Actually, it's sizeof(struct netdev { __u32 len; __u32 mark; char
interface[IFNAMSIZ]; }) + 65535, otherwise you may get an incomplete
packet.
> Questions:
> Are you guaranteed to only get one packet for one read or
> are there sometimes several?
Always one. One read, one packet; it's not a stream socket. Alexey
explained this to me in little words.
> Does a read always return the start of the packet or is there a
> possibility that you may start reading in the middle of a packet?
Always the start.
> If you don't read packets fast enough, are some discarded?
Since late in the 2.1 series, if the packet can't be queued for
netlink, it is dropped inside ip_fw.c. You also get an read() failure
and errno==ENOBUFS (IIRC), which can be ignored, but tells you that
packets were dropped. (In fact, there's a net_ratelimit'd printk as
well, which you can remove if it bothers you).
Hope that helps,
Rusty.
PS. The ipchains-dev list at rustcorp.com is good for furthur questions.
-- Tridge, Raster, DaveM, Cort, maddog... Where will you be 9-11 July 1999? http://www.linux.org.au/projects/calu- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/