In message <14432.2404.915004.861739@xxxxxxxxxxxxxxxxxxxxxx> you write:
> However, I would like to be able to read a series of packets from
> userspace without having to make a decision about each one before I
> can see the next. Trying the poll route was the easiest. There seem
> to be two other obvious options in front of me:
Hi Bryan,
Please come up with a better netfilter dev; the current one is simple
as all hell. BTW, num packets queued is currently hard limited in
netfilter.c.
A perfect netfilter dev would have the following properties:
1) Minimum number of system calls: averaging << 1 syscall per packet
would rock.
2) Handle out-of-order stuff. Please don't hand out pointers to
userspace as cookies unless you have to, unless you verify them
somehow when they get back. Even though only root can use
netfilter_dev right now, I don't want a coding bug to crash my
kernel please!
Look at Alexey's memmapped sockpacket code for inspiration, although
note that we have the skb itself, not a copy, and must handle
modifications.
Rusty.
--
Hacking time.
|