mdlayher
commented
5 years ago think this could be used to allow a new
wgctrl.NewClientWithNSfunction (with a better name than I just thought of).
I'm still considering adding a Config structure, but haven't made a firm decision either way yet.
I think it is possible to go straight away for a socket to another network namespace, without forcing an OS thread with runtime.LockOSThread().
Unfortunately this is not the case. None of the fields specified in the sockaddr structure can be used to set a network namespace.
Address formats
The sockaddr_nl structure describes a netlink client in user space or in the kernel. A sockaddr_nl can be either unicast (only sent to
one peer) or sent to netlink multicast groups (nl_groups not equal 0).
struct sockaddr_nl {
sa_family_t nl_family; /* AF_NETLINK */
unsigned short nl_pad; /* Zero */
pid_t nl_pid; /* Port ID */
__u32 nl_groups; /* Multicast groups mask */
};
g00nix
There already is support within netlink for creating getting a socket to a specific netns, however when dialing, the client passes nil instead of a new
netlink.Config. This would still lead tounix.Setnsin the end, and you still need to find thefdfirst, but it provides better leverage over network namespaces. I think this could be used to allow a newwgctrl.NewClientWithNSfunction (with a better name than I just thought of).I think there would also be an even better approach. Instead of using
unix.Setns, there are already examples from other projects whereunix.Bindgot used. From what I see,unix.Bindis already used but only after the new thread gets created withnewLockedNetNSGoroutine. I think it is possible to go straight away for a socket to another network namespace, without forcing an OS thread withruntime.LockOSThread().If you think I am on a good path here, please let me know and I will try to dig deeper, fork the projects and try this out.