diff options
-rw-r--r-- | configure.in | 2 | ||||
-rw-r--r-- | filter/raw2packet/ulogd_raw2packet_BASE.c | 7 | ||||
-rw-r--r-- | include/ulogd/ipfix_protocol.h (renamed from include/ipfix_protocol.h) | 3 | ||||
-rw-r--r-- | include/ulogd/ulogd.h | 22 | ||||
-rw-r--r-- | input/flow/ulogd_inpflow_CTNL.c | 1 | ||||
-rw-r--r-- | input/packet/ulogd_inppkt_ULOG.c | 98 | ||||
-rw-r--r-- | libipulog/include/libipulog/libipulog.h | 4 | ||||
-rw-r--r-- | libipulog/libipulog.c | 9 | ||||
-rw-r--r-- | ulogd.c | 34 |
9 files changed, 107 insertions, 73 deletions
diff --git a/configure.in b/configure.in index 1b94de7..5dfb661 100644 --- a/configure.in +++ b/configure.in @@ -210,4 +210,4 @@ AC_SUBST(HAVE_PCAP_H) AM_CONDITIONAL(HAVE_MYSQL, test x$mysqldir != x) AM_CONDITIONAL(HAVE_PGSQL, test x$pgsqldir != x) -AC_OUTPUT(extensions/Makefile doc/Makefile conffile/Makefile libipulog/Makefile mysql/Makefile pgsql/Makefile pcap/Makefile Makefile Rules.make) +AC_OUTPUT(doc/Makefile conffile/Makefile libipulog/Makefile input/packet/Makefile input/flow/Makefile filter/raw2packet/Makefile filter/packet2flow/Makefile output/Makefile output/mysql/Makefile output/pgsql/Makefile Makefile Rules.make) diff --git a/filter/raw2packet/ulogd_raw2packet_BASE.c b/filter/raw2packet/ulogd_raw2packet_BASE.c index 31d9cc7..d97e903 100644 --- a/filter/raw2packet/ulogd_raw2packet_BASE.c +++ b/filter/raw2packet/ulogd_raw2packet_BASE.c @@ -1,4 +1,4 @@ -/* ulogd_MAC.c, Version $Revision: 1.21 $ +/* ulogd_MAC.c, Version $Revision$ * * ulogd interpreter plugin for * o MAC addresses @@ -11,7 +11,7 @@ * o ICMP header * o AH/ESP header * - * (C) 2000-2001 by Harald Welte <laforge@gnumonks.org> + * (C) 2000-2005 by Harald Welte <laforge@gnumonks.org> * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License version 2 @@ -45,7 +45,7 @@ * IP HEADER ***********************************************************************/ -static ulog_iret_t iphdr_rets[] = { +static struct ulogd_key iphdr_rets[] = { { .type = ULOGD_RET_IPADDR, .flags = ULOGD_RETF_NONE, @@ -425,6 +425,7 @@ static struct ulogd_pluginstance *base_init(struct ulogd_plugin *pl) static int base_fini(struct ulogd_pluginstance *upi) { + free(bpi); return 0; } diff --git a/include/ipfix_protocol.h b/include/ulogd/ipfix_protocol.h index 94f9fc9..95241cd 100644 --- a/include/ipfix_protocol.h +++ b/include/ulogd/ipfix_protocol.h @@ -4,7 +4,8 @@ /* This header file defines structures for the IPFIX protocol in accordance with * draft-ietf-ipfix-protocol-03.txt */ -#define IPFIX_VENDOR_NETFILTE 0x23424223 +#define IPFIX_VENDOR_IETF 0x00000000 +#define IPFIX_VENDOR_NETFILTER 0x23424223 /* Section 8.1 */ struct ipfix_msg_hdr { diff --git a/include/ulogd/ulogd.h b/include/ulogd/ulogd.h index 0dbdcc1..808f3a9 100644 --- a/include/ulogd/ulogd.h +++ b/include/ulogd/ulogd.h @@ -13,8 +13,11 @@ */ #include <ulogd/linuxlist.h> +#include <ulogd/conffile.h> +#include <ulogd/ipfix_protocol.h> #include <stdio.h> #include <signal.h> /* need this because of extension-sighandler */ +#include <sys/types.h> /* All types with MSB = 1 make use of value.ptr * other types use one of the union's member */ @@ -71,7 +74,7 @@ enum ulogd_dtype { /* structure describing an input / output parameter of a plugin */ struct ulogd_key { /* next interpreter return (key) in the global list */ - struct ulogd_iret *next; + struct ulogd_key *next; /* length of the returned value (only for lengthed types */ u_int32_t len; /* type of the returned value (ULOGD_IRET_...) */ @@ -100,10 +103,11 @@ struct ulogd_key { int64_t i64; void *ptr; } value; - struct ulogd_iret *source; + struct ulogd_key *source; } u; }; +struct ulogd_pluginstance; struct ulogd_plugin { /* global list of plugins */ struct list_head list; @@ -137,7 +141,7 @@ struct ulogd_plugin { int (*destructor)(struct ulogd_pluginstance *instance); /* configuration parameters */ - struct config_keyset config_kset; + struct config_keyset *config_kset; }; /* an instance of a plugin, element in a stack */ @@ -151,11 +155,11 @@ struct ulogd_pluginstance { /* name / id of this instance*/ char id[ULOGD_MAX_KEYLEN]; /* per-instance input keys */ - struct ulogd_input *input; + struct ulogd_key *input; /* per-instance output keys */ - struct ulogd_iret *output; + struct ulogd_key *output; /* per-instance config parameters (array) */ - config_entry_t *configs; + struct config_entry *configs; unsigned int num_configs; /* private data */ char private[0]; @@ -175,8 +179,8 @@ struct ulogd_keyh_entry { /* register a new interpreter plugin */ void ulogd_register_plugin(struct ulogd_plugin *me); -/* allocate a new ulogd_iret */ -struct ulogd_iret *alloc_ret(const u_int16_t type, const char*); +/* allocate a new ulogd_key */ +struct ulogd_key *alloc_ret(const u_int16_t type, const char*); /* write a message to the daemons' logfile */ void __ulogd_log(int level, char *file, int line, const char *message, ...); @@ -193,7 +197,7 @@ unsigned int interh_getid(const char *name); unsigned int keyh_getid(const char *name); /* get a result for a given key id */ -struct ulogd_iret *keyh_getres(unsigned int id); +struct ulogd_key *keyh_getres(unsigned int id); /* the key hash itself */ extern struct ulogd_keyh_entry *ulogd_keyh; diff --git a/input/flow/ulogd_inpflow_CTNL.c b/input/flow/ulogd_inpflow_CTNL.c index cd75cc2..f241bab 100644 --- a/input/flow/ulogd_inpflow_CTNL.c +++ b/input/flow/ulogd_inpflow_CTNL.c @@ -9,6 +9,7 @@ * as published by the Free Software Foundation */ +#include <ulogd/ulogd.h> #include "libnfnetlink.h" #include "libctnetlink.h" diff --git a/input/packet/ulogd_inppkt_ULOG.c b/input/packet/ulogd_inppkt_ULOG.c index 640b86c..92e3ffa 100644 --- a/input/packet/ulogd_inppkt_ULOG.c +++ b/input/packet/ulogd_inppkt_ULOG.c @@ -1,12 +1,17 @@ /* ulogd_inppkt_ULOG.c - stackable input plugin for ULOG packets -> ulogd2 - * (C) 2004 by Harald Welte <laforge@gnumonks.org> + * (C) 2004-2005 by Harald Welte <laforge@gnumonks.org> */ -#include <ulogd/ulogd.h> -#include <ulogd/conffile.h> +#include <unistd.h> +#include <stdlib.h> +#include <ulogd/ulogd.h> #include <libipulog/libipulog.h> +#ifndef ULOGD_NLGROUP_DEFAULT +#define ULOGD_NLGROUP_DEFAULT 32 +#endif + /* Size of the socket recevive memory. Should be at least the same size as the * 'nlbufsiz' module loadtime parameter of ipt_ULOG.o * If you have _big_ in-kernel queues, you may have to increase this number. ( @@ -19,13 +24,15 @@ struct ulog_input { struct ipulog_handle *libulog_h; - static unsigned char *libulog_buf; - static struct ulogd_fd ulog_fd; + unsigned char *libulog_buf; + struct ulogd_fd ulog_fd; }; /* configuration entries */ -static struct config_entry ulog_ces[] = { +static struct config_keyset libulog_kset = { + .num_ces = 10, + .ces = { { .key = "bufsize", .type = CONFIG_TYPE_INT, @@ -44,25 +51,12 @@ static struct config_entry ulog_ces[] = { .options = CONFIG_OPT_NONE, .u.value = ULOGD_RMEM_DEFAULT, }, + } }; #define bufsiz_ce(x) (x[0]) #define nlgroup_ce(x) (x[1]) -#define rmem_cd(x) (x[2]) - -#if 0 -static config_entry_t bufsiz_ce = { NULL, "bufsize", CONFIG_TYPE_INT, - CONFIG_OPT_NONE, 0, - { value: ULOGD_BUFSIZE_DEFAULT } }; - -static config_entry_t nlgroup_ce = { &bufsiz_ce, "nlgroup", CONFIG_TYPE_INT, - CONFIG_OPT_NONE, 0, - { value: ULOGD_NLGROUP_DEFAULT } }; - -static config_entry_t rmem_ce = { &nlgroup_ce, "rmem", CONFIG_TYPE_INT, - CONFIG_OPT_NONE, 0, - { value: ULOGD_RMEM_DEFAULT } }; -#endif +#define rmem_ce(x) (x[2]) static struct ulogd_key output_keys[] = { @@ -138,13 +132,13 @@ static int interp_packet(struct ulogd_pluginstance *ip, ulog_packet_msg_t *pkt) unsigned char *p; int i; char *buf, *oldbuf = NULL; - ulog_iret_t *ret = ip->result; + struct ulogd_key *ret = ip->output; if (pkt->mac_len) { buf = (char *) malloc(3 * pkt->mac_len + 1); if (!buf) { ulogd_log(ULOGD_ERROR, "OOM!!!\n"); - return NULL; + return -1; } *buf = '\0'; @@ -152,52 +146,55 @@ static int interp_packet(struct ulogd_pluginstance *ip, ulog_packet_msg_t *pkt) oldbuf = buf; for (i = 0; i < pkt->mac_len; i++, p++) sprintf(buf, "%s%02x%c", oldbuf, *p, i==pkt->mac_len-1 ? ' ':':'); - ret[0].value.ptr = buf; + ret[0].u.value.ptr = buf; ret[0].flags |= ULOGD_RETF_VALID; } /* include pointer to raw ipv4 packet */ - ret[1].value.ptr = pkt->payload; + ret[1].u.value.ptr = pkt->payload; ret[1].flags |= ULOGD_RETF_VALID; - ret[2].value.ui32 = pkt->data_len; + ret[2].u.value.ui32 = pkt->data_len; ret[2].flags |= ULOGD_RETF_VALID; - ret[3].value.ui32 = 1; + ret[3].u.value.ui32 = 1; ret[3].flags |= ULOGD_RETF_VALID; - ret[4].value.ptr = pkt->prefix; + ret[4].u.value.ptr = pkt->prefix; ret[4].flags |= ULOGD_RETF_VALID; /* god knows why timestamp_usec contains crap if timestamp_sec == 0 * if (pkt->timestamp_sec || pkt->timestamp_usec) { */ if (pkt->timestamp_sec) { - ret[5].value.ui32 = pkt->timestamp_sec; + ret[5].u.value.ui32 = pkt->timestamp_sec; ret[5].flags |= ULOGD_RETF_VALID; - ret[6].value.ui32 = pkt->timestamp_usec; + ret[6].u.value.ui32 = pkt->timestamp_usec; ret[6].flags |= ULOGD_RETF_VALID; } else { ret[5].flags &= ~ULOGD_RETF_VALID; ret[6].flags &= ~ULOGD_RETF_VALID; } - ret[7].value.ui32 = pkt->mark; + ret[7].u.value.ui32 = pkt->mark; ret[7].flags |= ULOGD_RETF_VALID; - ret[8].value.ptr = pkt->indev_name; + ret[8].u.value.ptr = pkt->indev_name; ret[8].flags |= ULOGD_RETF_VALID; - ret[9].value.ptr = pkt->outdev_name; + ret[9].u.value.ptr = pkt->outdev_name; ret[9].flags |= ULOGD_RETF_VALID; - return ret; + return 0; } -static struct ulog_read_cb(int fd, void *param) +static int ulog_read_cb(int fd, unsigned int what, void *param) { struct ulogd_pluginstance *upi = (struct ulogd_pluginstance *)param; - struct ulog_input *u = (struct ulog_input *)param->private; + struct ulog_input *u = (struct ulog_input *)upi->private; ulog_packet_msg_t *upkt; int len; + if (!(what & ULOGD_FD_READ)) + return 0; + while (len = ipulog_read(u->libulog_h, u->libulog_buf, - bufsiz_ce.u.value, 1)) { + bufsiz_ce(upi->configs).u.value, 1)) { if (len <= 0) { /* this is not supposed to happen */ ulogd_log(ULOGD_ERROR, "ipulog_read = %d! " @@ -207,7 +204,7 @@ static struct ulog_read_cb(int fd, void *param) } while ((upkt = ipulog_get_packet(u->libulog_h, u->libulog_buf, len))) { - DEBUGP("==> ulog packet received\n"); + ulogd_log(ULOGD_DEBUG, "==> ulog packet received\n"); interp_packet(upi, upkt); } } @@ -227,23 +224,23 @@ static struct ulogd_pluginstance *init(struct ulogd_plugin *pl) upi->input = NULL; /* FIXME: upi->output = */ - ui->libulog_buf = malloc(bufsiz_ce.u.value); + ui->libulog_buf = malloc(bufsiz_ce(upi->configs).u.value); if (!ui->libulog_buf) goto out_buf; ui->libulog_h = ipulog_create_handle( - ipulog_group2gmask(nlgroup_ce.u.value), - rmem_ce.u.value); - if (!libulog_h) + ipulog_group2gmask(nlgroup_ce(upi->configs).u.value), + rmem_ce(upi->configs).u.value); + if (!ui->libulog_h) goto out_handle; - ui->ulog_fd.fd = ui->libulog_h->fd; + ui->ulog_fd.fd = ipulog_get_fd(ui->libulog_h); ui->ulog_fd.cb = &ulog_read_cb; ui->ulog_fd.data = upi; ulogd_register_fd(&ui->ulog_fd); - return ui; + return upi; out_handle: free(ui->libulog_buf); out_buf: @@ -253,6 +250,12 @@ out_buf: static int fini(struct ulogd_pluginstance *pi) { + struct ulog_input *ui = (struct ulog_input *)pi->private; + + ulogd_unregister_fd(&ui->ulog_fd); + free(pi); + + return 0; } struct ulogd_plugin libulog_plugin = { @@ -262,13 +265,12 @@ struct ulogd_plugin libulog_plugin = { }, .output = { .type = ULOGD_DTYPE_RAW, - .keys = &ulog_output_key, - .num = 10, + .keys = &output_keys, + .num_keys = sizeof(output_keys)/sizeof(struct ulogd_key), }, .constructor = &init, .destructor = &fini, - .num_configs = (sizeof(ulog_ces)/sizeof(struct config_entry)), - .configs = &ulog_ces, + .config_kset = &libulog_kset, }; void _init(void) diff --git a/libipulog/include/libipulog/libipulog.h b/libipulog/include/libipulog/libipulog.h index 307510c..a049d27 100644 --- a/libipulog/include/libipulog/libipulog.h +++ b/libipulog/include/libipulog/libipulog.h @@ -1,7 +1,7 @@ #ifndef _LIBIPULOG_H #define _LIBIPULOG_H -/* $Id: libipulog.h,v 1.6 2002/07/30 07:23:36 laforge Exp $ */ +/* $Id$ */ #include <errno.h> #include <unistd.h> @@ -37,6 +37,8 @@ ulog_packet_msg_t *ipulog_get_packet(struct ipulog_handle *h, char *ipulog_strerror(int errcode); +int ipulog_get_fd(struct ipulog_handle *h); + void ipulog_perror(const char *s); enum diff --git a/libipulog/libipulog.c b/libipulog/libipulog.c index b396829..eb2a747 100644 --- a/libipulog/libipulog.c +++ b/libipulog/libipulog.c @@ -1,5 +1,5 @@ /* - * libipulog.c, $Revision: 1.11 $ + * libipulog.c, $Revision$ * * netfilter ULOG userspace library. * @@ -21,7 +21,7 @@ * This library is still under development, so be aware of sudden interface * changes * - * $Id: libipulog.c,v 1.11 2003/05/04 10:00:10 laforge Exp $ + * $Id$ */ #include <stdlib.h> @@ -253,3 +253,8 @@ void ipulog_perror(const char *s) fputc('\n', stderr); } +int ipulog_get_fd(struct ipulog_handle *h) +{ + return h->fd; +} + @@ -41,6 +41,9 @@ * 03 Oct 2004 Harald Welte <laforge@gnumonks.org> * - further unification towards generic network event logging * and support for lnstat + * + * 17 Apr 2005 Harald Welte <laforge@gnumonks.org> + * - */ #define ULOGD_VERSION "2.00alpha" @@ -72,9 +75,6 @@ #ifndef ULOGD_LOGFILE_DEFAULT #define ULOGD_LOGFILE_DEFAULT "/var/log/ulogd.log" #endif -#ifndef ULOGD_NLGROUP_DEFAULT -#define ULOGD_NLGROUP_DEFAULT 32 -#endif /* where to look for the config file */ #ifndef ULOGD_CONFIGFILE @@ -100,7 +100,7 @@ static LIST_HEAD(ulogd_fds); /* We keep hashtables of interpreters and registered keys. The hash-tables * are allocated dynamically at program load time. You may control the - * allocation granularity of both hashes (i.e. the amount of hashtable + e allocation granularity of both hashes (i.e. the amount of hashtable * entries are allocated at one time) through modification of the constants * INTERH_ALLOC_GRAN and KEYH_ALLOC_GRAN */ @@ -438,14 +438,14 @@ pluginstance_alloc_init(struct ulogd_plugin *pl, char *pi_id, memcpy(pi->id, pi_id, sizeof(pi->id)); /* copy config keys */ - pi->config_kset.num_ces = pl->config_kset.num_ces; - ce_size = pl->config_kset.num_ces*sizeof(struct config_entry); + pi->config_kset.num_ces = pl->config_kset->num_ces; + ce_size = pl->config_kset->num_ces*sizeof(struct config_entry); pi->config_kset.ces = malloc(ce_size); if (!pi->configs) { free(pi); return NULL; } - memcpy(pi->config_kset.ces, pl->config_kset.ces, ce_size); + memcpy(pi->config_kset.ces, pl->config_kset->ces, ce_size); /* FIXME: allocate input and output keys ?*/ @@ -535,11 +535,12 @@ void ulogd_unregister_fd(struct ulogd_fd *ufd) list_del(&ufd->list); } -int ulogd_main_loop() +static int ulogd_main_loop(void) { fd_set read_fd, write_fd, except_fd; unsigned int hifd; struct ulogd_fd *ufd; + int ret = 0; while (1) { FD_ZERO(&read_fd); @@ -559,6 +560,18 @@ int ulogd_main_loop() } ret = select(hifd+1, &read_fd, &write_fd, &except_fd, NULL); + if (ret == 0) + continue; + + if (ret < 0) { + if (errno = -EINTR) + continue; + else { + ulogd_log(ULOGD_ERROR, "select returned %s\n", + strerror(errno)); + break; + } + } list_for_each_entry(ufd, &ulogd_fds, list) { unsigned int what = 0; @@ -574,6 +587,7 @@ int ulogd_main_loop() } } + return ret; } /* open the logfile */ @@ -836,10 +850,12 @@ int main(int argc, char* argv[]) logfile_open(logf_ce.u.string); +#if 0 for (p = ulogd_outputs; p; p = p->next) { if (p->init) (*p->init)(); } +#endif #ifdef DEBUG /* dump key and interpreter hash */ @@ -863,6 +879,8 @@ int main(int argc, char* argv[]) ulogd_log(ULOGD_NOTICE, "initialization finished, entering main loop\n"); + ulogd_main_loop(); + /* hackish, but result is the same */ sigterm_handler(SIGTERM); return(0); |