| Message ID | 20231110041604.11564-1-duncan_roe@optusnet.com.au |
|---|---|
| State | Changes Requested |
| Headers | show |
| Series | [libnetfilter_queue] utils: Add example of setting socket buffer size | expand |
On Fri, Nov 10, 2023 at 03:16:04PM +1100, Duncan Roe wrote: > The libnetfilter_queue main HTML page mentions nfnl_rcvbufsiz() so the new > libmnl-only libnetfilter_queue will have to support it. > > The added call acts as a demo and a test case. > > Signed-off-by: Duncan Roe <duncan_roe@optusnet.com.au> > --- > utils/nfqnl_test.c | 5 +++++ > 1 file changed, 5 insertions(+) > > diff --git a/utils/nfqnl_test.c b/utils/nfqnl_test.c > index 682f3d7..6d2305e 100644 > --- a/utils/nfqnl_test.c > +++ b/utils/nfqnl_test.c > @@ -91,6 +91,7 @@ int main(int argc, char **argv) > int fd; > int rv; > uint32_t queue = 0; > + uint32_t ret; > char buf[4096] __attribute__ ((aligned)); > > if (argc == 2) { > @@ -107,6 +108,10 @@ int main(int argc, char **argv) > fprintf(stderr, "error during nfq_open()\n"); > exit(1); > } > + printf("setting socket buffer size to 2MB\n"); > + ret = nfnl_rcvbufsiz(nfq_nfnlh(h), 1024 * 1024); libnfnetlink is deprecated. maybe call setsockopt and use nfq_fd() instead if you would like that this shows in the example file. > + printf("Read buffer set to 0x%x bytes (%gMB)\n", ret, > + ret / 1024.0 / 1024); > > printf("unbinding existing nf_queue handler for AF_INET (if any)\n"); > if (nfq_unbind_pf(h, AF_INET) < 0) { > -- > 2.35.8 >
Cc'ing list this time ----- Forwarded message from Duncan Roe <dunc@slk15.local.net> ----- Date: Wed, 15 Nov 2023 10:46:34 +1100 From: Duncan Roe <dunc@slk15.local.net> To: Pablo Neira Ayuso <pablo@netfilter.org> Subject: Re: [PATCH libnetfilter_queue] utils: Add example of setting socket buffer size Hi Pablo, On Tue, Nov 14, 2023 at 04:22:26PM +0100, Pablo Neira Ayuso wrote: > On Fri, Nov 10, 2023 at 03:16:04PM +1100, Duncan Roe wrote: > > The libnetfilter_queue main HTML page mentions nfnl_rcvbufsiz() so the new > > libmnl-only libnetfilter_queue will have to support it. > > > > The added call acts as a demo and a test case. > > > > Signed-off-by: Duncan Roe <duncan_roe@optusnet.com.au> > > --- > > utils/nfqnl_test.c | 5 +++++ > > 1 file changed, 5 insertions(+) > > > > diff --git a/utils/nfqnl_test.c b/utils/nfqnl_test.c > > index 682f3d7..6d2305e 100644 > > --- a/utils/nfqnl_test.c > > +++ b/utils/nfqnl_test.c > > @@ -91,6 +91,7 @@ int main(int argc, char **argv) > > int fd; > > int rv; > > uint32_t queue = 0; > > + uint32_t ret; > > char buf[4096] __attribute__ ((aligned)); > > > > if (argc == 2) { > > @@ -107,6 +108,10 @@ int main(int argc, char **argv) > > fprintf(stderr, "error during nfq_open()\n"); > > exit(1); > > } > > + printf("setting socket buffer size to 2MB\n"); > > + ret = nfnl_rcvbufsiz(nfq_nfnlh(h), 1024 * 1024); > > libnfnetlink is deprecated. Yes I know that, obviously:) > > maybe call setsockopt and use nfq_fd() instead if you would like that > this shows in the example file. > > > + printf("Read buffer set to 0x%x bytes (%gMB)\n", ret, > > + ret / 1024.0 / 1024); > > > > printf("unbinding existing nf_queue handler for AF_INET (if any)\n"); > > if (nfq_unbind_pf(h, AF_INET) < 0) { > > -- > > 2.35.8 > > The point here is that nfnl_rcvbufsiz() has been advertised in the main page of libnetfilter_queue HTML for a long time and there are likely a number of systems out there that use it. When libnfnetlink is removed, libnetfilter_queue will have to provide nfnl_rcvbufsiz() or those systems will start failing. I have in mind that although libnetfilter_queue will provide nfnl_rcvbufsiz(), there will be no documentation for it. You will see in https://patchwork.ozlabs.org/project/netfilter-devel/patch/20231112065922.3414-2-duncan_roe@optusnet.com.au/ I replaced the advice to use nfnl_rcvbufsiz() (in 2 places) with advice to use setsocketopt(). I only mentioned that programs calling nfnl_rcvbufsiz() will continue to run. So I offered this patch as the only documentation of how to use nfnl_rcvbufsiz(). I need it for my testing, but it's fine with me if you don't want to take it. I could add a setsockopt() example to nf-queue or nfqnl_test if you like. Cheers ... Duncan. ----- End forwarded message -----
diff --git a/utils/nfqnl_test.c b/utils/nfqnl_test.c index 682f3d7..6d2305e 100644 --- a/utils/nfqnl_test.c +++ b/utils/nfqnl_test.c @@ -91,6 +91,7 @@ int main(int argc, char **argv) int fd; int rv; uint32_t queue = 0; + uint32_t ret; char buf[4096] __attribute__ ((aligned)); if (argc == 2) { @@ -107,6 +108,10 @@ int main(int argc, char **argv) fprintf(stderr, "error during nfq_open()\n"); exit(1); } + printf("setting socket buffer size to 2MB\n"); + ret = nfnl_rcvbufsiz(nfq_nfnlh(h), 1024 * 1024); + printf("Read buffer set to 0x%x bytes (%gMB)\n", ret, + ret / 1024.0 / 1024); printf("unbinding existing nf_queue handler for AF_INET (if any)\n"); if (nfq_unbind_pf(h, AF_INET) < 0) {
The libnetfilter_queue main HTML page mentions nfnl_rcvbufsiz() so the new libmnl-only libnetfilter_queue will have to support it. The added call acts as a demo and a test case. Signed-off-by: Duncan Roe <duncan_roe@optusnet.com.au> --- utils/nfqnl_test.c | 5 +++++ 1 file changed, 5 insertions(+)