#keywords programming,netlink,socket,hotplug,ipsec,kernel,linux #title Netlink socket에 대하여 [wiki:Home 대문] / [wiki:CategoryProgramming 프로그래밍] / [wiki:AboutNetLinkSocket Netlink socket에 대하여] ---- == [wiki:AboutNetLinkSocket Netlink socket에 대하여] == * 작성자 조재혁([mailto:minzkn@minzkn.com]) * 고친과정 2017년 1월 9일 : 처음씀 [[TableOfContents]] === 개요 === [[attachment:netlink.png]] Netlink 는 Kernel과 User space간 원활한 정보교류를 위한 비교적 유연한 통신 방식입니다. 본 내용을 이해하기 위해서 다음의 Linux kernel header 를 먼저 열어보시고 함께 보시면 좋습니다. * "" {{{#!folding {{{#!enscript c #define NETLINK_ ... #define NLM_F_ ... #define NLMSG_ALIGNTO 4U #define NLMSG_ALIGN(len) ( ((len)+NLMSG_ALIGNTO-1) & ~(NLMSG_ALIGNTO-1) ) #define NLMSG_HDRLEN ((int) NLMSG_ALIGN(sizeof(struct nlmsghdr))) #define NLMSG_LENGTH(len) ((len) + NLMSG_HDRLEN) #define NLMSG_SPACE(len) NLMSG_ALIGN(NLMSG_LENGTH(len)) #define NLMSG_DATA(nlh) ((void*)(((char*)nlh) + NLMSG_LENGTH(0))) #define NLMSG_NEXT(nlh,len) ((len) -= NLMSG_ALIGN((nlh)->nlmsg_len), \ (struct nlmsghdr*)(((char*)(nlh)) + NLMSG_ALIGN((nlh)->nlmsg_len))) #define NLMSG_OK(nlh,len) ((len) >= (int)sizeof(struct nlmsghdr) && \ (nlh)->nlmsg_len >= sizeof(struct nlmsghdr) && \ (nlh)->nlmsg_len <= (len)) #define NLMSG_PAYLOAD(nlh,len) ((nlh)->nlmsg_len - NLMSG_SPACE((len))) #define NLMSG_NOOP 0x1 /* Nothing. */ #define NLMSG_ERROR 0x2 /* Error */ #define NLMSG_DONE 0x3 /* End of a dump */ #define NLMSG_OVERRUN 0x4 /* Data lost */ #define NLMSG_MIN_TYPE 0x10 /* < 0x10: reserved control messages */ #define NLA_ALIGNTO 4 #define NLA_ALIGN(len) (((len) + NLA_ALIGNTO - 1) & ~(NLA_ALIGNTO - 1)) #define NLA_HDRLEN ((int) NLA_ALIGN(sizeof(struct nlattr))) struct sockaddr_nl { ... }; struct nlmsghdr { ... }; struct nlattr { ... }; }}} }}} * "" {{{#!folding {{{#!enscript c #define GENL_HDRLEN NLMSG_ALIGN(sizeof(struct genlmsghdr)) #define GENL_ID_CTRL NLMSG_MIN_TYPE enum { ... CTRL_ATTR_FAMILY_ID, CTRL_ATTR_FAMILY_NAME, ... }; struct genlmsghdr { ... }; }}} }}} * "" {{{#!folding {{{#!enscript c #define RTA_ALIGNTO 4U #define RTA_ALIGN(len) ( ((len)+RTA_ALIGNTO-1) & ~(RTA_ALIGNTO-1) ) #define RTA_OK(rta,len) ((len) >= (int)sizeof(struct rtattr) && \ (rta)->rta_len >= sizeof(struct rtattr) && \ (rta)->rta_len <= (len)) #define RTA_NEXT(rta,attrlen) ((attrlen) -= RTA_ALIGN((rta)->rta_len), \ (struct rtattr*)(((char*)(rta)) + RTA_ALIGN((rta)->rta_len))) #define RTA_LENGTH(len) (RTA_ALIGN(sizeof(struct rtattr)) + (len)) #define RTA_SPACE(len) RTA_ALIGN(RTA_LENGTH(len)) #define RTA_DATA(rta) ((void*)(((char*)(rta)) + RTA_LENGTH(0))) #define RTA_PAYLOAD(rta) ((int)((rta)->rta_len) - RTA_LENGTH(0)) struct rtattr { ... }; struct rtmsg { ... }; }}} }}} * "" * "" * "" * "" * "" : (Transform) IPSec VPN에 관련한 Netlink 정의 * 예제소스 * IPSsec 관련 모니터링 예제소스 : [attachment:netlink_ipsec_monitor-source.tar.gz] * Hotplug(udev) 장치 Event 예제소스 : [attachment:mzudev-source.tar.gz] * Network interface 및 routing 정보 질의 예제소스 : [attachment:netlink_rtnetlink_monitor-source-20180628.tar.gz] * 초단간 Process 별 I/O(Read/Write) 누적량 확인 예제소스 : [attachment:netlink_iotop-source-~20190319.tar.gz] * => 보다 정확한 Netlink message 구현은 iproute2 소스 및 iotop 소스를 참고하실 것을 추천합니다. === netlink message format === 기본적으로 Netlink message는 하나 이상을 연속으로 붙여 하나의 요청(Request) 또는 응답(Response) 단위로 묶어 전송구현합니다. {{{#!plain +----------------------+----------------------+----------------------+----------------------+ ~ ~ ~ ~ ~ +----------------------+ | Netlink messaeg #1 | Netlink messaeg #2 | Netlink messaeg #3 | Netlink messaeg #4 | ... | Netlink messaeg #n | | (Header+Payload+Pad) | (Header+Payload+Pad) | (Header+Payload+Pad) | (Header+Payload+Pad) | | (Header+Payload+Pad) | +----------------------+----------------------+----------------------+----------------------+ ~ ~ ~ ~ ~ +----------------------+ <--------------------------------------------------- Request OR Response packet -----------------------------------------------> }}} 하나의 Netlink message의 Header와 Payload는 각각 정렬(Align)된 형태를 맞추기 위해서 Padding 을 포함할 수 있습니다. (정렬의 크기는 "" kernel header에 정의된 NLMSG_ALIGNTO 정의를 기준으로 하며 NLMSG_ALIGN macro 함수를 사용하여 계산할 수 있습니다.) * Netlink message format |Netlink message format| '''0''' || '''1''' || '''2''' || '''3''' || '''4''' || '''5''' || '''6''' || '''7''' || '''8''' || '''9''' || '''10''' || '''11''' || '''12''' || '''13''' || '''14''' || '''15''' || '''16''' || '''17''' || '''18''' || '''19''' || '''20''' || '''21''' || '''22''' || '''23''' || '''24''' || '''25''' || '''26''' || '''27''' || '''28''' || '''29''' || '''30''' || '''31''' |||| '''Description''' || |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| 32bit Length (Header를 포함한 message 크기) ||<|4> ↑↓16 bytes NLMSG_HDRLEN[[BR]](struct nlmsghdr) ||<|5> ↑↓Netlink message[[BR]](nlmsghdr.nlmsg_len) || |||||||||||||||||||||||||||||||| 16-bit Type (Message content) |||||||||||||||||||||||||||||||| 16-bit Flags (Additional flags) || |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| 32bit Sequence Number || |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| 32bit Process ID (PID, Sending process port ID) || |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| Payload (Variable data)[[BR]]data_ptr = NLMSG_DATA(nlmsghdr) || ↑↓(nlmsghdr.nlmsg_len - NLMSG_HDRLEN) || * Netlink message overview {{{#!plain <----- NLMSG_HDRLEN ------> <-------- Payload-Len --------> +---------------------+- - -+- - - - - - - - - - - - - - - -+ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ | Header | Pad | Payload | ... (Next netlink message) ... | (struct nlmsghdr) | ing | Specific data + [attribute..] | +---------------------+- - -+- - - - - - - - - - - - - - - -+ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ↑ nlmsghdr ↑ NLMSG_DATA(&nlmsghdr) ↑ NLMSG_NEXT(&nlmsghdr) <------------------ nlmsghdr->nlmsg_len ------------------> <------------------ NLMSG_LENGTH(Payload-Len) ------------> Payload의 선두부분은 nlmsg_type에 따른 고유 구조체(Specific data) 형식이 올 수 있으며 NLMSG_ALIGN(sizeof(Specific data)) 정렬 후 그 다음에 attribute로 구성되는게 일반적입니다. }}} * Netlink attribute overview (Netlink message payload 내에서 Specific data 뒷부분에 선택적으로 추가됨) {{{#!plain <------- NLA_HDRLEN ------> <-- NLA_ALIGN(payload)--> +---------------------+- - -+- - - - - - - - - -+- - -+ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ | Header | Pad | Payload | Pad | ... (Next attribute) ... | (struct nlattr) | ing | | ing | +---------------------+- - -+- - - - - - - - - -+- - -+ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ↑ nlattr <-------------- nlattr->nla_len --------------> nla_type (16 bits) +---+---+-------------------------------+ | N | O | Attribute Type | +---+---+-------------------------------+ N := Carries nested attributes O := Payload stored in network byte order Note: The N and O flag are mutually exclusive. }}} * netlink header struct {{{#!enscript c struct nlmsghdr { uint32_t nlmsg_len; /* Header를 포함한 Netlink message 크기 */ uint16_t nlmsg_type; /* Message content */ uint16_t nlmsg_flags; /* Additional flags */ uint32_t nlmsg_seq; /* Sequence number */ uint32_t nlmsg_pid; /* Sending process port ID */ }; }}} * netlink attribute header struct {{{#!enscript c struct nlattr { uint16_t nla_len; /* Header를 포함한 attribute 크기 */ uint16_t nla_type; /* Attribute type */ }; }}} === Generic Netlink message Overview === {{{#!plain 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Netlink message header (nlmsghdr) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Generic Netlink message header (genlmsghdr) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Optional user specific message header | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Optional Generic Netlink message payload | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ }}} "iotop" 명령어가 task 상태에 대한 모니터링을 위한 구현을 위해서 Generic Netlink를 사용하는 대표적 사용예입니다. === 구현사항에 대한 간략한 골격구조 설명 === 1. Netlink socket을 XFRM쪽으로 open {{{#!enscript c s_socket = socket(PF_NETLINK, SOCK_RAW, NETLINK_XFRM /* 6 - ipsec */); }}} 2. XFRM모듈쪽의 어떤 Group 과 통신할지를 binding {{{#!enscript c __u32 s_nl_groups; struct sockaddr_nl s_sockaddr_nl; s_nl_groups |= XFRMNLGRP_ACQUIRE; s_nl_groups |= XFRMNLGRP_EXPIRE; s_nl_groups |= XFRMNLGRP_SA; s_nl_groups |= XFRMNLGRP_POLICY; s_nl_groups |= XFRMNLGRP_AEVENTS; s_nl_groups |= XFRMNLGRP_REPORT; s_nl_groups |= XFRMNLGRP_MIGRATE; s_nl_groups |= XFRMNLGRP_MAPPING; s_sockaddr_nl.nl_family = AF_NETLINK; s_sockaddr_nl.nl_pad = (unsigned short)0u; s_sockaddr_nl.nl_pid = (pid_t)0; s_sockaddr_nl.nl_groups = s_nl_groups; /* Multicast groups mask */ bind(s_socket, (const struct sockaddr *)(&s_sockaddr_nl), (socklen_t)sizeof(s_sockaddr_nl)); }}} 3. netlink socket으로부터 Netlink protocol RAW 수신 {{{#!enscript c socklen_t s_socklen; s_socklen = (socklen_t)sizeof(s_sockaddr_nl); s_recv_bytes = recvfrom( s_socket, s_buffer, s_buffer_size, MSG_NOSIGNAL, (struct sockaddr *)(&s_sockaddr_nl), (socklen_t *)(&s_socklen) ); }}} 4. 수신된 Netlink protocol RAW data에서 Netlink header 를 통해서 각 요소별 분리 {{{#!enscript c size_t s_msg_size; struct nlmsghdr *s_nlmsghdr; size_t s_payload_size; void *s_payload; s_msg_size = (size_t)s_recv_bytes; for(s_nlmsghdr = (struct nlmsghdr *)s_buffer;(s_is_break == 0) && NLMSG_OK(s_nlmsghdr, s_msg_size);s_nlmsghdr = NLMSG_NEXT(s_nlmsghdr, s_msg_size)) { /* Netlink 수신패킷 하나에 여러개의 Netlink header가 탑재될 수 있는데 이를 각 Header 단위로 분리하는 Loop */ s_payload_size = (size_t)NLMSG_PAYLOAD(s_nlmsghdr, 0); /* Header 내의 실제 Data 크기 */ s_payload = NLMSG_DATA(s_nlmsghdr); /* Header 내의 실제 Data 위치 포인터 */ switch(s_nlmsghdr->nlmsg_type) { /* 각 메세지의 종류별로 다른 파싱구조를 가지고 있으므로 커널을 참조하여 해당 부분을 파싱해야 합니다. */ ..... } } }}} === 실제 VPN 장비에서 VPN연결과정에서 본 예제프로그램으로 Netlink 통신을 수신하여 파싱된 내용을 모니터링한 콘솔내용 === {{{#!folding 내용을 보시려면 여기를 클릭해주세요. * "XFRM_MSG_DELSA" (type=17[0011H], flags=0000H[], seq=1834996, pid=3534, len=680, payload_size=664, remain=680/680) daddr: IPv4: 10.21.1.63 spi: 3233923735[C0C1C297H] family: 2[0002H] - INET proto: 50[32H] - esp * "XFRM_MSG_DELSA" (type=17[0011H], flags=0000H[], seq=1834997, pid=3534, len=680, payload_size=664, remain=680/680) daddr: IPv4: 10.21.1.54 spi: 132448353[07E50061H] family: 2[0002H] - INET proto: 50[32H] - esp * "XFRM_MSG_UPDPOLICY" (type=25[0019H], flags=0000H[], seq=1834998, pid=3534, len=248, payload_size=232, remain=248/248) selector: daddr: IPv4 (v4 or v6 ?): 192.168.0.0 (c0a8::) saddr: IPv4 (v4 or v6 ?): 172.16.0.0 (ac10::) dport/mask: 0[0000H]/0[0000H] sport/mask: 0[0000H]/0[0000H] family: 0[0000H] - UNSPEC prefixlen_d: 0 prefixlen_s: 0 proto: 0[00H] - ip ifindex: 0 user: 0[00H] lifetime_cfg: soft_byte_limit/hard_byte_limit: 0/0 soft_packet_limit/hard_packet_limit: 17695265390592/0 soft_add_expires_seconds/hard_add_expires_seconds: 18446744073709551615/18446744073709551615 soft_use_expires_seconds/hard_use_expires_seconds: 18446744073709551615/18446744073709551615 lifetime_cur: bytes: 0 packets: 0 add_time: 0 use_time: 0 priority: 0 index: 0 dir: 0 action: 0 - POLICY_ALLOW flags: 0[00H] - share: 0[00H] * "XFRM_MSG_UPDPOLICY" (type=25[0019H], flags=0000H[], seq=1834999, pid=3534, len=248, payload_size=232, remain=248/248) selector: daddr: IPv4 (v4 or v6 ?): 172.16.0.0 (ac10::) saddr: IPv4 (v4 or v6 ?): 192.168.0.0 (c0a8::) dport/mask: 0[0000H]/0[0000H] sport/mask: 0[0000H]/0[0000H] family: 0[0000H] - UNSPEC prefixlen_d: 0 prefixlen_s: 0 proto: 0[00H] - ip ifindex: 0 user: 0[00H] lifetime_cfg: soft_byte_limit/hard_byte_limit: 0/0 soft_packet_limit/hard_packet_limit: 26456998674432/0 soft_add_expires_seconds/hard_add_expires_seconds: 18446744073709551615/18446744073709551615 soft_use_expires_seconds/hard_use_expires_seconds: 18446744073709551615/18446744073709551615 lifetime_cur: bytes: 0 packets: 0 add_time: 0 use_time: 0 priority: 0 index: 0 dir: 0 action: 0 - POLICY_ALLOW flags: 0[00H] - share: 0[00H] * "XFRM_MSG_UPDPOLICY" (type=25[0019H], flags=0000H[], seq=1835000, pid=3534, len=248, payload_size=232, remain=248/248) selector: daddr: IPv4 (v4 or v6 ?): 172.16.0.0 (ac10::) saddr: IPv4 (v4 or v6 ?): 192.168.0.0 (c0a8::) dport/mask: 0[0000H]/0[0000H] sport/mask: 0[0000H]/0[0000H] family: 0[0000H] - UNSPEC prefixlen_d: 0 prefixlen_s: 0 proto: 0[00H] - ip ifindex: 0 user: 0[00H] lifetime_cfg: soft_byte_limit/hard_byte_limit: 0/0 soft_packet_limit/hard_packet_limit: 26456998674432/0 soft_add_expires_seconds/hard_add_expires_seconds: 18446744073709551615/18446744073709551615 soft_use_expires_seconds/hard_use_expires_seconds: 18446744073709551615/18446744073709551615 lifetime_cur: bytes: 0 packets: 0 add_time: 0 use_time: 0 priority: 0 index: 0 dir: 0 action: 0 - POLICY_ALLOW flags: 0[00H] - share: 0[00H] * "XFRM_MSG_DELPOLICY" (type=20[0014H], flags=0000H[], seq=1835001, pid=3534, len=348, payload_size=332, remain=348/348) selector: daddr: IPv4 (v4 or v6 ?): 192.168.0.0 (c0a8::) saddr: IPv4 (v4 or v6 ?): 172.16.0.0 (ac10::) dport/mask: 0[0000H]/0[0000H] sport/mask: 0[0000H]/0[0000H] family: 0[0000H] - UNSPEC prefixlen_d: 0 prefixlen_s: 0 proto: 0[00H] - ip ifindex: 0 user: 0[00H] index: 0 dir: 0 * "XFRM_MSG_DELPOLICY" (type=20[0014H], flags=0000H[], seq=1835002, pid=3534, len=348, payload_size=332, remain=348/348) selector: daddr: IPv4 (v4 or v6 ?): 172.16.0.0 (ac10::) saddr: IPv4 (v4 or v6 ?): 192.168.0.0 (c0a8::) dport/mask: 0[0000H]/0[0000H] sport/mask: 0[0000H]/0[0000H] family: 0[0000H] - UNSPEC prefixlen_d: 0 prefixlen_s: 0 proto: 0[00H] - ip ifindex: 0 user: 0[00H] index: 0 dir: 0 * "XFRM_MSG_DELPOLICY" (type=20[0014H], flags=0000H[], seq=1835003, pid=3534, len=348, payload_size=332, remain=348/348) selector: daddr: IPv4 (v4 or v6 ?): 172.16.0.0 (ac10::) saddr: IPv4 (v4 or v6 ?): 192.168.0.0 (c0a8::) dport/mask: 0[0000H]/0[0000H] sport/mask: 0[0000H]/0[0000H] family: 0[0000H] - UNSPEC prefixlen_d: 0 prefixlen_s: 0 proto: 0[00H] - ip ifindex: 0 user: 0[00H] index: 0 dir: 0 * "XFRM_MSG_DELSA" (type=17[0011H], flags=0000H[], seq=1835006, pid=3534, len=680, payload_size=664, remain=680/680) daddr: IPv4: 10.21.1.64 spi: 3274289891[C329B2E3H] family: 2[0002H] - INET proto: 50[32H] - esp * "XFRM_MSG_DELSA" (type=17[0011H], flags=0000H[], seq=1835007, pid=3534, len=680, payload_size=664, remain=680/680) daddr: IPv4: 10.21.1.54 spi: 132579426[07E70062H] family: 2[0002H] - INET proto: 50[32H] - esp * "XFRM_MSG_UPDPOLICY" (type=25[0019H], flags=0000H[], seq=1835008, pid=3534, len=248, payload_size=232, remain=248/248) selector: daddr: IPv4 (v4 or v6 ?): 192.168.0.0 (c0a8::) saddr: IPv4 (v4 or v6 ?): 172.17.0.0 (ac11::) dport/mask: 0[0000H]/0[0000H] sport/mask: 0[0000H]/0[0000H] family: 0[0000H] - UNSPEC prefixlen_d: 0 prefixlen_s: 0 proto: 0[00H] - ip ifindex: 0 user: 0[00H] lifetime_cfg: soft_byte_limit/hard_byte_limit: 0/0 soft_packet_limit/hard_packet_limit: 17695265390592/0 soft_add_expires_seconds/hard_add_expires_seconds: 18446744073709551615/18446744073709551615 soft_use_expires_seconds/hard_use_expires_seconds: 18446744073709551615/18446744073709551615 lifetime_cur: bytes: 0 packets: 0 add_time: 0 use_time: 0 priority: 0 index: 0 dir: 0 action: 0 - POLICY_ALLOW flags: 0[00H] - share: 0[00H] * "XFRM_MSG_UPDPOLICY" (type=25[0019H], flags=0000H[], seq=1835009, pid=3534, len=248, payload_size=232, remain=248/248) selector: daddr: IPv4 (v4 or v6 ?): 172.17.0.0 (ac11::) saddr: IPv4 (v4 or v6 ?): 192.168.0.0 (c0a8::) dport/mask: 0[0000H]/0[0000H] sport/mask: 0[0000H]/0[0000H] family: 0[0000H] - UNSPEC prefixlen_d: 0 prefixlen_s: 0 proto: 0[00H] - ip ifindex: 0 user: 0[00H] lifetime_cfg: soft_byte_limit/hard_byte_limit: 0/0 soft_packet_limit/hard_packet_limit: 26456998674432/0 soft_add_expires_seconds/hard_add_expires_seconds: 18446744073709551615/18446744073709551615 soft_use_expires_seconds/hard_use_expires_seconds: 18446744073709551615/18446744073709551615 lifetime_cur: bytes: 0 packets: 0 add_time: 0 use_time: 0 priority: 0 index: 0 dir: 0 action: 0 - POLICY_ALLOW flags: 0[00H] - share: 0[00H] * "XFRM_MSG_UPDPOLICY" (type=25[0019H], flags=0000H[], seq=1835010, pid=3534, len=248, payload_size=232, remain=248/248) selector: daddr: IPv4 (v4 or v6 ?): 172.17.0.0 (ac11::) saddr: IPv4 (v4 or v6 ?): 192.168.0.0 (c0a8::) dport/mask: 0[0000H]/0[0000H] sport/mask: 0[0000H]/0[0000H] family: 0[0000H] - UNSPEC prefixlen_d: 0 prefixlen_s: 0 proto: 0[00H] - ip ifindex: 0 user: 0[00H] lifetime_cfg: soft_byte_limit/hard_byte_limit: 0/0 soft_packet_limit/hard_packet_limit: 26456998674432/0 soft_add_expires_seconds/hard_add_expires_seconds: 18446744073709551615/18446744073709551615 soft_use_expires_seconds/hard_use_expires_seconds: 18446744073709551615/18446744073709551615 lifetime_cur: bytes: 0 packets: 0 add_time: 0 use_time: 0 priority: 0 index: 0 dir: 0 action: 0 - POLICY_ALLOW flags: 0[00H] - share: 0[00H] * "XFRM_MSG_DELPOLICY" (type=20[0014H], flags=0000H[], seq=1835011, pid=3534, len=348, payload_size=332, remain=348/348) selector: daddr: IPv4 (v4 or v6 ?): 192.168.0.0 (c0a8::) saddr: IPv4 (v4 or v6 ?): 172.17.0.0 (ac11::) dport/mask: 0[0000H]/0[0000H] sport/mask: 0[0000H]/0[0000H] family: 0[0000H] - UNSPEC prefixlen_d: 0 prefixlen_s: 0 proto: 0[00H] - ip ifindex: 0 user: 0[00H] index: 0 dir: 0 * "XFRM_MSG_DELPOLICY" (type=20[0014H], flags=0000H[], seq=1835012, pid=3534, len=348, payload_size=332, remain=348/348) selector: daddr: IPv4 (v4 or v6 ?): 172.17.0.0 (ac11::) saddr: IPv4 (v4 or v6 ?): 192.168.0.0 (c0a8::) dport/mask: 0[0000H]/0[0000H] sport/mask: 0[0000H]/0[0000H] family: 0[0000H] - UNSPEC prefixlen_d: 0 prefixlen_s: 0 proto: 0[00H] - ip ifindex: 0 user: 0[00H] index: 0 dir: 0 * "XFRM_MSG_DELPOLICY" (type=20[0014H], flags=0000H[], seq=1835013, pid=3534, len=348, payload_size=332, remain=348/348) selector: daddr: IPv4 (v4 or v6 ?): 172.17.0.0 (ac11::) saddr: IPv4 (v4 or v6 ?): 192.168.0.0 (c0a8::) dport/mask: 0[0000H]/0[0000H] sport/mask: 0[0000H]/0[0000H] family: 0[0000H] - UNSPEC prefixlen_d: 0 prefixlen_s: 0 proto: 0[00H] - ip ifindex: 0 user: 0[00H] index: 0 dir: 0 * "XFRM_MSG_DELSA" (type=17[0011H], flags=0000H[], seq=1835016, pid=3534, len=680, payload_size=664, remain=680/680) daddr: IPv4: 10.21.1.65 spi: 3366946281[C8AF85E9H] family: 2[0002H] - INET proto: 50[32H] - esp * "XFRM_MSG_DELSA" (type=17[0011H], flags=0000H[], seq=1835017, pid=3534, len=680, payload_size=664, remain=680/680) daddr: IPv4: 10.21.1.54 spi: 132710499[07E90063H] family: 2[0002H] - INET proto: 50[32H] - esp * "XFRM_MSG_UPDPOLICY" (type=25[0019H], flags=0000H[], seq=1835018, pid=3534, len=248, payload_size=232, remain=248/248) selector: daddr: IPv4 (v4 or v6 ?): 192.168.0.0 (c0a8::) saddr: IPv4 (v4 or v6 ?): 172.18.0.0 (ac12::) dport/mask: 0[0000H]/0[0000H] sport/mask: 0[0000H]/0[0000H] family: 0[0000H] - UNSPEC prefixlen_d: 0 prefixlen_s: 0 proto: 0[00H] - ip ifindex: 0 user: 0[00H] lifetime_cfg: soft_byte_limit/hard_byte_limit: 0/0 soft_packet_limit/hard_packet_limit: 17695265390592/0 soft_add_expires_seconds/hard_add_expires_seconds: 18446744073709551615/18446744073709551615 soft_use_expires_seconds/hard_use_expires_seconds: 18446744073709551615/18446744073709551615 lifetime_cur: bytes: 0 packets: 0 add_time: 0 use_time: 0 priority: 0 index: 0 dir: 0 action: 0 - POLICY_ALLOW flags: 0[00H] - share: 0[00H] * "XFRM_MSG_UPDPOLICY" (type=25[0019H], flags=0000H[], seq=1835019, pid=3534, len=248, payload_size=232, remain=248/248) selector: daddr: IPv4 (v4 or v6 ?): 172.18.0.0 (ac12::) saddr: IPv4 (v4 or v6 ?): 192.168.0.0 (c0a8::) dport/mask: 0[0000H]/0[0000H] sport/mask: 0[0000H]/0[0000H] family: 0[0000H] - UNSPEC prefixlen_d: 0 prefixlen_s: 0 proto: 0[00H] - ip ifindex: 0 user: 0[00H] lifetime_cfg: soft_byte_limit/hard_byte_limit: 0/0 soft_packet_limit/hard_packet_limit: 26456998674432/0 soft_add_expires_seconds/hard_add_expires_seconds: 18446744073709551615/18446744073709551615 soft_use_expires_seconds/hard_use_expires_seconds: 18446744073709551615/18446744073709551615 lifetime_cur: bytes: 0 packets: 0 add_time: 0 use_time: 0 priority: 0 index: 0 dir: 0 action: 0 - POLICY_ALLOW flags: 0[00H] - share: 0[00H] * "XFRM_MSG_UPDPOLICY" (type=25[0019H], flags=0000H[], seq=1835020, pid=3534, len=248, payload_size=232, remain=248/248) selector: daddr: IPv4 (v4 or v6 ?): 172.18.0.0 (ac12::) saddr: IPv4 (v4 or v6 ?): 192.168.0.0 (c0a8::) dport/mask: 0[0000H]/0[0000H] sport/mask: 0[0000H]/0[0000H] family: 0[0000H] - UNSPEC prefixlen_d: 0 prefixlen_s: 0 proto: 0[00H] - ip ifindex: 0 user: 0[00H] lifetime_cfg: soft_byte_limit/hard_byte_limit: 0/0 soft_packet_limit/hard_packet_limit: 26456998674432/0 soft_add_expires_seconds/hard_add_expires_seconds: 18446744073709551615/18446744073709551615 soft_use_expires_seconds/hard_use_expires_seconds: 18446744073709551615/18446744073709551615 lifetime_cur: bytes: 0 packets: 0 add_time: 0 use_time: 0 priority: 0 index: 0 dir: 0 action: 0 - POLICY_ALLOW flags: 0[00H] - share: 0[00H] * "XFRM_MSG_DELPOLICY" (type=20[0014H], flags=0000H[], seq=1835021, pid=3534, len=348, payload_size=332, remain=348/348) selector: daddr: IPv4 (v4 or v6 ?): 192.168.0.0 (c0a8::) saddr: IPv4 (v4 or v6 ?): 172.18.0.0 (ac12::) dport/mask: 0[0000H]/0[0000H] sport/mask: 0[0000H]/0[0000H] family: 0[0000H] - UNSPEC prefixlen_d: 0 prefixlen_s: 0 proto: 0[00H] - ip ifindex: 0 user: 0[00H] index: 0 dir: 0 * "XFRM_MSG_DELPOLICY" (type=20[0014H], flags=0000H[], seq=1835022, pid=3534, len=348, payload_size=332, remain=348/348) selector: daddr: IPv4 (v4 or v6 ?): 172.18.0.0 (ac12::) saddr: IPv4 (v4 or v6 ?): 192.168.0.0 (c0a8::) dport/mask: 0[0000H]/0[0000H] sport/mask: 0[0000H]/0[0000H] family: 0[0000H] - UNSPEC prefixlen_d: 0 prefixlen_s: 0 proto: 0[00H] - ip ifindex: 0 user: 0[00H] index: 0 dir: 0 * "XFRM_MSG_DELPOLICY" (type=20[0014H], flags=0000H[], seq=1835023, pid=3534, len=348, payload_size=332, remain=348/348) selector: daddr: IPv4 (v4 or v6 ?): 172.18.0.0 (ac12::) saddr: IPv4 (v4 or v6 ?): 192.168.0.0 (c0a8::) dport/mask: 0[0000H]/0[0000H] sport/mask: 0[0000H]/0[0000H] family: 0[0000H] - UNSPEC prefixlen_d: 0 prefixlen_s: 0 proto: 0[00H] - ip ifindex: 0 user: 0[00H] index: 0 dir: 0 * "XFRM_MSG_UPDSA" (type=26[001AH], flags=0000H[], seq=1835027, pid=3534, len=652, payload_size=636, remain=652/652) selector: daddr: IPv4 (UNSPECIFIED): 0.0.0.0 (::) saddr: IPv4 (UNSPECIFIED): 0.0.0.0 (::) dport/mask: 0[0000H]/0[0000H] sport/mask: 0[0000H]/0[0000H] family: 0[0000H] - UNSPEC prefixlen_d: 0 prefixlen_s: 0 proto: 0[00H] - ip ifindex: 0 user: 0[00H] id: daddr: IPv4 (UNSPECIFIED): 0.0.0.0 (::) spi: 0[00000000H] proto: 0[00H] - ip saddr: IPv? (UNSPEC): family=0[0000H] IPv4: 0.0.0.0 IPv6: ::a15:140:0:0 hex dump: 00000000 00 00 00 00 00 00 00 00 | 0A 15 01 40 00 00 00 00 [...........@....] lifetime_cfg: soft_byte_limit/hard_byte_limit: 0/216245484232 soft_packet_limit/hard_packet_limit: 906040586/0 soft_add_expires_seconds/hard_add_expires_seconds: 18446744073709551615/18446744073709551615 soft_use_expires_seconds/hard_use_expires_seconds: 18446744073709551615/18446744073709551615 lifet[533720.015428] kjournald starting. Commit interval 5 seconds ime_cur: by[533720.036463] EXT3-fs (sda2): warning: maximal mount count reached, running e2fsck is recommended tes: 28343 [533720.067021] EXT3-fs (sda2): using internal journal packets: 28800 [533720.085621] EXT3-fs (sda2): mounted filesystem with ordered data mode add_time: 0 use_time: 0 stats: replay_window/replay: 0/0 integrity_failed: 0[00000000H] seq: 0 reqid: 1483947834 family: 0[0000H] - UNSPEC mode: 0[00H] - TRANSPORT replay_window: 0[00H] flags: 0[00H] - * "XFRM_MSG_NEWSA" (type=16[0010H], flags=0000H[], seq=1835028, pid=3534, len=652, payload_size=636, remain=652/652) selector: daddr: IPv4 (UNSPECIFIED): 0.0.0.0 (::) saddr: IPv4 (UNSPECIFIED): 0.0.0.0 (::) dport/mask: 0[0000H]/0[0000H] sport/mask: 0[0000H]/0[0000H] family: 0[0000H] - UNSPEC prefixlen_d: 0 prefixlen_s: 0 proto: 0[00H] - ip ifindex: 0 user: 0[00H] id: daddr: IPv4 (UNSPECIFIED): 0.0.0.0 (::) spi: 0[00000000H] proto: 0[00H] - ip saddr: IPv? (UNSPEC): family=0[0000H] IPv4: 0.0.0.0 IPv6: ::a15:136:0:0 hex dump: 00000000 00 00 00 00 00 00 00 00 | 0A 15 01 36 00 00 00 00 [...........6....] lifetime_cfg: soft_byte_limit/hard_byte_limit: 0/216426146567 soft_packet_limit/hard_packet_limit: 1073812746/0 soft_add_expires_seconds/hard_add_expires_seconds: 18446744073709551615/18446744073709551615 soft_use_expires_seconds/hard_use_expires_seconds: 18446744073709551615/18446744073709551615 lifetime_cur: bytes: 28381 packets: 28800 add_time: 0 use_time: 0 stats: replay_window/replay: 0/0 integrity_failed: 0[00000000H] seq: 0 reqid: 1483947834 family: 0[0000H] - UNSPEC mode: 0[00H] - TRANSPORT replay_window: 0[00H] flags: 0[00H] - * "XFRM_MSG_NEWPOLICY" (type=19[0013H], flags=0000H[], seq=1835029, pid=3534, len=248, payload_size=232, remain=248/248) selector: daddr: IPv4 (v4 or v6 ?): 192.168.0.0 (c0a8::) saddr: IPv4 (v4 or v6 ?): 172.17.0.0 (ac11::) dport/mask: 0[0000H]/0[0000H] sport/mask: 0[0000H]/0[0000H] family: 0[0000H] - UNSPEC prefixlen_d: 0 prefixlen_s: 0 proto: 0[00H] - ip ifindex: 0 user: 0[00H] lifetime_cfg: soft_byte_limit/hard_byte_limit: 0/0 soft_packet_limit/hard_packet_limit: 17695265390592/0 soft_add_expires_seconds/hard_add_expires_seconds: 18446744073709551615/18446744073709551615 soft_use_expires_seconds/hard_use_expires_seconds: 18446744073709551615/18446744073709551615 lifetime_cur: bytes: 0 packets: 0 add_time: 0 use_time: 0 priority: 0 index: 0 dir: 0 action: 0 - POLICY_ALLOW flags: 0[00H] - share: 0[00H] * "XFRM_MSG_NEWPOLICY" (type=19[0013H], flags=0000H[], seq=1835030, pid=3534, len=248, payload_size=232, remain=248/248) selector: daddr: IPv4 (v4 or v6 ?): 172.17.0.0 (ac11::) saddr: IPv4 (v4 or v6 ?): 192.168.0.0 (c0a8::) dport/mask: 0[0000H]/0[0000H] sport/mask: 0[0000H]/0[0000H] family: 0[0000H] - UNSPEC prefixlen_d: 0 prefixlen_s: 0 proto: 0[00H] - ip ifindex: 0 user: 0[00H] lifetime_cfg: soft_byte_limit/hard_byte_limit: 0/0 soft_packet_limit/hard_packet_limit: 26456998674432/0 soft_add_expires_seconds/hard_add_expires_seconds: 18446744073709551615/18446744073709551615 soft_use_expires_seconds/hard_use_expires_seconds: 18446744073709551615/18446744073709551615 lifetime_cur: bytes: 0 packets: 0 add_time: 0 use_time: 0 priority: 0 index: 0 dir: 0 action: 0 - POLICY_ALLOW flags: 0[00H] - share: 0[00H] * "XFRM_MSG_NEWPOLICY" (type=19[0013H], flags=0000H[], seq=1835031, pid=3534, len=248, payload_size=232, remain=248/248) selector: daddr: IPv4 (v4 or v6 ?): 172.17.0.0 (ac11::) saddr: IPv4 (v4 or v6 ?): 192.168.0.0 (c0a8::) dport/mask: 0[0000H]/0[0000H] sport/mask: 0[0000H]/0[0000H] family: 0[0000H] - UNSPEC prefixlen_d: 0 prefixlen_s: 0 proto: 0[00H] - ip ifindex: 0 user: 0[00H] lifetime_cfg: soft_byte_limit/hard_byte_limit: 0/0 soft_packet_limit/hard_packet_limit: 26456998674432/0 soft_add_expires_seconds/hard_add_expires_seconds: 18446744073709551615/18446744073709551615 soft_use_expires_seconds/hard_use_expires_seconds: 18446744073709551615/18446744073709551615 lifetime_cur: bytes: 0 packets: 0 add_time: 0 use_time: 0 priority: 0 index: 0 dir: 0 action: 0 - POLICY_ALLOW flags: 0[00H] - share: 0[00H] * "XFRM_MSG_UPDPOLICY" (type=25[0019H], flags=0000H[], seq=1835032, pid=3534, len=316, payload_size=300, remain=316/316) selector: daddr: IPv4 (v4 or v6 ?): 192.168.0.0 (c0a8::) saddr: IPv4 (v4 or v6 ?): 172.17.0.0 (ac11::) dport/mask: 0[0000H]/0[0000H] sport/mask: 0[0000H]/0[0000H] family: 0[0000H] - UNSPEC prefixlen_d: 0 prefixlen_s: 0 proto: 0[00H] - ip ifindex: 0 user: 0[00H] lifetime_cfg: soft_byte_limit/hard_byte_limit: 0/0 soft_packet_limit/hard_packet_limit: 17695265390592/0 soft_add_expires_seconds/hard_add_expires_seconds: 18446744073709551615/18446744073709551615 soft_use_expires_seconds/hard_use_expires_seconds: 18446744073709551615/18446744073709551615 lifetime_cur: bytes: 0 packets: 0 add_time: 0 use_time: 0 priority: 0 index: 0 dir: 0 action: 0 - POLICY_ALLOW flags: 0[00H] - share: 0[00H] * "XFRM_MSG_UPDPOLICY" (type=25[0019H], flags=0000H[], seq=1835033, pid=3534, len=316, payload_size=300, remain=316/316) selector: daddr: IPv4 (v4 or v6 ?): 172.17.0.0 (ac11::) saddr: IPv4 (v4 or v6 ?): 192.168.0.0 (c0a8::) dport/mask: 0[0000H]/0[0000H] sport/mas[533721.639703] [2017-01-09 16:43:59] Finished reinitializing the system config. k: 0[0000H]/0[00[533721.665369] ----------------------------------------------------------------------------------- [533721.665369] 00H] family: 0[0000H] - UNSPEC prefixlen_d: 0 prefixlen_s: 0 proto: 0[00H] - ip ifindex: 0 user: 0[00H] lifetime_cfg: soft_byte_limit/hard_byte_limit: 0/0 soft_packet_limit/hard_packet_limit: 26456998674432/0 soft_add_expires_seconds/hard_add_expires_seconds: 18446744073709551615/18446744073709551615 soft_use_expires_seconds/hard_use_expires_seconds: 18446744073709551615/18446744073709551615 lifetime_cur: bytes: 0 packets: 0 add_time: 0 use_time: 0 priority: 0 index: 0 dir: 0 action: 0 - POLICY_ALLOW flags: 0[00H] - share: 0[00H] * "XFRM_MSG_UPDPOLICY" (type=25[0019H], flags=0000H[], seq=1835034, pid=3534, len=316, payload_size=300, remain=316/316) selector: daddr: IPv4 (v4 or v6 ?): 172.17.0.0 (ac11::) saddr: IPv4 (v4 or v6 ?): 192.168.0.0 (c0a8::) dport/mask: 0[0000H]/0[0000H] sport/mask: 0[0000H]/0[0000H] family: 0[0000H] - UNSPEC prefixlen_d: 0 prefixlen_s: 0 proto: 0[00H] - ip ifindex: 0 user: 0[00H] lifetime_cfg: soft_byte_limit/hard_byte_limit: 0/0 soft_packet_limit/hard_packet_limit: 26456998674432/0 soft_add_expires_seconds/hard_add_expires_seconds: 18446744073709551615/18446744073709551615 soft_use_expires_seconds/hard_use_expires_seconds: 18446744073709551615/18446744073709551615 lifetime_cur: bytes: 0 packets: 0 add_time: 0 use_time: 0 priority: 0 index: 0 dir: 0 action: 0 - POLICY_ALLOW flags: 0[00H] - share: 0[00H] * "XFRM_MSG_UPDSA" (type=26[001AH], flags=0000H[], seq=1835035, pid=3534, len=652, payload_size=636, remain=652/652) selector: daddr: IPv4 (UNSPECIFIED): 0.0.0.0 (::) saddr: IPv4 (UNSPECIFIED): 0.0.0.0 (::) dport/mask: 0[0000H]/0[0000H] sport/mask: 0[0000H]/0[0000H] family: 0[0000H] - UNSPEC prefixlen_d: 0 prefixlen_s: 0 proto: 0[00H] - ip ifindex: 0 user: 0[00H] id: daddr: IPv4 (UNSPECIFIED): 0.0.0.0 (::) spi: 0[00000000H] proto: 0[00H] - ip saddr: IPv? (UNSPEC): family=0[0000H] IPv4: 0.0.0.0 IPv6: ::a15:13f:0:0 hex dump: 00000000 00 00 00 00 00 00 00 00 | 0A 15 01 3F 00 00 00 00 [...........?....] lifetime_cfg: soft_byte_limit/hard_byte_limit: 0/217379960769 soft_packet_limit/hard_packet_limit: 906040586/0 soft_add_expires_seconds/hard_add_expires_seconds: 18446744073709551615/18446744073709551615 soft_use_expires_seconds/hard_use_expires_seconds: 18446744073709551615/18446744073709551615 lifetime_cur: bytes: 28334 packets: 28800 add_time: 0 use_time: 0 stats: replay_window/replay: 0/0 integrity_failed: 0[00000000H] seq: 0 reqid: 1483947834 family: 0[0000H] - UNSPEC mode: 0[00H] - TRANSPORT replay_window: 0[00H] flags: 0[00H] - * "XFRM_MSG_NEWSA" (type=16[0010H], flags=0000H[], seq=1835036, pid=3534, len=652, payload_size=636, remain=652/652) selector: daddr: IPv4 (UNSPECIFIED): 0.0.0.0 (::) saddr: IPv4 (UNSPECIFIED): 0.0.0.0 (::) dport/mask: 0[0000H]/0[0000H] sport/mask: 0[0000H]/0[0000H] family: 0[0000H] - UNSPEC prefixlen_d: 0 prefixlen_s: 0 proto: 0[00H] - ip ifindex: 0 user: 0[00H] id: daddr: IPv4 (UNSPECIFIED): 0.0.0.0 (::) spi: 0[00000000H] proto: 0[00H] - ip saddr: IPv? (UNSPEC): family=0[0000H] IPv4: 0.0.0.0 IPv6: ::a15:136:0:0 hex dump: 00000000 00 00 00 00 00 00 00 00 | 0A 15 01 36 00 00 00 00 [...........6....] lifetime_cfg: soft_byte_limit/hard_byte_limit: 0/216442924295 soft_packet_limit/hard_packet_limit: 1057035530/0 soft_add_expires_seconds/hard_add_expires_seconds: 18446744073709551615/18446744073709551615 soft_use_expires_seconds/hard_use_expires_seconds: 18446744073709551615/18446744073709551615 lifetime_cur: bytes: 28248 packets: 28800 add_time: 0 use_time: 0 stats: replay_window/replay: 0/0 integrity_failed: 0[00000000H] seq: 0 reqid: 1483947834 family: 0[0000H] - UNSPEC mode: 0[00H] - TRANSPORT replay_window: 0[00H] flags: 0[00H] - * "XFRM_MSG_NEWPOLICY" (type=19[0013H], flags=0000H[], seq=1835037, pid=3534, len=248, payload_size=232, remain=248/248) selector: daddr: IPv4 (v4 or v6 ?): 192.168.0.0 (c0a8::) saddr: IPv4 (v4 or v6 ?): 172.16.0.0 (ac10::) dport/mask: 0[0000H]/0[0000H] sport/mask: 0[0000H]/0[0000H] family: 0[0000H] - UNSPEC prefixlen_d: 0 prefixlen_s: 0 proto: 0[00H] - ip ifindex: 0 user: 0[00H] lifetime_cfg: soft_byte_limit/hard_byte_limit: 0/0 soft_packet_limit/hard_packet_limit: 17695265390592/0 soft_add_expires_seconds/hard_add_expires_seconds: 18446744073709551615/18446744073709551615 soft_use_expires_seconds/hard_use_expires_seconds: 18446744073709551615/18446744073709551615 lifetime_cur: bytes: 0 packets: 0 add_time: 0 use_time: 0 priority: 0 index: 0 dir: 0 action: 0 - POLICY_ALLOW flags: 0[00H] - share: 0[00H] * "XFRM_MSG_NEWPOLICY" (type=19[0013H], flags=0000H[], seq=1835038, pid=3534, len=248, payload_size=232, remain=248/248) selector: daddr: IPv4 (v4 or v6 ?): 172.16.0.0 (ac10::) saddr: IPv4 (v4 or v6 ?): 192.168.0.0 (c0a8::) dport/mask: 0[0000H]/0[0000H] sport/mask: 0[0000H]/0[0000H] family: 0[0000H] - UNSPEC prefixlen_d: 0 prefixlen_s: 0 proto: 0[00H] - ip ifindex: 0 user: 0[00H] lifetime_cfg: soft_byte_limit/hard_byte_limit: 0/0 soft_packet_limit/hard_packet_limit: 26456998674432/0 soft_add_expires_seconds/hard_add_expires_seconds: 18446744073709551615/18446744073709551615 soft_use_expires_seconds/hard_use_expires_seconds: 18446744073709551615/18446744073709551615 lifetime_cur: bytes: 0 packets: 0 add_time: 0 use_time: 0 priority: 0 index: 0 dir: 0 action: 0 - POLICY_ALLOW flags: 0[00H] - share: 0[00H] * "XFRM_MSG_NEWPOLICY" (type=19[0013H], flags=0000H[], seq=1835039, pid=3534, len=248, payload_size=232, remain=248/248) selector: daddr: IPv4 (v4 or v6 ?): 172.16.0.0 (ac10::) saddr: IPv4 (v4 or v6 ?): 192.168.0.0 (c0a8::) dport/mask: 0[0000H]/0[0000H] sport/mask: 0[0000H]/0[0000H] family: 0[0000H] - UNSPEC prefixlen_d: 0 prefixlen_s: 0 proto: 0[00H] - ip ifindex: 0 user: 0[00H] lifetime_cfg: soft_byte_limit/hard_byte_limit: 0/0 soft_packet_limit/hard_packet_limit: 26456998674432/0 soft_add_expires_seconds/hard_add_expires_seconds: 18446744073709551615/18446744073709551615 soft_use_expires_seconds/hard_use_expires_seconds: 18446744073709551615/18446744073709551615 lifetime_cur: bytes: 0 packets: 0 add_time: 0 use_time: 0 priority: 0 index: 0 dir: 0 action: 0 - POLICY_ALLOW flags: 0[00H] - share: 0[00H] * "XFRM_MSG_UPDPOLICY" (type=25[0019H], flags=0000H[], seq=1835040, pid=3534, len=316, payload_size=300, remain=316/316) selector: daddr: IPv4 (v4 or v6 ?): 192.168.0.0 (c0a8::) saddr: IPv4 (v4 or v6 ?): 172.16.0.0 (ac10::) dport/mask: 0[0000H]/0[0000H] sport/mask: 0[0000H]/0[0000H] family: 0[0000H] - UNSPEC prefixlen_d: 0 prefixlen_s: 0 proto: 0[00H] - ip ifindex: 0 user: 0[00H] lifetime_cfg: soft_byte_limit/hard_byte_limit: 0/0 soft_packet_limit/hard_packet_limit: 17695265390592/0 soft_add_expires_seconds/hard_add_expires_seconds: 18446744073709551615/18446744073709551615 soft_use_expires_seconds/hard_use_expires_seconds: 18446744073709551615/18446744073709551615 lifetime_cur: bytes: 0 packets: 0 add_time: 0 use_time: 0 priority: 0 index: 0 dir: 0 action: 0 - POLICY_ALLOW flags: 0[00H] - share: 0[00H] * "XFRM_MSG_UPDPOLICY" (type=25[0019H], flags=0000H[], seq=1835041, pid=3534, len=316, payload_size=300, remain=316/316) selector: daddr: IPv4 (v4 or v6 ?): 172.16.0.0 (ac10::) saddr: IPv4 (v4 or v6 ?): 192.168.0.0 (c0a8::) dport/mask: 0[0000H]/0[0000H] sport/mask: 0[0000H]/0[0000H] family: 0[0000H] - UNSPEC prefixlen_d: 0 prefixlen_s: 0 proto: 0[00H] - ip ifindex: 0 user: 0[00H] lifetime_cfg: soft_byte_limit/hard_byte_limit: 0/0 soft_packet_limit/hard_packet_limit: 26456998674432/0 soft_add_expires_seconds/hard_add_expires_seconds: 18446744073709551615/18446744073709551615 soft_use_expires_seconds/hard_use_expires_seconds: 18446744073709551615/18446744073709551615 lifetime_cur: bytes: 0 packets: 0 add_time: 0 use_time: 0 priority: 0 index: 0 dir: 0 action: 0 - POLICY_ALLOW flags: 0[00H] - share: 0[00H] * "XFRM_MSG_UPDPOLICY" (type=25[0019H], flags=0000H[], seq=1835042, pid=3534, len=316, payload_size=300, remain=316/316) selector: daddr: IPv4 (v4 or v6 ?): 172.16.0.0 (ac10::) saddr: IPv4 (v4 or v6 ?): 192.168.0.0 (c0a8::) dport/mask: 0[0000H]/0[0000H] sport/mask: 0[0000H]/0[0000H] family: 0[0000H] - UNSPEC prefixlen_d: 0 prefixlen_s: 0 proto: 0[00H] - ip ifindex: 0 user: 0[00H] lifetime_cfg: soft_byte_limit/hard_byte_limit: 0/0 soft_packet_limit/hard_packet_limit: 26456998674432/0 soft_add_expires_seconds/hard_add_expires_seconds: 18446744073709551615/18446744073709551615 soft_use_expires_seconds/hard_use_expires_seconds: 18446744073709551615/18446744073709551615 lifetime_cur: bytes: 0 packets: 0 add_time: 0 use_time: 0 priority: 0 index: 0 dir: 0 action: 0 - POLICY_ALLOW flags: 0[00H] - share: 0[00H] * "XFRM_MSG_UPDSA" (type=26[001AH], flags=0000H[], seq=1835043, pid=3534, len=652, payload_size=636, remain=652/652) selector: daddr: IPv4 (UNSPECIFIED): 0.0.0.0 (::) saddr: IPv4 (UNSPECIFIED): 0.0.0.0 (::) dport/mask: 0[0000H]/0[0000H] sport/mask: 0[0000H]/0[0000H] family: 0[0000H] - UNSPEC prefixlen_d: 0 prefixlen_s: 0 proto: 0[00H] - ip ifindex: 0 user: 0[00H] id: daddr: IPv4 (UNSPECIFIED): 0.0.0.0 (::) spi: 0[00000000H] proto: 0[00H] - ip saddr: IPv? (UNSPEC): family=0[0000H] IPv4: 0.0.0.0 IPv6: ::a15:141:0:0 hex dump: 00000000 00 00 00 00 00 00 00 00 | 0A 15 01 41 00 00 00 00 [...........A....] lifetime_cfg: soft_byte_limit/hard_byte_limit: 0/215087206849 soft_packet_limit/hard_packet_limit: 906040586/0 soft_add_expires_seconds/hard_add_expires_seconds: 18446744073709551615/18446744073709551615 soft_use_expires_seconds/hard_use_expires_seconds: 18446744073709551615/18446744073709551615 lifetime_cur: bytes: 28411 packets: 28800 add_time: 0 use_time: 0 stats: replay_window/replay: 0/0 integrity_failed: 0[00000000H] seq: 0 reqid: 1483947834 family: 0[0000H] - UNSPEC mode: 0[00H] - TRANSPORT replay_window: 0[00H] flags: 0[00H] - * "XFRM_MSG_NEWSA" (type=16[0010H], flags=0000H[], seq=1835044, pid=3534, len=652, payload_size=636, remain=652/652) selector: daddr: IPv4 (UNSPECIFIED): 0.0.0.0 (::) saddr: IPv4 (UNSPECIFIED): 0.0.0.0 (::) dport/mask: 0[0000H]/0[0000H] sport/mask: 0[0000H]/0[0000H] family: 0[0000H] - UNSPEC prefixlen_d: 0 prefixlen_s: 0 proto: 0[00H] - ip ifindex: 0 user: 0[00H] id: daddr: IPv4 (UNSPECIFIED): 0.0.0.0 (::) spi: 0[00000000H] proto: 0[00H] - ip saddr: IPv? (UNSPEC): family=0[0000H] IPv4: 0.0.0.0 IPv6: ::a15:136:0:0 hex dump: 00000000 00 00 00 00 00 00 00 00 | 0A 15 01 36 00 00 00 00 [...........6....] lifetime_cfg: soft_byte_limit/hard_byte_limit: 0/216459702023 soft_packet_limit/hard_packet_limit: 1090589962/0 soft_add_expires_seconds/hard_add_expires_seconds: 18446744073709551615/18446744073709551615 soft_use_expires_seconds/hard_use_expires_seconds: 18446744073709551615/18446744073709551615 lifetime_cur: bytes: 28324 packets: 28800 add_time: 0 use_time: 0 stats: replay_window/replay: 0/0 integrity_failed: 0[00000000H] seq: 0 reqid: 1483947834 family: 0[0000H] - UNSPEC mode: 0[00H] - TRANSPORT replay_window: 0[00H] flags: 0[00H] - * "XFRM_MSG_NEWPOLICY" (type=19[0013H], flags=0000H[], seq=1835045, pid=3534, len=248, payload_size=232, remain=248/248) selector: daddr: IPv4 (v4 or v6 ?): 192.168.0.0 (c0a8::) saddr: IPv4 (v4 or v6 ?): 172.18.0.0 (ac12::) dport/mask: 0[0000H]/0[0000H] sport/mask: 0[0000H]/0[0000H] family: 0[0000H] - UNSPEC prefixlen_d: 0 prefixlen_s: 0 proto: 0[00H] - ip ifindex: 0 user: 0[00H] lifetime_cfg: soft_byte_limit/hard_byte_limit: 0/0 soft_packet_limit/hard_packet_limit: 17695265390592/0 soft_add_expires_seconds/hard_add_expires_seconds: 18446744073709551615/18446744073709551615 soft_use_expires_seconds/hard_use_expires_seconds: 18446744073709551615/18446744073709551615 lifetime_cur: bytes: 0 packets: 0 add_time: 0 use_time: 0 priority: 0 index: 0 dir: 0 action: 0 - POLICY_ALLOW flags: 0[00H] - share: 0[00H] * "XFRM_MSG_NEWPOLICY" (type=19[0013H], flags=0000H[], seq=1835046, pid=3534, len=248, payload_size=232, remain=248/248) selector: daddr: IPv4 (v4 or v6 ?): 172.18.0.0 (ac12::) saddr: IPv4 (v4 or v6 ?): 192.168.0.0 (c0a8::) dport/mask: 0[0000H]/0[0000H] sport/mask: 0[0000H]/0[0000H] family: 0[0000H] - UNSPEC prefixlen_d: 0 prefixlen_s: 0 proto: 0[00H] - ip ifindex: 0 user: 0[00H] lifetime_cfg: soft_byte_limit/hard_byte_limit: 0/0 soft_packet_limit/hard_packet_limit: 26456998674432/0 soft_add_expires_seconds/hard_add_expires_seconds: 18446744073709551615/18446744073709551615 soft_use_expires_seconds/hard_use_expires_seconds: 18446744073709551615/18446744073709551615 lifetime_cur: bytes: 0 packets: 0 add_time: 0 use_time: 0 priority: 0 index: 0 dir: 0 action: 0 - POLICY_ALLOW flags: 0[00H] - share: 0[00H] * "XFRM_MSG_NEWPOLICY" (type=19[0013H], flags=0000H[], seq=1835047, pid=3534, len=248, payload_size=232, remain=248/248) selector: daddr: IPv4 (v4 or v6 ?): 172.18.0.0 (ac12::) saddr: IPv4 (v4 or v6 ?): 192.168.0.0 (c0a8::) dport/mask: 0[0000H]/0[0000H] sport/mask: 0[0000H]/0[0000H] family: 0[0000H] - UNSPEC prefixlen_d: 0 prefixlen_s: 0 proto: 0[00H] - ip ifindex: 0 user: 0[00H] lifetime_cfg: soft_byte_limit/hard_byte_limit: 0/0 soft_packet_limit/hard_packet_limit: 26456998674432/0 soft_add_expires_seconds/hard_add_expires_seconds: 18446744073709551615/18446744073709551615 soft_use_expires_seconds/hard_use_expires_seconds: 18446744073709551615/18446744073709551615 lifetime_cur: bytes: 0 packets: 0 add_time: 0 use_time: 0 priority: 0 index: 0 dir: 0 action: 0 - POLICY_ALLOW flags: 0[00H] - share: 0[00H] * "XFRM_MSG_UPDPOLICY" (type=25[0019H], flags=0000H[], seq=1835048, pid=3534, len=316, payload_size=300, remain=316/316) selector: daddr: IPv4 (v4 or v6 ?): 192.168.0.0 (c0a8::) saddr: IPv4 (v4 or v6 ?): 172.18.0.0 (ac12::) dport/mask: 0[0000H]/0[0000H] sport/mask: 0[0000H]/0[0000H] family: 0[0000H] - UNSPEC prefixlen_d: 0 prefixlen_s: 0 proto: 0[00H] - ip ifindex: 0 user: 0[00H] lifetime_cfg: soft_byte_limit/hard_byte_limit: 0/0 soft_packet_limit/hard_packet_limit: 17695265390592/0 soft_add_expires_seconds/hard_add_expires_seconds: 18446744073709551615/18446744073709551615 soft_use_expires_seconds/hard_use_expires_seconds: 18446744073709551615/18446744073709551615 lifetime_cur: bytes: 0 packets: 0 add_time: 0 use_time: 0 priority: 0 index: 0 dir: 0 action: 0 - POLICY_ALLOW flags: 0[00H] - share: 0[00H] * "XFRM_MSG_UPDPOLICY" (type=25[0019H], flags=0000H[], seq=1835049, pid=3534, len=316, payload_size=300, remain=316/316) selector: daddr: IPv4 (v4 or v6 ?): 172.18.0.0 (ac12::) saddr: IPv4 (v4 or v6 ?): 192.168.0.0 (c0a8::) dport/mask: 0[0000H]/0[0000H] sport/mask: 0[0000H]/0[0000H] family: 0[0000H] - UNSPEC prefixlen_d: 0 prefixlen_s: 0 proto: 0[00H] - ip ifindex: 0 user: 0[00H] lifetime_cfg: soft_byte_limit/hard_byte_limit: 0/0 soft_packet_limit/hard_packet_limit: 26456998674432/0 soft_add_expires_seconds/hard_add_expires_seconds: 18446744073709551615/18446744073709551615 soft_use_expires_seconds/hard_use_expires_seconds: 18446744073709551615/18446744073709551615 lifetime_cur: bytes: 0 packets: 0 add_time: 0 use_time: 0 priority: 0 index: 0 dir: 0 action: 0 - POLICY_ALLOW flags: 0[00H] - share: 0[00H] * "XFRM_MSG_UPDPOLICY" (type=25[0019H], flags=0000H[], seq=1835050, pid=3534, len=316, payload_size=300, remain=316/316) selector: daddr: IPv4 (v4 or v6 ?): 172.18.0.0 (ac12::) saddr: IPv4 (v4 or v6 ?): 192.168.0.0 (c0a8::) dport/mask: 0[0000H]/0[0000H] sport/mask: 0[0000H]/0[0000H] family: 0[0000H] - UNSPEC prefixlen_d: 0 prefixlen_s: 0 proto: 0[00H] - ip ifindex: 0 user: 0[00H] lifetime_cfg: soft_byte_limit/hard_byte_limit: 0/0 soft_packet_limit/hard_packet_limit: 26456998674432/0 soft_add_expires_seconds/hard_add_expires_seconds: 18446744073709551615/18446744073709551615 soft_use_expires_seconds/hard_use_expires_seconds: 18446744073709551615/18446744073709551615 lifetime_cur: bytes: 0 packets: 0 add_time: 0 use_time: 0 priority: 0 index: 0 dir: 0 action: 0 - POLICY_ALLOW flags: 0[00H] - share: 0[00H] }}} === Netlink 를 가공하기 위한 함수 예시 === * Netlink를 다루기 위한 기본 macro 를 포함하기 위한 include {{{#!enscript c #include #include }}} * Netlink message (NLMSG) build 함수 {{{#!enscript c size_t hwport_generate_netlink_message(void *s_buffer, size_t s_buffer_size, unsigned int s_nlmsg_type, unsigned int s_nlmsg_flags, unsigned int s_nlmsg_seq, unsigned int s_nlmsg_pid, const void *s_payload, size_t s_payload_size) { int s_aligned_payload_size; struct nlmsghdr *s_nlmsghdr; void *s_payload_ptr; s_aligned_payload_size = (int)NLMSG_ALIGN((uint32_t)s_payload_size); if (s_buffer_size < ((size_t)NLMSG_LENGTH(s_aligned_payload_size))) { return((size_t)0u); } s_nlmsghdr = (struct nlmsghdr *)memset(s_buffer, 0, sizeof(struct nlmsghdr)); s_nlmsghdr->nlmsg_len = (uint32_t)NLMSG_LENGTH(s_aligned_payload_size); s_nlmsghdr->nlmsg_type = (uint16_t)s_nlmsg_type; s_nlmsghdr->nlmsg_flags = (uint16_t)s_nlmsg_flags; s_nlmsghdr->nlmsg_seq = (uint32_t)s_nlmsg_seq; s_nlmsghdr->nlmsg_pid = (uint32_t)s_nlmsg_pid; s_payload_ptr = (void *)NLMSG_DATA(s_nlmsghdr); if (s_payload_size > ((size_t)0u)) { if (s_payload == ((const void *)(NULL))) { (void)memset(s_payload_ptr, 0, s_payload_size); } else { (void)memcpy(s_payload_ptr, s_payload, s_payload_size); } } return((size_t)s_nlmsghdr->nlmsg_len); } }}} * Netlink attribute (NLA) build append 함수 {{{#!enscript c size_t hwport_append_netlink_attr(void *s_buffer, size_t s_buffer_size, unsigned int s_nla_type, const void *s_attr1, size_t s_attr1_size, const void *s_attr2, size_t s_attr2_size) { struct nlmsghdr *s_nlmsghdr; struct nlattr *s_nlattr; size_t s_attr_size; void *s_attr_ptr; s_attr_size = s_attr1_size + s_attr2_size; s_nlmsghdr = (struct nlmsghdr *)s_buffer; if (s_buffer_size < ((size_t)(s_nlmsghdr->nlmsg_len + NLA_HDRLEN + NLA_ALIGN(s_attr_size)))) { return((size_t)0u); } s_nlattr = (struct nlattr *)(((uint8_t *)s_buffer) + s_nlmsghdr->nlmsg_len); s_nlattr->nla_len = (uint16_t)NLA_HDRLEN + s_attr_size; s_nlattr->nla_type = (uint16_t)s_nla_type; s_attr_ptr = (void *)(((uint8_t *)s_nlattr) + NLA_HDRLEN); if(s_attr1_size > ((size_t)0u)) { if(s_attr1 == ((const void *)0)) { (void)memset((void *)s_attr_ptr, 0, s_attr1_size); } else if(((const void *)s_attr_ptr) != s_attr1) { (void)memcpy((void *)s_attr_ptr, s_attr1, s_attr1_size); } s_attr_ptr = (void *)(((uint8_t *)s_attr_ptr) + s_attr1_size); } if(s_attr2_size > ((size_t)0u)) { if(s_attr2 == ((const void *)0)) { (void)memset((void *)s_attr_ptr, 0, s_attr2_size); } else if(((const void *)s_attr_ptr) != s_attr2) { (void)memcpy((void *)s_attr_ptr, s_attr2, s_attr2_size); } } s_nlmsghdr->nlmsg_len += (uint32_t)NLA_ALIGN(s_nlattr->nla_len); return((size_t)s_nlmsghdr->nlmsg_len); } }}} * Netlink message request 함수 {{{#!enscript c ssize_t hwport_request_generic_netlink(int s_socket, const void *s_data, size_t s_size, const struct sockaddr *s_sockaddr, socklen_t s_socklen) { size_t s_sent_size; size_t s_want_size; ssize_t s_send_bytes; const uint8_t *s_uint8_ptr; struct sockaddr_nl s_sockaddr_nl; if (s_socket == (-1)) { errno = EINVAL; return((ssize_t)(-1)); } if (s_sockaddr == ((struct sockaddr *)(NULL))) { s_socklen = (socklen_t)sizeof(s_sockaddr_nl); s_sockaddr = (const struct sockaddr *)memset((void *)(&s_sockaddr_nl), 0, sizeof(s_sockaddr_nl)); s_sockaddr_nl.nl_family = AF_NETLINK; s_sockaddr_nl.nl_pid = 0; /* port ID */ s_sockaddr_nl.nl_groups = 0; /* multicast groups mask */ } s_sent_size = (size_t)0u; s_uint8_ptr = (const uint8_t *)s_data; while (s_sent_size < s_size) { s_want_size = s_size - s_sent_size; s_send_bytes = sendto( s_socket, (const void *)(&s_uint8_ptr[s_sent_size]), s_want_size, MSG_NOSIGNAL, s_sockaddr, s_socklen ); if (s_send_bytes > ((ssize_t)0)) { s_sent_size += (size_t)s_send_bytes; } else if((s_send_bytes == ((ssize_t)(-1))) && ((errno == EINTR) || (errno == EAGAIN))) { continue; } else { /* error */ return(s_send_bytes); } } return((ssize_t)s_sent_size); } }}} * Netlink message response 함수 {{{#!enscript c ssize_t hwport_response_generic_netlink(int s_socket, void *s_data, size_t s_size, struct sockaddr *s_sockaddr, socklen_t *s_socklen_ptr) { struct sockaddr_storage s_sockaddr_storage; socklen_t s_socklen; if (s_socket == (-1)) { errno = EINVAL; return((ssize_t)(-1)); } if (s_sockaddr == ((struct sockaddr *)(NULL))) { s_sockaddr = (struct sockaddr *)memset((void *)(&s_sockaddr_storage), 0, sizeof(s_sockaddr_storage)); } if (s_socklen_ptr == ((socklen_t *)(NULL))) { s_socklen = (socklen_t)sizeof(struct sockaddr_nl); s_socklen_ptr = (socklen_t *)(&s_socklen); } return(recvfrom(s_socket, s_data, s_size, MSG_NOSIGNAL, s_sockaddr, s_socklen_ptr)); } }}} * Generic Netlink message 중에서 Family Name으로 요청하여 Family ID를 얻는 함수 {{{#!enscript c int hwport_get_family_id_by_name(int s_socket, const char *s_family_name) { int s_family_id; size_t s_family_name_size; uint8_t s_buffer[ 4 << 10 ]; size_t s_message_size; size_t s_offset; int s_is_break; struct nlmsghdr *s_nlmsghdr; struct genlmsghdr *s_genlmsghdr; struct nlattr *s_nlattr; ssize_t s_send_bytes; ssize_t s_recv_bytes; if (s_socket == (-1)) { errno = EINVAL; return(-1); } if (s_family_name == ((const char *)(NULL))) { errno = EINVAL; return(-1); } s_family_name_size = strlen(s_family_name); s_nlmsghdr = (struct nlmsghdr *)(&s_buffer[0]); s_message_size = hwport_generate_netlink_message( (void *)s_nlmsghdr, sizeof(s_buffer), (unsigned int)GENL_ID_CTRL, /* nlmsg_type */ (unsigned int)NLM_F_REQUEST /* | NLM_F_ACK */, /* nlmsg_flags */ 0u, /* nlmsg_seq */ (unsigned int)getpid(), /* nlmsg_pid */ (const void *)(NULL), /* payload */ sizeof(struct genlmsghdr) ); if (s_message_size <= ((size_t)0u)) { errno = ENOMEM; return(-1); } s_genlmsghdr = (struct genlmsghdr *)memset((void *)NLMSG_DATA(s_nlmsghdr), 0, sizeof(struct genlmsghdr)); s_genlmsghdr->cmd = CTRL_CMD_GETFAMILY; /* SeeAlso : CTRL_CMD_XXXX in "include/uapi/linux/genetlink.h" */ s_genlmsghdr->version = 1 /* 해당 message 종류에 따른 VERSION을 넣어야 함 */; s_message_size = hwport_append_netlink_attr( (void *)s_nlmsghdr, sizeof(s_buffer), (unsigned int)CTRL_ATTR_FAMILY_NAME, /* nla_type */ (const void *)s_family_name, /* attr1 */ s_family_name_size + ((size_t)1u), /* attr1_size (family name 은 문자열 뒤의 nul terminate까지 포함한 길이여야 함) */ (const void *)(NULL), /* attr2 */ (size_t)0u /* attr2_size */ ); if (s_message_size <= ((size_t)0u)) { errno = ENOMEM; return(-1); } s_send_bytes = hwport_request_generic_netlink( s_socket, (const void *)s_nlmsghdr, s_message_size, (const struct sockaddr *)(NULL), (socklen_t)0 ); if (s_send_bytes <= ((ssize_t)0)) { return(-1); } s_recv_bytes = hwport_response_generic_netlink( s_socket, (void *)(&s_buffer[0]), sizeof(s_buffer), (struct sockaddr *)(NULL), (socklen_t *)(NULL) ); if (s_recv_bytes <= ((ssize_t)0)) { return(-1); } s_family_id = (-1); s_is_break = 0; s_message_size = (size_t)s_recv_bytes; for (s_nlmsghdr = (struct nlmsghdr *)(&s_buffer[0]);(s_is_break == 0) && NLMSG_OK(s_nlmsghdr, s_message_size);s_nlmsghdr = NLMSG_NEXT(s_nlmsghdr, s_message_size)) { /* payload_size = (size_t)NLMSG_PAYLOAD(s_nlmsghdr, 0); */ /* payload = NLMSG_DATA(s_nlmsghdr); */ switch(s_nlmsghdr->nlmsg_type) { case NLMSG_NOOP: break; case NLMSG_ERROR: s_is_break = 1; break; case NLMSG_DONE: s_is_break = 1; break; case NLMSG_OVERRUN: s_is_break = 1; break; case GENL_ID_CTRL: /* NLMSG_MIN_TYPE */ s_genlmsghdr = (struct genlmsghdr *)NLMSG_DATA(s_nlmsghdr); for (s_offset = (size_t)(NLMSG_HDRLEN + NLMSG_ALIGN(sizeof(struct genlmsghdr)));s_offset < s_nlmsghdr->nlmsg_len;) { if ((s_offset + ((size_t)NLA_HDRLEN)) > ((size_t)s_nlmsghdr->nlmsg_len)) { /* attibute header 만큼이 남지 않았음. */ break; } s_nlattr = (struct nlattr *)(((uint8_t *)s_nlmsghdr) + s_offset); if (s_nlattr->nla_len < ((size_t)NLA_HDRLEN)) { /* attribute length 가 최소 크기를 만족하지 못함 */ break; } if ((s_offset + ((size_t)NLA_ALIGN(s_nlattr->nla_len))) > ((size_t)s_nlmsghdr->nlmsg_len)) { /* attribute 공간이 nlmsg를 넘어섬 */ break; } switch(s_nlattr->nla_type) { /* SeeAlso : CTRL_ATTR_XXXX in "include/uapi/linux/genetlink.h" */ case CTRL_ATTR_UNSPEC: /* 0 */ break; case CTRL_ATTR_FAMILY_ID: /* 1 */ s_family_id = (int)(*((uint16_t *)(((uint8_t *)s_nlattr) + NLA_HDRLEN))); #if 1L if (s_family_id != (-1)) { /* family id 를 인지했으므로 더이상의 attr은 볼 필요가 없음 */ s_is_break = 1; break; } #endif break; case CTRL_ATTR_FAMILY_NAME: /* 2 */ break; case CTRL_ATTR_VERSION: /* 3 */ break; case CTRL_ATTR_HDRSIZE: /* 4 */ break; case CTRL_ATTR_MAXATTR: /* 5 */ break; case CTRL_ATTR_OPS: /* 6 */ break; case CTRL_ATTR_MCAST_GROUPS: /* 7 */ break; default: /* 8 >= */ break; } s_offset += (size_t)NLA_ALIGN(s_nlattr->nla_len); } break; default: break; } } return(s_family_id); } }}} * Generic Netlink socket open 함수 {{{#!enscript c int hwport_open_generic_netlink(uint32_t s_port_id, uint32_t s_groups_mask) { int s_socket; struct sockaddr_nl s_sockaddr_nl; s_socket = socket(PF_NETLINK, SOCK_RAW, NETLINK_GENERIC); if (s_socket == (-1)) { return(-1); } (void)memset((void *)(&s_sockaddr_nl), 0, sizeof(s_sockaddr_nl)); s_sockaddr_nl.nl_family = AF_NETLINK; #if 0L s_sockaddr_nl.nl_pad = 0; #endif s_sockaddr_nl.nl_pid = s_port_id; /* port ID */ s_sockaddr_nl.nl_groups = s_groups_mask; /* multicast groups mask */ if (bind(s_socket, (struct sockaddr *)(&s_sockaddr_nl), (socklen_t)sizeof(s_sockaddr_nl)) == (-1)) { int s_check; int s_save_errno; s_save_errno = errno; do { s_check = close(s_socket); }while((s_check == (-1)) && (errno == EINTR)); errno = s_save_errno; return(-1); } return(s_socket); } }}} * Generic Netlink socket close 함수 {{{#!enscript c int hwport_close_generic_netlink(int s_socket) { int s_check; if (s_socket == (-1)) { errno = EINVAL; return(-1); } do { s_check = close(s_socket); }while((s_check == (-1)) && (errno == EINTR)); return(s_check); } }}} === 참고자료 === * [^https://www.rfc-editor.org/rfc/rfc3549] * [^https://tools.ietf.org/html/rfc3549#section-2.3.2] * [^https://github.com/shemminger/iproute2] <= Netlink 구현은 이 소스가 이해하는데 많은 도움이 됩니다. (추천) * [^http://www.linuxfoundation.org/collaborate/workgroups/networking/generic_netlink_howto] * [^https://people.redhat.com/nhorman/papers/netlink.pdf] * [^http://inai.de/documents/Netlink_Protocol.pdf] * [^https://nscpolteksby.ac.id/ebook/files/Ebook/Computer%20Engineering/Linux%20Kernel%20Networking%20-%20Implementation%20(2014)/chapter%202%20Netlink%20Sockets.pdf] * [^https://people.netfilter.org/pablo/netlink/netlink-libmnl-manual.pdf] * [^http://haifux.org/lectures/219/netLec6.pdf] * [^https://medium.com/@mdlayher/linux-netlink-and-go-part-1-netlink-4781aaeeaca8] * [^https://stackoverrun.com/ko/q/7837552] * [^https://www.infradead.org/~tgr/libnl/doc/core.html] * [^https://www.ctolib.com/topics-134609.html] * [^http://linux-development-for-fresher.blogspot.com/2012/05/understanding-netlink-socket.html] * [^https://gist.github.com/arunk-s/c897bb9d75a6c98733d6]