diff options
| -rw-r--r-- | filter/raw2packet/ulogd_raw2packet_BASE.c | 27 | ||||
| -rw-r--r-- | filter/ulogd_filter_IFINDEX.c | 4 | ||||
| -rw-r--r-- | filter/ulogd_filter_PWSNIFF.c | 8 | ||||
| -rw-r--r-- | include/ulogd/ulogd.h | 38 | ||||
| -rw-r--r-- | input/flow/ulogd_inpflow_NFCT.c | 2 | ||||
| -rw-r--r-- | input/packet/ulogd_inppkt_NFLOG.c | 13 | ||||
| -rw-r--r-- | input/packet/ulogd_inppkt_ULOG.c | 2 | ||||
| -rw-r--r-- | output/pcap/ulogd_output_PCAP.c | 4 | ||||
| -rw-r--r-- | output/ulogd_output_LOGEMU.c | 2 | ||||
| -rw-r--r-- | output/ulogd_output_OPRINT.c | 12 | ||||
| -rw-r--r-- | output/ulogd_output_SYSLOG.c | 2 | ||||
| -rw-r--r-- | src/ulogd.c | 24 |
12 files changed, 71 insertions, 67 deletions
diff --git a/filter/raw2packet/ulogd_raw2packet_BASE.c b/filter/raw2packet/ulogd_raw2packet_BASE.c index 38be028..ca67677 100644 --- a/filter/raw2packet/ulogd_raw2packet_BASE.c +++ b/filter/raw2packet/ulogd_raw2packet_BASE.c @@ -339,8 +339,9 @@ static struct ulogd_key iphdr_rets[] = { static int _interp_tcp(struct ulogd_pluginstance *pi) { - struct ulogd_key *ret = &pi->output[10]; - struct iphdr *iph = (struct iphdr *) pi->input[0].u.source->u.value.ptr; + struct ulogd_key *ret = &pi->output.keys[10]; + struct iphdr *iph = (struct iphdr *) + pi->input.keys[0].u.source->u.value.ptr; void *protoh = (u_int32_t *)iph + iph->ihl; struct tcphdr *tcph = (struct tcphdr *) protoh; @@ -395,8 +396,9 @@ static int _interp_tcp(struct ulogd_pluginstance *pi) static int _interp_udp(struct ulogd_pluginstance *pi) { - struct ulogd_key *ret = &pi->output[27]; - struct iphdr *iph = (struct iphdr *) pi->input[0].u.source->u.value.ptr; + struct ulogd_key *ret = &pi->output.keys[27]; + struct iphdr *iph = (struct iphdr *) + pi->input.keys[0].u.source->u.value.ptr; void *protoh = (u_int32_t *)iph + iph->ihl; struct udphdr *udph = protoh; @@ -421,8 +423,9 @@ static int _interp_udp(struct ulogd_pluginstance *pi) static int _interp_icmp(struct ulogd_pluginstance *pi) { - struct ulogd_key *ret = &pi->output[31]; - struct iphdr *iph = (struct iphdr *) pi->input[0].u.source->u.value.ptr; + struct ulogd_key *ret = &pi->output.keys[31]; + struct iphdr *iph = (struct iphdr *) + pi->input.keys[0].u.source->u.value.ptr; void *protoh = (u_int32_t *)iph + iph->ihl; struct icmphdr *icmph = protoh; @@ -466,8 +469,9 @@ static int _interp_icmp(struct ulogd_pluginstance *pi) static int _interp_ahesp(struct ulogd_pluginstance *pi) { - struct ulogd_key *ret = &pi->output[38]; - struct iphdr *iph = (struct iphdr *) pi->input[0].u.source->u.value.ptr; + struct ulogd_key *ret = &pi->output.keys[38]; + struct iphdr *iph = (struct iphdr *) + pi->input.keys[0].u.source->u.value.ptr; void *protoh = (u_int32_t *)iph + iph->ihl; #if 0 @@ -480,13 +484,14 @@ static int _interp_ahesp(struct ulogd_pluginstance *pi) ret[0].flags |= ULOGD_RETF_VALID; #endif - return ret; + return 0; } static int _interp_iphdr(struct ulogd_pluginstance *pi) { - struct ulogd_key *ret = pi->output; - struct iphdr *iph = (struct iphdr *) pi->input[0].u.source->u.value.ptr; + struct ulogd_key *ret = pi->output.keys; + struct iphdr *iph = (struct iphdr *) + pi->input.keys[0].u.source->u.value.ptr; ret[0].u.value.ui32 = ntohl(iph->saddr); ret[0].flags |= ULOGD_RETF_VALID; diff --git a/filter/ulogd_filter_IFINDEX.c b/filter/ulogd_filter_IFINDEX.c index dc4ea46..886592b 100644 --- a/filter/ulogd_filter_IFINDEX.c +++ b/filter/ulogd_filter_IFINDEX.c @@ -54,8 +54,8 @@ static struct ulogd_key ifindex_inp[] = { static int interp_ifindex(struct ulogd_pluginstance *pi) { - struct ulogd_key *ret = pi->output; - struct ulogd_key *inp = pi->input; + struct ulogd_key *ret = pi->output.keys; + struct ulogd_key *inp = pi->input.keys; ret[0].u.value.ptr = ifindex_2name(inp[0].u.source->u.value.ui32); ret[0].flags |= ULOGD_RETF_VALID; diff --git a/filter/ulogd_filter_PWSNIFF.c b/filter/ulogd_filter_PWSNIFF.c index 2296929..7e417da 100644 --- a/filter/ulogd_filter_PWSNIFF.c +++ b/filter/ulogd_filter_PWSNIFF.c @@ -60,8 +60,8 @@ static unsigned char *_get_next_blank(unsigned char* begp, unsigned char *endp) static int interp_pwsniff(struct ulogd_pluginstance *pi) { - struct ulogd_key *inp = pi->input; - struct ulogd_key *ret = pi->output; + struct ulogd_key *inp = pi->input.keys; + struct ulogd_key *ret = pi->output.keys; struct iphdr *iph; void *protoh; struct tcphdr *tcph; @@ -69,10 +69,10 @@ static int interp_pwsniff(struct ulogd_pluginstance *pi) unsigned char *ptr, *begp, *pw_begp, *endp, *pw_endp; int len, pw_len, i, cont = 0; - if (!IS_VALID(pi->input[0])) + if (!IS_VALID(pi->input.keys[0])) return 0; - iph = (struct iphdr *) pi->input[0].u.value.ptr; + iph = (struct iphdr *) pi->input.keys[0].u.value.ptr; protoh = (u_int32_t *)iph + iph->ihl; tcph = protoh; tcplen = ntohs(iph->tot_len) - iph->ihl * 4; diff --git a/include/ulogd/ulogd.h b/include/ulogd/ulogd.h index 6ca6a6e..ad8f9f3 100644 --- a/include/ulogd/ulogd.h +++ b/include/ulogd/ulogd.h @@ -73,7 +73,7 @@ enum ulogd_dtype { ULOGD_DTYPE_NULL = 0x0000, ULOGD_DTYPE_SOURCE = 0x0001, /* source of data, no input keys */ - ULOGD_DTYPE_RAW, = 0x0002, /* raw packet data */ + ULOGD_DTYPE_RAW = 0x0002, /* raw packet data */ ULOGD_DTYPE_PACKET = 0x0004, /* packet metadata */ ULOGD_DTYPE_FLOW = 0x0008, /* flow metadata */ ULOGD_DTYPE_SINK = 0x0010, /* sink of data, no output keys */ @@ -113,6 +113,15 @@ struct ulogd_key { } u; }; +struct ulogd_keyset { + /* possible input keys of this interpreter */ + struct ulogd_key *keys; + /* number of input keys */ + unsigned int num_keys; + /* bitmask of possible types */ + unsigned int type; +}; + struct ulogd_pluginstance_stack; struct ulogd_pluginstance; struct ulogd_plugin { @@ -121,25 +130,12 @@ struct ulogd_plugin { /* version */ char *version; /* name of this plugin (predefined by plugin) */ - char name[ULOGD_MAX_KEYLEN]; + char name[ULOGD_MAX_KEYLEN+1]; /* ID for this plugin (dynamically assigned) */ unsigned int id; - struct { - /* possible input keys of this interpreter */ - struct ulogd_key *keys; - /* number of input keys */ - unsigned int num_keys; - /* bitmask of possible types */ - unsigned int type; - } input; - struct { - /* possible input keys of this interpreter */ - struct ulogd_key *keys; - /* number of keys this interpreter has */ - unsigned int num_keys; - /* bitmask of possible types */ - unsigned int type; - } output; + + struct ulogd_keyset input; + struct ulogd_keyset output; /* function to call for each packet */ int (*interp)(struct ulogd_pluginstance *instance); @@ -175,11 +171,11 @@ struct ulogd_pluginstance { /* stack that we're part of */ struct ulogd_pluginstance_stack *stack; /* name / id of this instance*/ - char id[ULOGD_MAX_KEYLEN]; + char id[ULOGD_MAX_KEYLEN+1]; /* per-instance input keys */ - struct ulogd_key *input; + struct ulogd_keyset input; /* per-instance output keys */ - struct ulogd_key *output; + struct ulogd_keyset output; /* per-instance config parameters (array) */ struct config_keyset *config_kset; /* private data */ diff --git a/input/flow/ulogd_inpflow_NFCT.c b/input/flow/ulogd_inpflow_NFCT.c index 11d6f8d..50a7195 100644 --- a/input/flow/ulogd_inpflow_NFCT.c +++ b/input/flow/ulogd_inpflow_NFCT.c @@ -116,7 +116,7 @@ static int propagate_ct_flow(struct ulogd_pluginstance *upi, unsigned int flags, int dir) { - struct ulogd_key *ret = upi->output; + struct ulogd_key *ret = upi->output.keys; ret[0].u.value.ui32 = htonl(ct->tuple[dir].src.v4); ret[0].flags |= ULOGD_RETF_VALID; diff --git a/input/packet/ulogd_inppkt_NFLOG.c b/input/packet/ulogd_inppkt_NFLOG.c index 9116763..430cdd9 100644 --- a/input/packet/ulogd_inppkt_NFLOG.c +++ b/input/packet/ulogd_inppkt_NFLOG.c @@ -186,17 +186,18 @@ static struct ulogd_key output_keys[] = { static inline int interp_packet(struct ulogd_pluginstance *upi, struct nflog_data *ldata) { - struct ulogd_key *ret = upi->output; + struct ulogd_key *ret = upi->output.keys; struct nfulnl_msg_packet_hdr *ph = nflog_get_msg_packet_hdr(ldata); struct nfulnl_msg_packet_hw *hw = nflog_get_packet_hw(ldata); void *payload; int payload_len = nflog_get_payload(ldata, payload); char *prefix = nflog_get_prefix(ldata); - struct nfulnl_msg_packet_timestamp *ts = nflog_get_timestamp(ldata); + struct timeval ts; u_int32_t mark = nflog_get_nfmark(ldata); u_int32_t indev = nflog_get_indev(ldata); u_int32_t outdev = nflog_get_outdev(ldata); + if (ph) { /* FIXME */ @@ -231,11 +232,11 @@ interp_packet(struct ulogd_pluginstance *upi, struct nflog_data *ldata) /* god knows why timestamp_usec contains crap if timestamp_sec * == 0 if (pkt->timestamp_sec || pkt->timestamp_usec) { */ - if (ts && ts->sec) { + if (nflog_get_timestamp(ldata, &ts) == 0 && ts.tv_sec) { /* FIXME: convert endianness */ - ret[5].u.value.ui32 = ts->sec & 0xffffffff; + ret[5].u.value.ui32 = ts.tv_sec & 0xffffffff; ret[5].flags |= ULOGD_RETF_VALID; - ret[6].u.value.ui32 = ts->usec & 0xffffffff; + ret[6].u.value.ui32 = ts.tv_usec & 0xffffffff; ret[6].flags |= ULOGD_RETF_VALID; } @@ -273,7 +274,7 @@ static int nful_read_cb(int fd, unsigned int what, void *param) if (len < 0) return len; - nflog_handle_packet(ui->nful_h, ui->nfulog_buf, len); + nflog_handle_packet(ui->nful_h, (char *)ui->nfulog_buf, len); return 0; } diff --git a/input/packet/ulogd_inppkt_ULOG.c b/input/packet/ulogd_inppkt_ULOG.c index 7596c8e..74ac162 100644 --- a/input/packet/ulogd_inppkt_ULOG.c +++ b/input/packet/ulogd_inppkt_ULOG.c @@ -128,7 +128,7 @@ static int interp_packet(struct ulogd_pluginstance *ip, ulog_packet_msg_t *pkt) unsigned char *p; int i; char *buf, *oldbuf = NULL; - struct ulogd_key *ret = ip->output; + struct ulogd_key *ret = ip->output.keys; if (pkt->mac_len) { buf = (char *) malloc(3 * pkt->mac_len + 1); diff --git a/output/pcap/ulogd_output_PCAP.c b/output/pcap/ulogd_output_PCAP.c index fa2b955..90f7e0a 100644 --- a/output/pcap/ulogd_output_PCAP.c +++ b/output/pcap/ulogd_output_PCAP.c @@ -132,7 +132,7 @@ static struct ulogd_key pcap_keys[INTR_IDS] = { static int interp_pcap(struct ulogd_pluginstance *upi) { struct pcap_instance *pi = (struct pcap_instance *) &upi->private; - struct ulogd_key *res = upi->input; + struct ulogd_key *res = upi->input.keys; struct pcap_sf_pkthdr pchdr; pchdr.caplen = GET_VALUE(res, 1).ui32; @@ -208,7 +208,7 @@ static int append_create_outfile(struct ulogd_pluginstance *upi) strerror(errno)); return -EPERM; } - if (!write_pcap_header(upi)) { + if (!write_pcap_header(pi)) { ulogd_log(ULOGD_ERROR, "can't write pcap header: %s\n", strerror(errno)); return -ENOSPC; diff --git a/output/ulogd_output_LOGEMU.c b/output/ulogd_output_LOGEMU.c index e46a19c..4be4807 100644 --- a/output/ulogd_output_LOGEMU.c +++ b/output/ulogd_output_LOGEMU.c @@ -66,7 +66,7 @@ struct logemu_instance { static int _output_logemu(struct ulogd_pluginstance *upi) { struct logemu_instance *li = (struct logemu_instance *) &upi->private; - struct ulogd_key *res = upi->input; + struct ulogd_key *res = upi->input.keys; static char buf[4096]; printpkt_print(res, buf, 1); diff --git a/output/ulogd_output_OPRINT.c b/output/ulogd_output_OPRINT.c index a35634a..89a8095 100644 --- a/output/ulogd_output_OPRINT.c +++ b/output/ulogd_output_OPRINT.c @@ -55,7 +55,7 @@ static int oprint_interp(struct ulogd_pluginstance *upi) fprintf(opi->of, "===>PACKET BOUNDARY\n"); for (i = 0; i < upi->plugin->input.num_keys; i++) { - struct ulogd_key *ret = upi->input[i].u.source; + struct ulogd_key *ret = upi->input.keys[i].u.source; if (!IS_VALID(*ret)) continue; @@ -152,8 +152,8 @@ static int oprint_configure(struct ulogd_pluginstance *upi, } ulogd_log(ULOGD_DEBUG, "allocating %u input keys\n", num_keys); - upi->input = malloc(sizeof(struct ulogd_key) * num_keys); - if (!upi->input) + upi->input.keys = malloc(sizeof(struct ulogd_key) * num_keys); + if (!upi->input.keys) return -ENOMEM; /* second pass: copy key names */ @@ -162,13 +162,13 @@ static int oprint_configure(struct ulogd_pluginstance *upi, int i; for (i = 0; i < pi_cur->plugin->output.num_keys; i++) - upi->input[index++] = pi_cur->output[i]; + upi->input.keys[index++] = pi_cur->output.keys[i]; } config_parse_file(upi->id, upi->config_kset); - /* FIXME: the count needs to be per-instance */ - upi->plugin->input.num_keys = num_keys; + /* the count needs to be per-instance */ + upi->input.num_keys = num_keys; return 0; } diff --git a/output/ulogd_output_SYSLOG.c b/output/ulogd_output_SYSLOG.c index 2ee1ae0..66a140e 100644 --- a/output/ulogd_output_SYSLOG.c +++ b/output/ulogd_output_SYSLOG.c @@ -66,7 +66,7 @@ struct syslog_instance { static int _output_syslog(struct ulogd_pluginstance *upi) { struct syslog_instance *li = (struct syslog_instance *) &upi->private; - struct ulogd_key *res = upi->input; + struct ulogd_key *res = upi->input.keys; static char buf[4096]; printpkt_print(res, buf, 0); diff --git a/src/ulogd.c b/src/ulogd.c index 614d965..7c2e055 100644 --- a/src/ulogd.c +++ b/src/ulogd.c @@ -207,7 +207,7 @@ void __ulogd_log(int level, char *file, int line, const char *format, ...) if (level < loglevel_ce.u.value) return; - if (logfile == &syslog_dummy) { + if (logfile == syslog_dummy) { /* FIXME: this omits the 'file' string */ va_start(ap, format); vsyslog(ulogd2syslog_level(level), format, ap); @@ -328,16 +328,18 @@ pluginstance_alloc_init(struct ulogd_plugin *pl, char *pi_id, /* copy input keys */ if (pl->input.num_keys) { - pi->input = ptr; - memcpy(pi->input, pl->input.keys, + pi->input.num_keys = pl->input.num_keys; + pi->input.keys = ptr; + memcpy(pi->input.keys, pl->input.keys, pl->input.num_keys * sizeof(struct ulogd_key)); ptr += pl->input.num_keys * sizeof(struct ulogd_key); } /* copy input keys */ if (pl->output.num_keys) { - pi->output = ptr; - memcpy(pi->output, pl->output.keys, + pi->output.num_keys = pl->output.num_keys; + pi->output.keys = ptr; + memcpy(pi->output.keys, pl->output.keys, pl->output.num_keys * sizeof(struct ulogd_key)); } @@ -370,8 +372,8 @@ find_okey_in_stack(char *name, if ((void *)&pi->list == &stack->list) return NULL; - for (i = 0; i < pi->plugin->output.num_keys; i++) { - struct ulogd_key *okey = &pi->output[i]; + for (i = 0; i < pi->output.num_keys; i++) { + struct ulogd_key *okey = &pi->output.keys[i]; if (!strcmp(name, okey->name)) { ulogd_log(ULOGD_DEBUG, "%s(%s)\n", pi->id, pi->plugin->name); @@ -444,9 +446,9 @@ create_stack_resolve_keys(struct ulogd_pluginstance_stack *stack) pi_prev->plugin->name); } - for (j = 0; j < pi_cur->plugin->input.num_keys; j++) { + for (j = 0; j < pi_cur->input.num_keys; j++) { struct ulogd_key *okey; - struct ulogd_key *ikey = &pi_cur->input[j]; + struct ulogd_key *ikey = &pi_cur->input.keys[j]; /* skip those marked as 'inactive' by * pl->configure() */ @@ -706,7 +708,7 @@ static void signal_handler(int signal) deliver_signal_pluginstances(signal); /* reopen logfile */ - if (logfile != stdout && logfile != &syslog_dummy) { + if (logfile != stdout && logfile != syslog_dummy) { fclose(logfile); logfile = fopen(logfile_ce.u.string, "a"); if (!logfile) @@ -842,7 +844,7 @@ int main(int argc, char* argv[]) if (fork()) { exit(0); } - if (logfile != stdout && logfile != &syslog_dummy) + if (logfile != stdout && logfile != syslog_dummy) fclose(stdout); fclose(stderr); fclose(stdin); |