Initial revision

1 files changed, 229 insertions, 0 deletions

diff --git a/kernel-ULOG-2.4.0-test4.diff b/kernel-ULOG-2.4.0-test4.diff
new file mode 100644
index 0000000..f4a5501
--- /dev/null
+++ b/kernel-ULOG-2.4.0-test4.diff
@@ -0,0 +1,229 @@
+diff -Nru linux-2.4.0-test4-plain/Documentation/Configure.help linux-2.4.0-test4-work/Documentation/Configure.help
+--- linux-2.4.0-test4-plain/Documentation/Configure.help	Thu Jul 13 18:42:51 2000
++++ linux-2.4.0-test4-work/Documentation/Configure.help	Sun Jul 30 21:56:01 2000
+@@ -2010,6 +2010,16 @@
+   If you want to compile it as a module, say M here and read
+   Documentation/modules.txt.  If unsure, say `N'.
+ 
++ULOG target support
++CONFIG_IP_NF_TARGET_ULOG
++  This option adds a `ULOG' target, which allows you to create rules in
++  any iptables table. The packet is passed to one or more userspace logging
++  daemon using netlink multicast sockets. Logging is no longer forced to
++  be in syslog, but can be done by any userspace process.
++
++  If you want to compile it as a module, say M here and read
++  Documentation/modules.txt.  If unsure, say `N'.
++
+ ipchains (2.2-style) support
+ CONFIG_IP_NF_COMPAT_IPCHAINS
+   This option places ipchains (with masquerading and redirection
+diff -Nru linux-2.4.0-test4-plain/include/linux/netfilter_ipv4/ipt_ULOG.h linux-2.4.0-test4-work/include/linux/netfilter_ipv4/ipt_ULOG.h
+--- linux-2.4.0-test4-plain/include/linux/netfilter_ipv4/ipt_ULOG.h	Thu Jan  1 01:00:00 1970
++++ linux-2.4.0-test4-work/include/linux/netfilter_ipv4/ipt_ULOG.h	Sun Jul 30 22:11:07 2000
+@@ -0,0 +1,36 @@
++#ifndef _IPT_ULOG_H
++#define _IPT_ULOG_H
++
++#ifdef __KERNEL__
++#include <linux/netdevice.h>
++#endif
++
++#define ULOG_MAC_LEN	80
++
++
++/* just until this is in netfilter.h */
++#ifndef NETLINK_NFLOG
++#define NETLINK_NFLOG 25
++#endif
++
++struct ipt_ulog_info {
++	unsigned char logflags;
++	unsigned int nl_group;
++	char prefix[30];
++};
++
++typedef struct ulog_packet_msg {
++        unsigned long mark;
++        long timestamp_sec;
++        long timestamp_usec;
++        unsigned int hook;
++        char indev_name[IFNAMSIZ];
++        char outdev_name[IFNAMSIZ];
++        size_t data_len;
++	char prefix[30];
++	unsigned char mac_len;
++	unsigned char mac[ULOG_MAC_LEN];
++        unsigned char payload[0];
++} ulog_packet_msg_t;
++
++#endif /*_IPT_ULOG_H*/
+diff -Nru linux-2.4.0-test4-plain/net/ipv4/netfilter/Config.in linux-2.4.0-test4-work/net/ipv4/netfilter/Config.in
+--- linux-2.4.0-test4-plain/net/ipv4/netfilter/Config.in	Mon Mar 27 20:35:56 2000
++++ linux-2.4.0-test4-work/net/ipv4/netfilter/Config.in	Sun Jul 30 21:47:35 2000
+@@ -51,6 +51,7 @@
+     dep_tristate '    MARK target support' CONFIG_IP_NF_TARGET_MARK $CONFIG_IP_NF_MANGLE
+   fi
+   dep_tristate '  LOG target support' CONFIG_IP_NF_TARGET_LOG $CONFIG_IP_NF_IPTABLES
++  dep_tristate '  ULOG target support' CONFIG_IP_NF_TARGET_ULOG $CONFIG_IP_NF_IPTABLES
+ fi
+ 
+ # Backwards compatibility modules: only if you don't build in the others.
+diff -Nru linux-2.4.0-test4-plain/net/ipv4/netfilter/Makefile linux-2.4.0-test4-work/net/ipv4/netfilter/Makefile
+--- linux-2.4.0-test4-plain/net/ipv4/netfilter/Makefile	Mon Mar 27 20:35:56 2000
++++ linux-2.4.0-test4-work/net/ipv4/netfilter/Makefile	Sun Jul 30 22:02:16 2000
+@@ -197,6 +197,14 @@
+   endif
+ endif
+ 
++ifeq ($(CONFIG_IP_NF_TARGET_ULOG),y)
++O_OBJS += ipt_ULOG.o
++else
++  ifeq ($(CONFIG_IP_NF_TARGET_ULOG),m)
++  M_OBJS += ipt_ULOG.o
++  endif
++endif
++
+ ifeq ($(CONFIG_IP_NF_COMPAT_IPCHAINS),y)
+ O_OBJS += ipchains_core.o $(IP_NF_COMPAT_LAYER)
+ else
+diff -Nru linux-2.4.0-test4-plain/net/ipv4/netfilter/ipt_ULOG.c linux-2.4.0-test4-work/net/ipv4/netfilter/ipt_ULOG.c
+--- linux-2.4.0-test4-plain/net/ipv4/netfilter/ipt_ULOG.c	Thu Jan  1 01:00:00 1970
++++ linux-2.4.0-test4-work/net/ipv4/netfilter/ipt_ULOG.c	Sun Jul 30 21:45:44 2000
+@@ -0,0 +1,136 @@
++/* 
++ * netfilter module for userspace packet logging daemons
++ *
++ * (C) 2000 by Harald Welte <laforge@sunbeam.franken.de>
++ * 
++ * Released under the terms of the GPL
++ */
++
++#include <linux/module.h>
++#include <linux/version.h>
++#include <linux/config.h>
++#include <linux/socket.h>
++#include <linux/skbuff.h>
++#include <linux/kernel.h>
++#include <linux/netlink.h>
++#include <linux/netdevice.h>
++#include <linux/mm.h>
++#include <linux/netfilter_ipv4/ip_tables.h>
++#include <linux/netfilter_ipv4/ipt_ULOG.h>
++
++#define NETLINK_NFLOG 	25
++#define ULOG_NL_EVENT	111
++
++#if 1
++#define DEBUGP	printk
++#else
++#define DEBUGP(format, args ...)
++#endif
++
++struct sock *nflognl;
++
++static void nflog_rcv(struct sock *sk, int len)
++{
++	printk("nflog_rcv: did receive netlink message ?!?\n");
++}
++
++static unsigned int ipt_ulog_target(
++	struct sk_buff **pskb,
++	unsigned int hooknum,
++	const struct net_device *in,
++	const struct net_device *out,
++	const void *targinfo,
++	void *userinfo)
++{
++	ulog_packet_msg_t *pm;
++	size_t size;
++	struct sk_buff *nlskb;
++	unsigned char *old_tail;
++	struct nlmsghdr *nlh;
++	struct ipt_ulog_info *loginfo = (struct ipt_ulog_info *)targinfo;
++
++	/* calculate the size of the skb needed */
++
++	size = NLMSG_SPACE(sizeof(*pm) + (*pskb)->len);
++	nlskb = alloc_skb(size, GFP_ATOMIC);
++	if (!nlskb)
++		goto nlmsg_failure;
++	
++	old_tail = nlskb->tail;
++	nlh = NLMSG_PUT(nlskb, 0, 0, ULOG_NL_EVENT, size - sizeof(*nlh));
++	pm = NLMSG_DATA(nlh);
++	
++	/* copy hook, prefix, timestamp, payload, etc. */
++
++	pm->data_len = (*pskb)->len;
++	pm->timestamp_sec = (*pskb)->stamp.tv_sec;
++	pm->timestamp_usec = (*pskb)->stamp.tv_usec;
++	pm->mark = (*pskb)->nfmark;
++	pm->hook = hooknum;
++	if (loginfo->prefix)
++		strcpy(pm->prefix, loginfo->prefix);
++
++	if (in && !out)
++	{
++		if ((*pskb)->dev && (*pskb)->dev->hard_header_len > 0 
++			&& (*pskb)->dev->hard_header_len <= ULOG_MAC_LEN)
++		{
++			memcpy(pm->mac, (*pskb)->mac.raw, (*pskb)->dev->hard_header_len);
++			pm->mac_len = (*pskb)->dev->hard_header_len;
++		}
++
++	}
++/*
++	if (in) strcpy(pm->indev_name, in->name);
++	else pm->indev_name[0] = '\0';
++*/
++	if ((*pskb)->len)
++		memcpy(pm->payload, (*pskb)->data, (*pskb)->len);
++	nlh->nlmsg_len = nlskb->tail - old_tail;
++	NETLINK_CB(nlskb).dst_groups = loginfo->nl_group;
++	DEBUGP("ipt_ULOG: going to throw out a packet to netlink groupmask %u\n", loginfo->nl_group);
++	netlink_broadcast(nflognl, nlskb, 0, loginfo->nl_group, GFP_ATOMIC);
++
++	return IPT_CONTINUE;
++
++nlmsg_failure:
++	if (nlskb)
++		kfree(nlskb);	
++	printk("ipt_ULOG: Error building netlink message\n");
++	return IPT_CONTINUE;
++
++}
++
++static int ipt_ulog_checkentry(
++	const char *tablename,
++	const struct ipt_entry *e,
++	void *targinfo,
++	unsigned int targinfosize,
++	unsigned int hookmask)
++{
++	return 1;
++}
++	
++
++static struct ipt_target ipt_ulog_reg =
++  { { NULL, NULL }, "ULOG", ipt_ulog_target, ipt_ulog_checkentry, NULL,
++	THIS_MODULE };
++
++static int __init init(void)
++{
++	DEBUGP("ipt_ULOG: init module\n");
++	nflognl = netlink_kernel_create(NETLINK_NFLOG, nflog_rcv);
++	if (ipt_register_target(&ipt_ulog_reg))
++		return -EINVAL;
++
++	return 0;
++}
++
++static void __exit fini(void)
++{       
++	DEBUGP("ipt_ULOG: cleanup_module\n");
++	ipt_unregister_target(&ipt_ulog_reg);
++}
++
++module_init(init);
++module_exit(fini);