Browsed and searched both forum and trac to see what happened to pf_ring support since apparition until eradiction for justifictions, without getting my hands on usefull informations. The information gathered is incomplete, and I wanted to know what happened, and what were the bugs encountered to justify the complete drop of the patches, and what debugging was done from developers until drop of those patches and, support.
----------------------
On trac, historically:
----------------------
https://dev.openwrt.org/changeset/2266
10/23/05 00:03:56
Author: nbd
Message: add pf_ring patches for kernel and libpcap
https://dev.openwrt.org/changeset/2289
10/23/05 22:56:45
Author: nbd
Message: update linux 2.6 config for pf-ring
https://dev.openwrt.org/changeset/2292
10/23/05 23:13:08
Author: nbd
Message: fix 2.4 config for pf-ring
https://dev.openwrt.org/changeset/2801
01/02/06 03:38:07
Author: wbx
Message: software watchdog as kernel modul, pf ring as kernel module. saves some bytes in the default images, ideas from 22c3 talking with nbd and sven-ola
----------------------
-----------------
Tickets opened
-----------------
https://dev.openwrt.org/ticket/262
Ticket #262 (defect): pf ring broken
Samot reports a bug causing kernel panic when tcpdump is hard-killed. The capturing seemed partial.
Kismet_drone caused kernel panic immediately after launch.
Fixed on 01/31/06 18:03:38: Modified by wbx
Resolution: pf ring patches and support is removed entirely. thx for remembering. removed in revision 3095
-----------------
So here is my question:
If dd-wrt still includes kernel patches and uses rflow with a libpcap-pf version, can someone give details about what were the possible causes of the crashes observed for tcpdump and kismet_drone, the debugging that was done until exclusion?
I was planning on debugging myself, cause this feature still seems to me like a "must used" when capturing network data, but wanted to have answers first before losing time redoing things that were surely primarely done, but not documented, more than a year ago. Why was only one ticket opened on this, and the support was actually present for more than a year before removing it completely without any debugging traces, justifications of "impossible support"? wbx, nbd?
Thanks for any information that can be supplied!
N0de
(Last edited by N0de on 9 Feb 2007, 22:16)