summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--input/sum/ulogd_inpflow_NFACCT.c13
-rw-r--r--output/Makefile.am3
-rw-r--r--output/ulogd_output_XML.c30
-rw-r--r--ulogd.conf.in3
4 files changed, 44 insertions, 5 deletions
diff --git a/input/sum/ulogd_inpflow_NFACCT.c b/input/sum/ulogd_inpflow_NFACCT.c
index 751c567..f3b936f 100644
--- a/input/sum/ulogd_inpflow_NFACCT.c
+++ b/input/sum/ulogd_inpflow_NFACCT.c
@@ -49,6 +49,7 @@ enum ulogd_nfacct_keys {
ULOGD_NFACCT_NAME,
ULOGD_NFACCT_PKTS,
ULOGD_NFACCT_BYTES,
+ ULOGD_NFACCT_RAW,
};
static struct ulogd_key nfacct_okeys[] = {
@@ -67,6 +68,11 @@ static struct ulogd_key nfacct_okeys[] = {
.flags = ULOGD_RETF_NONE,
.name = "sum.bytes",
},
+ [ULOGD_NFACCT_RAW] = {
+ .type = ULOGD_RET_RAW,
+ .flags = ULOGD_RETF_NONE,
+ .name = "sum",
+ },
};
static void
@@ -80,6 +86,7 @@ propagate_nfacct(struct ulogd_pluginstance *upi, struct nfacct *nfacct)
nfacct_attr_get_u64(nfacct, NFACCT_ATTR_PKTS));
okey_set_u64(&ret[ULOGD_NFACCT_BYTES],
nfacct_attr_get_u64(nfacct, NFACCT_ATTR_BYTES));
+ okey_set_ptr(&ret[ULOGD_NFACCT_RAW], nfacct);
ulogd_propagate_results(upi);
}
@@ -93,6 +100,8 @@ do_propagate_nfacct(struct ulogd_pluginstance *upi, struct nfacct *nfacct)
propagate_nfacct(npi, nfacct);
propagate_nfacct(upi, nfacct);
+
+ nfacct_free(nfacct);
}
static int nfacct_cb(const struct nlmsghdr *nlh, void *data)
@@ -108,13 +117,11 @@ static int nfacct_cb(const struct nlmsghdr *nlh, void *data)
if (nfacct_nlmsg_parse_payload(nlh, nfacct) < 0) {
ulogd_log(ULOGD_ERROR, "Error parsing nfacct message");
- goto err_free;
+ goto err;
}
do_propagate_nfacct(upi, nfacct);
-err_free:
- nfacct_free(nfacct);
err:
return MNL_CB_OK;
}
diff --git a/output/Makefile.am b/output/Makefile.am
index db05d0b..630aee6 100644
--- a/output/Makefile.am
+++ b/output/Makefile.am
@@ -25,5 +25,6 @@ ulogd_output_NACCT_la_LDFLAGS = -avoid-version -module
ulogd_output_XML_la_SOURCES = ulogd_output_XML.c
ulogd_output_XML_la_LIBADD = ${LIBNETFILTER_LOG_LIBS} \
- ${LIBNETFILTER_CONNTRACK_LIBS}
+ ${LIBNETFILTER_CONNTRACK_LIBS} \
+ ${LIBNETFILTER_ACCT_LIBS}
ulogd_output_XML_la_LDFLAGS = -avoid-version -module
diff --git a/output/ulogd_output_XML.c b/output/ulogd_output_XML.c
index 1ec9d8c..5215e28 100644
--- a/output/ulogd_output_XML.c
+++ b/output/ulogd_output_XML.c
@@ -20,6 +20,7 @@
#include <libnetfilter_conntrack/libnetfilter_conntrack.h>
#include <libnetfilter_log/libnetfilter_log.h>
+#include <libnetfilter_acct/libnetfilter_acct.h>
#include <ulogd/ulogd.h>
#include <sys/param.h>
#include <time.h>
@@ -32,6 +33,7 @@
enum {
KEY_CT,
KEY_PCKT,
+ KEY_SUM,
};
static struct ulogd_key xml_inp[] = {
@@ -45,6 +47,11 @@ static struct ulogd_key xml_inp[] = {
.flags = ULOGD_RETF_NONE | ULOGD_KEYF_OPTIONAL,
.name = "raw",
},
+ [KEY_SUM] = {
+ .type = ULOGD_RET_RAW,
+ .flags = ULOGD_RETF_NONE | ULOGD_KEYF_OPTIONAL,
+ .name = "sum",
+ },
};
enum {
@@ -108,6 +115,19 @@ xml_output_packet(struct ulogd_key *inp, char *buf, ssize_t size)
return 0;
}
+static int
+xml_output_sum(struct ulogd_key *inp, char *buf, ssize_t size)
+{
+ struct nfacct *nfacct = ikey_get_ptr(&inp[KEY_SUM]);
+ int tmp;
+
+ tmp = nfacct_snprintf(buf, size, nfacct, NFACCT_SNPRINTF_T_XML, 0);
+ if (tmp < 0 || tmp >= size)
+ return -1;
+
+ return 0;
+}
+
static int xml_output(struct ulogd_pluginstance *upi)
{
struct ulogd_key *inp = upi->input.keys;
@@ -119,6 +139,8 @@ static int xml_output(struct ulogd_pluginstance *upi)
ret = xml_output_flow(inp, buf, sizeof(buf));
else if (pp_is_valid(inp, KEY_PCKT))
ret = xml_output_packet(inp, buf, sizeof(buf));
+ else if (pp_is_valid(inp, KEY_SUM))
+ ret = xml_output_sum(inp, buf, sizeof(buf));
if (ret < 0)
return ULOGD_IRET_ERR;
@@ -155,6 +177,8 @@ static int xml_fini(struct ulogd_pluginstance *pi)
fprintf(op->of, "</conntrack>\n");
else if (input_plugin->plugin->output.type & ULOGD_DTYPE_RAW)
fprintf(op->of, "</packet>\n");
+ else if (input_plugin->plugin->output.type & ULOGD_DTYPE_SUM)
+ fprintf(op->of, "</sum>\n");
if (op->of != stdout)
fclose(op->of);
@@ -179,6 +203,8 @@ static int xml_open_file(struct ulogd_pluginstance *upi)
strcpy(file_infix, "flow");
else if (input_plugin->plugin->output.type & ULOGD_DTYPE_RAW)
strcpy(file_infix, "pkt");
+ else if (input_plugin->plugin->output.type & ULOGD_DTYPE_SUM)
+ strcpy(file_infix, "sum");
now = time(NULL);
tm = localtime(&now);
@@ -218,6 +244,8 @@ static void xml_print_header(struct ulogd_pluginstance *upi)
fprintf(op->of, "<conntrack>\n");
else if (input_plugin->plugin->output.type & ULOGD_DTYPE_RAW)
fprintf(op->of, "<packet>\n");
+ else if (input_plugin->plugin->output.type & ULOGD_DTYPE_SUM)
+ fprintf(op->of, "<sum>\n");
if (upi->config_kset->ces[CFG_XML_SYNC].u.value != 0)
fflush(op->of);
@@ -264,7 +292,7 @@ static struct ulogd_plugin xml_plugin = {
.input = {
.keys = xml_inp,
.num_keys = ARRAY_SIZE(xml_inp),
- .type = ULOGD_DTYPE_FLOW,
+ .type = ULOGD_DTYPE_FLOW | ULOGD_DTYPE_SUM,
},
.output = {
.type = ULOGD_DTYPE_SINK,
diff --git a/ulogd.conf.in b/ulogd.conf.in
index e3d4022..5f19cae 100644
--- a/ulogd.conf.in
+++ b/ulogd.conf.in
@@ -77,6 +77,9 @@ plugin="@pkglibdir@/ulogd_inpflow_NFACCT.so"
# this is a stack for logging in XML
#stack=log1:NFLOG,xml1:XML
+# this is a stack for accounting-based logging via XML
+#stack=acct1:NFACCT,xml1:XML
+
# this is a stack for NFLOG packet-based logging to PCAP
#stack=log2:NFLOG,base1:BASE,pcap1:PCAP