Starting with F27, the Fedora-only patch that disabled TPACKET_V3 support was removed with the comment:
Drop TPACKET_V3 patch as it should be fixed in kernel by now
This is apparently not the case since, on a host with F27 packages, including libpcap-1.8.1-6 and kernel 4.15.3-300, the previously-functional libvirt code that uses libpcap to watch for DHCP traffic now fails when pcap_setfilter() returns EBADF.
Here is the excerpt of libvirt code (from the file src/nwfilter/nwfilter_dhcpsnoop.c):
if (pcap_setfilter(handle, &fp) != 0) { <=== FAILURE HERE virReportError(VIR_ERR_INTERNAL_ERROR, _("pcap_setfilter: %s"), pcap_geterr(handle));
goto cleanup_freecode;
}
[...]
If I add the patch titled "pcap-linux: don't use TPACKETV3 for memory mmapped
capture" back to the F27 build of libpcap (built locally with fedpkg) and install the resulting rpm, the same code magically begins to work.
I haven't checked rawhide, but I assume the behavior is the same.
Starting with F27, the Fedora-only patch that disabled TPACKET_V3 support was removed with the comment:
Drop TPACKET_V3 patch as it should be fixed in kernel by now
This is apparently not the case since, on a host with F27 packages, including libpcap-1.8.1-6 and kernel 4.15.3-300, the previously- functional libvirt code that uses libpcap to watch for DHCP traffic now fails when pcap_setfilter() returns EBADF.
Here is the excerpt of libvirt code (from the file src/nwfilter/ nwfilter_ dhcpsnoop. c):
[...]
handle = pcap_create(ifname, pcap_errbuf);
if (handle == NULL) {
virReportError (VIR_ERR_ INTERNAL_ ERROR, "%s",
_("pcap_ create failed"));
goto cleanup_nohandle;
}
if (pcap_set_ snaplen( handle, PCAP_PBUFSIZE) < 0 ||
pcap_set_ buffer_ size(handle, PCAP_BUFFERSIZE) < 0 ||
pcap_activate( handle) < 0) {
virReportError (VIR_ERR_ INTERNAL_ ERROR,
_("setup of pcap handle failed: %s"),
pcap_ geterr( handle) );
goto cleanup;
}
if (pcap_compile( handle, &fp, ext_filter, 1, PCAP_NETMASK_ UNKNOWN) != 0) {
virReportError (VIR_ERR_ INTERNAL_ ERROR,
_("pcap_ compile: %s"), pcap_geterr( handle) );
goto cleanup;
}
if (pcap_setfilter (handle, &fp) != 0) { <=== FAILURE HERE
virReportError (VIR_ERR_ INTERNAL_ ERROR,
_("pcap_ setfilter: %s"), pcap_geterr( handle) );
goto cleanup_freecode;
}
[...]
If I add the patch titled "pcap-linux: don't use TPACKETV3 for memory mmapped
capture" back to the F27 build of libpcap (built locally with fedpkg) and install the resulting rpm, the same code magically begins to work.
I haven't checked rawhide, but I assume the behavior is the same.
I think Fedora needs to re-disable TPACKET_V3