diff options
Diffstat (limited to 'ulogd/extensions/ulogd_BASE.c')
-rw-r--r-- | ulogd/extensions/ulogd_BASE.c | 326 |
1 files changed, 221 insertions, 105 deletions
diff --git a/ulogd/extensions/ulogd_BASE.c b/ulogd/extensions/ulogd_BASE.c index 6bfaea3..f8abd70 100644 --- a/ulogd/extensions/ulogd_BASE.c +++ b/ulogd/extensions/ulogd_BASE.c @@ -1,4 +1,4 @@ -/* ulogd_MAC.c, Version $Revision: 1.21 $ +/* ulogd_MAC.c, Version $Revision$ * * ulogd interpreter plugin for * o MAC addresses @@ -44,12 +44,18 @@ * Raw header ***********************************************************************/ static ulog_iret_t raw_rets[] = { - { NULL, NULL, 0, ULOGD_RET_STRING, ULOGD_RETF_FREE, "raw.mac", - { ptr: NULL } }, - { NULL, NULL, 0, ULOGD_RET_RAW, ULOGD_RETF_NONE, "raw.pkt", - { ptr: NULL } }, - { NULL, NULL, 0, ULOGD_RET_UINT32, ULOGD_RETF_NONE, "raw.pktlen", - { ui32: 0 } }, + { .type = ULOGD_RET_STRING, + .flags = ULOGD_RETF_FREE, + .key = "raw.mac", + }, + { .type = ULOGD_RET_RAW, + .flags = ULOGD_RETF_NONE, + .key = "raw.pkt", + }, + { .type = ULOGD_RET_UINT32, + .flags = ULOGD_RETF_NONE, + .key = "raw.pktlen", + }, }; static ulog_iret_t *_interp_raw(ulog_interpreter_t *ip, @@ -90,18 +96,30 @@ static ulog_iret_t *_interp_raw(ulog_interpreter_t *ip, ***********************************************************************/ static ulog_iret_t oob_rets[] = { - { NULL, NULL, 0, ULOGD_RET_STRING, ULOGD_RETF_NONE, "oob.prefix", - { ptr: NULL } }, - { NULL, NULL, 0, ULOGD_RET_UINT32, ULOGD_RETF_NONE, "oob.time.sec", - { ui32: 0 } }, - { NULL, NULL, 0, ULOGD_RET_UINT32, ULOGD_RETF_NONE, "oob.time.usec", - { ui32: 0 } }, - { NULL, NULL, 0, ULOGD_RET_UINT32, ULOGD_RETF_NONE, "oob.mark", - { ui32: 0 } }, - { NULL, NULL, 0, ULOGD_RET_STRING, ULOGD_RETF_NONE, "oob.in", - { ptr: NULL } }, - { NULL, NULL, 0, ULOGD_RET_STRING, ULOGD_RETF_NONE, "oob.out", - { ptr: NULL } }, + { .type = ULOGD_RET_STRING, + .flags = ULOGD_RETF_NONE, + .key = "oob.prefix", + }, + { .type = ULOGD_RET_UINT32, + .flags = ULOGD_RETF_NONE, + .key = "oob.time.sec", + }, + { .type = ULOGD_RET_UINT32, + .flags = ULOGD_RETF_NONE, + .key = "oob.time.usec", + }, + { .type = ULOGD_RET_UINT32, + .flags = ULOGD_RETF_NONE, + .key = "oob.mark", + }, + { .type = ULOGD_RET_STRING, + .flags = ULOGD_RETF_NONE, + .key = "oob.in", + }, + { .type = ULOGD_RET_STRING, + .flags = ULOGD_RETF_NONE, + .key = "oob.out", + }, }; static ulog_iret_t *_interp_oob(struct ulog_interpreter *ip, @@ -139,26 +157,46 @@ static ulog_iret_t *_interp_oob(struct ulog_interpreter *ip, ***********************************************************************/ static ulog_iret_t iphdr_rets[] = { - { NULL, NULL, 0, ULOGD_RET_IPADDR, ULOGD_RETF_NONE, "ip.saddr", - { ui32: 0 } }, - { NULL, NULL, 0, ULOGD_RET_IPADDR, ULOGD_RETF_NONE, "ip.daddr", - { ui32: 0 } }, - { NULL, NULL, 0, ULOGD_RET_UINT8, ULOGD_RETF_NONE, "ip.protocol", - { ui8: 0 } }, - { NULL, NULL, 0, ULOGD_RET_UINT8, ULOGD_RETF_NONE, "ip.tos", - { ui8: 0 } }, - { NULL, NULL, 0, ULOGD_RET_UINT8, ULOGD_RETF_NONE, "ip.ttl", - { ui8: 0 } }, - { NULL, NULL, 0, ULOGD_RET_UINT16, ULOGD_RETF_NONE, "ip.totlen", - { ui16: 0 } }, - { NULL, NULL, 0, ULOGD_RET_UINT8, ULOGD_RETF_NONE, "ip.ihl", - { ui8: 0 } }, - { NULL, NULL, 0, ULOGD_RET_UINT16, ULOGD_RETF_NONE, "ip.csum", - { ui16: 0 } }, - { NULL, NULL, 0, ULOGD_RET_UINT16, ULOGD_RETF_NONE, "ip.id", - { ui16: 0 } }, - { NULL, NULL, 0, ULOGD_RET_UINT16, ULOGD_RETF_NONE, "ip.fragoff", - { ui16: 0 } }, + { .type = ULOGD_RET_IPADDR, + .flags = ULOGD_RETF_NONE, + .key = "ip.saddr", + }, + { .type = ULOGD_RET_IPADDR, + .flags = ULOGD_RETF_NONE, + .key = "ip.daddr", + }, + { .type = ULOGD_RET_UINT8, + .flags = ULOGD_RETF_NONE, + .key = "ip.protocol", + }, + { .type = ULOGD_RET_UINT8, + .flags = ULOGD_RETF_NONE, + .key = "ip.tos", + }, + { .type = ULOGD_RET_UINT8, + .flags = ULOGD_RETF_NONE, + .key = "ip.ttl", + }, + { .type = ULOGD_RET_UINT16, + .flags = ULOGD_RETF_NONE, + .key = "ip.totlen", + }, + { .type = ULOGD_RET_UINT8, + .flags = ULOGD_RETF_NONE, + .key = "ip.ihl", + }, + { .type = ULOGD_RET_UINT16, + .flags = ULOGD_RETF_NONE, + .key = "ip.csum", + }, + { .type = ULOGD_RET_UINT16, + .flags = ULOGD_RETF_NONE, + .key = "ip.id", + }, + { .type = ULOGD_RET_UINT16, + .flags = ULOGD_RETF_NONE, + .key = "ip.fragoff", + }, }; static ulog_iret_t *_interp_iphdr(struct ulog_interpreter *ip, @@ -195,40 +233,74 @@ static ulog_iret_t *_interp_iphdr(struct ulog_interpreter *ip, * TCP HEADER ***********************************************************************/ static ulog_iret_t tcphdr_rets[] = { - { NULL, NULL, 0, ULOGD_RET_UINT16, ULOGD_RETF_NONE, "tcp.sport", - { ui16: 0 } }, - { NULL, NULL, 0, ULOGD_RET_UINT16, ULOGD_RETF_NONE, "tcp.dport", - { ui16: 0 } }, - { NULL, NULL, 0, ULOGD_RET_UINT32, ULOGD_RETF_NONE, "tcp.seq", - { ui32: 0 } }, - { NULL, NULL, 0, ULOGD_RET_UINT32, ULOGD_RETF_NONE, "tcp.ackseq", - { ui32: 0 } }, - { NULL, NULL, 0, ULOGD_RET_UINT8, ULOGD_RETF_NONE, "tcp.offset", - { ui8: 0 } }, - { NULL, NULL, 0, ULOGD_RET_UINT8, ULOGD_RETF_NONE, "tcp.reserved", - { ui8: 0 } }, - { NULL, NULL, 0, ULOGD_RET_UINT16, ULOGD_RETF_NONE, "tcp.window", - { ui16: 0 } }, - { NULL, NULL, 0, ULOGD_RET_BOOL, ULOGD_RETF_NONE, "tcp.urg", - { b: 0 } }, - { NULL, NULL, 0, ULOGD_RET_UINT16, ULOGD_RETF_NONE, "tcp.urgp", - { ui16: 0 } }, - { NULL, NULL, 0, ULOGD_RET_BOOL, ULOGD_RETF_NONE, "tcp.ack", - { b: 0 } }, - { NULL, NULL, 0, ULOGD_RET_BOOL, ULOGD_RETF_NONE, "tcp.psh", - { b: 0 } }, - { NULL, NULL, 0, ULOGD_RET_BOOL, ULOGD_RETF_NONE, "tcp.rst", - { b: 0 } }, - { NULL, NULL, 0, ULOGD_RET_BOOL, ULOGD_RETF_NONE, "tcp.syn", - { b: 0 } }, - { NULL, NULL, 0, ULOGD_RET_BOOL, ULOGD_RETF_NONE, "tcp.fin", - { b: 0 } }, - { NULL, NULL, 0, ULOGD_RET_BOOL, ULOGD_RETF_NONE, "tcp.res1", - { b: 0 } }, - { NULL, NULL, 0, ULOGD_RET_BOOL, ULOGD_RETF_NONE, "tcp.res2", - { b: 0 } }, - { NULL, NULL, 0, ULOGD_RET_UINT16, ULOGD_RETF_NONE, "tcp.csum", - { ui16: 0 } }, + { .type = ULOGD_RET_UINT16, + .flags = ULOGD_RETF_NONE, + .key = "tcp.sport", + }, + { .type = ULOGD_RET_UINT16, + .flags = ULOGD_RETF_NONE, + .key = "tcp.dport", + }, + { .type = ULOGD_RET_UINT32, + .flags = ULOGD_RETF_NONE, + .key = "tcp.seq", + }, + { .type = ULOGD_RET_UINT32, + .flags = ULOGD_RETF_NONE, + .key = "tcp.ackseq", + }, + { .type = ULOGD_RET_UINT8, + .flags = ULOGD_RETF_NONE, + .key = "tcp.offset", + }, + { .type = ULOGD_RET_UINT8, + .flags = ULOGD_RETF_NONE, + .key = "tcp.reserved", + }, + { .type = ULOGD_RET_UINT16, + .flags = ULOGD_RETF_NONE, + .key = "tcp.window", + }, + { .type = ULOGD_RET_BOOL, + .flags = ULOGD_RETF_NONE, + .key = "tcp.urg", + }, + { .type = ULOGD_RET_UINT16, + .flags = ULOGD_RETF_NONE, + .key = "tcp.urgp", + }, + { .type = ULOGD_RET_BOOL, + .flags = ULOGD_RETF_NONE, + .key = "tcp.ack", + }, + { .type = ULOGD_RET_BOOL, + .flags = ULOGD_RETF_NONE, + .key = "tcp.psh", + }, + { .type = ULOGD_RET_BOOL, + .flags = ULOGD_RETF_NONE, + .key = "tcp.rst", + }, + { .type = ULOGD_RET_BOOL, + .flags = ULOGD_RETF_NONE, + .key = "tcp.syn", + }, + { .type = ULOGD_RET_BOOL, + .flags = ULOGD_RETF_NONE, + .key = "tcp.fin", + }, + { .type = ULOGD_RET_BOOL, + .flags = ULOGD_RETF_NONE, + .key = "tcp.res1", + }, + { .type = ULOGD_RET_BOOL, + .flags = ULOGD_RETF_NONE, + .key = "tcp.res2", + }, + { .type = ULOGD_RET_UINT16, + .flags = ULOGD_RETF_NONE, + .key = "tcp.csum", + }, }; static ulog_iret_t *_interp_tcphdr(struct ulog_interpreter *ip, @@ -287,14 +359,22 @@ static ulog_iret_t *_interp_tcphdr(struct ulog_interpreter *ip, * UDP HEADER ***********************************************************************/ static ulog_iret_t udphdr_rets[] = { - { NULL, NULL, 0, ULOGD_RET_UINT16, ULOGD_RETF_NONE, "udp.sport", - { ui16 :0 } }, - { NULL, NULL, 0, ULOGD_RET_UINT16, ULOGD_RETF_NONE, "udp.dport", - { ui16: 0 } }, - { NULL, NULL, 0, ULOGD_RET_UINT16, ULOGD_RETF_NONE, "udp.len", - { ui16: 0 } }, - { NULL, NULL, 0, ULOGD_RET_UINT16, ULOGD_RETF_NONE, "udp.csum", - { ui16: 0 } }, + { .type = ULOGD_RET_UINT16, + .flags = ULOGD_RETF_NONE, + .key = "udp.sport", + }, + { .type = ULOGD_RET_UINT16, + .flags = ULOGD_RETF_NONE, + .key = "udp.dport", + }, + { .type = ULOGD_RET_UINT16, + .flags = ULOGD_RETF_NONE, + .key = "udp.len", + }, + { .type = ULOGD_RET_UINT16, + .flags = ULOGD_RETF_NONE, + .key = "udp.csum", + }, }; static ulog_iret_t *_interp_udp(struct ulog_interpreter *ip, @@ -325,20 +405,34 @@ static ulog_iret_t *_interp_udp(struct ulog_interpreter *ip, ***********************************************************************/ static ulog_iret_t icmphdr_rets[] = { - { NULL, NULL, 0, ULOGD_RET_UINT8, ULOGD_RETF_NONE, "icmp.type", - { ui8: 0 } }, - { NULL, NULL, 0, ULOGD_RET_UINT8, ULOGD_RETF_NONE, "icmp.code", - { ui8: 0 } }, - { NULL, NULL, 0, ULOGD_RET_UINT16, ULOGD_RETF_NONE, "icmp.echoid", - { ui16: 0 } }, - { NULL, NULL, 0, ULOGD_RET_UINT16, ULOGD_RETF_NONE, "icmp.echoseq", - { ui16: 0 } }, - { NULL, NULL, 0, ULOGD_RET_IPADDR, ULOGD_RETF_NONE, "icmp.gateway", - { ui32: 0 } }, - { NULL, NULL, 0, ULOGD_RET_UINT16, ULOGD_RETF_NONE, "icmp.fragmtu", - { ui16: 0 } }, - { NULL, NULL, 0, ULOGD_RET_UINT16, ULOGD_RETF_NONE, "icmp.csum", - { ui16: 0 } }, + { .type = ULOGD_RET_UINT8, + .flags = ULOGD_RETF_NONE, + .key = "icmp.type", + }, + { .type = ULOGD_RET_UINT8, + .flags = ULOGD_RETF_NONE, + .key = "icmp.code", + }, + { .type = ULOGD_RET_UINT16, + .flags = ULOGD_RETF_NONE, + .key = "icmp.echoid", + }, + { .type = ULOGD_RET_UINT16, + .flags = ULOGD_RETF_NONE, + .key = "icmp.echoseq", + }, + { .type = ULOGD_RET_IPADDR, + .flags = ULOGD_RETF_NONE, + .key = "icmp.gateway", + }, + { .type = ULOGD_RET_UINT16, + .flags = ULOGD_RETF_NONE, + .key = "icmp.fragmtu", + }, + { .type = ULOGD_RET_UINT16, + .flags = ULOGD_RETF_NONE, + .key = "icmp.csum", + }, }; static ulog_iret_t *_interp_icmp(struct ulog_interpreter *ip, @@ -388,8 +482,10 @@ static ulog_iret_t *_interp_icmp(struct ulog_interpreter *ip, ***********************************************************************/ static ulog_iret_t ahesphdr_rets[] = { - { NULL, NULL, 0, ULOGD_RET_UINT8, ULOGD_RETF_NONE, "ahesp.spi", - { ui8: 0 } }, + { .type = ULOGD_RET_UINT32, + .flags = ULOGD_RETF_NONE, + .key = "ahesp.spi", + }, }; static ulog_iret_t *_interp_ahesp(struct ulog_interpreter *ip, @@ -414,13 +510,34 @@ static ulog_iret_t *_interp_ahesp(struct ulog_interpreter *ip, static ulog_interpreter_t base_ip[] = { - { NULL, "raw", 0, &_interp_raw, 3, raw_rets }, - { NULL, "oob", 0, &_interp_oob, 6, oob_rets }, - { NULL, "ip", 0, &_interp_iphdr, 10, iphdr_rets }, - { NULL, "tcp", 0, &_interp_tcphdr, 17, tcphdr_rets }, - { NULL, "icmp", 0, &_interp_icmp, 7, icmphdr_rets }, - { NULL, "udp", 0, &_interp_udp, 4, udphdr_rets }, - { NULL, "ahesp", 0, &_interp_ahesp, 1, ahesphdr_rets }, + { .name = "raw", + .interp = &_interp_raw, + .key_num = 3, + .result = raw_rets }, + { .name = "oob", + .interp = &_interp_oob, + .key_num = 6, + .result = oob_rets }, + { .name = "ip", + .interp = &_interp_iphdr, + .key_num = 10, + .result = iphdr_rets }, + { .name = "tcp", + .interp = &_interp_tcphdr, + .key_num = 17, + .result = tcphdr_rets }, + { .name = "icmp", + .interp = &_interp_icmp, + .key_num = 7, + .result = icmphdr_rets }, + { .name = "udp", + .interp = &_interp_udp, + .key_num = 4, + .result = udphdr_rets }, + { .name = "ahesp", + .interp = &_interp_ahesp, + .key_num = 1, + .result = ahesphdr_rets }, { NULL, "", 0, NULL, 0, NULL }, }; @@ -432,7 +549,6 @@ void _base_reg_ip(void) for (p = ip; p->interp; p++) { register_interpreter(p); } - } void _init(void) |