Netmap: Build a network SPAN/TAP from netmap
Jim Thompson
jim at netgate.com
Fri Dec 15 05:58:57 UTC 2017
> On Dec 14, 2017, at 12:00 PM, Ming Fu <Ming.Fu at esentire.com> wrote:
>
> Hi,
>
> I am trying to explore the possibility to build a network SPAN/TAP from netmap. Similar to the bridge sample, but all packet going through the bridge also get copied to a SPAN port. How do I duplicate or clone an incoming packet and send the original to bridge peer and the cloned one to the SPAN port? Is there an API like FreeBsd m_copypacket() for netmap? Would it work for Linux as well?
>
> Thanks
> Ming
Ming,
I’d look at adapting netmap monitors.
https://github.com/luigirizzo/netmap/blob/master/sys/dev/netmap/netmap_monitor.c
For the rest of the solution, look at netmap_user.h, where it explains how to open a port in monitor mode.
https://github.com/luigirizzo/netmap/blob/master/sys/net/netmap_user.h
Essentially, once you have an active netmap port e.g. netmap:ix0, you can sniff the traffic by opening additional netmap ports
named netmap:ix0/r (for rx traffic) or netmap:ix0/t (for tx) or even netmap:ix0/rt (for both tx and rx)
The rest of the code (to inject frames back down another interface) can be lifted from the bridge sample.
You could also look at SF-TAP. http://sf-tap.github.io
Jim
More information about the freebsd-net
mailing list