From 08d7e58fdfc8d5007af0d60b846c50b743d75921 Mon Sep 17 00:00:00 2001 From: rusty Date: Mon, 31 Jul 2000 14:24:57 +0000 Subject: Harald Welte's other file (which Rusty forgot). --- extensions/libipt_ULOG.c | 163 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 163 insertions(+) create mode 100644 extensions/libipt_ULOG.c (limited to 'extensions') diff --git a/extensions/libipt_ULOG.c b/extensions/libipt_ULOG.c new file mode 100644 index 0000000..f4d39fc --- /dev/null +++ b/extensions/libipt_ULOG.c @@ -0,0 +1,163 @@ +/* Shared library add-on to iptables to add ULOG support. */ +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#define ULOG_DEFAULT_NLGROUP 1 + + +void print_groups(unsigned int gmask) +{ + int b; + unsigned int test; + + for (b = 31; b >= 0; b--) + { + test = (1 << b); + if (gmask & test) + printf("%d ", b + 1); + } +} + +/* Function which prints out usage message. */ +static void help(void) +{ + printf( +"ULOG v%s options:\n" +" --ulog-nlgroup nlgroup NETLINK grouo used for logging\n" +" --ulog-prefix prefix Prefix log messages with this prefix.\n\n", +NETFILTER_VERSION); +} + +static struct option opts[] = { + { "ulog-nlgroup", 1, 0, '!' }, + { "ulog-prefix", 1, 0, '#' }, + { 0 } +}; + +/* Initialize the target. */ +static void init(struct ipt_entry_target *t, unsigned int *nfcache) +{ + struct ipt_ulog_info *loginfo = (struct ipt_ulog_info *)t->data; + + loginfo->nl_group = ULOG_DEFAULT_NLGROUP; + + /* Can't cache this */ + *nfcache |= NFC_UNKNOWN; +} + +#define IPT_LOG_OPT_NLGROUP 0x01 +#define IPT_LOG_OPT_PREFIX 0x02 + +/* Function which parses command options; returns true if it + ate an option */ +static int parse(int c, char **argv, int invert, unsigned int *flags, + const struct ipt_entry *entry, + struct ipt_entry_target **target) +{ + struct ipt_ulog_info *loginfo = (struct ipt_ulog_info *)(*target)->data; + int group_d; + + switch (c) { + case '!': + if (*flags & IPT_LOG_OPT_NLGROUP) + exit_error(PARAMETER_PROBLEM, + "Can't specify --ulog-nlgroup twice"); + + if (check_inverse(optarg, &invert)) + exit_error(PARAMETER_PROBLEM, + "Unexpected `!' after --ulog-nlgroup"); + group_d = atoi(optarg); + if (group_d > 32 || group_d < 1) + exit_error(PARAMETER_PROBLEM, + "--ulog-nlgroup has to be between 1 and 32"); + + loginfo->nl_group = (1 << (group_d -1)); + + *flags |= IPT_LOG_OPT_NLGROUP; + break; + + case '#': + if (*flags & IPT_LOG_OPT_PREFIX) + exit_error(PARAMETER_PROBLEM, + "Can't specify --ulog-prefix twice"); + + if (check_inverse(optarg, &invert)) + exit_error(PARAMETER_PROBLEM, + "Unexpected `!' after --ulog-prefix"); + + if (strlen(optarg) > sizeof(loginfo->prefix) - 1) + exit_error(PARAMETER_PROBLEM, + "Maximum prefix length %u for --ulog-prefix", + sizeof(loginfo->prefix) - 1); + + strcpy(loginfo->prefix, optarg); + *flags |= IPT_LOG_OPT_PREFIX; + break; + } + return 1; +} + +/* Final check; nothing. */ +static void final_check(unsigned int flags) +{ +} + +/* Saves the union ipt_targinfo in parsable form to stdout. */ +static void save(const struct ipt_ip *ip, const struct ipt_entry_target *target) +{ + const struct ipt_ulog_info *loginfo + = (const struct ipt_ulog_info *)target->data; + + if (strcmp(loginfo->prefix, "") != 0) + printf("--ulog-prefix %s ", loginfo->prefix); + + if (loginfo->nl_group != ULOG_DEFAULT_NLGROUP) + { + printf("--ulog-nlgroup "); + print_groups(loginfo->nl_group); + printf("\n"); + } +} + +/* Prints out the targinfo. */ +static void +print(const struct ipt_ip *ip, + const struct ipt_entry_target *target, + int numeric) +{ + const struct ipt_ulog_info *loginfo + = (const struct ipt_ulog_info *)target->data; + + printf("ULOG "); + printf("nlgroup "); + print_groups(loginfo->nl_group); + if (strcmp(loginfo->prefix, "") != 0) + printf("prefix `%s' ", loginfo->prefix); +} + +struct iptables_target ulog += { NULL, + "ULOG", + NETFILTER_VERSION, + IPT_ALIGN(sizeof(struct ipt_ulog_info)), + IPT_ALIGN(sizeof(struct ipt_ulog_info)), + &help, + &init, + &parse, + &final_check, + &print, + &save, + opts +}; + +void _init(void) +{ + register_target(&ulog); +} -- cgit v1.2.3