从Linux内核空间禁用反向路径过滤 [英] Disable reverse path filtering from Linux kernel space

问题描述

在Linux内核模块中，我需要以某种方式禁用rp_filter. 通常可以通过几个简单的sysctl调用从用户空间实现这一点:

Within a Linux kernel module, I need to disable rp_filter in some way. This would typically be possible from user-space via a couple of simple sysctl calls :

sysctl net.ipv4.conf.all.rp_filter=0
sysctl net.ipv4.conf.[ifname].rp_filter=0

如何从内核空间获得相同的结果?我的第一个想法是，我可能需要写入相对的proc文件.如果是这样，正确的方法是什么?

How can I achieve the same result from kernel space? My first idea is that I probably need to write into the relative proc files. If so, what is the proper way to do this?

谢谢. R

推荐答案

我正在查看内核中sysctl的实现，我发现执行sysctl与编写a值/proc文件系统中的文件.

I'm looking at the implementation of sysctl in the kernel, and I've found that doing a sysctl is just the same as writing a value to a file in the /proc filesystem.

在您的情况下，您只想执行以下操作:

In your case you just want to do the equivalent of:

echo 0 >/proc/sys/net/ipv4/conf/all/rp_filter

这是一个粗略的代码示例，基于我现在正在阅读的内核代码中看到的内容:

Here is a rough code sample, based on what I see in the kernel code I am reading just now:

struct vfsmount *mnt;
struct file *file;
ssize_t result;
char *pathname = "sys/net/ipv4/conf/all/rp_filter";
int flags = O_WRONLY;

mnt = task_active_pid_ns(current)->proc_mnt;
file = file_open_root(mnt->mnt_root, mnt, pathname, flags);
result = PTR_ERR(file);
if (IS_ERR(file)) {
  // oops, something bad happened
} else {
  char *buffer = "\0";
  result = kernel_write(file, buffer, 1, 0); // last 2 args are 'count' and 'pos'
  if (result < 0) {
    // oops, something else bad happened
  }
}
fput(file);

这只是一个粗略的示例，因此您必须进行自己的研究和测试才能使其工作.祝你好运！

This is just a rough sample, so you will have to do your own research and testing to get it working. Good luck!

这篇关于从Linux内核空间禁用反向路径过滤的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！