bytemark/netlinkrb
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
15 Commits 8 Branches 26 Tags
49a72682a3b1a7fefb1abdd01c3015d3e80297ab
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE

README 

Ruby Netlink
============

This library provides an API for using a Linux Netlink socket, for doing
things like manipulating IP interfaces, routes and firewall rules
programmatically.

Useful reference material
=========================

* http://www.linuxjournal.com/article/7356
* http://people.redhat.com/nhorman/papers/netlink.pdf
* apt-get source iproute

Note there are some errors in the nhorman paper. On page 8/9, it says

    nlmsg_pid ... Also note that it is
    imperative that any program receiving netlink socket messages from
    the kernel verify that this field is set to zero, or it is possible to expose
    the software to unexpected influences from other non-privlidged user
    space programs.

However, what really needs to be checked is the pid in the sockaddr_nl
structure returned by recvmsg msghdr, as shown by this code in
lib/libnetlink.c:

        struct msghdr msg = {
                .msg_name = &nladdr,
                .msg_namelen = sizeof(nladdr),
                .msg_iov = &iov,
                .msg_iovlen = 1,
        };
...
                status = recvmsg(rth->fd, &msg, 0);
...
                                if (nladdr.nl_pid != 0 ||
                                    h->nlmsg_pid != rth->local.nl_pid ||
                                    h->nlmsg_seq != rth->dump) {

TODO
====

* Exception hierarchy

Copyright
=========

Copyright (C) 2011 Bytemark Computer Consulting Ltd
Description
No description provided
Readme 453 KiB
Languages
Ruby 100%