Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Experience with libvirt netfilter API
Special Forums Cybersecurity Experience with libvirt netfilter API Post 302871837 by smoofy on Thursday 7th of November 2013 04:52:57 AM
Old 11-07-2013
Experience with libvirt netfilter API
Hi all,

I would like to get some ideas and opinions on matter of libvirt netfilter application in KVM environment. I am looking for some easy way to control it with an API and possible experience with that and its performance in real life application.

Thanks for all ideas
 

7 More Discussions You Might Find Interesting

1. Programming

Help in extending netfilter

Hi everybody, I have to write a module for matching in netfilter , extending the netfilter but I'm facing some problems can somebody guide me in that. I know that I need to write matching module working in kernel space and a program in userspace. I went through the HOWTO on netfilter-hacking but... (0 Replies)
Discussion started by: Trusted Penguin
0 Replies

2. Programming

extending netfilter...plz help

Hello friends i'm trying to extend iptables to include a target by which we can change the packet type field of a packet. For this i created a kernel module and a userspace extension. Now i face the problem that when i try to invoke iptable with the target i created i get an error message saying... (1 Reply)
Discussion started by: Rakesh Ranjan
1 Replies

3. IP Networking

netfilter connection tracking

hi, i'm using tcpreplay to send a traffic trace to my wireless interface (the trace is been captured by the same interface). It seems as netfilter can't trace connections. Is it possible? (0 Replies)
Discussion started by: littleboyblu
0 Replies

4. Linux

netfilter / iptables

HI, Is the Netfilter and IPtables same? Thanks & Regards Arun (1 Reply)
Discussion started by: Arun.Kakarla
1 Replies

5. Shell Programming and Scripting

Need to run an API from a script and extract fields from output of API

Hi, I need to call an API (GetUsageDetails)from inside a shell script which takes an input argument acct_nbr. The output of API will be like : <usageAccum accumId="450" accumCaptn="PM_125" inclUnits="1410.00" inclUnitsUsed="744.00" shared="true" pooled="false" prorated="false"... (1 Reply)
Discussion started by: rkrish
1 Replies

6. UNIX for Advanced & Expert Users

Libvirt does not work correctly anymore on my gentoo

Hi, Since a year my libvirtd does not work anymore on my Gentoodesktop. In the meantime a used virtualbox. But I would like to have back libvirt. The problem was after libvirt should not only work with root privileges. I deinstalled all things with libvirt an kvm. I removed all things from /var... (4 Replies)
Discussion started by: darktux
4 Replies

7. Cybersecurity

How to use Netfilter properly with IPv6?

Hello, on a PC with Debian 8 I try to use a Bash script with Netfilter rules so that only traffic goes in and out that is wanted. For that I set all 3 default policies to "drop". The machine uses DHCP to get its IP, gateway and DNS. And I never checked so I was quite surprised that my... (1 Reply)
Discussion started by: SInt
1 Replies

LEARN ABOUT ULTRIX

libcurl-multi

libcurl-multi(3)					      libcurl multi interface						  libcurl-multi(3)

NAME

       libcurl-multi - how to use the multi interface

DESCRIPTION

       This  is an overview on how to use the libcurl multi interface in your C programs. There are specific man pages for each function mentioned
       in here. There's also the libcurl-tutorial(3) man page for a complete tutorial to programming with libcurl and the libcurl-easy(3) man page
       for an overview of the libcurl easy interface.

       All functions in the multi interface are prefixed with curl_multi.

OBJECTIVES

       The multi interface offers several abilities that the easy interface doesn't.  They are mainly:

       1. Enable a "pull" interface. The application that uses libcurl decides where and when to ask libcurl to get/send data.

       2. Enable multiple simultaneous transfers in the same thread without making it complicated for the application.

       3. Enable the application to wait for action on its own file descriptors and curl's file descriptors simultaneous easily.

ONE MULTI HANDLE MANY EASY HANDLES

       To  use	the multi interface, you must first create a 'multi handle' with curl_multi_init(3). This handle is then used as input to all fur-
       ther curl_multi_* functions.

       Each single transfer is built up with an easy handle. You must create them, and setup the appropriate options for each easy handle, as out-
       lined in the libcurl(3) man page, using curl_easy_setopt(3).

       When  the easy handle is setup for a transfer, then instead of using curl_easy_perform(3) (as when using the easy interface for transfers),
       you should instead add the easy handle to the multi handle using curl_multi_add_handle(3). The multi handle is sometimes referred to  as  a
       'multi stack' because of the fact that it may hold a large amount of easy handles.

       Should you change your mind, the easy handle is again removed from the multi stack using curl_multi_remove_handle(3). Once removed from the
       multi handle, you can again use other easy interface functions like curl_easy_perform(3) on the handle or whatever you think is necessary.

       Adding the easy handle to the multi handle does not start the transfer.	Remember that one of the main ideas with this interface is to  let
       your  application  drive.  You  drive the transfers by invoking curl_multi_perform(3). libcurl will then transfer data if there is anything
       available to transfer. It'll use the callbacks and everything else you have setup in the individual easy handles. It'll	transfer  data	on
       all current transfers in the multi stack that are ready to transfer anything. It may be all, it may be none.

       Your application can acquire knowledge from libcurl when it would like to get invoked to transfer data, so that you don't have to busy-loop
       and call that curl_multi_perform(3) like crazy. curl_multi_fdset(3) offers an interface using which you can extract fd_sets from libcurl to
       use in select() or poll() calls in order to get to know when the transfers in the multi stack might need attention. This also makes it very
       easy for your program to wait for input on your own private file descriptors at the same time or perhaps timeout every now and then, should
       you want that.

       curl_multi_perform(3)  stores  the  number of still running transfers in one of its input arguments, and by reading that you can figure out
       when all the transfers in the multi handles are done. 'done' does not mean successful. One or more of the transfers may have failed. Track-
       ing when this number changes, you know when one or more transfers are done.

       To  get	information  about completed transfers, to figure out success or not and similar, curl_multi_info_read(3) should be called. It can
       return a message about a current or previous transfer. Repeated invokes of the function get more messages until the message queue is empty.
       The information you receive there includes an easy handle pointer which you may use to identify which easy handle the information regards.

       When  a single transfer is completed, the easy handle is still left added to the multi stack. You need to first remove the easy handle with
       curl_multi_remove_handle(3) and then close it with curl_easy_cleanup(3), or  possibly  set  new	options  to  it  and  add  it  again  with
       curl_multi_add_handle(3) to start another transfer.

       When  all  transfers  in the multi stack are done, cleanup the multi handle with curl_multi_cleanup(3). Be careful and please note that you
       MUST invoke separate curl_easy_cleanup(3) calls on every single easy handle to clean them up properly.

       If you want to re-use an easy handle that was added to the multi handle for transfer, you must first remove it from  the  multi	stack  and
       then re-add it again (possibly after having altered some options at your own choice).

MULTI_SOCKET
       curl_multi_socket_action(3)  function  offers  a  way for applications to not only avoid being forced to use select(), but it also offers a
       much more high-performance API that will make a significant difference for applications using large numbers of simultaneous connections.

       curl_multi_socket_action(3) is then used instead of curl_multi_perform(3).

       When using this API, you add easy handles to the multi handle just as with the normal multi interface. Then you also set two callbacks with
       the CURLMOPT_SOCKETFUNCTION and CURLMOPT_TIMERFUNCTION options to curl_multi_setopt(3).

       The  API  is  then  designed to inform your application about which sockets libcurl is currently using and for what activities (read and/or
       write) on those sockets your application is expected to wait for.

       Your application must then make sure to receive all sockets informed about in the CURLMOPT_SOCKETFUNCTION callback and make sure it  reacts
       on  the	given  activity  on  them.  When a socket has the given activity, you call curl_multi_socket_action(3) specifying which socket and
       action there are.

       The CURLMOPT_TIMERFUNCTION  callback  is  called  to  set  a  timeout.  When  that  timeout  expires,  your  application  should  call  the
       curl_multi_socket_action(3) function saying it was due to a timeout.

BLOCKING

       A  few  areas  in  the  code are still using blocking code, even when used from the multi interface. While we certainly want and intend for
       these to get fixed in the future, you should be aware of the following current restrictions:

	- Name resolves unless the c-ares or threaded-resolver backends are used
	- NSS SSL connections
	- HTTP proxy CONNECT operations
	- SOCKS proxy handshakes
	- file:// transfers
	- TELNET transfers

libcurl 7.16.0							    3 Feb 2007							  libcurl-multi(3)
All times are GMT -4. The time now is 07:28 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy