summaryrefslogtreecommitdiffstats
path: root/utils
diff options
context:
space:
mode:
Diffstat (limited to 'utils')
-rw-r--r--utils/nfqnl_test.c12
1 files changed, 11 insertions, 1 deletions
diff --git a/utils/nfqnl_test.c b/utils/nfqnl_test.c
index b760cf0..5e76ffe 100644
--- a/utils/nfqnl_test.c
+++ b/utils/nfqnl_test.c
@@ -17,7 +17,7 @@ static uint32_t print_pkt (struct nfq_data *tb)
struct nfqnl_msg_packet_hw *hwph;
uint32_t mark, ifi, uid, gid;
int ret;
- unsigned char *data;
+ unsigned char *data, *secdata;
ph = nfq_get_msg_packet_hdr(tb);
if (ph) {
@@ -61,6 +61,10 @@ static uint32_t print_pkt (struct nfq_data *tb)
if (nfq_get_gid(tb, &gid))
printf("gid=%u ", gid);
+ ret = nfq_get_secctx(tb, &secdata);
+ if (ret > 0)
+ printf("secctx=\"%.*s\" ", ret, secdata);
+
ret = nfq_get_payload(tb, &data);
if (ret >= 0)
printf("payload_len=%d ", ret);
@@ -134,6 +138,12 @@ int main(int argc, char **argv)
"retrieve process UID/GID.\n");
}
+ printf("setting flags to request security context\n");
+ if (nfq_set_queue_flags(qh, NFQA_CFG_F_SECCTX, NFQA_CFG_F_SECCTX)) {
+ fprintf(stderr, "This kernel version does not allow to "
+ "retrieve security context.\n");
+ }
+
printf("Waiting for packets...\n");
fd = nfq_fd(h);