From 140dd23c1cd7dc92a8247f3a1c5f333514e011db Mon Sep 17 00:00:00 2001 From: dlg Date: Sat, 20 Feb 2021 01:11:43 +0000 Subject: [PATCH] add a MONITOR flag to ifaces to say they're only used for watching packets. an example use of this is when you have a span port on a switch and you want to be able to see the packets coming out of it with tcpdump, but do not want these packets to enter the network stack for processing. this is particularly important if the span port is pushing a copy of any packets related to the machine doing the monitoring as it will confuse pf states and the stack. ok benno@ --- sys/net/if.c | 5 +++-- sys/net/if.h | 3 ++- sys/net/ifq.c | 12 +++++++----- 3 files changed, 12 insertions(+), 8 deletions(-) diff --git a/sys/net/if.c b/sys/net/if.c index 32e6cf05f9a..6e01d40fdd7 100644 --- a/sys/net/if.c +++ b/sys/net/if.c @@ -1,4 +1,4 @@ -/* $OpenBSD: if.c,v 1.629 2021/02/11 20:28:01 mvs Exp $ */ +/* $OpenBSD: if.c,v 1.630 2021/02/20 01:11:43 dlg Exp $ */ /* $NetBSD: if.c,v 1.35 1996/05/07 05:26:04 thorpej Exp $ */ /* @@ -859,7 +859,8 @@ if_vinput(struct ifnet *ifp, struct mbuf *m) } #endif - (*ifp->if_input)(ifp, m); + if (__predict_true(!ISSET(ifp->if_xflags, IFXF_MONITOR))) + (*ifp->if_input)(ifp, m); } void diff --git a/sys/net/if.h b/sys/net/if.h index 0a53f788eed..15b081ba88d 100644 --- a/sys/net/if.h +++ b/sys/net/if.h @@ -1,4 +1,4 @@ -/* $OpenBSD: if.h,v 1.206 2021/02/01 07:43:33 mvs Exp $ */ +/* $OpenBSD: if.h,v 1.207 2021/02/20 01:11:44 dlg Exp $ */ /* $NetBSD: if.h,v 1.23 1996/05/07 02:40:27 thorpej Exp $ */ /* @@ -230,6 +230,7 @@ struct if_status_description { #define IFXF_AUTOCONF6 0x20 /* [N] v6 autoconf enabled */ #define IFXF_INET6_NOSOII 0x40 /* [N] don't do RFC 7217 */ #define IFXF_AUTOCONF4 0x80 /* [N] v4 autoconf (aka dhcp) enabled */ +#define IFXF_MONITOR 0x100 /* [N] only used for bpf */ #define IFXF_CANTCHANGE \ (IFXF_MPSAFE|IFXF_CLONED) diff --git a/sys/net/ifq.c b/sys/net/ifq.c index 5e97c4e2e43..1aa126f614f 100644 --- a/sys/net/ifq.c +++ b/sys/net/ifq.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ifq.c,v 1.41 2020/07/07 00:00:03 dlg Exp $ */ +/* $OpenBSD: ifq.c,v 1.42 2021/02/20 01:11:44 dlg Exp $ */ /* * Copyright (c) 2015 David Gwynne @@ -715,10 +715,12 @@ ifiq_input(struct ifiqueue *ifiq, struct mbuf_list *ml) ifiq->ifiq_bytes += bytes; len = ml_len(&ifiq->ifiq_ml); - if (len > ifiq_maxlen_drop) - ifiq->ifiq_qdrops += ml_len(ml); - else - ml_enlist(&ifiq->ifiq_ml, ml); + if (__predict_true(!ISSET(ifp->if_xflags, IFXF_MONITOR))) { + if (len > ifiq_maxlen_drop) + ifiq->ifiq_qdrops += ml_len(ml); + else + ml_enlist(&ifiq->ifiq_ml, ml); + } mtx_leave(&ifiq->ifiq_mtx); if (ml_empty(ml)) -- 2.20.1