diff options
Diffstat (limited to 'libipulog/include')
-rw-r--r-- | libipulog/include/libipulog/libipulog.h | 58 | ||||
-rw-r--r-- | libipulog/include/linux/netfilter_ipv4/ipt_ULOG.h | 62 |
2 files changed, 120 insertions, 0 deletions
diff --git a/libipulog/include/libipulog/libipulog.h b/libipulog/include/libipulog/libipulog.h new file mode 100644 index 0000000..b3805d7 --- /dev/null +++ b/libipulog/include/libipulog/libipulog.h @@ -0,0 +1,58 @@ +#ifndef _LIBIPULOG_H +#define _LIBIPULOG_H + +/* $Id$ */ + +#include <errno.h> +#include <unistd.h> +#include <fcntl.h> +#include <sys/types.h> +#include <sys/socket.h> +#include <sys/uio.h> +#include <asm/types.h> +#include <linux/netlink.h> +#include <net/if.h> +#include "linux/netfilter_ipv4/ipt_ULOG.h" + +/* FIXME: glibc sucks */ +#ifndef MSG_TRUNC +#define MSG_TRUNC 0x20 +#endif + +struct ipulog_handle; +extern int ipulog_errno; + +u_int32_t ipulog_group2gmask(u_int32_t group); + +struct ipulog_handle *ipulog_create_handle(u_int32_t gmask, u_int32_t rmem); + +void ipulog_destroy_handle(struct ipulog_handle *h); + +ssize_t ipulog_read(struct ipulog_handle *h, + unsigned char *buf, size_t len, int timeout); + +ulog_packet_msg_t *ipulog_get_packet(struct ipulog_handle *h, + const unsigned char *buf, + size_t len); + +char *ipulog_strerror(int errcode); + +void ipulog_perror(const char *s); + +enum +{ + IPULOG_ERR_NONE = 0, + IPULOG_ERR_IMPL, + IPULOG_ERR_HANDLE, + IPULOG_ERR_SOCKET, + IPULOG_ERR_BIND, + IPULOG_ERR_RECVBUF, + IPULOG_ERR_RECV, + IPULOG_ERR_NLEOF, + IPULOG_ERR_TRUNC, + IPULOG_ERR_INVGR, + IPULOG_ERR_INVNL, +}; +#define IPULOG_MAXERR IPULOG_ERR_INVNL + +#endif /* _LIBULOG_H */ diff --git a/libipulog/include/linux/netfilter_ipv4/ipt_ULOG.h b/libipulog/include/linux/netfilter_ipv4/ipt_ULOG.h new file mode 100644 index 0000000..de062cd --- /dev/null +++ b/libipulog/include/linux/netfilter_ipv4/ipt_ULOG.h @@ -0,0 +1,62 @@ +/* Header file for IP tables userspace logging, Version 1.8 + * + * (C) 2000-2002 by Harald Welte <laforge@gnumonks.org> + * + * Distributed under the terms of GNU GPL */ +#ifndef _IPT_ULOG_H +#define _IPT_ULOG_H + +#ifndef NETLINK_NFLOG +#define NETLINK_NFLOG 5 +#endif + +#define ULOG_DEFAULT_NLGROUP 1 +#define ULOG_DEFAULT_QTHRESHOLD 1 + +#define ULOG_MAC_LEN 80 +#define ULOG_PREFIX_LEN 32 + +#define ULOG_MAX_QLEN 50 +/* Why 50? Well... there is a limit imposed by the slab cache 131000 + * bytes. So the multipart netlink-message has to be < 131000 bytes. + * Assuming a standard ethernet-mtu of 1500, we could define this up + * to 80... but even 50 seems to be big enough. */ + +/* private data structure for each rule with a ULOG target */ +struct ipt_ulog_info { + unsigned int nl_group; +#ifdef KERNEL_64_USERSPACE_32 + unsigned long long copy_range; + unsigned long long qthreshold; +#else + size_t copy_range; + size_t qthreshold; +#endif + char prefix[ULOG_PREFIX_LEN]; +}; + +/* Format of the ULOG packets passed through netlink */ +typedef struct ulog_packet_msg { + unsigned long mark; +#ifdef KERNEL_64_USERSPACE_32 + long long timestamp_sec; + long long timestamp_usec; +#else + long timestamp_sec; + long timestamp_usec; +#endif + unsigned int hook; + char indev_name[IFNAMSIZ]; + char outdev_name[IFNAMSIZ]; +#ifdef KERNEL_64_USERSPACE_32 + unsigned long long data_len; +#else + size_t data_len; +#endif + char prefix[ULOG_PREFIX_LEN]; + unsigned char mac_len; + unsigned char mac[ULOG_MAC_LEN]; + unsigned char payload[0]; +} ulog_packet_msg_t; + +#endif /*_IPT_ULOG_H*/ |