104 lines
2.8 KiB
Plaintext
104 lines
2.8 KiB
Plaintext
Ruby Netlink
|
|
============
|
|
|
|
This library provides an API for using a Linux Netlink socket, for doing
|
|
things like manipulating IP interfaces and routes programmatically, and
|
|
capturing packets from ULOG.
|
|
|
|
Example
|
|
=======
|
|
|
|
require 'linux/netlink/route'
|
|
ip = Linux::Netlink::Route::Socket.new
|
|
|
|
# Info about eth0 interface
|
|
p ip.link["eth0"]
|
|
|
|
# Addresses on eth0 interface
|
|
ip.addr.list(:index=>"eth0") do |addr|
|
|
puts addr.address
|
|
end
|
|
|
|
See the examples/ and test/ directories for more examples.
|
|
|
|
Requirements
|
|
============
|
|
|
|
ruby 1.9 (tested with ruby 1.9.2), OR ruby 1.8.7 with the ffi library.
|
|
|
|
Code organisation
|
|
=================
|
|
|
|
There are separate classes for each Netlink protocol providing a high-level
|
|
API. These all in turn use the NLSocket class, which has methods for adding
|
|
the headers to messages and sending them over a socket. The messages
|
|
themselves are built using class Message or RtattrMessage, which in turn are
|
|
subclasses of CStruct, which performs the low-level packing and unpacking of
|
|
the message bodies.
|
|
|
|
LinkHandler/
|
|
AddrHandler/
|
|
VlanHandler/
|
|
RouteHandler
|
|
|
|
|
v
|
|
Route Firewall NFLog ...etc
|
|
| | |
|
|
+-------+-------+
|
|
|
|
|
v
|
|
NLSocket
|
|
|
|
|
v
|
|
Message / RtattrMessage
|
|
|
|
|
v
|
|
CStruct
|
|
|
|
Useful reference material
|
|
=========================
|
|
|
|
* http://www.linuxjournal.com/article/7356
|
|
* http://people.redhat.com/nhorman/papers/netlink.pdf
|
|
* apt-get source iproute
|
|
|
|
Note there are some errors in the nhorman paper. On page 8/9, it says
|
|
|
|
nlmsg_pid ... Also note that it is
|
|
imperative that any program receiving netlink socket messages from
|
|
the kernel verify that this field is set to zero, or it is possible to expose
|
|
the software to unexpected influences from other non-privlidged user
|
|
space programs.
|
|
|
|
However, what really needs to be checked is the pid in the sockaddr_nl
|
|
structure returned by recvmsg msghdr, as shown by this code in
|
|
lib/libnetlink.c:
|
|
|
|
struct msghdr msg = {
|
|
.msg_name = &nladdr,
|
|
.msg_namelen = sizeof(nladdr),
|
|
.msg_iov = &iov,
|
|
.msg_iovlen = 1,
|
|
};
|
|
...
|
|
status = recvmsg(rth->fd, &msg, 0);
|
|
...
|
|
if (nladdr.nl_pid != 0 ||
|
|
h->nlmsg_pid != rth->local.nl_pid ||
|
|
h->nlmsg_seq != rth->dump) {
|
|
|
|
TODO
|
|
====
|
|
|
|
* Exception hierarchy
|
|
* More tests
|
|
* More netlink protocols
|
|
|
|
Copyright
|
|
=========
|
|
(C) 2011 Bytemark Hosting
|
|
Written by Brian Candler <B.Candler@pobox.com>
|
|
|
|
Distribute under the same terms as Ruby
|
|
http://www.ruby-lang.org/en/LICENSE.txt
|