I have a linux system with systemd 237. I need to get the list of NTP servers configured by DHCP using C code.
The sources of systemd has all the informations:
/* Get NTP entries for a given link. These are domain names or string
* representations of IP addresses */
int sd_network_link_get_ntp(int ifindex, char ***ret);
(from sd-network.h)
But this interface isn't exposed in libsystemd.
I know that the latest systemd expose a dbus interface with the necessary informations, but I can't update it.
The /etc/ntp.conf isn't filled anymore.
The files under /run/systemd/netif aren't filled until networkctl is run and, even though, the files generated contains an explicit line at the start:
# This is private data. Do not parse.
If anyone has a solution.
Thank you
Related
Is there a way to retrieve IP and MAC address of devices connected to a Wi-Fi hotspot/access point using NetworkManager (nmcli or even better via C API)?
I had a similar question, but for me it was enough to display that info on terminal. I didn't find anything in documentation, but the apt package (apt info network-manager) on Ubuntu has a dependency on dnsmasq-base. So opening htop I saw that NetworkManager (in my case) uses dnsmasq for dhcp server.
With htop(or similar, you can press t to sort by parent processes) you can look for /usr/sbin/dnsmasq running. there you will be able to see all the arguments it is given.
One of them is --dhcp-leasefile. You can use that as a starting pointer.
In my case it wasleasefile=/var/lib/NetworkManager/dnsmasq-wlo1.leases
There also was argument --dir=/etc/NetworkManager/dnsmasq-shared.d that may help you to configure dnsmasq if that's required
Is there a way to view all the IPv4 packets sent to a Linux computer?
I know I can capture the packets at the ethernet level using libpcap. This can work, but I don't really want to defragment the IPv4 packets. Does libpcap provide this functionality and I'm just missing it?
One thing that kinda works is using a tun device. I can capture all the IPv4 traffic by routing all traffic to the tun device via something like ip route add default via $TUN_IP dev $TUNID. This also stops outbound traffic though, which is not what I want.
I just want to see the IPv4 packets, not intercept them. (Or, even better, optionally intercept them.)
Edit: I'm specifically looking for a programmatic interface to do this. E.g. something I can use from within a C program.
Yes, you can see all the packets that arrive at your network interface. There are several options to access or view them. Here a small list of possible solutions, where the first one is the easiest and the last one the hardest to utilize:
Wireshark
I'd say this is pretty much the standard when it comes to protocol analyzers with a GUI (uses libpcap). It has tons of options, a nice GUI, great filtering capabilities and reassembles IP datagrams. It uses libpcap and can also show the raw ethernet frame data. For example it allows you to see layer 2 packets like ARP. Furthermore you can capture the complete data arriving at your network interface in a file that can later be analyzed (also in Wireshark).
tcpdump
Very powerful, similar features like Wireshark but a command line utility, which also uses libpcap. Can also capture/dump the complete interface traffic to a file. You can view the dumped data in Wireshark since the format is compatible.
ngrep
This is known as the "network grep" and is similar to tcpdump but supports regular expressions (regex) to filter the payload data. It allows to save captured data in the file format supported by Wireshark and tcpdump (also uses libpcap).
libnids
Quotation from the official git repository:
"Libnids is a library that provides a functionality of one of NIDS
(Network Intrusion Detection System) components, namely E-component. It means
that libnids code watches all local network traffic [...] and provides convenient information on them to
analyzing modules of NIDS. Libnids performs:
assembly of TCP segments into TCP streams
IP defragmentation
TCP port scan detection"
libpcap
Of course you can also write your own programs by using the library directly. Needless to say, this requires more efforts.
Raw or Packet Sockets
In case you want to do all the dirty work yourself, this is the low level option, which of course also allows you to do everything you want. The tools listed above use them as a common basis. Raw sockets operate on OSI layer 3 and packet sockets on layer 2.
Note: This is not meant to be a complete list of available tools or options. I'm sure there are much more but these are the most common ones I can think of.
Technically you have to make a copy of the received packet via libpcap. To be more specific, what you can do is to get packets with libpcap, that way the packets will be kind of blocked, so you need to re send them to the destination. Lets say that you want to make a Fire-Wall or something, what you should do is to have a layer that can work like getting the package and then send it to the destination, in between you can make a copy of what you got for further processes. In order to make the intercept option, you need to create some predefined rules, i.e. the ones that violates the rules will not be send again to their destination.
But that needs a lot of efforts and I don't think you want to waist your life on it.
Wire-shark as mentioned by #Barmar can do the job already.
If you need some kind of command line interface option I would say that "tcpdump" is one of the best monitoring tools. for example for capturing all ipv4 HTTP packets to and from port 80 the command will be:
tcpdump 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)'
for more information and options see tcpdump
Please be specific if you need to write a program for it, then we can help about how to do it.
I want my kernel module get bind to an InfiniBand port and in turn register to the subnet administrator for future operations like query, send , receive.
I have searched on the web but unfortunately there is very little info about it.
At present, I'm referring the IPoIB implementation but it seems to have lots of structures and funtions which are irrelevant to my kernel module.
So, I'm searching the minimalistic and optimised steps to register my module to the InfiniBand SA.
I am trying to figure out from C code in linux if an interface is configured as static or uses dhcp.
I know I can open and parse the /etc/network/interfaces file, but I would prefer something cleaner, like the function getifaddrs() that I use to get the IP address and the mask. Because what if the interface is configured as dhcp in /etc/network/interfaces file but later on the user changes it to static from the command line? I would get a wrong answer.
Is there any way for asking the kernel about the static/dhcp current state of an interface?
The kernel (the Linux part of e.g. GNU/Linux) doesn't decide, it doesn't (and shouldn't) care, it just gets told which network addresses go with which interfaces by whatever configuration system the OS is using. OpenWRT's not GNU, it operates differently
DHCP IP address adquisition is usually managed by distribution scripts or network manager services configured by host. At low level they could use dhclient daemon...
In Debian, dhclient daemon creates the file
/run/dhclient.${interface}.pid
so, you could test when the interface is being set by dhclient.
In not fully managed network environment you should also read that file and test if the process ID is still alive.
Is there a special group or a capability (similar to Linux' CAP_NET_xxx) that would enable a user to change network settings programmatically on Mac OS X? The settings I am interested in are the IP address and netmask of an interface, set programmatically from a C program (via an ioctl call, sending an ifreq struct). The user type I am using at the moment is a stock "Admin" account on my Mac laptop. Ultimately, I wish for my program to add the user once to such a convenient group so that in subsequent runs the user can manipulate the IP address of interfaces without prompting.
Thanks
Mac OS X will pretty much require root privileges to change any network settings. You would need to run the program as root in order to change the settings. As mentioned by #edufinn, the sudo command is ideal for this.
However, if you want to change the configuration in a supported manner you should try one of the following approaches:
Script the scutil command.
use the Dynamic Store API, which is part of the SystemConfiguration Framework.
use the networksetup command, which allows easy getting/setting of values.
Changing the configuration through these APIs will inform applications that the network configuration has changed so they can react appropriately - e.g. make/reset a connection.
Mac OS X is BSD system. You can run your program with sudo command. It's not very obvious from your post what is exactly a problem?