From 325b7d44124f57674dcaa4088e67238996a5a03b Mon Sep 17 00:00:00 2001 From: "/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org" Date: Tue, 23 May 2006 09:00:01 +0000 Subject: Add a printflow plugin is similar to the PRINTPKT plugin, but for flows. It's output is compatible with the SYSLOG and LOGEMU plugins. (Philip Craig) --- filter/Makefile.am | 5 +++- filter/ulogd_filter_PRINTFLOW.c | 66 +++++++++++++++++++++++++++++++++++++++++ 2 files changed, 70 insertions(+), 1 deletion(-) create mode 100644 filter/ulogd_filter_PRINTFLOW.c (limited to 'filter') diff --git a/filter/Makefile.am b/filter/Makefile.am index 8c2a37d..b3207f9 100644 --- a/filter/Makefile.am +++ b/filter/Makefile.am @@ -5,7 +5,7 @@ INCLUDES = $(all_includes) -I$(top_srcdir)/include noinst_HEADERS = rtnl.h iftable.h pkglib_LTLIBRARIES = ulogd_filter_IFINDEX.la ulogd_filter_PWSNIFF.la \ - ulogd_filter_PRINTPKT.la + ulogd_filter_PRINTPKT.la ulogd_filter_PRINTFLOW.la ulogd_filter_IFINDEX_la_SOURCES = ulogd_filter_IFINDEX.c rtnl.c iftable.c ulogd_filter_IFINDEX_la_LDFLAGS = -module @@ -15,3 +15,6 @@ ulogd_filter_PWSNIFF_la_LDFLAGS = -module ulogd_filter_PRINTPKT_la_SOURCES = ulogd_filter_PRINTPKT.c ../util/printpkt.c ulogd_filter_PRINTPKT_la_LDFLAGS = -module + +ulogd_filter_PRINTFLOW_la_SOURCES = ulogd_filter_PRINTFLOW.c ../util/printflow.c +ulogd_filter_PRINTFLOW_la_LDFLAGS = -module diff --git a/filter/ulogd_filter_PRINTFLOW.c b/filter/ulogd_filter_PRINTFLOW.c new file mode 100644 index 0000000..181c09e --- /dev/null +++ b/filter/ulogd_filter_PRINTFLOW.c @@ -0,0 +1,66 @@ +/* ulogd_filter_PRINTFLOW.c, Version $Revision: 1.1 $ + * + * This target produces entries similar to the LOG target, but for flows. + * + * (C) 2006 by Philip Craig + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2 + * as published by the Free Software Foundation + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +#include +#include + +static struct ulogd_key printflow_outp[] = { + { + .type = ULOGD_RET_STRING, + .flags = ULOGD_RETF_NONE, + .name = "print", + }, +}; + +static int printflow_interp(struct ulogd_pluginstance *upi) +{ + struct ulogd_key *inp = upi->input.keys; + struct ulogd_key *ret = upi->output.keys; + static char buf[4096]; + + printflow_print(inp, buf); + ret[0].u.value.ptr = buf; + ret[0].flags |= ULOGD_RETF_VALID; + return 0; +} + +static struct ulogd_plugin printflow_plugin = { + .name = "PRINTFLOW", + .input = { + .keys = printflow_keys, + .num_keys = ARRAY_SIZE(printflow_keys), + .type = ULOGD_DTYPE_FLOW, + }, + .output = { + .keys = printflow_outp, + .num_keys = ARRAY_SIZE(printflow_outp), + .type = ULOGD_DTYPE_FLOW, + }, + .interp = &printflow_interp, + .version = ULOGD_VERSION, +}; + +void __attribute__ ((constructor)) init(void); + +void init(void) +{ + ulogd_register_plugin(&printflow_plugin); +} -- cgit v1.2.3