This is the mail archive of the
systemtap@sourceware.org
mailing list for the systemtap project.
[Bug translator/13667] New: expose netfilter hook
- From: "fche at redhat dot com" <sourceware-bugzilla at sourceware dot org>
- To: systemtap at sourceware dot org
- Date: Mon, 06 Feb 2012 16:30:40 +0000
- Subject: [Bug translator/13667] New: expose netfilter hook
- Auto-submitted: auto-generated
http://sourceware.org/bugzilla/show_bug.cgi?id=13667
Bug #: 13667
Summary: expose netfilter hook
Product: systemtap
Version: unspecified
Status: NEW
Severity: normal
Priority: P2
Component: translator
AssignedTo: systemtap@sourceware.org
ReportedBy: fche@redhat.com
Classification: Unclassified
The netfilter hook mechanism is a legacy linux kernel mechanism
that (in the absence of tracepoints) could be an attractive
alternative to kprobes for monitoring or even manipulating
network traffic. See <linux/netfilter.h>, net/netfilter/core.c
nf_iterate().
Possible basic probe point syntax:
probe netfilter.hook {
do_something_with ($skb, $in, $out)
# dunno what to do with $okfn
$verdict = NF_DROP
}
With extensions expressed as filters on those $values possibly
expressed as:
probe netfilter.hook.sk_family("PF_INET").indev("eth0").outdev("eth0") {
do_something_with ($skb)
$verdict = NF_QUEUE|nf_queue_number(4)
}
--
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.