On Sat, 03 May 2014 11:01:19 -0700, Hettiarachchige Hasitha Shan said: > In the concept, it is required to obtain the list of neighbors within the > LAN. I did some research online and I found out that I can obtain IPv4/ IPv6 > neighbors by typing > in "ip -4 neigh show" or "ip -6 neigh show" in the terminal where this > feature is implemented by the module neighbour. > > My query is , If I am to obtain these information programatically through > my kernel module, which methods should I call. Step 0: Figure out why a packet security module even *cares* what neighbors are known. Why do you care if a neighbor is known or not? First, figure out under what conditions a neighbor becomes known. What security decisions are you planning to make based on "IPv4 address is in ARP table"? Whether an address is in the ARP table is orthogonal to whether you should trust the host or not. A trusted host can fail to be in the neighbor table simply because the ARP entry has aged out. Or an untrusted host can be *in* your ARP table....) Step 1: When making security decisions, you probably don't need a list of *all* neighbors - you only need an answer to "is *this* neighbor known or not". And that would be a different API. (For bonus points, consider the case of a trusted host that has a longer ARP table timeout than yours - then you can receive a packet from the host without them ARP'ing for you first, but you still don't have a ARP entry for them.
Attachment:
pgpTGmpOxFnbK.pgp
Description: PGP signature
_______________________________________________ Kernelnewbies mailing list Kernelnewbies@xxxxxxxxxxxxxxxxx http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
