摘要
在Linux下通常的网络数据包捕获通过Libpcab函数框架实现,该体系下实现的包捕获存在着一些缺陷。探讨了netfilter框架在Linux内核中的实现,并利用netfilter框架进行以太网数据包的捕捉接收,经处理后实现数据包的重组发送。在内核空间处理网络数据包不仅提高了效率,减少了数据从内核空间传递到用户空间消耗的资源,而且可以截获网络上所有的以太网报文。
In linux, Libpcap function is applied to packet capture, but Libpcap has been proven to have low effciency when net has a heavy traffic. The paper discusses the implementation of Netfilter framework in the kernel of Linux. Based on it, we illustrate the packet capture and the packet forwarding. The process of network packets in kernel can not only improve the system performance by consuming less time and resource of data copy from kernel space to user space, but also filter and process data by capturing all the IP packets on the network.
出处
《计算机与网络》
2009年第23期43-45,共3页
Computer & Network
