pfil + if_bridge hooks not being called
Eygene Ryabinkin
rea-fbsd at codelabs.ru
Mon Dec 29 07:10:41 UTC 2008
Gerry, good day.
Sun, Dec 28, 2008 at 07:59:57PM -0600, Gerry Weaver wrote:
> I am working on a driver to collect some network statistics using
> pfil. I have set up a bridge and set net.link.bridge.pfil_member=1 via
> sysctl. I have added hooks for incoming and outgoing packets. I also
> put a third adapter into the system for dev/managment purposes. My
> hooks are only being called for outgoing packets on the management
> (non bridge) interface.
A simple check will be to fire up standard hooks (for example, pf
firewall + some rules with 'log' keyword, see 'man pf.conf') and watch
for the logged packets on a pflog0 interface using tcpdump. If you'll
see the packets you wanted to see, then the problem is probably with
your code. If not, then probably your setup is incorrect and/or system
has a bug.
> I have been searching for information about
> what I may have overlooked, but I can't find anything concrete. Is
> there something else that I need to do to see packets on the bridge
> member interfaces and incoming packets in general?
You may want to add some diagnostics to the bridge_pfil() in
/sys/net/if_bridge.c, rebuild your kernel and try to see how it goes.
--
Eygene
_ ___ _.--. #
\`.|\..----...-'` `-._.-'_.-'` # Remember that it is hard
/ ' ` , __.--' # to read the on-line manual
)/' _/ \ `-_, / # while single-stepping the kernel.
`-'" `"\_ ,_.-;_.-\_ ', fsc/as #
_.-'_./ {_.' ; / # -- FreeBSD Developers handbook
{_.-``-' {_/ #
More information about the freebsd-net
mailing list