nhorman
commented
2 years ago That looks like a simply fix, the genl_family struct in the kernels drop monitor code doesn't have netnsok set to true. If you have time to build a kernel with that change and test that it solves your problem, it should be as easy as: diff --git a/net/core/drop_monitor.c b/net/core/drop_monitor.c index 41cac0e4834e..646e2764cb89 100644 --- a/net/core/drop_monitor.c +++ b/net/core/drop_monitor.c @@ -1656,6 +1656,7 @@ static struct genl_family net_drop_monitor_family __ro_after_init = { .post_doit = net_dm_nl_post_doit, .module = THIS_MODULE, .small_ops = dropmon_ops,
- .netnsok = true, .n_small_ops = ARRAY_SIZE(dropmon_ops), .mcgrps = dropmon_mcgrps, .n_mcgrps = ARRAY_SIZE(dropmon_mcgrps),
Note however, this won't give you any magic filtering on namespaces. dropmonitor watches for drops in the kernel irrespective of namespacing, so this just gives you the convenience of being able to run dropwatch in whatever namespace you're executing
gwuah
Hi, thanks for working on the tool! When I run it in my "default" namespace, it works fine. But when I run it in a custom namespace, i get the error "Unable to find NET_DM family, dropwatch can't work" I'm running DO Ubuntu 22.04 x64
Luckily I was running tcpdump & I saw this. Don't know if it's helpful but just thought i should add it.