summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--include/libnetfilter_log/libnetfilter_log.h16
-rw-r--r--src/libnetfilter_log.c77
-rw-r--r--utils/nfulnl_test.c55
3 files changed, 113 insertions, 35 deletions
diff --git a/include/libnetfilter_log/libnetfilter_log.h b/include/libnetfilter_log/libnetfilter_log.h
index 7866288..64904bb 100644
--- a/include/libnetfilter_log/libnetfilter_log.h
+++ b/include/libnetfilter_log/libnetfilter_log.h
@@ -14,6 +14,7 @@
struct nflog_handle;
struct nflog_g_handle;
+struct nflog_data;
extern int nflog_errno;
@@ -21,7 +22,7 @@ extern struct nfnl_handle *nflog_nfnlh(struct nflog_handle *h);
extern int nflog_fd(struct nflog_handle *h);
typedef int nflog_callback(struct nflog_g_handle *gh, struct nfgenmsg *nfmsg,
- struct nfattr *nfa[], void *data);
+ struct nflog_data *nfd, void *data);
extern struct nflog_handle *nflog_open(void);
@@ -44,4 +45,17 @@ extern int nflog_callback_register(struct nflog_g_handle *gh,
nflog_callback *cb, void *data);
extern int nflog_handle_packet(struct nflog_handle *h, char *buf, int len);
+
+extern struct nfulnl_msg_packet_hdr *nflog_get_msg_packet_hdr(struct nflog_data *nfad);
+extern u_int32_t nflog_get_nfmark(struct nflog_data *nfad);
+extern struct nfulnl_msg_packet_timestamp *nflog_get_timestamp(struct nflog_data *nfad);
+extern u_int32_t nflog_get_indev(struct nflog_data *nfad);
+extern u_int32_t nflog_get_physindev(struct nflog_data *nfad);
+extern u_int32_t nflog_get_outdev(struct nflog_data *nfad);
+extern u_int32_t nflog_get_physoutdev(struct nflog_data *nfad);
+extern struct nfulnl_msg_packet_hw *nflog_get_packet_hw(struct nflog_data *nfad);
+extern int nflog_get_payload(struct nflog_data *nfad, char **data);
+extern char *nflog_get_prefix(struct nflog_data *nfad);
+extern int nflog_get_uid(struct nflog_data *nfad, u_int32_t *uid);
+
#endif /* __LIBNETFILTER_LOG_H */
diff --git a/src/libnetfilter_log.c b/src/libnetfilter_log.c
index cb3ed4b..7d5900e 100644
--- a/src/libnetfilter_log.c
+++ b/src/libnetfilter_log.c
@@ -44,6 +44,11 @@ struct nflog_g_handle
void *data;
};
+struct nflog_data
+{
+ struct nfattr **nfa;
+};
+
int nflog_errno;
/***********************************************************************
@@ -118,6 +123,7 @@ static int __nflog_rcv_pkt(struct nlmsghdr *nlh, struct nfattr *nfa[],
struct nflog_handle *h = data;
u_int16_t group = ntohs(nfmsg->res_id);
struct nflog_g_handle *gh = find_gh(h, group);
+ struct nflog_data nfldata;
if (!gh)
return -ENODEV;
@@ -125,7 +131,8 @@ static int __nflog_rcv_pkt(struct nlmsghdr *nlh, struct nfattr *nfa[],
if (!gh->cb)
return -ENODEV;
- return gh->cb(gh, nfmsg, nfa, gh->data);
+ nfldata.nfa = nfa;
+ return gh->cb(gh, nfmsg, &nfldata, gh->data);
}
static struct nfnl_callback cmd_cb = {
@@ -321,3 +328,71 @@ int nflog_set_nlbufsiz(struct nflog_g_handle *gh, u_int32_t nlbufsiz)
return status;
}
+
+
+struct nfulnl_msg_packet_hdr *nflog_get_msg_packet_hdr(struct nflog_data *nfad)
+{
+ return nfnl_get_pointer_to_data(nfad->nfa, NFULA_PACKET_HDR,
+ struct nfulnl_msg_packet_hdr);
+}
+
+u_int32_t nflog_get_nfmark(struct nflog_data *nfad)
+{
+ return ntohl(nfnl_get_data(nfad->nfa, NFULA_MARK, u_int32_t));
+}
+
+struct nfulnl_msg_packet_timestamp *nflog_get_timestamp(struct nflog_data *nfad)
+{
+ return nfnl_get_pointer_to_data(nfad->nfa, NFULA_TIMESTAMP,
+ struct nfulnl_msg_packet_timestamp);
+}
+
+u_int32_t nflog_get_indev(struct nflog_data *nfad)
+{
+ return ntohl(nfnl_get_data(nfad->nfa, NFULA_IFINDEX_INDEV, u_int32_t));
+}
+
+u_int32_t nflog_get_physindev(struct nflog_data *nfad)
+{
+ return ntohl(nfnl_get_data(nfad->nfa, NFULA_IFINDEX_PHYSINDEV, u_int32_t));
+}
+
+u_int32_t nflog_get_outdev(struct nflog_data *nfad)
+{
+ return ntohl(nfnl_get_data(nfad->nfa, NFULA_IFINDEX_OUTDEV, u_int32_t));
+}
+
+u_int32_t nflog_get_physoutdev(struct nflog_data *nfad)
+{
+ return ntohl(nfnl_get_data(nfad->nfa, NFULA_IFINDEX_PHYSOUTDEV, u_int32_t));
+}
+
+struct nfulnl_msg_packet_hw *nflog_get_packet_hw(struct nflog_data *nfad)
+{
+ return nfnl_get_pointer_to_data(nfad->nfa, NFULA_HWADDR,
+ struct nfulnl_msg_packet_hw);
+}
+
+int nflog_get_payload(struct nflog_data *nfad, char **data)
+{
+ *data = nfnl_get_pointer_to_data(nfad->nfa, NFULA_PAYLOAD, char);
+ if (*data)
+ return NFA_PAYLOAD(nfad->nfa[NFULA_PAYLOAD-1]);
+
+ return -1;
+}
+
+char *nflog_get_prefix(struct nflog_data *nfad)
+{
+ return nfnl_get_pointer_to_data(nfad->nfa, NFULA_PREFIX, char);
+}
+
+int nflog_get_uid(struct nflog_data *nfad, u_int32_t *uid)
+{
+ if (!nfnl_attr_present(nfad->nfa, NFULA_UID))
+ return -1;
+
+ *uid = ntohl(nfnl_get_data(nfad->nfa, NFULA_UID, u_int32_t));
+ return 0;
+}
+
diff --git a/utils/nfulnl_test.c b/utils/nfulnl_test.c
index 69245df..f9da4f3 100644
--- a/utils/nfulnl_test.c
+++ b/utils/nfulnl_test.c
@@ -6,53 +6,42 @@
#include <libnetfilter_log/libnetfilter_log.h>
-static int print_pkt(struct nfattr *tb[])
+static int print_pkt(struct nflog_data *ldata)
{
- if (tb[NFULA_PACKET_HDR-1]) {
- struct nfulnl_msg_packet_hdr *ph =
- NFA_DATA(tb[NFULA_PACKET_HDR-1]);
+ struct nfulnl_msg_packet_hdr *ph = nflog_get_msg_packet_hdr(ldata);
+ u_int32_t mark = nflog_get_nfmark(ldata);
+ u_int32_t indev = nflog_get_indev(ldata);
+ u_int32_t outdev = nflog_get_outdev(ldata);
+ char *prefix = nflog_get_prefix(ldata);
+ void *payload;
+ int payload_len = nflog_get_payload(ldata, payload);
+
+ if (ph) {
printf("hw_protocol=0x%04x hook=%u ",
ntohs(ph->hw_protocol), ph->hook);
}
- if (tb[NFULA_MARK-1]) {
- u_int32_t mark =
- ntohl(*(u_int32_t *)NFA_DATA(tb[NFULA_MARK-1]));
- printf("mark=%u ", mark);
- }
+ printf("mark=%u ", mark);
- if (tb[NFULA_IFINDEX_INDEV-1]) {
- u_int32_t ifi = ntohl(*(u_int32_t *)NFA_DATA(tb[NFULA_IFINDEX_INDEV-1]));
- printf("indev=%u ", ifi);
- }
- if (tb[NFULA_IFINDEX_OUTDEV-1]) {
- u_int32_t ifi = ntohl(*(u_int32_t *)NFA_DATA(tb[NFULA_IFINDEX_OUTDEV-1]));
- printf("outdev=%u ", ifi);
- }
-#if 0
- if (tb[NFULA_IFINDEX_PHYSINDEV-1]) {
- u_int32_t ifi = ntohl(*(u_int32_t *)NFA_DATA(tb[NFULA_IFINDEX_PHYSINDEV-1]));
- printf("physindev=%u ", ifi);
- }
- if (tb[NFULA_IFINDEX_PHYSOUTDEV-1]) {
- u_int32_t ifi = ntohl(*(u_int32_t *)NFA_DATA(tb[NFULA_IFINDEX_PHYSOUTDEV-1]));
- printf("physoutdev=%u ", ifi);
- }
-#endif
- if (tb[NFULA_PREFIX-1]) {
- char *prefix = NFA_DATA(tb[NFULA_PREFIX-1]);
+ if (indev > 0)
+ printf("indev=%u ", indev);
+
+ if (outdev > 0)
+ printf("outdev=%u ", outdev);
+
+
+ if (prefix) {
printf("prefix=\"%s\" ", prefix);
}
- if (tb[NFULA_PAYLOAD-1]) {
- printf("payload_len=%d ", NFA_PAYLOAD(tb[NFULA_PAYLOAD-1]));
- }
+ if (payload_len >= 0)
+ printf("payload_len=%d ", payload_len);
fputc('\n', stdout);
return 0;
}
static int cb(struct nflog_g_handle *gh, struct nfgenmsg *nfmsg,
- struct nfattr *nfa[], void *data)
+ struct nflog_data *nfa, void *data)
{
print_pkt(nfa);
}