to allow for netlink attributes.
> >
> > Also, turn off/handle ENOBUFS.
> >
> > Signed-off-by: Florian Westphal <fw@xxxxxxxxx>
> > ---
> > examples/nf-queue.c | 38 +++++++++++++++++++++++++-------------
> > 1 files changed, 25 insertions(+), 13 deletions(-)
> >
> > diff --git a/examples/nf-queue.c b/examples/nf-queue.c
> > index 7adac21..57ba483 100644
> > --- a/examples/nf-queue.c
> > +++ b/examples/nf-queue.c
> > @@ -1,3 +1,4 @@
> > +#include <errno.h>
> > #include <stdio.h>
> > #include <stdlib.h>
> > #include <unistd.h>
> > @@ -82,7 +83,8 @@ static int queue_cb(const struct nlmsghdr *nlh, void *data)
> >
> > int main(int argc, char *argv[])
> > {
> > - char buf[MNL_SOCKET_BUFFER_SIZE];
> > + char *buf;
> > + size_t sizeof_buf = 0xffff + 2084;
>
> I think users will appreciate a comment to explain why those black
> magic numbers are there ;-). Probably using MNL_SOCKET_BUFFER_SIZE/2
> instead of 2084.
Good point :-)
I'll do that and add a comment explaining this, e.g.
"largest possible packet payload, plus netlink data overhead"
> > + /* ENOBUFS is signalled to userspace when packets were lost
> > + * on kernel side. In most cases, userspace isn't interested
> > + * in this information, so turn it off.
> > + */
> > + ret = 1;
> > + mnl_socket_setsockopt(nl, NETLINK_NO_ENOBUFS, &ret, sizeof(int));
> >
> > - ret = mnl_socket_recvfrom(nl, buf, sizeof(buf));
> > + for (;;) {
> > + ret = mnl_socket_recvfrom(nl, buf, sizeof_buf);
> > if (ret == -1) {
> > + if (errno == ENOBUFS) /* messages were lost */
>
> Hm, you disabled ENOBUFS errors, right?
True. I'll remove the check.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
