monitor: Use socket filter for PAE / EAPoL to catch all packets

2025-01-30 19:54:09 +01:00 · 2014-08-12 21:44:30 -07:00 · 2014-08-12 21:44:30 -07:00 · 40160a7fd4
commit 40160a7fd4
parent 07aabaf455
1 changed files with 19 additions and 1 deletions
--- a/monitor/nlmon.c
+++ b/monitor/nlmon.c
@ -38,6 +38,7 @@
 #include <linux/netlink.h>
 #include <linux/genetlink.h>
 #include <linux/rtnetlink.h>
+#include <linux/filter.h>
 #include <ell/ell.h>

 #include "linux/nl80211.h"
@ -2044,18 +2045,35 @@ static bool pae_receive(struct l_io *io, void *user_data)
 	return true;
 }

+static struct sock_filter filter[] = {
+	/* skb->protocol == 0x888e (PAE) */
+	{ 0x28, 0, 0, 0xfffff000 },	/* (000) ldh #proto		*/
+	{ 0x15, 0, 1, 0x0000888e },	/* (001) jeq #0x888e jt 2 jf 3	*/
+	{ 0x06, 0, 0, 0xffffffff },	/* (002) ret #-1		*/
+	{ 0x06, 0, 0, 0x00000000 },	/* (003) ret #0			*/
+};
+
+static const struct sock_fprog fprog = { .len = 4, .filter = filter };
+
 static struct l_io *open_pae(void)
 {
 	struct l_io *io;
 	int fd, opt = 1;

 	fd = socket(PF_PACKET, SOCK_DGRAM | SOCK_CLOEXEC | SOCK_NONBLOCK,
-							htons(ETH_P_PAE));
+							htons(ETH_P_ALL));
 	if (fd < 0) {
 		perror("Failed to create authentication socket");
 		return NULL;
 	}

+	if (setsockopt(fd, SOL_SOCKET, SO_ATTACH_FILTER,
+						&fprog, sizeof(fprog)) < 0) {
+		perror("Failed to enable authentication filter");
+		close(fd);
+		return NULL;
+	}
+
 	if (setsockopt(fd, SOL_SOCKET, SO_TIMESTAMP, &opt, sizeof(opt)) < 0) {
 		perror("Failed to enable authentication timestamps");
 		close(fd);