diff options
Diffstat (limited to 'utils/nfqnl_test.c')
-rw-r--r-- | utils/nfqnl_test.c | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/utils/nfqnl_test.c b/utils/nfqnl_test.c index b760cf0..5e76ffe 100644 --- a/utils/nfqnl_test.c +++ b/utils/nfqnl_test.c @@ -17,7 +17,7 @@ static uint32_t print_pkt (struct nfq_data *tb) struct nfqnl_msg_packet_hw *hwph; uint32_t mark, ifi, uid, gid; int ret; - unsigned char *data; + unsigned char *data, *secdata; ph = nfq_get_msg_packet_hdr(tb); if (ph) { @@ -61,6 +61,10 @@ static uint32_t print_pkt (struct nfq_data *tb) if (nfq_get_gid(tb, &gid)) printf("gid=%u ", gid); + ret = nfq_get_secctx(tb, &secdata); + if (ret > 0) + printf("secctx=\"%.*s\" ", ret, secdata); + ret = nfq_get_payload(tb, &data); if (ret >= 0) printf("payload_len=%d ", ret); @@ -134,6 +138,12 @@ int main(int argc, char **argv) "retrieve process UID/GID.\n"); } + printf("setting flags to request security context\n"); + if (nfq_set_queue_flags(qh, NFQA_CFG_F_SECCTX, NFQA_CFG_F_SECCTX)) { + fprintf(stderr, "This kernel version does not allow to " + "retrieve security context.\n"); + } + printf("Waiting for packets...\n"); fd = nfq_fd(h); |