On Thu, 2016-06-30 at 15:05 +0200, Benjamin Ioller wrote:
I'm using Connman (v-1.32) on my Raspberry Pi and I wanted to try the
I found quite few interesting mailings and I looked over the code
(session.c, test-session) and the doc, but it looks like session is
not really a nowadays topic.
Does someone use the Connman's session? and for which application?
Can you give me an example?
Ping wagi on IRC, he was the last known user.
So here is what I understood so far about the session mode:
Connman session allows the application to use specific network
setting as selected technologies, roaming policy...
Connman uses Iptable to do so. Connman creates rules in the mangle
table to mark the packet based on the UID/GID.
Then rules are added to the filter table depending on the allowed
bearers, and other properties.
This routing is only functional when the connman state option is ON.
If you mean Manager API SessionMode boolean property, that one does
nothing. Sessions are nowadays always available and active as soon as
someone calls CreateSession().
Connman proposes two ways to create a session :
First, the application creates it's own session using the method
form /net.connman.manager. I try to use this method with a python
script, the application creates a session, connects to it and sends
UDP packet to a local host via ethernet. But I didn't manage to setup
the AllowedBearers, neither with
I have Variant encoding issue. Do you have any advice or exemple?
See the python code in test/test-session, it should work.
I was also wondering how does the mangle table identify the
application's packet? (or maybe it's just the UID again?)
The detection is done with UID or GID and set up in
'init_firewall_session()' using MARK target. The routing table is
identified with id numbers created on the fly, see 'session_mark' and
'init_routing_table(session)' in src/session.c.
The second way is to use session_policy. With this method you can
mark packet only based on the UID or GID. I need to create UID.policy
in var/lib/connman/session_policy_local which contained the different
With a policy plugin one can fine tune what parameters in
CreateSession() calls are allowed. No policy module, no constraints for
CreateSession() (IIRC, or that was the intention). The provided session
policy is just a simple example, one can create a new policy module
containing more code and get something fancy as a policy decision
instead of reading a simple file.
But when I turn the Connman's state session On, nothing
My pi user is still able to use wifi even if the pi.policy have
only Ethernet as AllowedBearers. I suspect the issue comes from user
rights or something...
CreateSession() has to be called also so that the specific session
routing and iptables rules are enabled. Otherwise it is assumed that
the default routing table is followed.
Does somebody had similar issue?
By the way, is the session priority only for notification hierarchy
or does the session priority have some effect on the network traffic
I don't remember session priority having any special meaning.
Hope these questions aren't too basic for you, and can help
If you have any literature which could help, I'll take it!
If someone will provide documentation, we'll be glad to proofread it