Stephen Hemminger wrote:

On Wed, 26 Mar 2008 21:19:56 +0100
Patrick McHardy [off-list ref] wrote:

quoted

Stephen Hemminger wrote:

quoted

Make socket filters work for netlink unicast and notifications.
This is useful for applications like Zebra that get overrun with
messages that are then ignored.

Note: netlink messages are in host byte order, but packet filter
state machine operations are done as network byte order.

Do you have an example for a filter for this? I have a similar
patch that adds a new filter instruction for parsing netlink
attributes, which seemed necessary for getting at nested
attributes without too much trouble.

Attached for reference together with a libnl testing
patch for ctnetlink.

Here is the example program:
   it uses netlink IPC and has one thread send route notifications
   and the other filters.

   to test the mulitcast path used a hacked version of ip_monitor from iproute

   see attachment for the quagga patch.

Thanks. It seems it parses only top-level attributes, which
is probably why you didn't need the nlattr_find command I
used in my patch. The problem with this is that finding and
parsing nested attributes using the existing BPF commands is
complicated since you need to fully parse netlink headers
and walk through them. You can't even reuse that part for
multiple nested attributes since you can't jump backwards.
So I think it would be preferrable to have a simpler method
for this.