Re: [PATCH v3] net: ip, diag -- Add diag interface for raw sockets

[Cyrill Gorcunov]

On Fri, Sep 16, 2016 at 01:55:42PM -0600, David Ahern wrote:
> >> Since the display is showing sockets in addition to IPPROTO_RAW:
> >>
> >> $ ss -A raw
> >> State      Recv-Q Send-Q        Local Address:Port                         Peer Address:Port
> >> UNCONN     0      0                    *%eth0:icmp                                    *:*
> >>
> >> It is going to be confusing if only ipproto-255 sockets can be killed.
> > 
> > OK, gimme some time to implement it. Hopefully on the weekend or monday.
> > Thanks a huge for feedback!
> > 
> 
> It may well be a ss bug / problem. As I mentioned I am always seeing 255 for the protocol which

It is rather not addressed in ss. I mean, look, when we send out a diag packet
the kernel look ups for a handler, which for raw protocol we register as

static const struct inet_diag_handler raw_diag_handler = {
	.dump= raw_diag_dump,
	.dump_one= raw_diag_dump_one,
	.idiag_get_info= raw_diag_get_info,
	.idiag_type= IPPROTO_RAW,
	.idiag_info_size= 0,
#ifdef CONFIG_INET_DIAG_DESTROY
	.destroy= raw_diag_destroy,
#endif
};

so if we patch ss and ask for IPPROTO_ICMP in netlink packet the
kernel simply won't find anything. Thus I think we need (well, I need)
to extend the patch and register IPPROTO_ICMP diag type, then
extend ss as well. (If only I didn't miss somethin obvious).

> is odd since ss does a dump and takes the matches and invokes the kill. Thanks for taking
> the time to do the kill piece.

Sure!