Category Archives: Network

Linux kernel hacking – support SO_PEERCRED for local TCP socket connections

In my old post (https://davejingtian.org/2015/02/17/retrieve-pid-from-the-packet-in-unix-domain-socket-a-complete-use-case-for-recvmsgsendmsg/), we talked about how to retrieve the peer PID from Unix domain socket using struct ucred. A more smart way to do this is using getsockopt() syscall with option SO_PEERCRED directly. As you expected (or … Continue reading

Posted in Linux Distro, Network, OS | Tagged , , , , , , , , , , , , , , , , , | 5 Comments

arpsec – Securing ARP from the Ground Up

Our paper “Securing ARP from the Ground Up” has been accepted as a short paper by CODASPY15, which will be in San Antonio, TX from March 2nd to 4th. In this post, we will talk about our solution to ARP … Continue reading

Posted in Network, OS, Security | Tagged , , , , , , , , , , , , , | 2 Comments

ARP – Linux kernel ARP behavior with multiple NIC

This post is the summary based on a recent discussion in the kernelnewbies mail list. Thanks to the collective intelligence, the Linux kernel ARP behavior with multiple NIC is now pretty clear. 0. Original Question “Assume there are two interfaces … Continue reading

Posted in Network, OS | Tagged , , , , | 8 Comments

nested KVM – just for fun

KVM is based on virtualization instruction set – either Intel vmx or AMD svm, which provides the ability to run the VM directly without emulation or translation. In other words, KVM could only be enabled if it sees vmx/svm in … Continue reading

Posted in Linux Distro, Network, OS | Tagged , , , , , , , , , | 2 Comments

iptables, firewalld and Fedora 18

After setting up httpd in my Fedora 18, I was not able to get access to my own web server. I thought it was related with firewall within the local network, like port 80 being blocked. However, thanks to Mingwei … Continue reading

Posted in Network | Tagged , , , | 2 Comments

Free dynamic DNS – he.net and ddclient

Recently set up ddns (dynamic DNS)  for my Linux workstation successfully. The general intention for ddns is to allow remote access to the workstation where there is no static IP but dynamic IP from DHCP. A lot of ISPs provide … Continue reading

Posted in Network | Tagged , , , , , , , | Leave a comment