Check out my first novel, midnight's simulacra!
Libnetstack
AF_NETLINK sockets allow one to enumerate networking stack elements, and subscribe to events regarding changes, additions, and deletions thereof. Netlink is kind of a pain in the ass to work with directly, though. My libnetlink enumerates all existing networking stack elements, subscribes to events, and makes all of this available to the user via queries and/or realtime callbacks. libnetstack has been designed to provide responsive service even in the presence of millions of routes with rapid churning of the route tables.
Code lives at https://github.com/dankamongmen/libnetstack.
rtnetlink
rtnetlink(7) (originally implemented AFAIK by Alexey Kuznetsov, the Mad Russian, whom I haven't seen post to LKML in many years, and miss) provides the NETLINK_ROUTE protocol for the AF_NETLINK family of sockets. According to netlink(7),
Netlink is a datagram-oriented service. Both SOCK_RAW and SOCK_DGRAM are valid values for socket_type. However, the netlink protocol does not distinguish between datagram and raw sockets."—netlink(7), Linux man pages 5.03
Creating and using such a socket does not require any special permissions, though CAP_NET_ADMIN is needed for many control messages (verified kernel-side, of course).
{{#github:README.md|dankamongmen/libnetstack}}
See also
- "The Netlink protocol: Mysteries Uncovered", Jan Engelhardt 2010-10-30