| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
| |
New API: nflog_attr_*() and nflog_nlmsg_*(), update LIBVERSION.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
| |
This patch enables to add conntrack ID as `ctid' element to XML output. Users
could identify conntrack entries by this ID from another conntrack output.
Signed-off-by: Ken-ichirou MATSUZAWA <chamas@h4.dion.ne.jp>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
|
|
| |
pkg-config config-files require back-slashes when definitions are folded
across multiple lines.
Fixes: 3c2229da2e7f ("build: add pkg-config configuration for libipulog")
Fixes: f7da00cdc597 ("build: correct pkg-config dependency configuration")
Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
|
|
|
| |
Generate man pages, HTML, neither or both according to ./configure.
Based on the work done for libnetfilter_queue.
[ This patch updates the default ./configure option to build the
manpages in case that doxygen is available. ]
Signed-off-by: Duncan Roe <duncan_roe@optusnet.com.au>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
| |
Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
| |
`AC_HELP_STRING` is obsolete and has been superseded by
`AS_HELP_STRING`.
Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
| |
`AM_PROG_LIBTOOL` is superseded by `LT_INIT`, which also accepts options
to control the defaults for creating shared or static libraries.
Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
| |
The `-dynamic` flag is only meaningful for Darwin.
Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
| |
Explicit linkage to libnetfilter_log is not required.
Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
| |
`${LIBNFNETLINK_CFLAGS}` and `${LIBMNL_CFLAGS}` are not required for all
libraries and executables: include them only where necessary.
Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
| |
Use pkg-config LIBS variable for libmnl, instead of literal `-lmnl`.
Append `$(LIBNETFILTER_CONNTRACK_LIBS)` to nf_log_LDADD.
Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
|
|
| |
Put libnfnetlink and libnetfilter_log in `Requires.private`. They both
use pkg-config (thus `Requires`, not `Libs`), and they are both required
for static builds, but do not need to be exposed otherwise (thus
`Requires.private`).
Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
|
|
| |
Put libnfnetlink and libmnl in `Requires.private`. They both use
pkg-config (thus `Requires`, not `Libs`), and they are both required for
static builds, but do not need to be exposed otherwise (thus
`Requires.private`).
Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
| |
Print hardware length and address.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
| |
Just a clean up to improve readability.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
|
| |
Use the same variable name as the man pages / html for functions in the Parsing
module (e.g. nflog_get_msg_packet_hdr(nfad)).
Rationale: make it easier for users to follow the code
Signed-off-by: Duncan Roe <duncan_roe@optusnet.com.au>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
| |
utils/nfulnl_test.c uses these functions
Signed-off-by: Duncan Roe <duncan_roe@optusnet.com.au>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
| |
Also indicate that hw_addrlen has NBO in struct nfulnl_msg_packet_hw
Signed-off-by: Duncan Roe <duncan_roe@optusnet.com.au>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
| |
Also a few more minor native English corrections
Signed-off-by: Duncan Roe <duncan_roe@optusnet.com.au>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
I.e. all modules except "Netlink message helper functions"
- different cross-reference for man page and html
- remove duplicate description for nflog_fd
- try to differentiate between "rare" and "common" errors
- gh is a Netfilter log *group* handle (cf h)
- minor native English corrections
- update Linux source reference
- document actual return values
Signed-off-by: Duncan Roe <duncan_roe@optusnet.com.au>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
| |
e.g. "Operation not supported" when run as non-root
Signed-off-by: Duncan Roe <duncan_roe@optusnet.com.au>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
|
|
| |
Adjust style to work better in a man page.
Document actual return values.
Replace qnum with gnum (and in .h and utils/).
Show possible copy modes (rather than refer users to header file)
Signed-off-by: Duncan Roe <duncan_roe@optusnet.com.au>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
| |
i.e. rather than `qh` sometimes, since this refers to the group handler.
Signed-off-by: Duncan Roe <duncan_roe@optusnet.com.au>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
|
|
| |
Most of these are functions that return a requested datum in an arg now,
but when the documentation was written they returned the datum directly.
Now these functions return 0 for success otherwise -1, so insert the new arg
and fix the \return
Signed-off-by: Duncan Roe <duncan_roe@optusnet.com.au>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
| |
Signed-off-by: Duncan Roe <duncan_roe@optusnet.com.au>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Also add EXCLUDE_SYMBOLS for structs that are undocumented (otherwise
doxygen makes html pages for them but warns they and their members are not
documented).
This formerly 5KB file is reduced almost down to 1/8th original size.
In the interests of a clean diff, the new file still has lines with trailing
spaces.
Signed-off-by: Duncan Roe <duncan_roe@optusnet.com.au>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
| |
All .c and .h files now have no lines with trailing whitespace.
All .c and .h files now indent with tabs followed by <8 spaces.
Signed-off-by: Duncan Roe <duncan_roe@optusnet.com.au>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
| |
Replace hard-coded version-info in LDFLAGS.
Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
| |
Retrieval of time-stamp, input- and output-device fields had not been
implemented in `ipulog_get_packet`.
Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
| |
The time-stamp is at `NFULA_TIMESTAMP-1` not `NFULA_TIMESTAMP`.
Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
| |
Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
| |
Use the right group number in nflog_bind_group example.
Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
| |
Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
| |
Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
|
|
| |
The `include` function, which is intended to include a copy of the
kernel's nfnetlink_log.h into the source distribution, has been broken
since 2012 when the header file was moved from where the function
expects to find it. The header is manually sync'ed when necessary.
Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
| |
This is breaking `make distcheck'.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
|
| |
-D is a preprocessor flag, needs to go into _CPPFLAGS;
-l is a library selection, needs to go into _LDADD/_LIBADD.
NETFILTER_CONNTRACK_CFLAGS was missing, too.
Signed-off-by: Jan Engelhardt <jengelh@inai.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
|
| |
It uses symbols from libnfnetlink.so, but doesn't link to it, relying on an
implicit transitive linkage through libnetfilter_log.so. Add
`$(LIBNFNETLINK_LIBS)` to `$(libnetfilter_log_libipulog_la_LIBADD)`.
Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
Signed-off-by: Florian Westphal <fw@strlen.de>
|
|
|
|
|
|
|
|
| |
`$(libnetfilter_log_la_LIBADD)` includes `$(LIBNFNETLINK_LIBS)`, so there's no
need to include `-lnfnetlink` in `$(libnetfilter_log_la_LDFLAGS)`.
Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
Signed-off-by: Florian Westphal <fw@strlen.de>
|
|
|
|
|
|
|
|
| |
Declare functions with extern "C" for inclusion in C++.
Reported-by: Stefan Laufmann <stefan.laufmann@emlix.com>
Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
| |
This patch enables nf-log in utils directory to show conntrack
information if libnetfilter_conntrack exists.
Signed-off-by: Ken-ichirou MATSUZAWA <chamas@h4.dion.ne.jp>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
| |
This patch validate NFULA_CT and NFULA_CT_INFO attributes,
Signed-off-by: Ken-ichirou MATSUZAWA <chamas@h4.dion.ne.jp>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
| |
Signed-off-by: Ken-ichirou MATSUZAWA <chamas@h4.dion.ne.jp>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
|
|
|
| |
To printf nflog netlink message in XML, nflog_snprintf_xml can be
used after converting nflog nlattrs to nflog_data, but we should not
have any code that mixes both new and old, which handles nflog_data,
APIs. The idea is to deprecate libnfnetlink and any client of that
library at some point, that will take quite time though since we'll
have to mark those old interfaces as deprecated.
Signed-off-by: Ken-ichirou MATSUZAWA <chamas@h4.dion.ne.jp>
|
|
|
|
| |
Signed-off-by: Ken-ichirou MATSUZAWA <chamas@h4.dion.ne.jp>
|
|
|
|
|
|
|
|
|
|
|
| |
The libnetfilter_log.c file contains the old API, its use is
discouraged since it depends on libnfnetlink.
The idea is to provide a set of helper functions that we can use in
conjunction with libmnl, similar to what we have in
libnetfilter_queue/nlmsg.c
Signed-off-by: Ken-ichirou MATSUZAWA <chamas@h4.dion.ne.jp>
|
|
|
|
|
| |
Signed-off-by: Ken-ichirou MATSUZAWA <chamas@h4.dion.ne.jp>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
| |
Signed-off-by: Felix Janda <felix.janda@posteo.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
| |
Signed-off-by: Felix Janda <felix.janda@posteo.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
| |
commit a1b392b4156db984ab2b695a4a70d113f70cb9b8 had unintentionally
disabled building of libipulog unconditionally
Signed-off-by: Felix Janda <felix.janda@posteo.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|