ebtable staudy

ebtables

默認有三個Table (filter，nat，broute)

filter 內建三個chain：INPUT/OUTPUT/FORWARD

nat 內建三個chain：PREROUTING/OUTPUT/POSTROUTING

broute內建一個chain : BROUTING

*顯示table

ebtables [-t filter] -L 顯示filter table的內容，默認也是顯示該table

ebtables -t broute -L 顯示broute table的內容

ebtables -t nat -L 顯示nat table的內容

增加一個chain

ebtables -t filter -N newChain -P ACCEPT

但此時不會有封包走到此chain，須將 chain 加到 linux 內建的 hook chain上

ebtables -t filter -A INPUT -j newChain 

ebtables -t filter -L

Bridge chain: INPUT, entries: 1, policy: ACCEPT

-j newChain 

ebtables [-t table ] -[ACDI] chain rule specification [match extensions] [watcher extensions] target    // append, delete, change-counters, insert

ebtables [-t table ] -P chain ACCEPT | DROP | RETURN                                                                      // policy, Set the policy for the chain to the given target

ebtables [-t table ] -F [chain]                                                                                                           // flush, Flush the selected chain

ebtables [-t table ] -Z [chain]                                                                                                           // zero, Set the counters of the selected chain to zero

ebtables [-t table ] -L [-Z] [chain] [ [--Ln] | [--Lx] ] [--Lc] [--Lmac2]                                                  // list, List all rules in the selected chain. If no chain is selected, all chains are listed.

                              // -L -Z , When both the -Z and -L commands are used together in this way, the rule counters are printed on the screen before they are set to zero.

                              // -L --Ln, Shows the counters at the end of each rule displayed by the -L command.

ebtables [-t table ] -N chain [-P ACCEPT | DROP | RETURN]                                                               // new-chain

ebtables [-t table ] -X [chain]                                                                                                           // delete-chain

ebtables [-t table ] -E old-chain-name new-chain-name                                                                    // rename-chain

ebtables [-t table ] --init-table                                                                                                         // Replace the current table data by the initial table data

ebtables [-t table ] [--atomic-file file] --atomic-commit

ebtables [-t table ] [--atomic-file file] --atomic-init

ebtables [-t table ] [--atomic-file file] --atomic-save

ebtables [-t table ] -[ACDI] chain rule specification [match extensions] [watcher extensions] target

ebtables [-t table ] -P chain ACCEPT | DROP | RETURN

ebtables [-t table ] -F [chain]

ebtables [-t table ] -Z [chain]

ebtables [-t table ] -L [-Z] [chain] [ [--Ln] | [--Lx] ] [--Lc] [--Lmac2]

ebtables [-t table ] -N chain [-P ACCEPT | DROP | RETURN]

ebtables [-t table ] -X [chain]

ebtables [-t table ] -E old-chain-name new-chain-name

ebtables [-t table ] --init-table

ebtables [-t table ] [--atomic-file file] --atomic-commit

ebtables [-t table ] [--atomic-file file] --atomic-init

ebtables [-t table ] [--atomic-file file] --atomic-save

https://linux.die.net/man/8/ebtables

srTCM,trTCM介紹

http://blog.xuite.net/ian11832/blogg/197448684-srTCM,trTCM%E4%BB%8B%E7%B4%B9

struct 宣告 在big_endian 和 little_endian 上的排列

若是以bit 為單位在
big_endian : struct 由上而下 在記憶體的位置則是以bits為單位  由高位排至低位
little_endian :struct 由上而下 在記憶體的位置以1byte 為單位  由最高位byte的最低位bit開始 往記憶體低位排



以ipv6 addr packet 的前4個byte  為例 (from wiki)

例子如下:
#ifdef _BIG_ENDIAN
uint32 version:4;
uint32 tclassH:4;

uint32 tclassL:4;
uint32 flow_lblH:4;

uint32 flow_lblL:16;
#elif  _LITTLE_ENDIAN
uint32 tclassH:4;
  uint32 version:4;

uint32 flow_lblH:4;
uint32 tclassL:4;

uint32 flow_lblL:16;
#endif

其中big_endian 其實也可以寫的更簡潔
uint32 version:4;
uint32 tclass:8;
uint32 flow_lblL:20;

IPv6 study

v6_msoft
http://www.microsoft.com/taiwan/technet/itsolutions/network/security/ipvers6.aspx?mfr=true
http://technet.microsoft.com/zh-tw/library/gg250710(v=ws.10).aspx

v6 header
http://en.wikipedia.org/wiki/IPv6_packet

MTU MSS study

http://blog.crhan.com/2014/05/mtu-and-mss/

cisco (Resolve IP Fragmentation, MTU, MSS, and PMTUD Issues with GRE and IPSEC)

802.3ac

1998 year

Max frame size extended to 1522 bytes (to allow "Q-tag") The Q-tag includes 802.1Q VLAN information and 802.1p priority information.

Packet flow in Netfilter and General Networking (Linux)

ref. http://upload.wikimedia.org/wikipedia/commons/3/37/Netfilter-packet-flow.svg

linux 網路設定

修改的參數	設定檔與重要啟動腳本	觀察結果的指令
IP相關參數	/etc/sysconfig/network-scripts/ifcfg-eth0 /etc/init.d/network restart	ifconfig (IP/Netmask) route -n (gateway)
DNS	/etc/resolv.conf	dig www.google.com
主機名稱	/etc/sysconfig/network /etc/hosts	hostname (主機名) ping $(hostname) reboot

TR-069 CPE 和 ACS 之間溝通的通訊協

WIKI

http://www.mem.com.tw/article_content.asp?sn=1001260014

linux 指令 brctl

如何在 Linux 底下建立橋接介面給虛擬機器使用http://pominglee.blogspot.tw/2014/03/linux.html
本文

ref. http://my.oschina.net/guol/blog/69599

http://fp-moon.iteye.com/blog/1468650

linux 網路相關指令 ifconfig / route / ping / traceroute / netstat

每天一个linux命令（52）：ifconfig命令 

.每天一个linux命令（53）：route命令

每天一个linux命令（54）：ping命令

每天一个linux命令（55）：traceroute命令

每天一个linux命令（56）：netstat命令

How many bytes in a packet?

Sometime, we found some devices that point out "forwarding rate, Mpps". The "pps" is the short term for packet per second. However, how many bytes in a packet? It depends, there is no specification on how many byte in a packet, you define it by yourself.

In the 100M Ethernet network,
100M bps / 8 = 12.5 MBps = 12500000 Bytes/s(Bps)

If you define the frame size is 64 Bytes (Minimum Ethernet framz size):
8 Bytes (preamble) + 64 Bytes + 12 Bytes (interframe gap) = 84 Bytes

So forwarding rate will be
12500000 Bps / 84 bytes = 148809 pps

If you define the frame size is 1518 Bytes (Maximum Ethernet framz size):
8 Bytes (preamble) + 1518 Bytes + 12 Bytes (interframe gap) = 1538 Bytes

So forwarding rate will be
12500000 Bps / 1538 bytes = 8127 pps

100M Ethernet's forwarding rate formula:
12500000 Bps / ( 8 Bytes (preamble) + (Feame Size) + 12 Bytes (interframe gap)) = forwarding rate, pps

linux networking netfilter

netfilter

http://blog.csdn.net/qy532846454/article/details/8255728

Linux 計時器 HZ, tick and jiffies ,delay

基本介紹

詳細

LDDP(linux device driver )計時器

mdelay,udelay

net_device 結構

出處


内核源码：linux-2.6.38.8.tar.bz2

在Linux系统中，网络设备都被抽象为struct net_device结构体。它是网络设备硬件与上层协议之间联系的接口，了解它对编写网络驱动程序非常有益，所以本文将着手简要介绍linux-2.6.38.8/include/linux/netdevice.h文件中struct net_device结构体的所有成员（没有按照它们定义的顺序）。

SKB(struct sk_buff)数据结构的部分分析

出處

other
http://simohayha.iteye.com/blog/556168
skb function 操作

http://jared.web.fc2.com/skb_function.pdf
小馬哥
http://jared.web.fc2.com/sk_buffer_analysis.pdf

上下篇
http://blog.csdn.net/npy_lp/article/details/7174124

IGMP study / MLD

看了一篇文章寫得不錯就copy 過來看

出處
http://blog.xuite.net/azelmk2/eday/83824141

概論:
unicast: 來源和目的只有一個, 一對一傳送

multicast: 來源一個, 目的是特殊的MAC/IP (稱之為multicast group IP/MAC), 一對多.