AF_PACKET service not working

JeffSuchomel

New Member
Joined
Jul 12, 2019
Messages
3
Reaction score
0
Credits
0
I am trying to get an application working on an Ubuntu 16.04 LTS server that is dependent upon the AF_PACKET service. The application is failing to start. I suspect it may be because (at least in part) the AF_PACKET service does not appear to be running. When I issue the 'sudo service AF_PACKET start' command, the terminal returns the following:

Failed to start AF_PACKET.service: Unit AF_PACKET.service not found

The 'sudo service AF_PACKET status' command returns the following:

*AF_PACKET.service
Loaded: not-found (Reason: No such file or directory)
Active: inactive (dead)

Pretty new to Linux, but my understanding was that the AF_PACKET was native to Linux and should be able to start it manually, but the above seems to indicate the service is not present on my system. I have looked extensively for solution, what may cause this, how to fix, etc. but have had no luck finding anything yet.

Is there anyone who may be able to help, or at least get me pointed in the right direction? Any help would be appreciated.

Thank you.
~ Jeff S.
 


G'day Jeff, and welcome to Linux.org

What is the application you are trying to get working ?....and what error if any is it showing ?
 
A little Googling tells me this is way over my pay grade. But as @Condobloke asked, "What application are you trying to run?" Info I ran into seems to indicated that AF_PACKET is not a service/daemon... that explains why it won't start like one. For future reference, though, Ubuntu 16.04 made the switch to systemd init system, and services are started/stopped a bit differently. Here is more info on that.

I may not even be saying this right, but here goes: AF_PACKET looks like a low level (link layer) method of communicating (or reading) a raw socket. This might typically be used for packet sniffing or network intrusion detection. If your application is not opening this socket for you, then you may have to write some code get where you need to be. As a minimum, your application will need to run as root to execute this type of behavior.

Here's a few things I was reading:

https://unix.stackexchange.com/questions/447657/iptables-vs-af-packet-sockes

https://opensourceforu.com/2015/03/a-guide-to-using-raw-sockets/

http://www.microhowto.info/howto/capture_ethernet_frames_using_an_af_packet_ring_buffer_in_c.html

http://www.microhowto.info/howto/capture_ethernet_frames_using_an_af_packet_socket_in_c.html

Good luck!
 
G'day Jeff, and welcome to Linux.org

What is the application you are trying to get working ?....and what error if any is it showing ?

Hello Condobloke,

The application is Stenographer (by Google). I have attached a copy of the error messages that are showing up in the logs. The 'Operation not permitted' part of the third line initially made me think it was a persmission/access rights issue with the stenotype.cc file, but root has rwx permissions on the file. So at this point I can't be sure that is the issue.

When I reconcile the error message against the code in the stenotype.cc file it looks like it fails at the following line in the file (under the section that reads '// Set up AF_PACKET packet reading' - attached):

CHECK _SUCCESS(bilder.SetUP(socktype, options));

So this has led me to suspect an issue with AF_PACKET where I am stuck.

Thank you!
~Jeff S.
 

Attachments

  • Builder.setup Operation not permitted.PNG
    Builder.setup Operation not permitted.PNG
    75.6 KB · Views: 586
  • Set up AF_PACKET packet reading.PNG
    Set up AF_PACKET packet reading.PNG
    34 KB · Views: 723
Well and truly beyond my paygrade....however, the links below may help.

There is just a fleeting chance that @JasKinasis may be able to throw some light for you ... :rolleyes:



Is PLOVER of any use for whatever you do ??
 
Last edited:
AF_PACKET is NOT a service.

All networked software uses socket connections to pass data from one machine to another.

There are two types of packets that can be created and sent via sockets: AF_INET is used for sending data via the TCP or UDP protocols. And if memory serves - AF_PACKET is used if you are implementing a custom protocol. Which I'm guessing is what stenographer is doing.

Are your problems occurring at compile time? When you compile the program? or at run-time? when you run it?

If you could show the errors that you are getting, that would be most helpful.

Also - I could be wrong, but in order for a program to use AF_PACKET successfully, I think it needs to be running as root. So if you aren't running stenographer as root - that could potentially be a cause of failure / error messages.

If I get a chance - I'll take a look at the stenographer sources and will have a go at building and running it.
 

Members online

No members online now.

Top