diff options
| author | Kenny Luong <kluong@cloudflare.com> | 2022-02-08 09:08:02 -0600 |
|---|---|---|
| committer | Kenny Luong <kluong@cloudflare.com> | 2022-02-08 09:27:07 -0600 |
| commit | 3fd11447cbbf424604b426a5fa1481fb68d662e9 (patch) | |
| tree | 26f040c0b95cfc0fa6432ec84470e289604c8756 | |
| parent | 5079d5e4d398a74a9a8e11b9ae18d76fdc0c1dd9 (diff) | |
nflog: only increment packets_nobufs when recv() returns an error
Errno should only be valid when recv() returns a `-1`, indicating an
error.
I believe the intended behavior here is for packets_nobufs to
be a counter that reports back how many times recv() returns
an ENOBUFS during a packet capture. Because of the existing logic
however, packets_nobufs begins incrementing for every recv() call
once the first ENOBUFS error is seen, since errno is not reset when
there are no errors returned from recv().
Before (counter deviates from strace):
# tcpdump output
38069 packets captured
38069 packets received by filter
38061 packets dropped by kernel
# strace output
% time seconds usecs/call calls errors syscall
------ ----------- ----------- --------- --------- ----------------
26.47 0.282728 7 38067 3 recvfrom
After (counter matches strace):
# tcpdump output
38095 packets captured
38095 packets received by filter
7 packets dropped by kernel
# strace output
% time seconds usecs/call calls errors syscall
------ ----------- ----------- --------- --------- ----------------
27.11 0.258596 6 38096 7 recvfrom
| -rw-r--r-- | pcap-netfilter-linux.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/pcap-netfilter-linux.c b/pcap-netfilter-linux.c index 33204a54..dad5add4 100644 --- a/pcap-netfilter-linux.c +++ b/pcap-netfilter-linux.c @@ -123,7 +123,7 @@ netfilter_read_linux(pcap_t *handle, int max_packets, pcap_handler callback, u_c handle->break_loop = 0; return PCAP_ERROR_BREAK; } - if (errno == ENOBUFS) + if (len == -1 && errno == ENOBUFS) handlep->packets_nobufs++; } while ((len == -1) && (errno == EINTR || errno == ENOBUFS)); |