diff options
| author | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org </C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org> | 2008-04-29 14:34:30 +0000 |
|---|---|---|
| committer | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org </C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org> | 2008-04-29 14:34:30 +0000 |
| commit | e4f0bd0a93e4777abea99fe7a33d50fd74b57aba (patch) | |
| tree | 68b7f5a8d7d4b76f2dad6f3877cc3c93545c6aff /doc/mysql-ulogd2.sql | |
| parent | 0ef20d627b03db080e220a37f3b27339f9f6e2a0 (diff) | |
This patchset adds support for the "numeric_label" option. For instance, it
can be used to determine if the packet has been dropped, rejected or accepted.
The meaning of label is completely user-defined.
Signed-off-by: Eric Leblond <eric@inl.fr>
Diffstat (limited to 'doc/mysql-ulogd2.sql')
| -rw-r--r-- | doc/mysql-ulogd2.sql | 16 |
1 files changed, 10 insertions, 6 deletions
diff --git a/doc/mysql-ulogd2.sql b/doc/mysql-ulogd2.sql index 05ea9b4..ba50f48 100644 --- a/doc/mysql-ulogd2.sql +++ b/doc/mysql-ulogd2.sql @@ -58,6 +58,7 @@ CREATE TABLE `ulog2` ( `ip_csum` smallint(5) unsigned default NULL, `ip_id` smallint(5) unsigned default NULL, `ip_fragoff` smallint(5) unsigned default NULL, + `label` tinyint(3) unsigned default NULL, `timestamp` timestamp NOT NULL default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP, UNIQUE KEY `key_id` (`_id`) ) ENGINE=INNODB COMMENT='Table for IP packets'; @@ -213,7 +214,8 @@ CREATE SQL SECURITY INVOKER VIEW `ulog` AS icmpv6_echoseq, icmpv6_csum, mac_saddr as mac_saddr_str, - mac_protocol as oob_protocol + mac_protocol as oob_protocol, + label as raw_label FROM ulog2 LEFT JOIN tcp ON ulog2._id = tcp._tcp_id LEFT JOIN udp ON ulog2._id = udp._udp_id LEFT JOIN icmp ON ulog2._id = icmp._icmp_id LEFT JOIN mac ON ulog2._id = mac._mac_id LEFT JOIN icmpv6 ON ulog2._id = icmpv6._icmpv6_id; @@ -493,7 +495,8 @@ CREATE FUNCTION INSERT_IP_PACKET_FULL( _ip_ihl tinyint(3) unsigned, _ip_csum smallint(5) unsigned, _ip_id smallint(5) unsigned, - _ip_fragoff smallint(5) unsigned + _ip_fragoff smallint(5) unsigned, + _label tinyint(4) unsigned ) RETURNS int(10) unsigned SQL SECURITY INVOKER NOT DETERMINISTIC @@ -501,10 +504,10 @@ READS SQL DATA BEGIN INSERT INTO ulog2 (oob_time_sec, oob_time_usec, oob_hook, oob_prefix, oob_mark, oob_in, oob_out, oob_family, ip_saddr, ip_daddr, ip_protocol, ip_tos, ip_ttl, ip_totlen, ip_ihl, - ip_csum, ip_id, ip_fragoff ) VALUES + ip_csum, ip_id, ip_fragoff, label ) VALUES (_oob_time_sec, _oob_time_usec, _oob_hook, _oob_prefix, _oob_mark, _oob_in, _oob_out, _oob_family, _ip_saddr, _ip_daddr, _ip_protocol, _ip_tos, _ip_ttl, _ip_totlen, _ip_ihl, - _ip_csum, _ip_id, _ip_fragoff); + _ip_csum, _ip_id, _ip_fragoff, _label); RETURN LAST_INSERT_ID(); END $$ @@ -660,7 +663,8 @@ CREATE FUNCTION INSERT_PACKET_FULL( icmpv6_echoseq smallint(5) unsigned, icmpv6_csum int(10) unsigned, mac_saddr varchar(32), - mac_protocol smallint(5) + mac_protocol smallint(5), + _label tinyint(4) unsigned ) RETURNS bigint unsigned READS SQL DATA BEGIN @@ -668,7 +672,7 @@ BEGIN _oob_mark, _oob_in, _oob_out, _oob_family, _ip_saddr, _ip_daddr, _ip_protocol, _ip_tos, _ip_ttl, _ip_totlen, _ip_ihl, _ip_csum, _ip_id, - _ip_fragoff); + _ip_fragoff, _label); IF _ip_protocol = 6 THEN CALL PACKET_ADD_TCP_FULL(@lastid, tcp_sport, tcp_dport, tcp_seq, tcp_ackseq, tcp_window, tcp_urg, tcp_urgp, tcp_ack, tcp_psh, |