hello all i'm trying to build my own secure tunnel (i know that there are already a lot of them out there. it's for educational purpose only). i like to use the virtual tunX/tapX interfaces/devices. this is no problem with the "old" ethertab module, but the doc from /usr/src/linux/Documentation/networking/ethertap.txt says that: "Ethertap is now an obsolete facility". it points to /usr/src/linux/Documentation/networking/tuntap.txt where the new tun/tap device driver is explained. i played the hole day around with this driver but didn't succeed to bring up a virtual tunX/tapX device. i always get a "File descriptor in bad state" error message. i'm using SuSE 8.0 with the default kernel 2.4.18-4GB. i did everything which gets pointed out in the manuals and from the FAQ. the important parts look like this diavolo:/dev/net # grep tun /etc/modules.conf alias char-major-10-200 tun diavolo:/dev/net # ls -ltra tun crw------- 1 root root 10, 200 Dec 20 2001 tun if i try to access the device i get diavolo:/dev/net # cat tun cat: tun: File descriptor in bad state the module gets loaded (if it wasn't already) and a message gets logged to /var/log/messages Mar 26 19:59:35 diavolo kernel: Universal TUN/TAP device driver 1.4 (C)1999-2001 Maxim Krasnyansky diavolo:/ # lsmod | grep tun tun 3488 0 (autoclean) the docs says: TUN/TAP driver will be automatically loaded when application access /dev/tunX, /dev/tapX or /dev/net/tun if i access /dev/tab0 the module netlink_dev is used instead of the tun module. diavolo:/home/mroth/download/networking/tap/tun-1.1 # lsmod | head -3 Module Size Used by Tainted: P tun 3488 0 (unused) netlink_dev 1728 1 (autoclean) i can also bring up a interface diavolo:/home/mroth/download/networking/tap/tun-1.1 # ifconfig tap0 up diavolo:/home/mroth/download/networking/tap/tun-1.1 # ifconfig tap0 tap0 Link encap:Ethernet HWaddr FE:FD:00:00:00:00 inet6 addr: fe80::fcfd:ff:fe00:0/10 Scope:Link UP BROADCAST RUNNING NOARP MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:3 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 b) TX bytes:216 (216.0 b) Interrupt:5 but the ethertap module will be used diavolo:/home/mroth/download/networking/tap/tun-1.1 # lsmod | head -4 Module Size Used by Tainted: P ethertap 2496 1 (autoclean) tun 3488 0 (unused) netlink_dev 1728 1 (autoclean) does somebody know if with the new driver the netlink_dev driver will still be used and if the devices /dev/tapX can be accessed as before (if it would work)? i wrote the following small test program to use the driver as explained in the manual. most of the source taken from included examples. #include <stdio.h> #include <fcntl.h> #include <sys/ioctl.h> #include <netinet/if_ether.h> #include <linux/if.h> #include <linux/if_tun.h> int main(int argc, char *argv[]) { struct ifreq ifr; int fd, err; if( (fd = open("/dev/net/tun", O_RDWR)) < 0 ) { printf("Could not open device\n"); exit(1); } memset(&ifr, 0, sizeof(ifr)); ifr.ifr_flags = IFF_TAP | IFF_NO_PI; if( (err = ioctl(fd, TUNSETIFF, (void *) &ifr)) < 0 ){ printf("Cannot allocate TAP device\n"); close(fd); exit(1); } printf("Allocated device %s\n", ifr.ifr_name); close(fd); return 0; } the result is the following diavolo:/home/mroth/tmp # ./tun Cannot allocate TAP device the problem seams to be at the ioctl call diavolo:/home/mroth/tmp # strace ./tun 2>&1 | grep -A 1 -B 1 ioctl open("/dev/net/tun", O_RDWR) = 3 ioctl(3, TUNSETIFF, 0xbffff62c) = -1 EBADFD (File descriptor in bad state) fstat64(1, {st_mode=S_IFIFO|0600, st_size=0, ...}) = 0 it would be rally great if someone could tell me what i am doing wrong or what i have to do that this works. thank you very much (also for reading so much!) markus