[erlang-questions] low level packet access from erlang

Michael Santos michael.santos@REDACTED
Tue Jun 4 17:30:54 CEST 2013 

On Tue, Jun 04, 2013 at 09:08:49AM -0400, Garry Hodgson wrote:
> On 04/03/2013 05:24 PM, Michael Santos wrote:
> >
> >I wrote an Erlang tun/tap interface on top of procket:
> >
> >https://github.com/msantos/tunctl
> i've been playing with tunctl, but can't seem to get
> it past initial eperm problems in create(). i'm guessing
> i missed some kind of setup step, but i don't know what.
> 
> i set the capabilities as per instructions:
> 
> --> getcap /usr/local/lib/erlang/erts-5.9.2/bin/beam.smp
> /usr/local/lib/erlang/erts-5.9.2/bin/beam
> /usr/local/lib/erlang/erts-5.9.2/bin/beam.smp = cap_net_admin+ep
> /usr/local/lib/erlang/erts-5.9.2/bin/beam = cap_net_admin+ep
> 
> running as root, when i try tuncer:create() with or without args, i get:
> 
> (r3@REDACTED)2> tuncer:create( <<"tun0">> ).
> ** exception exit: {badmatch,{error,eperm}}
>      in function  tuncer:init/1
>      in call from gen_server:init_it/6 (gen_server.erl, line 304)
>      in call from proc_lib:init_p_do_apply/3 (proc_lib.erl, line 227)
> (r3@REDACTED)3>
> =CRASH REPORT==== 4-Jun-2013::08:28:13 ===
>   crasher:
>     initial call: tuncer:init/1
>     pid: <0.64.0>
>     registered_name: []
>     exception exit: {{badmatch,{error,eperm}},
>                      [{tuncer,init,1,[]},
>                       {gen_server,init_it,6,
> 
> any idea what i may be missing?

Looks like you have everything set up correctly. Just to make sure, I
tried creating a tun device as root:

    ~/src/erlang/tunctl(master)$ sudo ./start.sh
    Erlang R16B01 (erts-5.10.2) [source-e72043e] [smp:2:2] [async-threads:10] [hipe] [kernel-poll:false]
    
    Eshell V5.10.2  (abort with ^G)
    1> tuncer:create( <<"tun0">> ).
    {ok,<0.35.0>}
    2>
    
    $ ip addr
    <...>
    5: tun0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 500
        link/ether 4a:1c:12:7e:4d:56 brd ff:ff:ff:ff:ff:ff

You can try creating the tun device manually:

    $ sudo ./start.sh
    
    1> {ok, FD} = procket:dev("net/tun"). 
    {ok,9}
    
    2> procket:ioctl(FD, 1074025674, <<"tun0", 0:96, 1:2/native-integer-unit:8, 0:112>>).
    {ok,<<116,117,110,48,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,
          0,0,0,0,0,...>>}

Are you able to create a tun device using other utilities? This should
work:

    ip tuntap add mode tun foo

Is selinux enabled?

More information about the erlang-questions mailing list