Navid Malekghaini's Personal Blog

My personal weblog for sharing and storing some of my activities related to computer science over the internet

Navid Malekghaini's Personal Blog

My personal weblog for sharing and storing some of my activities related to computer science over the internet

Navid Malekghaini's Personal Blog

Navid Malekghaini

Senior Software Developer @ Arctic Wolf
Prev. Senior SWE and Resaercher @ Huawei Canada, University of Waterloo x Orange R&D

University of Waterloo
Department of computer science
200 University Ave W, Waterloo, ON N2L 3G1, Canada

contact me
navidmalekedu (AT) gmail (DOT) com [ Primary Email ]
nmalekgh (AT) uwaterloo (DOT) ca

Operating Systems Project - Linux Packet Capturing

Sunday, 27 January 2019، 02:14 AM

The main project that me and my colleague designed for Operating Systems course ( Spring 2018 ) - TA of OS

Project Description ( summary ):

The goal of this project is to gather information about incoming and outgoing packets in system. ( some kind of packet capturing )

The desired informations are :

  • Lenght of packet
  • Protocols of packet ( in all available layers of network except application layer, for example Ethernet,IP,TCP )
  • Hash value of packet
  • Total Processing time of packet

Phase one :

  1. implement a systemcall with a single integer input indicating what information you desire from packets and single output buffer to copy the data from kernel space to user space.
  2. an interactive user space program that talks to the user and systemcall call above ( clean input and output for user ).

    Phase two :
    1. implement a kernel module with a single proc entry file for input indicating what information you desire from packets and single proc entry file for output and to copy the data from kernel space to user space.
    2. an interactive user space program that talks to the user and kernel module and proc entry files above ( clean input and output for user ).

    Phase three :

    Performance comparsion of kernel module and system call ( the first two phases ).


    Approach Taken for answer:

    All of the desired informations are in sk_buff data structure.
    my approach was to clone sk_buff from driver, right before the driver ( here : e1000 ) wants to pass the packet to the next network layer handler ( application or the NIC ). with this approach i will have a clone for each packet.
    now that i have the information the rest is easy, just copy the desired information from the sk_buff to the output buffer and copy from there to user space.

    note: for the LKM you should use extern and export symbol.

    the idea for this approach was from here


    Second approach:

    second approach i believe is based on this idea from IBM.

    Download the Implementation of Second Approach From a Student With Document