Get in touch:
01524 851 877
07718 896 553

Linux XFRM Framework Selectors

Posted on Apr 17 2008

Whilst progressing some code I have been writing I was recently introduced to Linux’s XFRM (transform) framework. I had not heard of this before but it can be a very useful tool for manipulating packets.

The one big downside to XFRM is there is virtually no documentation on it yet. This can make working with it quite tricky. I am documenting what I find out from using it here in the hope that others will find it useful.

The basic idea behind XFRM is that it allows you to select a packet based on a number of factors. These are all defined in /usr/include/linux/xfrm.h in a struct named xfrm_selector as defined below :

struct xfrm_selector
xfrm_address_t daddr;
xfrm_address_t saddr;
__be16 dport;
__be16 dport_mask;
__be16 sport;
__be16 sport_mask;
__u16 family;
__u8 prefixlen_d;
__u8 prefixlen_s;
__u8 proto;
int ifindex;
uid_t user;

Creating a struct of this type and setting the fields such as the source/destination addresses, ports, address masks etc, allows a packet to be selected, based on this criteria, to allow it to be transformed. By passing this information into the kernel using a nlmsghdr struct and the addattr_l() function along with a template (struct xfmr_user_tmpl) describing what action to take on the packet we can alter certain packets however we wish.

This is proving very useful to me in some of my current work and I will continue to post anything I think might be useful to others working in the same area on this blog.


Posted on Apr 03 2008

Xajax ImageI have been doing some form submission for a site I am working on and was thinking it would be nice to use a bit of AJAX to check the forms and display altered content after the form had been submitted, as opposed to simply reloading the page with different parameters.

I went on over to google and started searching to see if I could find any nice libraries that would make the job a little simpler and came across xajax.

This is a really nice PHP toolkit that enables you to add ajax functionality into your web pages extremely easily. All you have to do is include the xajax libraries, create a new xajax object, register a function with the xajax object and include a call to the xajax registered function in your html form, on a button click for example.

Once inside the xajax function you can perform any processing you wish and then return a bunch of html code to be placed inside a container (a div for example) on the calling page.

There are some great little tutorials on the xajax homepage to get you started on your way to lovely ajax enabled web pages.