utils: add example usage of nfq_get_uid and nfq_get_gid

[ Mangled this patch to indicate that this kernel does not support
  UID/GID retrieval not to confuse users --pablo ]

Signed-off-by: Valentina Giusti <Valentina.Giusti@bmw-carit.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

1 files changed, 15 insertions, 1 deletions

diff --git a/utils/nfqnl_test.c b/utils/nfqnl_test.c
index a554f2d..34cb113 100644
--- a/utils/nfqnl_test.c
+++ b/utils/nfqnl_test.c
@@ -15,7 +15,7 @@ static u_int32_t print_pkt (struct nfq_data *tb)
 	int id = 0;
 	struct nfqnl_msg_packet_hdr *ph;
 	struct nfqnl_msg_packet_hw *hwph;
-	u_int32_t mark,ifi; 
+	u_int32_t mark, ifi, uid, gid;
 	int ret;
 	unsigned char *data;
 
@@ -55,6 +55,12 @@ static u_int32_t print_pkt (struct nfq_data *tb)
 	if (ifi)
 		printf("physoutdev=%u ", ifi);
 
+	if (nfq_get_uid(tb, &uid))
+		printf("uid=%u ", uid);
+
+	if (nfq_get_gid(tb, &gid))
+		printf("gid=%u ", gid);
+
 	ret = nfq_get_payload(tb, &data);
 	if (ret >= 0)
 		printf("payload_len=%d ", ret);
@@ -114,6 +120,14 @@ int main(int argc, char **argv)
 		exit(1);
 	}
 
+	printf("setting flags to request UID and GID\n");
+	if (nfq_set_queue_flags(qh, NFQA_CFG_F_UID_GID, NFQA_CFG_F_UID_GID)) {
+		fprintf(stderr, "This kernel version does not allow to "
+				"retrieve process UID/GID.\n");
+	}
+
+	printf("Waiting for packets...\n");
+
 	fd = nfq_fd(h);
 
 	for (;;) {