[iproute] man: ip-link: Describe promisc mode

Message ID 20190211091706.20624-1-phil@nwl.cc
State Changes Requested
Delegated to: stephen hemminger
Headers show
Series
  • [iproute] man: ip-link: Describe promisc mode
Related show

Commit Message

Phil Sutter Feb. 11, 2019, 9:17 a.m.
Briefly explain what it is and where it's typically used.

Signed-off-by: Phil Sutter <phil@nwl.cc>
---
 man/man8/ip-link.8.in | 8 ++++++++
 1 file changed, 8 insertions(+)

Comments

Stephen Hemminger Feb. 11, 2019, 7:36 p.m. | #1
On Mon, 11 Feb 2019 10:17:06 +0100
Phil Sutter <phil@nwl.cc> wrote:

> Briefly explain what it is and where it's typically used.
> 
> Signed-off-by: Phil Sutter <phil@nwl.cc>
> ---
>  man/man8/ip-link.8.in | 8 ++++++++
>  1 file changed, 8 insertions(+)
> 
> diff --git a/man/man8/ip-link.8.in b/man/man8/ip-link.8.in
> index 73d37c190fffa..5c327f01b6b45 100644
> --- a/man/man8/ip-link.8.in
> +++ b/man/man8/ip-link.8.in
> @@ -1780,6 +1780,14 @@ flag on the device. Indicates that address can change when interface goes down (
>  .B NOT
>  used by the Linux).
>  
> +.TP
> +.BR "promisc on " or " promisc off"
> +change the
> +.B PROMISC
> +flag on the device. This requests receipt of all packets arriving at the NIC
> +irrespective of their destination MAC address. It is typically used by traffic
> +sniffers and also set by Linux bridges for their ports.

This added sentence is confusing. The Linux bridge enables it by default,
and if a sniffer wants to enable it then it is best done from the application.
In either case the user should not need to directly set this through ip commands.

Yes, there are a lots of incorrect web pages out there that say you need to
set an interface into promiscious mode (with ifconfig) before adding it to a bridge.
That might have been true 20 years ago, but hasn't been needed since Linux 2.4

Bottom line, adding this to the documentation is not going to be helpful.
Phil Sutter Feb. 12, 2019, 3:42 p.m. | #2
Hi,

On Mon, Feb 11, 2019 at 11:36:10AM -0800, Stephen Hemminger wrote:
> On Mon, 11 Feb 2019 10:17:06 +0100
> Phil Sutter <phil@nwl.cc> wrote:
[...]
> > diff --git a/man/man8/ip-link.8.in b/man/man8/ip-link.8.in
> > index 73d37c190fffa..5c327f01b6b45 100644
> > --- a/man/man8/ip-link.8.in
> > +++ b/man/man8/ip-link.8.in
> > @@ -1780,6 +1780,14 @@ flag on the device. Indicates that address can change when interface goes down (
> >  .B NOT
> >  used by the Linux).
> >  
> > +.TP
> > +.BR "promisc on " or " promisc off"
> > +change the
> > +.B PROMISC
> > +flag on the device. This requests receipt of all packets arriving at the NIC
> > +irrespective of their destination MAC address. It is typically used by traffic
> > +sniffers and also set by Linux bridges for their ports.
> 
> This added sentence is confusing. The Linux bridge enables it by default,
> and if a sniffer wants to enable it then it is best done from the application.
> In either case the user should not need to directly set this through ip commands.

Well, "used by traffic sniffers" does not imply they don't set it by
themselves (at least not in the German accent I'm reading it :). And
there probably are ones that don't.

> Yes, there are a lots of incorrect web pages out there that say you need to
> set an interface into promiscious mode (with ifconfig) before adding it to a bridge.
> That might have been true 20 years ago, but hasn't been needed since Linux 2.4

In this case ip-link.8 would become a resource pointing out that bridges
do that by themselves nowadays.

> Bottom line, adding this to the documentation is not going to be helpful.

OK, so I'll send a v2 with that last sentence removed?

Thanks, Phil

Patch

diff --git a/man/man8/ip-link.8.in b/man/man8/ip-link.8.in
index 73d37c190fffa..5c327f01b6b45 100644
--- a/man/man8/ip-link.8.in
+++ b/man/man8/ip-link.8.in
@@ -1780,6 +1780,14 @@  flag on the device. Indicates that address can change when interface goes down (
 .B NOT
 used by the Linux).
 
+.TP
+.BR "promisc on " or " promisc off"
+change the
+.B PROMISC
+flag on the device. This requests receipt of all packets arriving at the NIC
+irrespective of their destination MAC address. It is typically used by traffic
+sniffers and also set by Linux bridges for their ports.
+
 .TP
 .BI name " NAME"
 change the name of the device. This operation is not