[kea-dev] [patch] Linux Packet Filter
Tomek Mrugalski
tomasz at isc.org
Tue Aug 2 20:39:09 UTC 2022
Hey!
Thanks a lot for the patch. I think this is the best description for a
patch I've ever seen.
I've checked the code as is to MR 1759, as part of the #1738 ticket.
Also, moved this ticket out of Outstanding, so it will be triaged on Kea
call this week.
Now is a perfect time to deal with this kind of changes. 2.2.0 just went
out and we're kicking off the 2.3 series.
Tomek
On 01.08.2022 14:50, Morten Brørup wrote:
> Dear Kea developers,
>
> Please find a patch for the Linux packet filter below, which provides the following modifications:
>
> 1. Feature: VLAN tagged packets are dropped. I think this addresses issues #1117 and #1738.
>
> 2. Optimization: The BPF program order has been reorganized to reduce the filter processing workload in the kernel.
>
> 3. Bugfix: The test for fragmented packets did not drop the first fragment. You might also want to fix this in pkt_filter_bpf.cc.
>
> 4. Bugfix: Drain the socket after the filter has been attached. You might also want to fix this in pkt_filter_bpf.cc.
>
> 5. Docfix: A @todo about filtering packets sent to the interface address was removed. This should have been removed with commit 7139039105680154602b5dd9eaf319c279be11c4.
>
>
> PS: I liked your presentation at DKNOG12, Tomek.
More information about the kea-dev
mailing list