Hi Mathieu, > Here is a patch that add a netlink virtual interface. > Through a hook in af_netlink.c every packets are duplicated and sent to > that interface. Thus userspace sniffers can capture them.
Looks like an interesting direction. Do you think, that such approach may be extended to unix-domain traffic as well, or there are other ways to sniff such packets? Security people will cry, but sometimes we need good troubleshooting means in userland. Sincerely, ----------------------------------------------------------------------- Robert Iakobashvili, coroberti at gmail dot com NAVIGARE NECESSE EST ---------------------------------------------------------------------- - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html