I got this picture from https://epickrram.blogspot.com/2016/05/navigating-linux-kernel-network-stack.html?m=0, and the idea is that this is how the interaction between the network card and the driver running on on the CPU (in the interrupt handler?) works. The kernel module copies into a buffer called skbuff, which looks like this:
https://opensourceforu.com/2016/10/network-performance-monitoring/ and the kernel populates (copies) the data into the sk_buff data structure which look like this:
Go to this link for some deep dive on Raw sockets: https://packetstormsecurity.com/files/72743/SOCK_RAW-Demystified.html
No comments:
Post a Comment