Only pass a small buffer to the recvmsg on the packet socket. Of course
you usually don't know in advance how long the headers are (e.g. TCP and
IP headers are variable length), but a worst case size of 128bytes should be
good. That is what you set in tcpdump with the -s (snaplen) option - with
it set libbpf only examines that many bytes, unfortunately the linux backend
of the current libbpf is dumb enough to always receive the complete MTU
sized packet.
-Andi
-- This is like TV. I don't like TV.- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/