From 835110044bd970518e10b28348ce6619818ce363 Mon Sep 17 00:00:00 2001
From: Patrick McHardy
Date: Sun, 18 May 2008 18:35:35 +0200
Subject: Remove obsolete patches and files and move ulogd to repository
top-level directory
---
AUTHORS | 1 +
COPYING | 7 +-
Changes | 129 ++
Makefile.in | 85 ++
README | 70 +-
Rules.make.in | 50 +
TODO | 20 +-
aclocal.m4 | 130 ++
cftest/cftest.c | 30 +
cftest/test.txt | 3 +
conffile/Makefile.in | 21 +
conffile/conffile.c | 241 ++++
config.guess | 1407 ++++++++++++++++++
config.sub | 1505 ++++++++++++++++++++
configure.in | 273 ++++
contrib/ulog_query.php.gz | Bin 0 -> 2875 bytes
doc/Makefile.in | 51 +
doc/mysql.table | 55 +
doc/mysql.table.ipaddr-as-string | 58 +
doc/pgsql.table | 81 ++
doc/sqlite3.table | 22 +
doc/ulogd.html | 421 ++++++
doc/ulogd.sgml | 449 ++++++
extensions/Makefile.in | 37 +
extensions/chtons.h | 32 +
extensions/printpkt.c | 276 ++++
extensions/printpkt.h | 7 +
extensions/ulogd_BASE.c | 569 ++++++++
extensions/ulogd_LOCAL.c | 102 ++
extensions/ulogd_LOCALTIME.c | 0
extensions/ulogd_LOGEMU.c | 139 ++
extensions/ulogd_OPRINT.c | 149 ++
extensions/ulogd_PWSNIFF.c | 167 +++
extensions/ulogd_SYSLOG.c | 149 ++
include/ulogd/conffile.h | 66 +
include/ulogd/ulogd.h | 162 +++
install-sh | 251 ++++
iptables/Makefile | 10 -
iptables/libipt_ULOG.c | 207 ---
kernel-ULOG-2.4.0-test4.diff | 229 ---
kernel-ULOG1-to-ULOG2.diff | 210 ---
kernel/Makefile | 8 -
kernel/ipt_ULOG.c | 370 -----
kernel/ipt_ULOG.h | 46 -
libipulog/Makefile.in | 23 +
libipulog/include/libipulog/libipulog.h | 58 +
libipulog/include/linux/netfilter_ipv4/ipt_ULOG.h | 62 +
libipulog/libipulog.c | 256 ++++
libipulog/ulog_test.c | 84 ++
mysql/Makefile.in | 30 +
mysql/ulogd_MYSQL.c | 525 +++++++
pcap/Makefile.in | 30 +
pcap/ulogd_PCAP.c | 286 ++++
pgsql/Makefile.in | 30 +
pgsql/ulogd_PGSQL.c | 543 +++++++
plain-2.4.0-to-ulog2.diff | 263 ----
sqlite3/Makefile.in | 29 +
sqlite3/ulogd_SQLITE3.c | 435 ++++++
ulogd.8 | 64 +
ulogd.c | 826 +++++++++++
ulogd.conf.in | 82 ++
ulogd.init | 61 +
ulogd.logrotate | 7 +
ulogd.spec | 143 ++
ulogd/AUTHORS | 1 -
ulogd/COPYING | 340 -----
ulogd/Changes | 129 --
ulogd/Makefile.in | 85 --
ulogd/README | 97 --
ulogd/Rules.make.in | 50 -
ulogd/TODO | 37 -
ulogd/aclocal.m4 | 130 --
ulogd/cftest/cftest.c | 30 -
ulogd/cftest/test.txt | 3 -
ulogd/conffile/Makefile.in | 21 -
ulogd/conffile/conffile.c | 241 ----
ulogd/config.guess | 1407 ------------------
ulogd/config.sub | 1505 --------------------
ulogd/configure.in | 273 ----
ulogd/contrib/ulog_query.php.gz | Bin 2875 -> 0 bytes
ulogd/doc/Makefile.in | 51 -
ulogd/doc/mysql.table | 55 -
ulogd/doc/mysql.table.ipaddr-as-string | 58 -
ulogd/doc/pgsql.table | 81 --
ulogd/doc/sqlite3.table | 22 -
ulogd/doc/ulogd.html | 421 ------
ulogd/doc/ulogd.sgml | 449 ------
ulogd/extensions/Makefile.in | 37 -
ulogd/extensions/chtons.h | 32 -
ulogd/extensions/printpkt.c | 276 ----
ulogd/extensions/printpkt.h | 7 -
ulogd/extensions/ulogd_BASE.c | 569 --------
ulogd/extensions/ulogd_LOCAL.c | 102 --
ulogd/extensions/ulogd_LOCALTIME.c | 0
ulogd/extensions/ulogd_LOGEMU.c | 139 --
ulogd/extensions/ulogd_OPRINT.c | 149 --
ulogd/extensions/ulogd_PWSNIFF.c | 167 ---
ulogd/extensions/ulogd_SYSLOG.c | 149 --
ulogd/include/ulogd/conffile.h | 66 -
ulogd/include/ulogd/ulogd.h | 162 ---
ulogd/install-sh | 251 ----
ulogd/libipulog/Makefile.in | 23 -
ulogd/libipulog/include/libipulog/libipulog.h | 58 -
.../include/linux/netfilter_ipv4/ipt_ULOG.h | 62 -
ulogd/libipulog/libipulog.c | 256 ----
ulogd/libipulog/ulog_test.c | 84 --
ulogd/mysql/Makefile.in | 30 -
ulogd/mysql/ulogd_MYSQL.c | 525 -------
ulogd/pcap/Makefile.in | 30 -
ulogd/pcap/ulogd_PCAP.c | 286 ----
ulogd/pgsql/Makefile.in | 30 -
ulogd/pgsql/ulogd_PGSQL.c | 543 -------
ulogd/sqlite3/Makefile.in | 29 -
ulogd/sqlite3/ulogd_SQLITE3.c | 435 ------
ulogd/ulogd.8 | 64 -
ulogd/ulogd.c | 826 -----------
ulogd/ulogd.conf.in | 82 --
ulogd/ulogd.init | 61 -
ulogd/ulogd.logrotate | 7 -
ulogd/ulogd.spec | 143 --
120 files changed, 10752 insertions(+), 12546 deletions(-)
create mode 100644 AUTHORS
create mode 100644 Changes
create mode 100644 Makefile.in
create mode 100644 Rules.make.in
create mode 100644 aclocal.m4
create mode 100644 cftest/cftest.c
create mode 100644 cftest/test.txt
create mode 100644 conffile/Makefile.in
create mode 100644 conffile/conffile.c
create mode 100755 config.guess
create mode 100755 config.sub
create mode 100644 configure.in
create mode 100644 contrib/ulog_query.php.gz
create mode 100644 doc/Makefile.in
create mode 100644 doc/mysql.table
create mode 100644 doc/mysql.table.ipaddr-as-string
create mode 100644 doc/pgsql.table
create mode 100644 doc/sqlite3.table
create mode 100644 doc/ulogd.html
create mode 100644 doc/ulogd.sgml
create mode 100644 extensions/Makefile.in
create mode 100644 extensions/chtons.h
create mode 100644 extensions/printpkt.c
create mode 100644 extensions/printpkt.h
create mode 100644 extensions/ulogd_BASE.c
create mode 100644 extensions/ulogd_LOCAL.c
create mode 100644 extensions/ulogd_LOCALTIME.c
create mode 100644 extensions/ulogd_LOGEMU.c
create mode 100644 extensions/ulogd_OPRINT.c
create mode 100644 extensions/ulogd_PWSNIFF.c
create mode 100644 extensions/ulogd_SYSLOG.c
create mode 100644 include/ulogd/conffile.h
create mode 100644 include/ulogd/ulogd.h
create mode 100755 install-sh
delete mode 100644 iptables/Makefile
delete mode 100644 iptables/libipt_ULOG.c
delete mode 100644 kernel-ULOG-2.4.0-test4.diff
delete mode 100644 kernel-ULOG1-to-ULOG2.diff
delete mode 100644 kernel/Makefile
delete mode 100644 kernel/ipt_ULOG.c
delete mode 100644 kernel/ipt_ULOG.h
create mode 100644 libipulog/Makefile.in
create mode 100644 libipulog/include/libipulog/libipulog.h
create mode 100644 libipulog/include/linux/netfilter_ipv4/ipt_ULOG.h
create mode 100644 libipulog/libipulog.c
create mode 100644 libipulog/ulog_test.c
create mode 100644 mysql/Makefile.in
create mode 100644 mysql/ulogd_MYSQL.c
create mode 100644 pcap/Makefile.in
create mode 100644 pcap/ulogd_PCAP.c
create mode 100644 pgsql/Makefile.in
create mode 100644 pgsql/ulogd_PGSQL.c
delete mode 100644 plain-2.4.0-to-ulog2.diff
create mode 100644 sqlite3/Makefile.in
create mode 100644 sqlite3/ulogd_SQLITE3.c
create mode 100644 ulogd.8
create mode 100644 ulogd.c
create mode 100644 ulogd.conf.in
create mode 100755 ulogd.init
create mode 100644 ulogd.logrotate
create mode 100644 ulogd.spec
delete mode 100644 ulogd/AUTHORS
delete mode 100644 ulogd/COPYING
delete mode 100644 ulogd/Changes
delete mode 100644 ulogd/Makefile.in
delete mode 100644 ulogd/README
delete mode 100644 ulogd/Rules.make.in
delete mode 100644 ulogd/TODO
delete mode 100644 ulogd/aclocal.m4
delete mode 100644 ulogd/cftest/cftest.c
delete mode 100644 ulogd/cftest/test.txt
delete mode 100644 ulogd/conffile/Makefile.in
delete mode 100644 ulogd/conffile/conffile.c
delete mode 100755 ulogd/config.guess
delete mode 100755 ulogd/config.sub
delete mode 100644 ulogd/configure.in
delete mode 100644 ulogd/contrib/ulog_query.php.gz
delete mode 100644 ulogd/doc/Makefile.in
delete mode 100644 ulogd/doc/mysql.table
delete mode 100644 ulogd/doc/mysql.table.ipaddr-as-string
delete mode 100644 ulogd/doc/pgsql.table
delete mode 100644 ulogd/doc/sqlite3.table
delete mode 100644 ulogd/doc/ulogd.html
delete mode 100644 ulogd/doc/ulogd.sgml
delete mode 100644 ulogd/extensions/Makefile.in
delete mode 100644 ulogd/extensions/chtons.h
delete mode 100644 ulogd/extensions/printpkt.c
delete mode 100644 ulogd/extensions/printpkt.h
delete mode 100644 ulogd/extensions/ulogd_BASE.c
delete mode 100644 ulogd/extensions/ulogd_LOCAL.c
delete mode 100644 ulogd/extensions/ulogd_LOCALTIME.c
delete mode 100644 ulogd/extensions/ulogd_LOGEMU.c
delete mode 100644 ulogd/extensions/ulogd_OPRINT.c
delete mode 100644 ulogd/extensions/ulogd_PWSNIFF.c
delete mode 100644 ulogd/extensions/ulogd_SYSLOG.c
delete mode 100644 ulogd/include/ulogd/conffile.h
delete mode 100644 ulogd/include/ulogd/ulogd.h
delete mode 100755 ulogd/install-sh
delete mode 100644 ulogd/libipulog/Makefile.in
delete mode 100644 ulogd/libipulog/include/libipulog/libipulog.h
delete mode 100644 ulogd/libipulog/include/linux/netfilter_ipv4/ipt_ULOG.h
delete mode 100644 ulogd/libipulog/libipulog.c
delete mode 100644 ulogd/libipulog/ulog_test.c
delete mode 100644 ulogd/mysql/Makefile.in
delete mode 100644 ulogd/mysql/ulogd_MYSQL.c
delete mode 100644 ulogd/pcap/Makefile.in
delete mode 100644 ulogd/pcap/ulogd_PCAP.c
delete mode 100644 ulogd/pgsql/Makefile.in
delete mode 100644 ulogd/pgsql/ulogd_PGSQL.c
delete mode 100644 ulogd/sqlite3/Makefile.in
delete mode 100644 ulogd/sqlite3/ulogd_SQLITE3.c
delete mode 100644 ulogd/ulogd.8
delete mode 100644 ulogd/ulogd.c
delete mode 100644 ulogd/ulogd.conf.in
delete mode 100755 ulogd/ulogd.init
delete mode 100644 ulogd/ulogd.logrotate
delete mode 100644 ulogd/ulogd.spec
diff --git a/AUTHORS b/AUTHORS
new file mode 100644
index 0000000..dcc5998
--- /dev/null
+++ b/AUTHORS
@@ -0,0 +1 @@
+Harald Welte
diff --git a/COPYING b/COPYING
index a43ea21..eeb586b 100644
--- a/COPYING
+++ b/COPYING
@@ -2,7 +2,7 @@
Version 2, June 1991
Copyright (C) 1989, 1991 Free Software Foundation, Inc.
- 675 Mass Ave, Cambridge, MA 02139, USA
+ 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
Everyone is permitted to copy and distribute verbatim copies
of this license document, but changing it is not allowed.
@@ -279,7 +279,7 @@ POSSIBILITY OF SUCH DAMAGES.
END OF TERMS AND CONDITIONS
- Appendix: How to Apply These Terms to Your New Programs
+ How to Apply These Terms to Your New Programs
If you develop a new program, and you want it to be of the greatest
possible use to the public, the best way to achieve this is to make it
@@ -305,7 +305,8 @@ the "copyright" line and a pointer to where the full notice is found.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+
Also add information on how to contact you by electronic and paper mail.
diff --git a/Changes b/Changes
new file mode 100644
index 0000000..95bc457
--- /dev/null
+++ b/Changes
@@ -0,0 +1,129 @@
+Version 1.24 (2006-01-25)
+- Fix memory leak in postgresql plugin
+- Fix printing of "PROTO=XX" for XX != (TCP,UDP,ICMP,ESP)
+- Fix parsing of syslog log level
+- Add support for 'mysql_config' and 'pg_config' programs
+- Add support for 'lib64' to sqlite3 autoconf macros
+- Fix some gcc-4 warnings
+- Add reconnect support to mysql plugin
+- Fix pcap header on some architectures
+- Fix off-by-one-column error in sqlite3 plugin
+
+Version 1.23 (2005-04-18)
+- Add supprt for ulogd logging in syslog (the daemon log, not packet log)
+
+Version 1.22 (2005-03-07)
+- Fix postgresql endless loop (Jani Averbach)
+- Add postgrsql schema support (Bob Hockney)
+
+Version 1.21 (2005-02-16)
+- Fix compilation on certain gcc versions (Roberto Nibali)
+- Fix --log-ip-as-string for mysql, pgsql and sqlite3 (Jani Averbach)
+
+Version 1.20 (2005-02-12)
+- Add SQLITE3 Plugin
+- Add 'port' option (for tcp port number) to mysql and postgresql plugins
+- Cosmetic changes (c99 initializers, coding style)
+
+Version 1.10 (2003-Oct-xx)
+- Change format of configuration file. Now every plugin has it's own section
+ in the config file, making the whole parsing procedure easier - and
+ eliminating multiple loading of .so plugins. (Magnus Boden)
+- Make the config file format completely syntax compatible with .ini style files
+- Add a new 'SYSLOG' plugin for real syslogging
+
+Version 1.02 (2003-Oct-08)
+- fix printout of time information in ulogd_LOGEMU.c
+
+Version 1.01 (2003-Aug-23)
+- use $(LD) macro in order to provide cross-compiling/linking support
+- add 'rmem' configuration key to set the netlink socket rmem buffsize
+- don't use kernel header files for IP/TCP header definitions
+- various cosmetic cleanup to compile with -Wall
+- fix usage of libmysqlclient: call mysql_init() before mysql_real_connect
+- don't have LOGEMU read the system time, ulogd_LOCAL.so does this already
+
+Version 1.00 (2003-Mar-06)
+- update documentation to reflect recent additions
+- renamed LOCALTIME plugin to LOCAL plugin, since it now also returns
+ the hostname
+- cleanup #include statements
+- tcp.window is a 16bit value
+- always return tcp flags, even if they are not set [to not cause NULL entries
+ in the database table
+- cosmetic fixes to acommodate most compiler warnings
+- moved location of conffile.h and ulog.h
+- big update to ulogd_PGSQL.c
+- more verbose error reporting when unable to load plugin
+- print usage information
+- add '--configfile' directive to allow multiple instances with multiple
+ configfiles
+
+Version 0.98
+- Fix MAC address printing if there is none (by Andrej Ota)
+- Add PostgreSQL support by Jakab Laszlo
+- Add Version Number (-V) commandline option
+- Make MYBUFSIZ a runtime config directive (Bogdan Dobrota)
+- Fix daemonize function (call setsid() and close stdin)
+- Add ulogd_PCAP output plugin (to use ethereal/tcpdump/... on the logs)
+- Update documentation to reflect kernel inclusion of ipt_ULOG module
+- Add ulogd_LOCALTIME 'interpreter' for providing the timestamp at the
+ time of logging (Florent Aide)
+- Fix ulogd_LOGEMU 'PROTO=' printing in case of unknown l4 protocol
+- Add support for non-forking mode and logging to stderr (Alessandro Bono)
+
+Version 0.97
+- added error handling after ipulog_read() to prevent endless loops
+
+Version 0.96
+- support for old mysql versions (Alexander Janssen)
+- support for dotted-quad IP addresses in MySQL (Alexander Janssen)
+- added support for synchronous write to LOGEMU (Michael Stolovitzsky)
+- autoconf now checks for mysql .so libraries instead of static .a
+- autoconf now includes /usr/src/linux/include, because most distros
+ now have a glibc-provided /usr/include/linux :(
+- removed ./configure from CVS tree as it may cause inconsistencies
+- better commented example configuration file
+- Makefiles now know DESTDIR (for RPM packaging)
+- documentation now built at release-time, not compile time
+- support for logfile-rotating, using new SIGHUP handler
+
+Version 0.95
+- libipulog problems of 0.94 fixed
+- 1.0 now really soon
+
+Version 0.94
+- fixed stupid build problem because of missing libipulog
+ (i'll never try to be intelligent again ;))
+
+Version 0.93
+- fixes logfile bug: wrong filename and line numbers printed
+- fixes config file parsing, new generic get_word() in conffile.c
+- fixes bug in ulogd_LOGEMU.c on big-endian systems
+- fixes segfault when packet received but no interpreters registered
+ (reported by Drori Ghiora)
+- sigterm handler installed for clean shutdown
+- logfile now fflush()ed after each line printed
+- ulogd_LOGEMU now prints date and hostname, just as syslog does
+
+Version 0.92
+- fixes libipulog loop-bug (reported by Drori Ghiora)
+
+Version 0.91
+- changes for new kernel ULOG. Includes support for multilink netlink
+ messages.
+
+Version 0.9
+- configuration file routines
+- plugins are able to register new configfile keys
+- new MYSQL output plugin
+- new syslog compatibility output plugin
+
+Version 0.3
+
+- new PWSNIFF interpreter plugin
+- verbose error reporting
+
+Version 0.2
+
+- real daemon, we are forking now
diff --git a/Makefile.in b/Makefile.in
new file mode 100644
index 0000000..0f1845c
--- /dev/null
+++ b/Makefile.in
@@ -0,0 +1,85 @@
+RELEASE_DIR:=/tmp
+
+include @top_srcdir@/Rules.make
+CFLAGS+=-I@top_srcdir@/libipulog/include -I@top_srcdir@/include
+
+SUBDIRS=conffile libipulog extensions doc
+
+ifeq (x@MYSQLINCLUDES@,x)
+else
+SUBDIRS+=mysql
+endif
+
+ifeq (x@PGSQLINCLUDES@,x)
+else
+SUBDIRS+=pgsql
+endif
+
+ifeq (x@HAVE_PCAP_H@,x)
+else
+SUBDIRS+=pcap
+endif
+
+
+ULOGD_VERSION=1.23
+OLD_ULOGD_VERSION=1.22
+
+ifeq (x@SQLITE3INCLUDES@,x)
+else
+SUBDIRS+=sqlite3
+endif
+
+# Normally You should not need to change anything below
+
+all: recurse ulogd
+
+.PHONY: distclean
+distclean: clean
+ @for d in $(SUBDIRS); do if ! make -C $$d $@; then exit 1; fi; done
+ rm -f Makefile config.cache config.log config.status Rules.make
+
+.PHONY: docbuild
+docbuild:
+ make -C doc distrib
+
+.PHONY: distrib
+distrib: docbuild distclean delrelease $(RELEASE_DIR)/ulogd-$(ULOGD_VERSION).tar.bz2 diff
+
+.PHONY: delrelease
+delrelease:
+ rm -f $(RELEASE_DIR)/ulogd-$(ULOGD_VERSION).tar.bz2
+
+$(RELEASE_DIR)/ulogd-$(ULOGD_VERSION).tar.bz2:
+ cd .. && ln -sf ulogd ulogd-$(ULOGD_VERSION) && tar cvf - --exclude CVS --exclude .svn ulogd-$(ULOGD_VERSION)/. | bzip2 -9 > $@ && rm ulogd-$(ULOGD_VERSION)
+
+.PHONY: diff
+diff: $(RELEASE_DIR)/ulogd-$(ULOGD_VERSION).tar.bz2
+ @mkdir /tmp/diffdir
+ @cd /tmp/diffdir && tar -x --bzip2 -f $(RELEASE_DIR)/ulogd-$(ULOGD_VERSION).tar.bz2
+ @set -e; cd /tmp/diffdir; tar -x --bzip2 -f $(RELEASE_DIR)/ulogd-$(OLD_ULOGD_VERSION).tar.bz2; echo Creating patch-ulogd-$(OLD_ULOGD_VERSION)-$(ULOGD_VERSION).bz2; diff -urN ulogd-$(OLD_ULOGD_VERSION) ulogd-$(ULOGD_VERSION) | bzip2 -9 > $(RELEASE_DIR)/patch-ulogd-$(OLD_ULOGD_VERSION)-$(ULOGD_VERSION).bz2
+
+recurse:
+ @for d in $(SUBDIRS); do if ! make -C $$d; then exit 1; fi; done
+
+ulogd: ulogd.c $(LIBIPULOG) include/ulogd/ulogd.h conffile/conffile.o $(LIBIPULOG)/libipulog.a ulogd.conf
+ $(CC) $(CFLAGS) $(LDFLAGS) -rdynamic $< conffile/conffile.o $(LIBIPULOG)/libipulog.a -o $@ $(LIBS)
+
+edit = sed -e 's,@libdir\@,$(ULOGD_LIB_PATH),g'
+
+ulogd.conf: ulogd.conf.in
+ $(edit) ulogd.conf.in > ulogd.conf
+
+clean:
+# rm -f ulogd *.o extensions/*.o extensions/*.so conffile/*.o
+ rm -f ulogd ulogd.o ulogd.conf
+ @for d in $(SUBDIRS); do if ! make -C $$d $@; then exit 1; fi; done
+
+install: all
+ @for d in $(SUBDIRS); do if ! make -C $$d $@; then exit 1; fi; done
+ @[ -d $(DESTDIR)$(BINDIR) ] || mkdir -p $(DESTDIR)$(BINDIR)
+ @INSTALL@ -D -m 755 ulogd $(DESTDIR)$(BINDIR)/ulogd
+ @[ -d $(DESTDIR)$(ETCDIR) ] || mkdir -p $(DESTDIR)$(ETCDIR)
+ @[ -f $(DESTDIR)$(ETCDIR)/ulogd.conf ] || @INSTALL@ -D -m 600 ulogd.conf $(DESTDIR)$(ETCDIR)/ulogd.conf
+
+doc:
+ $(MAKE) -C $@
diff --git a/README b/README
index 04f8f71..3510007 100644
--- a/README
+++ b/README
@@ -1,12 +1,18 @@
-Userspace logging facility for netfilter / linux 2.4
-$Id: README,v 1.2 2000/09/22 06:57:16 laforge Exp $
+Userspace logging facility for iptables / linux 2.4
+$Id: README,v 1.7 2002/04/16 12:44:41 laforge Exp $
+
+Project Homepage: http://www.gnumonks.org/projects/ulogd
+Mailinglist: http://lists.gnumonks.org/mailman/listinfo/ulogd/
+
+This is just a short README, pleaes see the more extensive documentation
+in the doc/ subdirectory.
===> IDEA
This packages is intended for passing packets from the kernel to userspace
to do some logging there. It should work like that:
-- Register a target called ULOG with netfilter
+- Register a target called ULOG with iptables
- if the target is hit:
- send the packet out using netlink multicast facility
- return NF_CONTINUE immediately
@@ -19,42 +25,45 @@ More than one logging daemon may listen to the netlink multicast address.
===> CONTENTS
-The package is consisting out of three parts:
-
-NOTE:
-ipt_ULOG and libipt_ULOG are NOW INCLUDED IN NETFILTER patch-o-matic.
-I strongly recommend using the latest package or even CVS from
-http://netfilter.samba.org
-
-1. Netfilter target ipt_ULOG
-This is the kernel module which does the kernel part of packet passing to
-the userspace. This module is inserted on demand through the netfilter
-subsystem as soon as You add a rule with the target ULOG to any chain.
-
-2. iptables plugin (libipt_ULOG.so)
-This is a plugin for the netfilter configuration tool iptables. Just put
-it to /usr/local/lib/iptables and it is loaded on demand from iptables.
-
-3. Ulog library (libipulog.a)
+= Ulog library (libipulog.a)
Just a little library like libipq.a which provides a convenient way to
write userspace logging daemons. The functions provided are described
in the source code, a small demo program (ulog_test) is also included.
-4. ulogd daemon (ulogd)
+= ulogd daemon (ulogd)
A sophisticated logging daemon which uses libipulog. The daemon provides
an easy to use plugin interface to write additional packet interpreters and
output targets. Example plugins (interpreter: ip, tcp, icmp output: simple
logging to a file) are included.
+= documentation (doc)
+A quite verbose documentation of this package and it's configuration exists,
+please actually make use of it and read it :)
+
===> USAGE
-Just apply the kernel patch and enable the kernel config option
-CONFIG_IP_NF_TARGET_ULOG in the netfilter subsection of the network options.
-Then recompile the kernel or just recompile the netfilter modules using
-'make modules SUBDIRS=net/ipv4/netfilter'.
-Next step is installing the module using 'make modules_install'
+The kernel part of the userspace logging facility (ipt_ULOG.o) is included
+in kernels >= 2.4.18-pre8. If you are running older kernel versions, you MUST
+install the ulog-patch from netfilter patch-o-matic FIRST !!
+
+Please go to the netfilter homepage (http://www.netfilter.org/)
+and download the latest iptables package. There is a system called
+patch-o-matic, which manages recent netfilter development, which has
+not been included in the stock kernel yet.
+
+Just apply the ulog-patch from patch-o-matic (there is some documentation
+included in the iptables package how to use patch-o-matic).
-To use the iptables plugin, copy libipt_ULOG.so to /usr/local/lib/iptables
+Next you have to enable the kernel config option CONFIG_IP_NF_TARGET_ULOG in
+the netfilter subsection of the network options.
+
+Then recompile the kernel or just recompile the netfilter modules using 'make
+modules SUBDIRS=net/ipv4/netfilter'. Next step is installing the module using
+'make modules_install'
+
+It is also a good idea to recompile and re-install the iptables package,
+if you don't already have libipt_ULOG.so in /usr/local/lib/iptables or
+/usr/lib/iptables
Now You are ready to go. You may now insert logging rules to every chain.
To see the full syntax, type 'iptables -j ULOG -h'
@@ -72,14 +81,17 @@ group 32. All packets get tagged with the ulog prefix "inp"
iptables -A INPUT -j ULOG -p tcp --dport 80 --ulog-nlgroup 32 --ulog-prefix inp
-In the latest Version (0.2) I added another parameter (--ulog-cprange).
+Since version 0.2, I added another parameter (--ulog-cprange).
Using this parameter You are able to specify how much octets of the
packet should be copied from the kernel to userspace.
Setting --ulog-cprange to 0 does always copy the whole packet. Default is 0
===> COPYRIGHT + CREDITS
-The code is (C) 2000 by Harald Welte
+The code is (C) 2000-2003 by Harald Welte
+
+Thanks also to the valuable Contributions of Daniel Stone, Alexander
+Janssen and Michael Stolovitzsky.
Credits to Rusty Russel, James Morris, Marc Boucher and all the other
netfilter hackers.
diff --git a/Rules.make.in b/Rules.make.in
new file mode 100644
index 0000000..4a161a4
--- /dev/null
+++ b/Rules.make.in
@@ -0,0 +1,50 @@
+#
+
+prefix=@prefix@
+exec_prefix=@exec_prefix@
+ETCDIR=@sysconfdir@
+BINDIR=@sbindir@
+
+ULOGD_CONFIGFILE=@sysconfdir@/ulogd.conf
+
+ULOGD_LIB_PATH=@libdir@/ulogd
+
+# Path of libipulog (from iptables)
+LIBIPULOG=@top_srcdir@/libipulog
+INCIPULOG=-I@top_srcdir@/libipulog/include
+INCCONFFILE=-I@top_srcdir@/conffile
+
+CC=@CC@
+LD=@LD@
+INSTALL=@INSTALL@
+
+CFLAGS=@CFLAGS@ @CPPFLAGS@ -Wall
+CFLAGS+=-DULOGD_CONFIGFILE=\"$(ULOGD_CONFIGFILE)\"
+CFLAGS+=@KERNEL64_USERSPACE32@
+# doesn't work for subdirs
+CFLAGS+=$(INCIPULOG)
+#CFLAGS+=-I/lib/modules/`uname -r`/build/include
+CFLAGS+=@DEFS@
+#CFLAGS+=-g -DDEBUG -DDEBUG_MYSQL -DDEBUG_PGSQL
+
+LIBS=@LIBS@
+
+
+# Names of the plugins to be compiled
+ULOGD_SL:=BASE OPRINT PWSNIFF LOGEMU LOCAL SYSLOG
+
+# mysql output support
+#ULOGD_SL+=MYSQL
+MYSQL_CFLAGS=@MYSQLINCLUDES@ @EXTRA_MYSQL_DEF@
+MYSQL_LDFLAGS=$(LDFLAGS) @MYSQL_LIB@
+
+# postgreSQL output support
+#ULOGD_SL+=PGSQL
+PGSQL_CFLAGS=@PGSQLINCLUDES@ @EXTRA_PGSQL_DEF@
+PGSQL_LDFLAGS=$(LDFLAGS) @PGSQL_LIB@
+
+# mysql output support
+#ULOGD_SL+=SQLITE3
+SQLITE3_CFLAGS=@SQLITE3INCLUDES@ @EXTRA_SQLITE3_DEF@
+SQLITE3_LDFLAGS=$(LDFLAGS) @SQLITE3_LIB@
+
diff --git a/TODO b/TODO
index f305204..3ab6194 100644
--- a/TODO
+++ b/TODO
@@ -13,15 +13,25 @@ X add timer to flush queue in user-defineable time intervals
ulogd:
X MYSQL output plugin
X syslog compatibility output plugin
-- _fini() support for plugin destructors (needed for clean shutdown and
+- autoconf-detection of ipt_ULOG.h
+X _fini() support for plugin destructors (needed for clean shutdown and
SIGHUP configfile reload
X commandline option for "to fork or not to fork"
X various command line options (we don't even have --version)
- add support for capabilities to run as non-root
-- big endian fixes
-- man pages
+X big endian fixes
+X man pages
- IPv6 support (core and extensions)
-- make ULOGD_RET_RAW contain information about the size of the returned object
+X pcap output plugin (to use ethereal/tcpdump/... for the logs)
+- enable user to specify directory where to look for kernel include files
+- support for static linking
+- make core maintain a list of keyid's that all the output plugins are
+ interested. The interpreters would be called with their respective
+ section of that list, and only compute those values that are actually
+ used by any of the running output plugins
+- issues with ulogd_BASE and partially copied packets (--ulog-cprange)
+- problem wrt. ulogd_BASE and fragments
+- implement extension SIGHUP handlers (including config re-parse)
conffile:
-- rewrite. This stuff is a real mess.
+- rewrite parser. This stuff is a real mess. Anybody interested?
diff --git a/aclocal.m4 b/aclocal.m4
new file mode 100644
index 0000000..368464b
--- /dev/null
+++ b/aclocal.m4
@@ -0,0 +1,130 @@
+dnl aclocal.m4 generated automatically by aclocal 1.4
+
+dnl Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc.
+dnl This file is free software; the Free Software Foundation
+dnl gives unlimited permission to copy and/or distribute it,
+dnl with or without modifications, as long as this notice is preserved.
+
+dnl This program is distributed in the hope that it will be useful,
+dnl but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+dnl even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+dnl PARTICULAR PURPOSE.
+
+dnl aclocal.m4 generated automatically by aclocal 1.4
+
+dnl Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc.
+dnl This file is free software; the Free Software Foundation
+dnl gives unlimited permission to copy and/or distribute it,
+dnl with or without modifications, as long as this notice is preserved.
+
+dnl This program is distributed in the hope that it will be useful,
+dnl but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+dnl even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+dnl PARTICULAR PURPOSE.
+
+# Do all the work for Automake. This macro actually does too much --
+# some checks are only needed if your package does certain things.
+# But this isn't really a big deal.
+
+# serial 1
+
+dnl Usage:
+dnl AM_INIT_AUTOMAKE(package,version, [no-define])
+
+AC_DEFUN(AM_INIT_AUTOMAKE,
+[AC_REQUIRE([AC_PROG_INSTALL])
+PACKAGE=[$1]
+AC_SUBST(PACKAGE)
+VERSION=[$2]
+AC_SUBST(VERSION)
+dnl test to see if srcdir already configured
+if test "`cd $srcdir && pwd`" != "`pwd`" && test -f $srcdir/config.status; then
+ AC_MSG_ERROR([source directory already configured; run "make distclean" there first])
+fi
+ifelse([$3],,
+AC_DEFINE_UNQUOTED(PACKAGE, "$PACKAGE", [Name of package])
+AC_DEFINE_UNQUOTED(VERSION, "$VERSION", [Version number of package]))
+AC_REQUIRE([AM_SANITY_CHECK])
+AC_REQUIRE([AC_ARG_PROGRAM])
+dnl FIXME This is truly gross.
+missing_dir=`cd $ac_aux_dir && pwd`
+AM_MISSING_PROG(ACLOCAL, aclocal, $missing_dir)
+AM_MISSING_PROG(AUTOCONF, autoconf, $missing_dir)
+AM_MISSING_PROG(AUTOMAKE, automake, $missing_dir)
+AM_MISSING_PROG(AUTOHEADER, autoheader, $missing_dir)
+AM_MISSING_PROG(MAKEINFO, makeinfo, $missing_dir)
+AC_REQUIRE([AC_PROG_MAKE_SET])])
+
+#
+# Check to make sure that the build environment is sane.
+#
+
+AC_DEFUN(AM_SANITY_CHECK,
+[AC_MSG_CHECKING([whether build environment is sane])
+# Just in case
+sleep 1
+echo timestamp > conftestfile
+# Do `set' in a subshell so we don't clobber the current shell's
+# arguments. Must try -L first in case configure is actually a
+# symlink; some systems play weird games with the mod time of symlinks
+# (eg FreeBSD returns the mod time of the symlink's containing
+# directory).
+if (
+ set X `ls -Lt $srcdir/configure conftestfile 2> /dev/null`
+ if test "[$]*" = "X"; then
+ # -L didn't work.
+ set X `ls -t $srcdir/configure conftestfile`
+ fi
+ if test "[$]*" != "X $srcdir/configure conftestfile" \
+ && test "[$]*" != "X conftestfile $srcdir/configure"; then
+
+ # If neither matched, then we have a broken ls. This can happen
+ # if, for instance, CONFIG_SHELL is bash and it inherits a
+ # broken ls alias from the environment. This has actually
+ # happened. Such a system could not be considered "sane".
+ AC_MSG_ERROR([ls -t appears to fail. Make sure there is not a broken
+alias in your environment])
+ fi
+
+ test "[$]2" = conftestfile
+ )
+then
+ # Ok.
+ :
+else
+ AC_MSG_ERROR([newly created file is older than distributed files!
+Check your system clock])
+fi
+rm -f conftest*
+AC_MSG_RESULT(yes)])
+
+dnl AM_MISSING_PROG(NAME, PROGRAM, DIRECTORY)
+dnl The program must properly implement --version.
+AC_DEFUN(AM_MISSING_PROG,
+[AC_MSG_CHECKING(for working $2)
+# Run test in a subshell; some versions of sh will print an error if
+# an executable is not found, even if stderr is redirected.
+# Redirect stdin to placate older versions of autoconf. Sigh.
+if ($2 --version) < /dev/null > /dev/null 2>&1; then
+ $1=$2
+ AC_MSG_RESULT(found)
+else
+ $1="$3/missing $2"
+ AC_MSG_RESULT(missing)
+fi
+AC_SUBST($1)])
+
+
+# Define a conditional.
+
+AC_DEFUN(AM_CONDITIONAL,
+[AC_SUBST($1_TRUE)
+AC_SUBST($1_FALSE)
+if $2; then
+ $1_TRUE=
+ $1_FALSE='#'
+else
+ $1_TRUE='#'
+ $1_FALSE=
+fi])
+
diff --git a/cftest/cftest.c b/cftest/cftest.c
new file mode 100644
index 0000000..b99882b
--- /dev/null
+++ b/cftest/cftest.c
@@ -0,0 +1,30 @@
+#include
+#include
+#include "conffile.h"
+
+int bla(char *args)
+{
+ printf("bla called: %s\n", args);
+ return 0;
+}
+int main()
+{
+ config_entry_t e,f;
+ memset(&e, 0, sizeof(config_entry_t));
+ strcpy(e.key, "zeile");
+ e.u.parser = bla;
+ e.type = CONFIG_TYPE_CALLBACK;
+ config_register_key(&e);
+
+ strcpy(f.key, "spalte");
+ f.type = CONFIG_TYPE_STRING;
+ f.options |= CONFIG_OPT_MANDATORY;
+ f.u.str.string = (char *) malloc(100);
+ f.u.str.maxlen = 99;
+ config_register_key(&f);
+
+ config_parse_file("test.txt");
+ printf("SPALTE: %s\n", f.u.str.string);
+
+ exit(0);
+}
diff --git a/cftest/test.txt b/cftest/test.txt
new file mode 100644
index 0000000..3c0b663
--- /dev/null
+++ b/cftest/test.txt
@@ -0,0 +1,3 @@
+zeile zeile1
+spalte 0815
+asdfasf
diff --git a/conffile/Makefile.in b/conffile/Makefile.in
new file mode 100644
index 0000000..907e6a7
--- /dev/null
+++ b/conffile/Makefile.in
@@ -0,0 +1,21 @@
+#
+
+include @top_srcdir@/Rules.make
+CFLAGS+=-I@top_srcdir@/include/ulogd
+
+# Normally You should not need to change anything below
+
+all: conffile.o
+
+distrib:
+
+conffile.o: conffile.c
+ $(CC) $(CFLAGS) -c $< -o $@
+
+clean:
+ rm -f conffile.o
+
+distclean:
+ rm -f Makefile
+
+install: all
diff --git a/conffile/conffile.c b/conffile/conffile.c
new file mode 100644
index 0000000..d26c5ff
--- /dev/null
+++ b/conffile/conffile.c
@@ -0,0 +1,241 @@
+/* config file parser functions
+ *
+ * (C) 2000 by Harald Welte
+ *
+ * $Id: conffile.c,v 1.4 2001/09/01 11:51:53 laforge Exp $
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2
+ * as published by the Free Software Foundation
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ */
+
+#include
+#include
+#include
+#include "conffile.h"
+
+#ifdef DEBUG_CONF
+#define DEBUGC(format, args...) fprintf(stderr, format, ## args)
+#else
+#define DEBUGC(format, args...)
+#endif
+
+/* points to config entry with error */
+config_entry_t *config_errce = NULL;
+
+/* Filename of the config file */
+static char *fname = NULL;
+
+/* get_word() - Function to parse a line into words.
+ * Arguments: line line to parse
+ * delim possible word delimiters
+ * buf pointer to buffer where word is returned
+ * Return value: pointer to first char after word
+ * This function can deal with "" quotes
+ */
+static char *get_word(char *line, char *not, char *buf)
+{
+ char *p, *start = NULL, *stop = NULL;
+ int inquote = 0;
+
+ for (p = line; *p; p++) {
+ if (*p == '"') {
+ start = p + 1;
+ inquote = 1;
+ break;
+ }
+ if (!strchr(not, *p)) {
+ start = p;
+ break;
+ }
+ }
+ if (!start)
+ return NULL;
+
+ /* determine pointer to one char after word */
+ for (p = start; *p; p++) {
+ if (inquote) {
+ if (*p == '"') {
+ stop = p;
+ break;
+ }
+ } else {
+ if (strchr(not, *p)) {
+ stop = p;
+ break;
+ }
+ }
+ }
+ if (!stop)
+ return NULL;
+
+ strncpy(buf, start, (size_t) (stop-start));
+ *(buf + (stop-start)) = '\0';
+
+ /* skip quote character */
+ if (inquote)
+ /* yes, we can return stop + 1. If " was the last
+ * character in string, it now points to NULL-term */
+ return (stop + 1);
+
+ return stop;
+}
+
+#if 0
+/* do we have a config directive for this name */
+static int config_iskey(char *name)
+{
+ config_entry_t *ce;
+
+ for (ce = config; ce; ce = ce->next) {
+ if (!strcmp(name, ce->key))
+ return 0;
+ }
+
+ return 1;
+}
+#endif
+
+/***********************************************************************
+ * PUBLIC INTERFACE
+ ***********************************************************************/
+
+/* register config file with us */
+int config_register_file(const char *file)
+{
+ /* FIXME: stat of file */
+ if (fname)
+ return 1;
+
+ fname = (char *) malloc(strlen(file)+1);
+ if (!fname)
+ return -ERROOM;
+
+ strcpy(fname, file);
+
+ return 0;
+}
+
+/* parse config file */
+int config_parse_file(const char *section, config_entry_t *keys)
+{
+ FILE *cfile;
+ char *args;
+ config_entry_t *ce;
+ int err = 0;
+ int found = 0;
+ char linebuf[LINE_LEN+1];
+ char *line = linebuf;
+
+ cfile = fopen(fname, "r");
+ if (!cfile)
+ return -ERROPEN;
+
+ DEBUGC("prasing section [%s]\n", section);
+
+ /* Search for correct section */
+ while (fgets(line, LINE_LEN, cfile)) {
+ char wordbuf[LINE_LEN];
+ char *wordend;
+
+ if (*line == '#')
+ continue;
+
+ if (!(wordend = get_word(line, " \t\n[]", (char *) wordbuf)))
+ continue;
+ DEBUGC("word: \"%s\"\n", wordbuf);
+ if (!strcmp(wordbuf, section)) {
+ found = 1;
+ break;
+ }
+ }
+
+ if (!found) {
+ fclose(cfile);
+ return -ERRSECTION;
+ }
+
+ /* Parse this section until next section */
+ while (fgets(line, LINE_LEN, cfile))
+ {
+ char wordbuf[LINE_LEN];
+ char *wordend;
+
+ DEBUGC("line read: %s\n", line);
+ if (*line == '#')
+ continue;
+
+ if (!(wordend = get_word(line, " =\t\n", (char *) &wordbuf)))
+ continue;
+
+ if (wordbuf[0] == '[' ) {
+ DEBUGC("Next section '%s' encountered\n", wordbuf);
+ break;
+ }
+
+ DEBUGC("parse_file: entering main loop\n");
+ for (ce = keys; ce; ce = ce->next) {
+ DEBUGC("parse main loop, key: %s\n", ce->key);
+ if (strcmp(ce->key, (char *) &wordbuf)) {
+ continue;
+ }
+
+ wordend = get_word(wordend, " =\t\n", (char *) &wordbuf);
+ args = (char *)&wordbuf;
+
+ if (ce->hit && !(ce->options & CONFIG_OPT_MULTI))
+ {
+ DEBUGC("->ce-hit and option not multi!\n");
+ config_errce = ce;
+ err = -ERRMULT;
+ goto cpf_error;
+ }
+ ce->hit++;
+
+ switch (ce->type) {
+ case CONFIG_TYPE_STRING:
+ if (strlen(args) <
+ CONFIG_VAL_STRING_LEN ) {
+ strcpy(ce->u.string, args);
+ /* FIXME: what if not ? */
+ }
+ break;
+ case CONFIG_TYPE_INT:
+ ce->u.value = atoi(args);
+ break;
+ case CONFIG_TYPE_CALLBACK:
+ (ce->u.parser)(args);
+ break;
+ }
+ break;
+ }
+ DEBUGC("parse_file: exiting main loop\n");
+ }
+
+
+ for (ce = keys; ce; ce = ce->next) {
+ DEBUGC("ce post loop, ce=%s\n", ce->key);
+ if ((ce->options & CONFIG_OPT_MANDATORY) && (ce->hit == 0)) {
+ DEBUGC("Mandatory config directive \"%s\" not found\n",
+ ce->key);
+ config_errce = ce;
+ err = -ERRMAND;
+ goto cpf_error;
+ }
+
+ }
+
+cpf_error:
+ fclose(cfile);
+ return err;
+}
+
diff --git a/config.guess b/config.guess
new file mode 100755
index 0000000..0e30d56
--- /dev/null
+++ b/config.guess
@@ -0,0 +1,1407 @@
+#! /bin/sh
+# Attempt to guess a canonical system name.
+# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999,
+# 2000, 2001, 2002, 2003 Free Software Foundation, Inc.
+
+timestamp='2003-07-02'
+
+# This file is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+#
+# As a special exception to the GNU General Public License, if you
+# distribute this file as part of a program that contains a
+# configuration script generated by Autoconf, you may include it under
+# the same distribution terms that you use for the rest of that program.
+
+# Originally written by Per Bothner .
+# Please send patches to . Submit a context
+# diff and a properly formatted ChangeLog entry.
+#
+# This script attempts to guess a canonical system name similar to
+# config.sub. If it succeeds, it prints the system name on stdout, and
+# exits with 0. Otherwise, it exits with 1.
+#
+# The plan is that this can be called by configure scripts if you
+# don't specify an explicit build system type.
+
+me=`echo "$0" | sed -e 's,.*/,,'`
+
+usage="\
+Usage: $0 [OPTION]
+
+Output the configuration name of the system \`$me' is run on.
+
+Operation modes:
+ -h, --help print this help, then exit
+ -t, --time-stamp print date of last modification, then exit
+ -v, --version print version number, then exit
+
+Report bugs and patches to ."
+
+version="\
+GNU config.guess ($timestamp)
+
+Originally written by Per Bothner.
+Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001
+Free Software Foundation, Inc.
+
+This is free software; see the source for copying conditions. There is NO
+warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE."
+
+help="
+Try \`$me --help' for more information."
+
+# Parse command line
+while test $# -gt 0 ; do
+ case $1 in
+ --time-stamp | --time* | -t )
+ echo "$timestamp" ; exit 0 ;;
+ --version | -v )
+ echo "$version" ; exit 0 ;;
+ --help | --h* | -h )
+ echo "$usage"; exit 0 ;;
+ -- ) # Stop option processing
+ shift; break ;;
+ - ) # Use stdin as input.
+ break ;;
+ -* )
+ echo "$me: invalid option $1$help" >&2
+ exit 1 ;;
+ * )
+ break ;;
+ esac
+done
+
+if test $# != 0; then
+ echo "$me: too many arguments$help" >&2
+ exit 1
+fi
+
+trap 'exit 1' 1 2 15
+
+# CC_FOR_BUILD -- compiler used by this script. Note that the use of a
+# compiler to aid in system detection is discouraged as it requires
+# temporary files to be created and, as you can see below, it is a
+# headache to deal with in a portable fashion.
+
+# Historically, `CC_FOR_BUILD' used to be named `HOST_CC'. We still
+# use `HOST_CC' if defined, but it is deprecated.
+
+# Portable tmp directory creation inspired by the Autoconf team.
+
+set_cc_for_build='
+trap "exitcode=\$?; (rm -f \$tmpfiles 2>/dev/null; rmdir \$tmp 2>/dev/null) && exit \$exitcode" 0 ;
+trap "rm -f \$tmpfiles 2>/dev/null; rmdir \$tmp 2>/dev/null; exit 1" 1 2 13 15 ;
+: ${TMPDIR=/tmp} ;
+ { tmp=`(umask 077 && mktemp -d -q "$TMPDIR/cgXXXXXX") 2>/dev/null` && test -n "$tmp" && test -d "$tmp" ; } ||
+ { test -n "$RANDOM" && tmp=$TMPDIR/cg$$-$RANDOM && (umask 077 && mkdir $tmp) ; } ||
+ { tmp=$TMPDIR/cg-$$ && (umask 077 && mkdir $tmp) && echo "Warning: creating insecure temp directory" >&2 ; } ||
+ { echo "$me: cannot create a temporary directory in $TMPDIR" >&2 ; exit 1 ; } ;
+dummy=$tmp/dummy ;
+tmpfiles="$dummy.c $dummy.o $dummy.rel $dummy" ;
+case $CC_FOR_BUILD,$HOST_CC,$CC in
+ ,,) echo "int x;" > $dummy.c ;
+ for c in cc gcc c89 c99 ; do
+ if ($c -c -o $dummy.o $dummy.c) >/dev/null 2>&1 ; then
+ CC_FOR_BUILD="$c"; break ;
+ fi ;
+ done ;
+ if test x"$CC_FOR_BUILD" = x ; then
+ CC_FOR_BUILD=no_compiler_found ;
+ fi
+ ;;
+ ,,*) CC_FOR_BUILD=$CC ;;
+ ,*,*) CC_FOR_BUILD=$HOST_CC ;;
+esac ;'
+
+# This is needed to find uname on a Pyramid OSx when run in the BSD universe.
+# (ghazi@noc.rutgers.edu 1994-08-24)
+if (test -f /.attbin/uname) >/dev/null 2>&1 ; then
+ PATH=$PATH:/.attbin ; export PATH
+fi
+
+UNAME_MACHINE=`(uname -m) 2>/dev/null` || UNAME_MACHINE=unknown
+UNAME_RELEASE=`(uname -r) 2>/dev/null` || UNAME_RELEASE=unknown
+UNAME_SYSTEM=`(uname -s) 2>/dev/null` || UNAME_SYSTEM=unknown
+UNAME_VERSION=`(uname -v) 2>/dev/null` || UNAME_VERSION=unknown
+
+# Note: order is significant - the case branches are not exclusive.
+
+case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in
+ *:NetBSD:*:*)
+ # NetBSD (nbsd) targets should (where applicable) match one or
+ # more of the tupples: *-*-netbsdelf*, *-*-netbsdaout*,
+ # *-*-netbsdecoff* and *-*-netbsd*. For targets that recently
+ # switched to ELF, *-*-netbsd* would select the old
+ # object file format. This provides both forward
+ # compatibility and a consistent mechanism for selecting the
+ # object file format.
+ #
+ # Note: NetBSD doesn't particularly care about the vendor
+ # portion of the name. We always set it to "unknown".
+ sysctl="sysctl -n hw.machine_arch"
+ UNAME_MACHINE_ARCH=`(/sbin/$sysctl 2>/dev/null || \
+ /usr/sbin/$sysctl 2>/dev/null || echo unknown)`
+ case "${UNAME_MACHINE_ARCH}" in
+ armeb) machine=armeb-unknown ;;
+ arm*) machine=arm-unknown ;;
+ sh3el) machine=shl-unknown ;;
+ sh3eb) machine=sh-unknown ;;
+ *) machine=${UNAME_MACHINE_ARCH}-unknown ;;
+ esac
+ # The Operating System including object format, if it has switched
+ # to ELF recently, or will in the future.
+ case "${UNAME_MACHINE_ARCH}" in
+ arm*|i386|m68k|ns32k|sh3*|sparc|vax)
+ eval $set_cc_for_build
+ if echo __ELF__ | $CC_FOR_BUILD -E - 2>/dev/null \
+ | grep __ELF__ >/dev/null
+ then
+ # Once all utilities can be ECOFF (netbsdecoff) or a.out (netbsdaout).
+ # Return netbsd for either. FIX?
+ os=netbsd
+ else
+ os=netbsdelf
+ fi
+ ;;
+ *)
+ os=netbsd
+ ;;
+ esac
+ # The OS release
+ # Debian GNU/NetBSD machines have a different userland, and
+ # thus, need a distinct triplet. However, they do not need
+ # kernel version information, so it can be replaced with a
+ # suitable tag, in the style of linux-gnu.
+ case "${UNAME_VERSION}" in
+ Debian*)
+ release='-gnu'
+ ;;
+ *)
+ release=`echo ${UNAME_RELEASE}|sed -e 's/[-_].*/\./'`
+ ;;
+ esac
+ # Since CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM:
+ # contains redundant information, the shorter form:
+ # CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM is used.
+ echo "${machine}-${os}${release}"
+ exit 0 ;;
+ amiga:OpenBSD:*:*)
+ echo m68k-unknown-openbsd${UNAME_RELEASE}
+ exit 0 ;;
+ arc:OpenBSD:*:*)
+ echo mipsel-unknown-openbsd${UNAME_RELEASE}
+ exit 0 ;;
+ hp300:OpenBSD:*:*)
+ echo m68k-unknown-openbsd${UNAME_RELEASE}
+ exit 0 ;;
+ mac68k:OpenBSD:*:*)
+ echo m68k-unknown-openbsd${UNAME_RELEASE}
+ exit 0 ;;
+ macppc:OpenBSD:*:*)
+ echo powerpc-unknown-openbsd${UNAME_RELEASE}
+ exit 0 ;;
+ mvme68k:OpenBSD:*:*)
+ echo m68k-unknown-openbsd${UNAME_RELEASE}
+ exit 0 ;;
+ mvme88k:OpenBSD:*:*)
+ echo m88k-unknown-openbsd${UNAME_RELEASE}
+ exit 0 ;;
+ mvmeppc:OpenBSD:*:*)
+ echo powerpc-unknown-openbsd${UNAME_RELEASE}
+ exit 0 ;;
+ pmax:OpenBSD:*:*)
+ echo mipsel-unknown-openbsd${UNAME_RELEASE}
+ exit 0 ;;
+ sgi:OpenBSD:*:*)
+ echo mipseb-unknown-openbsd${UNAME_RELEASE}
+ exit 0 ;;
+ sun3:OpenBSD:*:*)
+ echo m68k-unknown-openbsd${UNAME_RELEASE}
+ exit 0 ;;
+ wgrisc:OpenBSD:*:*)
+ echo mipsel-unknown-openbsd${UNAME_RELEASE}
+ exit 0 ;;
+ *:OpenBSD:*:*)
+ echo ${UNAME_MACHINE}-unknown-openbsd${UNAME_RELEASE}
+ exit 0 ;;
+ alpha:OSF1:*:*)
+ if test $UNAME_RELEASE = "V4.0"; then
+ UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $3}'`
+ fi
+ # According to Compaq, /usr/sbin/psrinfo has been available on
+ # OSF/1 and Tru64 systems produced since 1995. I hope that
+ # covers most systems running today. This code pipes the CPU
+ # types through head -n 1, so we only detect the type of CPU 0.
+ ALPHA_CPU_TYPE=`/usr/sbin/psrinfo -v | sed -n -e 's/^ The alpha \(.*\) processor.*$/\1/p' | head -n 1`
+ case "$ALPHA_CPU_TYPE" in
+ "EV4 (21064)")
+ UNAME_MACHINE="alpha" ;;
+ "EV4.5 (21064)")
+ UNAME_MACHINE="alpha" ;;
+ "LCA4 (21066/21068)")
+ UNAME_MACHINE="alpha" ;;
+ "EV5 (21164)")
+ UNAME_MACHINE="alphaev5" ;;
+ "EV5.6 (21164A)")
+ UNAME_MACHINE="alphaev56" ;;
+ "EV5.6 (21164PC)")
+ UNAME_MACHINE="alphapca56" ;;
+ "EV5.7 (21164PC)")
+ UNAME_MACHINE="alphapca57" ;;
+ "EV6 (21264)")
+ UNAME_MACHINE="alphaev6" ;;
+ "EV6.7 (21264A)")
+ UNAME_MACHINE="alphaev67" ;;
+ "EV6.8CB (21264C)")
+ UNAME_MACHINE="alphaev68" ;;
+ "EV6.8AL (21264B)")
+ UNAME_MACHINE="alphaev68" ;;
+ "EV6.8CX (21264D)")
+ UNAME_MACHINE="alphaev68" ;;
+ "EV6.9A (21264/EV69A)")
+ UNAME_MACHINE="alphaev69" ;;
+ "EV7 (21364)")
+ UNAME_MACHINE="alphaev7" ;;
+ "EV7.9 (21364A)")
+ UNAME_MACHINE="alphaev79" ;;
+ esac
+ # A Vn.n version is a released version.
+ # A Tn.n version is a released field test version.
+ # A Xn.n version is an unreleased experimental baselevel.
+ # 1.2 uses "1.2" for uname -r.
+ echo ${UNAME_MACHINE}-dec-osf`echo ${UNAME_RELEASE} | sed -e 's/^[VTX]//' | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'`
+ exit 0 ;;
+ Alpha*:OpenVMS:*:*)
+ echo alpha-hp-vms
+ exit 0 ;;
+ Alpha\ *:Windows_NT*:*)
+ # How do we know it's Interix rather than the generic POSIX subsystem?
+ # Should we change UNAME_MACHINE based on the output of uname instead
+ # of the specific Alpha model?
+ echo alpha-pc-interix
+ exit 0 ;;
+ 21064:Windows_NT:50:3)
+ echo alpha-dec-winnt3.5
+ exit 0 ;;
+ Amiga*:UNIX_System_V:4.0:*)
+ echo m68k-unknown-sysv4
+ exit 0;;
+ *:[Aa]miga[Oo][Ss]:*:*)
+ echo ${UNAME_MACHINE}-unknown-amigaos
+ exit 0 ;;
+ *:[Mm]orph[Oo][Ss]:*:*)
+ echo ${UNAME_MACHINE}-unknown-morphos
+ exit 0 ;;
+ *:OS/390:*:*)
+ echo i370-ibm-openedition
+ exit 0 ;;
+ arm:RISC*:1.[012]*:*|arm:riscix:1.[012]*:*)
+ echo arm-acorn-riscix${UNAME_RELEASE}
+ exit 0;;
+ SR2?01:HI-UX/MPP:*:* | SR8000:HI-UX/MPP:*:*)
+ echo hppa1.1-hitachi-hiuxmpp
+ exit 0;;
+ Pyramid*:OSx*:*:* | MIS*:OSx*:*:* | MIS*:SMP_DC-OSx*:*:*)
+ # akee@wpdis03.wpafb.af.mil (Earle F. Ake) contributed MIS and NILE.
+ if test "`(/bin/universe) 2>/dev/null`" = att ; then
+ echo pyramid-pyramid-sysv3
+ else
+ echo pyramid-pyramid-bsd
+ fi
+ exit 0 ;;
+ NILE*:*:*:dcosx)
+ echo pyramid-pyramid-svr4
+ exit 0 ;;
+ DRS?6000:unix:4.0:6*)
+ echo sparc-icl-nx6
+ exit 0 ;;
+ DRS?6000:UNIX_SV:4.2*:7*)
+ case `/usr/bin/uname -p` in
+ sparc) echo sparc-icl-nx7 && exit 0 ;;
+ esac ;;
+ sun4H:SunOS:5.*:*)
+ echo sparc-hal-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
+ exit 0 ;;
+ sun4*:SunOS:5.*:* | tadpole*:SunOS:5.*:*)
+ echo sparc-sun-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
+ exit 0 ;;
+ i86pc:SunOS:5.*:*)
+ echo i386-pc-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
+ exit 0 ;;
+ sun4*:SunOS:6*:*)
+ # According to config.sub, this is the proper way to canonicalize
+ # SunOS6. Hard to guess exactly what SunOS6 will be like, but
+ # it's likely to be more like Solaris than SunOS4.
+ echo sparc-sun-solaris3`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
+ exit 0 ;;
+ sun4*:SunOS:*:*)
+ case "`/usr/bin/arch -k`" in
+ Series*|S4*)
+ UNAME_RELEASE=`uname -v`
+ ;;
+ esac
+ # Japanese Language versions have a version number like `4.1.3-JL'.
+ echo sparc-sun-sunos`echo ${UNAME_RELEASE}|sed -e 's/-/_/'`
+ exit 0 ;;
+ sun3*:SunOS:*:*)
+ echo m68k-sun-sunos${UNAME_RELEASE}
+ exit 0 ;;
+ sun*:*:4.2BSD:*)
+ UNAME_RELEASE=`(sed 1q /etc/motd | awk '{print substr($5,1,3)}') 2>/dev/null`
+ test "x${UNAME_RELEASE}" = "x" && UNAME_RELEASE=3
+ case "`/bin/arch`" in
+ sun3)
+ echo m68k-sun-sunos${UNAME_RELEASE}
+ ;;
+ sun4)
+ echo sparc-sun-sunos${UNAME_RELEASE}
+ ;;
+ esac
+ exit 0 ;;
+ aushp:SunOS:*:*)
+ echo sparc-auspex-sunos${UNAME_RELEASE}
+ exit 0 ;;
+ # The situation for MiNT is a little confusing. The machine name
+ # can be virtually everything (everything which is not
+ # "atarist" or "atariste" at least should have a processor
+ # > m68000). The system name ranges from "MiNT" over "FreeMiNT"
+ # to the lowercase version "mint" (or "freemint"). Finally
+ # the system name "TOS" denotes a system which is actually not
+ # MiNT. But MiNT is downward compatible to TOS, so this should
+ # be no problem.
+ atarist[e]:*MiNT:*:* | atarist[e]:*mint:*:* | atarist[e]:*TOS:*:*)
+ echo m68k-atari-mint${UNAME_RELEASE}
+ exit 0 ;;
+ atari*:*MiNT:*:* | atari*:*mint:*:* | atarist[e]:*TOS:*:*)
+ echo m68k-atari-mint${UNAME_RELEASE}
+ exit 0 ;;
+ *falcon*:*MiNT:*:* | *falcon*:*mint:*:* | *falcon*:*TOS:*:*)
+ echo m68k-atari-mint${UNAME_RELEASE}
+ exit 0 ;;
+ milan*:*MiNT:*:* | milan*:*mint:*:* | *milan*:*TOS:*:*)
+ echo m68k-milan-mint${UNAME_RELEASE}
+ exit 0 ;;
+ hades*:*MiNT:*:* | hades*:*mint:*:* | *hades*:*TOS:*:*)
+ echo m68k-hades-mint${UNAME_RELEASE}
+ exit 0 ;;
+ *:*MiNT:*:* | *:*mint:*:* | *:*TOS:*:*)
+ echo m68k-unknown-mint${UNAME_RELEASE}
+ exit 0 ;;
+ powerpc:machten:*:*)
+ echo powerpc-apple-machten${UNAME_RELEASE}
+ exit 0 ;;
+ RISC*:Mach:*:*)
+ echo mips-dec-mach_bsd4.3
+ exit 0 ;;
+ RISC*:ULTRIX:*:*)
+ echo mips-dec-ultrix${UNAME_RELEASE}
+ exit 0 ;;
+ VAX*:ULTRIX*:*:*)
+ echo vax-dec-ultrix${UNAME_RELEASE}
+ exit 0 ;;
+ 2020:CLIX:*:* | 2430:CLIX:*:*)
+ echo clipper-intergraph-clix${UNAME_RELEASE}
+ exit 0 ;;
+ mips:*:*:UMIPS | mips:*:*:RISCos)
+ eval $set_cc_for_build
+ sed 's/^ //' << EOF >$dummy.c
+#ifdef __cplusplus
+#include /* for printf() prototype */
+ int main (int argc, char *argv[]) {
+#else
+ int main (argc, argv) int argc; char *argv[]; {
+#endif
+ #if defined (host_mips) && defined (MIPSEB)
+ #if defined (SYSTYPE_SYSV)
+ printf ("mips-mips-riscos%ssysv\n", argv[1]); exit (0);
+ #endif
+ #if defined (SYSTYPE_SVR4)
+ printf ("mips-mips-riscos%ssvr4\n", argv[1]); exit (0);
+ #endif
+ #if defined (SYSTYPE_BSD43) || defined(SYSTYPE_BSD)
+ printf ("mips-mips-riscos%sbsd\n", argv[1]); exit (0);
+ #endif
+ #endif
+ exit (-1);
+ }
+EOF
+ $CC_FOR_BUILD -o $dummy $dummy.c \
+ && $dummy `echo "${UNAME_RELEASE}" | sed -n 's/\([0-9]*\).*/\1/p'` \
+ && exit 0
+ echo mips-mips-riscos${UNAME_RELEASE}
+ exit 0 ;;
+ Motorola:PowerMAX_OS:*:*)
+ echo powerpc-motorola-powermax
+ exit 0 ;;
+ Motorola:*:4.3:PL8-*)
+ echo powerpc-harris-powermax
+ exit 0 ;;
+ Night_Hawk:*:*:PowerMAX_OS | Synergy:PowerMAX_OS:*:*)
+ echo powerpc-harris-powermax
+ exit 0 ;;
+ Night_Hawk:Power_UNIX:*:*)
+ echo powerpc-harris-powerunix
+ exit 0 ;;
+ m88k:CX/UX:7*:*)
+ echo m88k-harris-cxux7
+ exit 0 ;;
+ m88k:*:4*:R4*)
+ echo m88k-motorola-sysv4
+ exit 0 ;;
+ m88k:*:3*:R3*)
+ echo m88k-motorola-sysv3
+ exit 0 ;;
+ AViiON:dgux:*:*)
+ # DG/UX returns AViiON for all architectures
+ UNAME_PROCESSOR=`/usr/bin/uname -p`
+ if [ $UNAME_PROCESSOR = mc88100 ] || [ $UNAME_PROCESSOR = mc88110 ]
+ then
+ if [ ${TARGET_BINARY_INTERFACE}x = m88kdguxelfx ] || \
+ [ ${TARGET_BINARY_INTERFACE}x = x ]
+ then
+ echo m88k-dg-dgux${UNAME_RELEASE}
+ else
+ echo m88k-dg-dguxbcs${UNAME_RELEASE}
+ fi
+ else
+ echo i586-dg-dgux${UNAME_RELEASE}
+ fi
+ exit 0 ;;
+ M88*:DolphinOS:*:*) # DolphinOS (SVR3)
+ echo m88k-dolphin-sysv3
+ exit 0 ;;
+ M88*:*:R3*:*)
+ # Delta 88k system running SVR3
+ echo m88k-motorola-sysv3
+ exit 0 ;;
+ XD88*:*:*:*) # Tektronix XD88 system running UTekV (SVR3)
+ echo m88k-tektronix-sysv3
+ exit 0 ;;
+ Tek43[0-9][0-9]:UTek:*:*) # Tektronix 4300 system running UTek (BSD)
+ echo m68k-tektronix-bsd
+ exit 0 ;;
+ *:IRIX*:*:*)
+ echo mips-sgi-irix`echo ${UNAME_RELEASE}|sed -e 's/-/_/g'`
+ exit 0 ;;
+ ????????:AIX?:[12].1:2) # AIX 2.2.1 or AIX 2.1.1 is RT/PC AIX.
+ echo romp-ibm-aix # uname -m gives an 8 hex-code CPU id
+ exit 0 ;; # Note that: echo "'`uname -s`'" gives 'AIX '
+ i*86:AIX:*:*)
+ echo i386-ibm-aix
+ exit 0 ;;
+ ia64:AIX:*:*)
+ if [ -x /usr/bin/oslevel ] ; then
+ IBM_REV=`/usr/bin/oslevel`
+ else
+ IBM_REV=${UNAME_VERSION}.${UNAME_RELEASE}
+ fi
+ echo ${UNAME_MACHINE}-ibm-aix${IBM_REV}
+ exit 0 ;;
+ *:AIX:2:3)
+ if grep bos325 /usr/include/stdio.h >/dev/null 2>&1; then
+ eval $set_cc_for_build
+ sed 's/^ //' << EOF >$dummy.c
+ #include
+
+ main()
+ {
+ if (!__power_pc())
+ exit(1);
+ puts("powerpc-ibm-aix3.2.5");
+ exit(0);
+ }
+EOF
+ $CC_FOR_BUILD -o $dummy $dummy.c && $dummy && exit 0
+ echo rs6000-ibm-aix3.2.5
+ elif grep bos324 /usr/include/stdio.h >/dev/null 2>&1; then
+ echo rs6000-ibm-aix3.2.4
+ else
+ echo rs6000-ibm-aix3.2
+ fi
+ exit 0 ;;
+ *:AIX:*:[45])
+ IBM_CPU_ID=`/usr/sbin/lsdev -C -c processor -S available | sed 1q | awk '{ print $1 }'`
+ if /usr/sbin/lsattr -El ${IBM_CPU_ID} | grep ' POWER' >/dev/null 2>&1; then
+ IBM_ARCH=rs6000
+ else
+ IBM_ARCH=powerpc
+ fi
+ if [ -x /usr/bin/oslevel ] ; then
+ IBM_REV=`/usr/bin/oslevel`
+ else
+ IBM_REV=${UNAME_VERSION}.${UNAME_RELEASE}
+ fi
+ echo ${IBM_ARCH}-ibm-aix${IBM_REV}
+ exit 0 ;;
+ *:AIX:*:*)
+ echo rs6000-ibm-aix
+ exit 0 ;;
+ ibmrt:4.4BSD:*|romp-ibm:BSD:*)
+ echo romp-ibm-bsd4.4
+ exit 0 ;;
+ ibmrt:*BSD:*|romp-ibm:BSD:*) # covers RT/PC BSD and
+ echo romp-ibm-bsd${UNAME_RELEASE} # 4.3 with uname added to
+ exit 0 ;; # report: romp-ibm BSD 4.3
+ *:BOSX:*:*)
+ echo rs6000-bull-bosx
+ exit 0 ;;
+ DPX/2?00:B.O.S.:*:*)
+ echo m68k-bull-sysv3
+ exit 0 ;;
+ 9000/[34]??:4.3bsd:1.*:*)
+ echo m68k-hp-bsd
+ exit 0 ;;
+ hp300:4.4BSD:*:* | 9000/[34]??:4.3bsd:2.*:*)
+ echo m68k-hp-bsd4.4
+ exit 0 ;;
+ 9000/[34678]??:HP-UX:*:*)
+ HPUX_REV=`echo ${UNAME_RELEASE}|sed -e 's/[^.]*.[0B]*//'`
+ case "${UNAME_MACHINE}" in
+ 9000/31? ) HP_ARCH=m68000 ;;
+ 9000/[34]?? ) HP_ARCH=m68k ;;
+ 9000/[678][0-9][0-9])
+ if [ -x /usr/bin/getconf ]; then
+ sc_cpu_version=`/usr/bin/getconf SC_CPU_VERSION 2>/dev/null`
+ sc_kernel_bits=`/usr/bin/getconf SC_KERNEL_BITS 2>/dev/null`
+ case "${sc_cpu_version}" in
+ 523) HP_ARCH="hppa1.0" ;; # CPU_PA_RISC1_0
+ 528) HP_ARCH="hppa1.1" ;; # CPU_PA_RISC1_1
+ 532) # CPU_PA_RISC2_0
+ case "${sc_kernel_bits}" in
+ 32) HP_ARCH="hppa2.0n" ;;
+ 64) HP_ARCH="hppa2.0w" ;;
+ '') HP_ARCH="hppa2.0" ;; # HP-UX 10.20
+ esac ;;
+ esac
+ fi
+ if [ "${HP_ARCH}" = "" ]; then
+ eval $set_cc_for_build
+ sed 's/^ //' << EOF >$dummy.c
+
+ #define _HPUX_SOURCE
+ #include
+ #include
+
+ int main ()
+ {
+ #if defined(_SC_KERNEL_BITS)
+ long bits = sysconf(_SC_KERNEL_BITS);
+ #endif
+ long cpu = sysconf (_SC_CPU_VERSION);
+
+ switch (cpu)
+ {
+ case CPU_PA_RISC1_0: puts ("hppa1.0"); break;
+ case CPU_PA_RISC1_1: puts ("hppa1.1"); break;
+ case CPU_PA_RISC2_0:
+ #if defined(_SC_KERNEL_BITS)
+ switch (bits)
+ {
+ case 64: puts ("hppa2.0w"); break;
+ case 32: puts ("hppa2.0n"); break;
+ default: puts ("hppa2.0"); break;
+ } break;
+ #else /* !defined(_SC_KERNEL_BITS) */
+ puts ("hppa2.0"); break;
+ #endif
+ default: puts ("hppa1.0"); break;
+ }
+ exit (0);
+ }
+EOF
+ (CCOPTS= $CC_FOR_BUILD -o $dummy $dummy.c 2>/dev/null) && HP_ARCH=`$dummy`
+ test -z "$HP_ARCH" && HP_ARCH=hppa
+ fi ;;
+ esac
+ if [ ${HP_ARCH} = "hppa2.0w" ]
+ then
+ # avoid double evaluation of $set_cc_for_build
+ test -n "$CC_FOR_BUILD" || eval $set_cc_for_build
+ if echo __LP64__ | (CCOPTS= $CC_FOR_BUILD -E -) | grep __LP64__ >/dev/null
+ then
+ HP_ARCH="hppa2.0w"
+ else
+ HP_ARCH="hppa64"
+ fi
+ fi
+ echo ${HP_ARCH}-hp-hpux${HPUX_REV}
+ exit 0 ;;
+ ia64:HP-UX:*:*)
+ HPUX_REV=`echo ${UNAME_RELEASE}|sed -e 's/[^.]*.[0B]*//'`
+ echo ia64-hp-hpux${HPUX_REV}
+ exit 0 ;;
+ 3050*:HI-UX:*:*)
+ eval $set_cc_for_build
+ sed 's/^ //' << EOF >$dummy.c
+ #include
+ int
+ main ()
+ {
+ long cpu = sysconf (_SC_CPU_VERSION);
+ /* The order matters, because CPU_IS_HP_MC68K erroneously returns
+ true for CPU_PA_RISC1_0. CPU_IS_PA_RISC returns correct
+ results, however. */
+ if (CPU_IS_PA_RISC (cpu))
+ {
+ switch (cpu)
+ {
+ case CPU_PA_RISC1_0: puts ("hppa1.0-hitachi-hiuxwe2"); break;
+ case CPU_PA_RISC1_1: puts ("hppa1.1-hitachi-hiuxwe2"); break;
+ case CPU_PA_RISC2_0: puts ("hppa2.0-hitachi-hiuxwe2"); break;
+ default: puts ("hppa-hitachi-hiuxwe2"); break;
+ }
+ }
+ else if (CPU_IS_HP_MC68K (cpu))
+ puts ("m68k-hitachi-hiuxwe2");
+ else puts ("unknown-hitachi-hiuxwe2");
+ exit (0);
+ }
+EOF
+ $CC_FOR_BUILD -o $dummy $dummy.c && $dummy && exit 0
+ echo unknown-hitachi-hiuxwe2
+ exit 0 ;;
+ 9000/7??:4.3bsd:*:* | 9000/8?[79]:4.3bsd:*:* )
+ echo hppa1.1-hp-bsd
+ exit 0 ;;
+ 9000/8??:4.3bsd:*:*)
+ echo hppa1.0-hp-bsd
+ exit 0 ;;
+ *9??*:MPE/iX:*:* | *3000*:MPE/iX:*:*)
+ echo hppa1.0-hp-mpeix
+ exit 0 ;;
+ hp7??:OSF1:*:* | hp8?[79]:OSF1:*:* )
+ echo hppa1.1-hp-osf
+ exit 0 ;;
+ hp8??:OSF1:*:*)
+ echo hppa1.0-hp-osf
+ exit 0 ;;
+ i*86:OSF1:*:*)
+ if [ -x /usr/sbin/sysversion ] ; then
+ echo ${UNAME_MACHINE}-unknown-osf1mk
+ else
+ echo ${UNAME_MACHINE}-unknown-osf1
+ fi
+ exit 0 ;;
+ parisc*:Lites*:*:*)
+ echo hppa1.1-hp-lites
+ exit 0 ;;
+ C1*:ConvexOS:*:* | convex:ConvexOS:C1*:*)
+ echo c1-convex-bsd
+ exit 0 ;;
+ C2*:ConvexOS:*:* | convex:ConvexOS:C2*:*)
+ if getsysinfo -f scalar_acc
+ then echo c32-convex-bsd
+ else echo c2-convex-bsd
+ fi
+ exit 0 ;;
+ C34*:ConvexOS:*:* | convex:ConvexOS:C34*:*)
+ echo c34-convex-bsd
+ exit 0 ;;
+ C38*:ConvexOS:*:* | convex:ConvexOS:C38*:*)
+ echo c38-convex-bsd
+ exit 0 ;;
+ C4*:ConvexOS:*:* | convex:ConvexOS:C4*:*)
+ echo c4-convex-bsd
+ exit 0 ;;
+ CRAY*Y-MP:*:*:*)
+ echo ymp-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/'
+ exit 0 ;;
+ CRAY*[A-Z]90:*:*:*)
+ echo ${UNAME_MACHINE}-cray-unicos${UNAME_RELEASE} \
+ | sed -e 's/CRAY.*\([A-Z]90\)/\1/' \
+ -e y/ABCDEFGHIJKLMNOPQRSTUVWXYZ/abcdefghijklmnopqrstuvwxyz/ \
+ -e 's/\.[^.]*$/.X/'
+ exit 0 ;;
+ CRAY*TS:*:*:*)
+ echo t90-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/'
+ exit 0 ;;
+ CRAY*T3E:*:*:*)
+ echo alphaev5-cray-unicosmk${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/'
+ exit 0 ;;
+ CRAY*SV1:*:*:*)
+ echo sv1-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/'
+ exit 0 ;;
+ *:UNICOS/mp:*:*)
+ echo nv1-cray-unicosmp${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/'
+ exit 0 ;;
+ F30[01]:UNIX_System_V:*:* | F700:UNIX_System_V:*:*)
+ FUJITSU_PROC=`uname -m | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'`
+ FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'`
+ FUJITSU_REL=`echo ${UNAME_RELEASE} | sed -e 's/ /_/'`
+ echo "${FUJITSU_PROC}-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}"
+ exit 0 ;;
+ i*86:BSD/386:*:* | i*86:BSD/OS:*:* | *:Ascend\ Embedded/OS:*:*)
+ echo ${UNAME_MACHINE}-pc-bsdi${UNAME_RELEASE}
+ exit 0 ;;
+ sparc*:BSD/OS:*:*)
+ echo sparc-unknown-bsdi${UNAME_RELEASE}
+ exit 0 ;;
+ *:BSD/OS:*:*)
+ echo ${UNAME_MACHINE}-unknown-bsdi${UNAME_RELEASE}
+ exit 0 ;;
+ *:FreeBSD:*:*|*:GNU/FreeBSD:*:*)
+ # Determine whether the default compiler uses glibc.
+ eval $set_cc_for_build
+ sed 's/^ //' << EOF >$dummy.c
+ #include
+ #if __GLIBC__ >= 2
+ LIBC=gnu
+ #else
+ LIBC=
+ #endif
+EOF
+ eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep ^LIBC=`
+ # GNU/FreeBSD systems have a "k" prefix to indicate we are using
+ # FreeBSD's kernel, but not the complete OS.
+ case ${LIBC} in gnu) kernel_only='k' ;; esac
+ echo ${UNAME_MACHINE}-unknown-${kernel_only}freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'`${LIBC:+-$LIBC}
+ exit 0 ;;
+ i*:CYGWIN*:*)
+ echo ${UNAME_MACHINE}-pc-cygwin
+ exit 0 ;;
+ i*:MINGW*:*)
+ echo ${UNAME_MACHINE}-pc-mingw32
+ exit 0 ;;
+ i*:PW*:*)
+ echo ${UNAME_MACHINE}-pc-pw32
+ exit 0 ;;
+ x86:Interix*:[34]*)
+ echo i586-pc-interix${UNAME_RELEASE}|sed -e 's/\..*//'
+ exit 0 ;;
+ [345]86:Windows_95:* | [345]86:Windows_98:* | [345]86:Windows_NT:*)
+ echo i${UNAME_MACHINE}-pc-mks
+ exit 0 ;;
+ i*:Windows_NT*:* | Pentium*:Windows_NT*:*)
+ # How do we know it's Interix rather than the generic POSIX subsystem?
+ # It also conflicts with pre-2.0 versions of AT&T UWIN. Should we
+ # UNAME_MACHINE based on the output of uname instead of i386?
+ echo i586-pc-interix
+ exit 0 ;;
+ i*:UWIN*:*)
+ echo ${UNAME_MACHINE}-pc-uwin
+ exit 0 ;;
+ p*:CYGWIN*:*)
+ echo powerpcle-unknown-cygwin
+ exit 0 ;;
+ prep*:SunOS:5.*:*)
+ echo powerpcle-unknown-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
+ exit 0 ;;
+ *:GNU:*:*)
+ echo `echo ${UNAME_MACHINE}|sed -e 's,[-/].*$,,'`-unknown-gnu`echo ${UNAME_RELEASE}|sed -e 's,/.*$,,'`
+ exit 0 ;;
+ i*86:Minix:*:*)
+ echo ${UNAME_MACHINE}-pc-minix
+ exit 0 ;;
+ arm*:Linux:*:*)
+ echo ${UNAME_MACHINE}-unknown-linux-gnu
+ exit 0 ;;
+ cris:Linux:*:*)
+ echo cris-axis-linux-gnu
+ exit 0 ;;
+ ia64:Linux:*:*)
+ echo ${UNAME_MACHINE}-unknown-linux-gnu
+ exit 0 ;;
+ m68*:Linux:*:*)
+ echo ${UNAME_MACHINE}-unknown-linux-gnu
+ exit 0 ;;
+ mips:Linux:*:*)
+ eval $set_cc_for_build
+ sed 's/^ //' << EOF >$dummy.c
+ #undef CPU
+ #undef mips
+ #undef mipsel
+ #if defined(__MIPSEL__) || defined(__MIPSEL) || defined(_MIPSEL) || defined(MIPSEL)
+ CPU=mipsel
+ #else
+ #if defined(__MIPSEB__) || defined(__MIPSEB) || defined(_MIPSEB) || defined(MIPSEB)
+ CPU=mips
+ #else
+ CPU=
+ #endif
+ #endif
+EOF
+ eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep ^CPU=`
+ test x"${CPU}" != x && echo "${CPU}-unknown-linux-gnu" && exit 0
+ ;;
+ mips64:Linux:*:*)
+ eval $set_cc_for_build
+ sed 's/^ //' << EOF >$dummy.c
+ #undef CPU
+ #undef mips64
+ #undef mips64el
+ #if defined(__MIPSEL__) || defined(__MIPSEL) || defined(_MIPSEL) || defined(MIPSEL)
+ CPU=mips64el
+ #else
+ #if defined(__MIPSEB__) || defined(__MIPSEB) || defined(_MIPSEB) || defined(MIPSEB)
+ CPU=mips64
+ #else
+ CPU=
+ #endif
+ #endif
+EOF
+ eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep ^CPU=`
+ test x"${CPU}" != x && echo "${CPU}-unknown-linux-gnu" && exit 0
+ ;;
+ ppc:Linux:*:*)
+ echo powerpc-unknown-linux-gnu
+ exit 0 ;;
+ ppc64:Linux:*:*)
+ echo powerpc64-unknown-linux-gnu
+ exit 0 ;;
+ alpha:Linux:*:*)
+ case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' < /proc/cpuinfo` in
+ EV5) UNAME_MACHINE=alphaev5 ;;
+ EV56) UNAME_MACHINE=alphaev56 ;;
+ PCA56) UNAME_MACHINE=alphapca56 ;;
+ PCA57) UNAME_MACHINE=alphapca56 ;;
+ EV6) UNAME_MACHINE=alphaev6 ;;
+ EV67) UNAME_MACHINE=alphaev67 ;;
+ EV68*) UNAME_MACHINE=alphaev68 ;;
+ esac
+ objdump --private-headers /bin/sh | grep ld.so.1 >/dev/null
+ if test "$?" = 0 ; then LIBC="libc1" ; else LIBC="" ; fi
+ echo ${UNAME_MACHINE}-unknown-linux-gnu${LIBC}
+ exit 0 ;;
+ parisc:Linux:*:* | hppa:Linux:*:*)
+ # Look for CPU level
+ case `grep '^cpu[^a-z]*:' /proc/cpuinfo 2>/dev/null | cut -d' ' -f2` in
+ PA7*) echo hppa1.1-unknown-linux-gnu ;;
+ PA8*) echo hppa2.0-unknown-linux-gnu ;;
+ *) echo hppa-unknown-linux-gnu ;;
+ esac
+ exit 0 ;;
+ parisc64:Linux:*:* | hppa64:Linux:*:*)
+ echo hppa64-unknown-linux-gnu
+ exit 0 ;;
+ s390:Linux:*:* | s390x:Linux:*:*)
+ echo ${UNAME_MACHINE}-ibm-linux
+ exit 0 ;;
+ sh64*:Linux:*:*)
+ echo ${UNAME_MACHINE}-unknown-linux-gnu
+ exit 0 ;;
+ sh*:Linux:*:*)
+ echo ${UNAME_MACHINE}-unknown-linux-gnu
+ exit 0 ;;
+ sparc:Linux:*:* | sparc64:Linux:*:*)
+ echo ${UNAME_MACHINE}-unknown-linux-gnu
+ exit 0 ;;
+ x86_64:Linux:*:*)
+ echo x86_64-unknown-linux-gnu
+ exit 0 ;;
+ i*86:Linux:*:*)
+ # The BFD linker knows what the default object file format is, so
+ # first see if it will tell us. cd to the root directory to prevent
+ # problems with other programs or directories called `ld' in the path.
+ # Set LC_ALL=C to ensure ld outputs messages in English.
+ ld_supported_targets=`cd /; LC_ALL=C ld --help 2>&1 \
+ | sed -ne '/supported targets:/!d
+ s/[ ][ ]*/ /g
+ s/.*supported targets: *//
+ s/ .*//
+ p'`
+ case "$ld_supported_targets" in
+ elf32-i386)
+ TENTATIVE="${UNAME_MACHINE}-pc-linux-gnu"
+ ;;
+ a.out-i386-linux)
+ echo "${UNAME_MACHINE}-pc-linux-gnuaout"
+ exit 0 ;;
+ coff-i386)
+ echo "${UNAME_MACHINE}-pc-linux-gnucoff"
+ exit 0 ;;
+ "")
+ # Either a pre-BFD a.out linker (linux-gnuoldld) or
+ # one that does not give us useful --help.
+ echo "${UNAME_MACHINE}-pc-linux-gnuoldld"
+ exit 0 ;;
+ esac
+ # Determine whether the default compiler is a.out or elf
+ eval $set_cc_for_build
+ sed 's/^ //' << EOF >$dummy.c
+ #include
+ #ifdef __ELF__
+ # ifdef __GLIBC__
+ # if __GLIBC__ >= 2
+ LIBC=gnu
+ # else
+ LIBC=gnulibc1
+ # endif
+ # else
+ LIBC=gnulibc1
+ # endif
+ #else
+ #ifdef __INTEL_COMPILER
+ LIBC=gnu
+ #else
+ LIBC=gnuaout
+ #endif
+ #endif
+EOF
+ eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep ^LIBC=`
+ test x"${LIBC}" != x && echo "${UNAME_MACHINE}-pc-linux-${LIBC}" && exit 0
+ test x"${TENTATIVE}" != x && echo "${TENTATIVE}" && exit 0
+ ;;
+ i*86:DYNIX/ptx:4*:*)
+ # ptx 4.0 does uname -s correctly, with DYNIX/ptx in there.
+ # earlier versions are messed up and put the nodename in both
+ # sysname and nodename.
+ echo i386-sequent-sysv4
+ exit 0 ;;
+ i*86:UNIX_SV:4.2MP:2.*)
+ # Unixware is an offshoot of SVR4, but it has its own version
+ # number series starting with 2...
+ # I am not positive that other SVR4 systems won't match this,
+ # I just have to hope. -- rms.
+ # Use sysv4.2uw... so that sysv4* matches it.
+ echo ${UNAME_MACHINE}-pc-sysv4.2uw${UNAME_VERSION}
+ exit 0 ;;
+ i*86:OS/2:*:*)
+ # If we were able to find `uname', then EMX Unix compatibility
+ # is probably installed.
+ echo ${UNAME_MACHINE}-pc-os2-emx
+ exit 0 ;;
+ i*86:XTS-300:*:STOP)
+ echo ${UNAME_MACHINE}-unknown-stop
+ exit 0 ;;
+ i*86:atheos:*:*)
+ echo ${UNAME_MACHINE}-unknown-atheos
+ exit 0 ;;
+ i*86:LynxOS:2.*:* | i*86:LynxOS:3.[01]*:* | i*86:LynxOS:4.0*:*)
+ echo i386-unknown-lynxos${UNAME_RELEASE}
+ exit 0 ;;
+ i*86:*DOS:*:*)
+ echo ${UNAME_MACHINE}-pc-msdosdjgpp
+ exit 0 ;;
+ i*86:*:4.*:* | i*86:SYSTEM_V:4.*:*)
+ UNAME_REL=`echo ${UNAME_RELEASE} | sed 's/\/MP$//'`
+ if grep Novell /usr/include/link.h >/dev/null 2>/dev/null; then
+ echo ${UNAME_MACHINE}-univel-sysv${UNAME_REL}
+ else
+ echo ${UNAME_MACHINE}-pc-sysv${UNAME_REL}
+ fi
+ exit 0 ;;
+ i*86:*:5:[78]*)
+ case `/bin/uname -X | grep "^Machine"` in
+ *486*) UNAME_MACHINE=i486 ;;
+ *Pentium) UNAME_MACHINE=i586 ;;
+ *Pent*|*Celeron) UNAME_MACHINE=i686 ;;
+ esac
+ echo ${UNAME_MACHINE}-unknown-sysv${UNAME_RELEASE}${UNAME_SYSTEM}${UNAME_VERSION}
+ exit 0 ;;
+ i*86:*:3.2:*)
+ if test -f /usr/options/cb.name; then
+ UNAME_REL=`sed -n 's/.*Version //p' /dev/null >/dev/null ; then
+ UNAME_REL=`(/bin/uname -X|grep Release|sed -e 's/.*= //')`
+ (/bin/uname -X|grep i80486 >/dev/null) && UNAME_MACHINE=i486
+ (/bin/uname -X|grep '^Machine.*Pentium' >/dev/null) \
+ && UNAME_MACHINE=i586
+ (/bin/uname -X|grep '^Machine.*Pent *II' >/dev/null) \
+ && UNAME_MACHINE=i686
+ (/bin/uname -X|grep '^Machine.*Pentium Pro' >/dev/null) \
+ && UNAME_MACHINE=i686
+ echo ${UNAME_MACHINE}-pc-sco$UNAME_REL
+ else
+ echo ${UNAME_MACHINE}-pc-sysv32
+ fi
+ exit 0 ;;
+ pc:*:*:*)
+ # Left here for compatibility:
+ # uname -m prints for DJGPP always 'pc', but it prints nothing about
+ # the processor, so we play safe by assuming i386.
+ echo i386-pc-msdosdjgpp
+ exit 0 ;;
+ Intel:Mach:3*:*)
+ echo i386-pc-mach3
+ exit 0 ;;
+ paragon:*:*:*)
+ echo i860-intel-osf1
+ exit 0 ;;
+ i860:*:4.*:*) # i860-SVR4
+ if grep Stardent /usr/include/sys/uadmin.h >/dev/null 2>&1 ; then
+ echo i860-stardent-sysv${UNAME_RELEASE} # Stardent Vistra i860-SVR4
+ else # Add other i860-SVR4 vendors below as they are discovered.
+ echo i860-unknown-sysv${UNAME_RELEASE} # Unknown i860-SVR4
+ fi
+ exit 0 ;;
+ mini*:CTIX:SYS*5:*)
+ # "miniframe"
+ echo m68010-convergent-sysv
+ exit 0 ;;
+ mc68k:UNIX:SYSTEM5:3.51m)
+ echo m68k-convergent-sysv
+ exit 0 ;;
+ M680?0:D-NIX:5.3:*)
+ echo m68k-diab-dnix
+ exit 0 ;;
+ M68*:*:R3V[567]*:*)
+ test -r /sysV68 && echo 'm68k-motorola-sysv' && exit 0 ;;
+ 3[34]??:*:4.0:3.0 | 3[34]??A:*:4.0:3.0 | 3[34]??,*:*:4.0:3.0 | 3[34]??/*:*:4.0:3.0 | 4400:*:4.0:3.0 | 4850:*:4.0:3.0 | SKA40:*:4.0:3.0 | SDS2:*:4.0:3.0 | SHG2:*:4.0:3.0)
+ OS_REL=''
+ test -r /etc/.relid \
+ && OS_REL=.`sed -n 's/[^ ]* [^ ]* \([0-9][0-9]\).*/\1/p' < /etc/.relid`
+ /bin/uname -p 2>/dev/null | grep 86 >/dev/null \
+ && echo i486-ncr-sysv4.3${OS_REL} && exit 0
+ /bin/uname -p 2>/dev/null | /bin/grep entium >/dev/null \
+ && echo i586-ncr-sysv4.3${OS_REL} && exit 0 ;;
+ 3[34]??:*:4.0:* | 3[34]??,*:*:4.0:*)
+ /bin/uname -p 2>/dev/null | grep 86 >/dev/null \
+ && echo i486-ncr-sysv4 && exit 0 ;;
+ m68*:LynxOS:2.*:* | m68*:LynxOS:3.0*:*)
+ echo m68k-unknown-lynxos${UNAME_RELEASE}
+ exit 0 ;;
+ mc68030:UNIX_System_V:4.*:*)
+ echo m68k-atari-sysv4
+ exit 0 ;;
+ TSUNAMI:LynxOS:2.*:*)
+ echo sparc-unknown-lynxos${UNAME_RELEASE}
+ exit 0 ;;
+ rs6000:LynxOS:2.*:*)
+ echo rs6000-unknown-lynxos${UNAME_RELEASE}
+ exit 0 ;;
+ PowerPC:LynxOS:2.*:* | PowerPC:LynxOS:3.[01]*:* | PowerPC:LynxOS:4.0*:*)
+ echo powerpc-unknown-lynxos${UNAME_RELEASE}
+ exit 0 ;;
+ SM[BE]S:UNIX_SV:*:*)
+ echo mips-dde-sysv${UNAME_RELEASE}
+ exit 0 ;;
+ RM*:ReliantUNIX-*:*:*)
+ echo mips-sni-sysv4
+ exit 0 ;;
+ RM*:SINIX-*:*:*)
+ echo mips-sni-sysv4
+ exit 0 ;;
+ *:SINIX-*:*:*)
+ if uname -p 2>/dev/null >/dev/null ; then
+ UNAME_MACHINE=`(uname -p) 2>/dev/null`
+ echo ${UNAME_MACHINE}-sni-sysv4
+ else
+ echo ns32k-sni-sysv
+ fi
+ exit 0 ;;
+ PENTIUM:*:4.0*:*) # Unisys `ClearPath HMP IX 4000' SVR4/MP effort
+ # says
+ echo i586-unisys-sysv4
+ exit 0 ;;
+ *:UNIX_System_V:4*:FTX*)
+ # From Gerald Hewes .
+ # How about differentiating between stratus architectures? -djm
+ echo hppa1.1-stratus-sysv4
+ exit 0 ;;
+ *:*:*:FTX*)
+ # From seanf@swdc.stratus.com.
+ echo i860-stratus-sysv4
+ exit 0 ;;
+ *:VOS:*:*)
+ # From Paul.Green@stratus.com.
+ echo hppa1.1-stratus-vos
+ exit 0 ;;
+ mc68*:A/UX:*:*)
+ echo m68k-apple-aux${UNAME_RELEASE}
+ exit 0 ;;
+ news*:NEWS-OS:6*:*)
+ echo mips-sony-newsos6
+ exit 0 ;;
+ R[34]000:*System_V*:*:* | R4000:UNIX_SYSV:*:* | R*000:UNIX_SV:*:*)
+ if [ -d /usr/nec ]; then
+ echo mips-nec-sysv${UNAME_RELEASE}
+ else
+ echo mips-unknown-sysv${UNAME_RELEASE}
+ fi
+ exit 0 ;;
+ BeBox:BeOS:*:*) # BeOS running on hardware made by Be, PPC only.
+ echo powerpc-be-beos
+ exit 0 ;;
+ BeMac:BeOS:*:*) # BeOS running on Mac or Mac clone, PPC only.
+ echo powerpc-apple-beos
+ exit 0 ;;
+ BePC:BeOS:*:*) # BeOS running on Intel PC compatible.
+ echo i586-pc-beos
+ exit 0 ;;
+ SX-4:SUPER-UX:*:*)
+ echo sx4-nec-superux${UNAME_RELEASE}
+ exit 0 ;;
+ SX-5:SUPER-UX:*:*)
+ echo sx5-nec-superux${UNAME_RELEASE}
+ exit 0 ;;
+ SX-6:SUPER-UX:*:*)
+ echo sx6-nec-superux${UNAME_RELEASE}
+ exit 0 ;;
+ Power*:Rhapsody:*:*)
+ echo powerpc-apple-rhapsody${UNAME_RELEASE}
+ exit 0 ;;
+ *:Rhapsody:*:*)
+ echo ${UNAME_MACHINE}-apple-rhapsody${UNAME_RELEASE}
+ exit 0 ;;
+ *:Darwin:*:*)
+ case `uname -p` in
+ *86) UNAME_PROCESSOR=i686 ;;
+ powerpc) UNAME_PROCESSOR=powerpc ;;
+ esac
+ echo ${UNAME_PROCESSOR}-apple-darwin${UNAME_RELEASE}
+ exit 0 ;;
+ *:procnto*:*:* | *:QNX:[0123456789]*:*)
+ UNAME_PROCESSOR=`uname -p`
+ if test "$UNAME_PROCESSOR" = "x86"; then
+ UNAME_PROCESSOR=i386
+ UNAME_MACHINE=pc
+ fi
+ echo ${UNAME_PROCESSOR}-${UNAME_MACHINE}-nto-qnx${UNAME_RELEASE}
+ exit 0 ;;
+ *:QNX:*:4*)
+ echo i386-pc-qnx
+ exit 0 ;;
+ NSR-[DGKLNPTVW]:NONSTOP_KERNEL:*:*)
+ echo nsr-tandem-nsk${UNAME_RELEASE}
+ exit 0 ;;
+ *:NonStop-UX:*:*)
+ echo mips-compaq-nonstopux
+ exit 0 ;;
+ BS2000:POSIX*:*:*)
+ echo bs2000-siemens-sysv
+ exit 0 ;;
+ DS/*:UNIX_System_V:*:*)
+ echo ${UNAME_MACHINE}-${UNAME_SYSTEM}-${UNAME_RELEASE}
+ exit 0 ;;
+ *:Plan9:*:*)
+ # "uname -m" is not consistent, so use $cputype instead. 386
+ # is converted to i386 for consistency with other x86
+ # operating systems.
+ if test "$cputype" = "386"; then
+ UNAME_MACHINE=i386
+ else
+ UNAME_MACHINE="$cputype"
+ fi
+ echo ${UNAME_MACHINE}-unknown-plan9
+ exit 0 ;;
+ *:TOPS-10:*:*)
+ echo pdp10-unknown-tops10
+ exit 0 ;;
+ *:TENEX:*:*)
+ echo pdp10-unknown-tenex
+ exit 0 ;;
+ KS10:TOPS-20:*:* | KL10:TOPS-20:*:* | TYPE4:TOPS-20:*:*)
+ echo pdp10-dec-tops20
+ exit 0 ;;
+ XKL-1:TOPS-20:*:* | TYPE5:TOPS-20:*:*)
+ echo pdp10-xkl-tops20
+ exit 0 ;;
+ *:TOPS-20:*:*)
+ echo pdp10-unknown-tops20
+ exit 0 ;;
+ *:ITS:*:*)
+ echo pdp10-unknown-its
+ exit 0 ;;
+ SEI:*:*:SEIUX)
+ echo mips-sei-seiux${UNAME_RELEASE}
+ exit 0 ;;
+esac
+
+#echo '(No uname command or uname output not recognized.)' 1>&2
+#echo "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" 1>&2
+
+eval $set_cc_for_build
+cat >$dummy.c <
+# include
+#endif
+main ()
+{
+#if defined (sony)
+#if defined (MIPSEB)
+ /* BFD wants "bsd" instead of "newsos". Perhaps BFD should be changed,
+ I don't know.... */
+ printf ("mips-sony-bsd\n"); exit (0);
+#else
+#include
+ printf ("m68k-sony-newsos%s\n",
+#ifdef NEWSOS4
+ "4"
+#else
+ ""
+#endif
+ ); exit (0);
+#endif
+#endif
+
+#if defined (__arm) && defined (__acorn) && defined (__unix)
+ printf ("arm-acorn-riscix"); exit (0);
+#endif
+
+#if defined (hp300) && !defined (hpux)
+ printf ("m68k-hp-bsd\n"); exit (0);
+#endif
+
+#if defined (NeXT)
+#if !defined (__ARCHITECTURE__)
+#define __ARCHITECTURE__ "m68k"
+#endif
+ int version;
+ version=`(hostinfo | sed -n 's/.*NeXT Mach \([0-9]*\).*/\1/p') 2>/dev/null`;
+ if (version < 4)
+ printf ("%s-next-nextstep%d\n", __ARCHITECTURE__, version);
+ else
+ printf ("%s-next-openstep%d\n", __ARCHITECTURE__, version);
+ exit (0);
+#endif
+
+#if defined (MULTIMAX) || defined (n16)
+#if defined (UMAXV)
+ printf ("ns32k-encore-sysv\n"); exit (0);
+#else
+#if defined (CMU)
+ printf ("ns32k-encore-mach\n"); exit (0);
+#else
+ printf ("ns32k-encore-bsd\n"); exit (0);
+#endif
+#endif
+#endif
+
+#if defined (__386BSD__)
+ printf ("i386-pc-bsd\n"); exit (0);
+#endif
+
+#if defined (sequent)
+#if defined (i386)
+ printf ("i386-sequent-dynix\n"); exit (0);
+#endif
+#if defined (ns32000)
+ printf ("ns32k-sequent-dynix\n"); exit (0);
+#endif
+#endif
+
+#if defined (_SEQUENT_)
+ struct utsname un;
+
+ uname(&un);
+
+ if (strncmp(un.version, "V2", 2) == 0) {
+ printf ("i386-sequent-ptx2\n"); exit (0);
+ }
+ if (strncmp(un.version, "V1", 2) == 0) { /* XXX is V1 correct? */
+ printf ("i386-sequent-ptx1\n"); exit (0);
+ }
+ printf ("i386-sequent-ptx\n"); exit (0);
+
+#endif
+
+#if defined (vax)
+# if !defined (ultrix)
+# include
+# if defined (BSD)
+# if BSD == 43
+ printf ("vax-dec-bsd4.3\n"); exit (0);
+# else
+# if BSD == 199006
+ printf ("vax-dec-bsd4.3reno\n"); exit (0);
+# else
+ printf ("vax-dec-bsd\n"); exit (0);
+# endif
+# endif
+# else
+ printf ("vax-dec-bsd\n"); exit (0);
+# endif
+# else
+ printf ("vax-dec-ultrix\n"); exit (0);
+# endif
+#endif
+
+#if defined (alliant) && defined (i860)
+ printf ("i860-alliant-bsd\n"); exit (0);
+#endif
+
+ exit (1);
+}
+EOF
+
+$CC_FOR_BUILD -o $dummy $dummy.c 2>/dev/null && $dummy && exit 0
+
+# Apollos put the system type in the environment.
+
+test -d /usr/apollo && { echo ${ISP}-apollo-${SYSTYPE}; exit 0; }
+
+# Convex versions that predate uname can use getsysinfo(1)
+
+if [ -x /usr/convex/getsysinfo ]
+then
+ case `getsysinfo -f cpu_type` in
+ c1*)
+ echo c1-convex-bsd
+ exit 0 ;;
+ c2*)
+ if getsysinfo -f scalar_acc
+ then echo c32-convex-bsd
+ else echo c2-convex-bsd
+ fi
+ exit 0 ;;
+ c34*)
+ echo c34-convex-bsd
+ exit 0 ;;
+ c38*)
+ echo c38-convex-bsd
+ exit 0 ;;
+ c4*)
+ echo c4-convex-bsd
+ exit 0 ;;
+ esac
+fi
+
+cat >&2 < in order to provide the needed
+information to handle your system.
+
+config.guess timestamp = $timestamp
+
+uname -m = `(uname -m) 2>/dev/null || echo unknown`
+uname -r = `(uname -r) 2>/dev/null || echo unknown`
+uname -s = `(uname -s) 2>/dev/null || echo unknown`
+uname -v = `(uname -v) 2>/dev/null || echo unknown`
+
+/usr/bin/uname -p = `(/usr/bin/uname -p) 2>/dev/null`
+/bin/uname -X = `(/bin/uname -X) 2>/dev/null`
+
+hostinfo = `(hostinfo) 2>/dev/null`
+/bin/universe = `(/bin/universe) 2>/dev/null`
+/usr/bin/arch -k = `(/usr/bin/arch -k) 2>/dev/null`
+/bin/arch = `(/bin/arch) 2>/dev/null`
+/usr/bin/oslevel = `(/usr/bin/oslevel) 2>/dev/null`
+/usr/convex/getsysinfo = `(/usr/convex/getsysinfo) 2>/dev/null`
+
+UNAME_MACHINE = ${UNAME_MACHINE}
+UNAME_RELEASE = ${UNAME_RELEASE}
+UNAME_SYSTEM = ${UNAME_SYSTEM}
+UNAME_VERSION = ${UNAME_VERSION}
+EOF
+
+exit 1
+
+# Local variables:
+# eval: (add-hook 'write-file-hooks 'time-stamp)
+# time-stamp-start: "timestamp='"
+# time-stamp-format: "%:y-%02m-%02d"
+# time-stamp-end: "'"
+# End:
diff --git a/config.sub b/config.sub
new file mode 100755
index 0000000..6eea727
--- /dev/null
+++ b/config.sub
@@ -0,0 +1,1505 @@
+#! /bin/sh
+# Configuration validation subroutine script.
+# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999,
+# 2000, 2001, 2002, 2003 Free Software Foundation, Inc.
+
+timestamp='2003-07-17'
+
+# This file is (in principle) common to ALL GNU software.
+# The presence of a machine in this file suggests that SOME GNU software
+# can handle that machine. It does not imply ALL GNU software can.
+#
+# This file is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place - Suite 330,
+# Boston, MA 02111-1307, USA.
+
+# As a special exception to the GNU General Public License, if you
+# distribute this file as part of a program that contains a
+# configuration script generated by Autoconf, you may include it under
+# the same distribution terms that you use for the rest of that program.
+
+# Please send patches to . Submit a context
+# diff and a properly formatted ChangeLog entry.
+#
+# Configuration subroutine to validate and canonicalize a configuration type.
+# Supply the specified configuration type as an argument.
+# If it is invalid, we print an error message on stderr and exit with code 1.
+# Otherwise, we print the canonical config type on stdout and succeed.
+
+# This file is supposed to be the same for all GNU packages
+# and recognize all the CPU types, system types and aliases
+# that are meaningful with *any* GNU software.
+# Each package is responsible for reporting which valid configurations
+# it does not support. The user should be able to distinguish
+# a failure to support a valid configuration from a meaningless
+# configuration.
+
+# The goal of this file is to map all the various variations of a given
+# machine specification into a single specification in the form:
+# CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM
+# or in some cases, the newer four-part form:
+# CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM
+# It is wrong to echo any other type of specification.
+
+me=`echo "$0" | sed -e 's,.*/,,'`
+
+usage="\
+Usage: $0 [OPTION] CPU-MFR-OPSYS
+ $0 [OPTION] ALIAS
+
+Canonicalize a configuration name.
+
+Operation modes:
+ -h, --help print this help, then exit
+ -t, --time-stamp print date of last modification, then exit
+ -v, --version print version number, then exit
+
+Report bugs and patches to ."
+
+version="\
+GNU config.sub ($timestamp)
+
+Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001
+Free Software Foundation, Inc.
+
+This is free software; see the source for copying conditions. There is NO
+warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE."
+
+help="
+Try \`$me --help' for more information."
+
+# Parse command line
+while test $# -gt 0 ; do
+ case $1 in
+ --time-stamp | --time* | -t )
+ echo "$timestamp" ; exit 0 ;;
+ --version | -v )
+ echo "$version" ; exit 0 ;;
+ --help | --h* | -h )
+ echo "$usage"; exit 0 ;;
+ -- ) # Stop option processing
+ shift; break ;;
+ - ) # Use stdin as input.
+ break ;;
+ -* )
+ echo "$me: invalid option $1$help"
+ exit 1 ;;
+
+ *local*)
+ # First pass through any local machine types.
+ echo $1
+ exit 0;;
+
+ * )
+ break ;;
+ esac
+done
+
+case $# in
+ 0) echo "$me: missing argument$help" >&2
+ exit 1;;
+ 1) ;;
+ *) echo "$me: too many arguments$help" >&2
+ exit 1;;
+esac
+
+# Separate what the user gave into CPU-COMPANY and OS or KERNEL-OS (if any).
+# Here we must recognize all the valid KERNEL-OS combinations.
+maybe_os=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\2/'`
+case $maybe_os in
+ nto-qnx* | linux-gnu* | kfreebsd*-gnu* | netbsd*-gnu* | storm-chaos* | os2-emx* | rtmk-nova*)
+ os=-$maybe_os
+ basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'`
+ ;;
+ *)
+ basic_machine=`echo $1 | sed 's/-[^-]*$//'`
+ if [ $basic_machine != $1 ]
+ then os=`echo $1 | sed 's/.*-/-/'`
+ else os=; fi
+ ;;
+esac
+
+### Let's recognize common machines as not being operating systems so
+### that things like config.sub decstation-3100 work. We also
+### recognize some manufacturers as not being operating systems, so we
+### can provide default operating systems below.
+case $os in
+ -sun*os*)
+ # Prevent following clause from handling this invalid input.
+ ;;
+ -dec* | -mips* | -sequent* | -encore* | -pc532* | -sgi* | -sony* | \
+ -att* | -7300* | -3300* | -delta* | -motorola* | -sun[234]* | \
+ -unicom* | -ibm* | -next | -hp | -isi* | -apollo | -altos* | \
+ -convergent* | -ncr* | -news | -32* | -3600* | -3100* | -hitachi* |\
+ -c[123]* | -convex* | -sun | -crds | -omron* | -dg | -ultra | -tti* | \
+ -harris | -dolphin | -highlevel | -gould | -cbm | -ns | -masscomp | \
+ -apple | -axis)
+ os=
+ basic_machine=$1
+ ;;
+ -sim | -cisco | -oki | -wec | -winbond)
+ os=
+ basic_machine=$1
+ ;;
+ -scout)
+ ;;
+ -wrs)
+ os=-vxworks
+ basic_machine=$1
+ ;;
+ -chorusos*)
+ os=-chorusos
+ basic_machine=$1
+ ;;
+ -chorusrdb)
+ os=-chorusrdb
+ basic_machine=$1
+ ;;
+ -hiux*)
+ os=-hiuxwe2
+ ;;
+ -sco5)
+ os=-sco3.2v5
+ basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
+ ;;
+ -sco4)
+ os=-sco3.2v4
+ basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
+ ;;
+ -sco3.2.[4-9]*)
+ os=`echo $os | sed -e 's/sco3.2./sco3.2v/'`
+ basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
+ ;;
+ -sco3.2v[4-9]*)
+ # Don't forget version if it is 3.2v4 or newer.
+ basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
+ ;;
+ -sco*)
+ os=-sco3.2v2
+ basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
+ ;;
+ -udk*)
+ basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
+ ;;
+ -isc)
+ os=-isc2.2
+ basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
+ ;;
+ -clix*)
+ basic_machine=clipper-intergraph
+ ;;
+ -isc*)
+ basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
+ ;;
+ -lynx*)
+ os=-lynxos
+ ;;
+ -ptx*)
+ basic_machine=`echo $1 | sed -e 's/86-.*/86-sequent/'`
+ ;;
+ -windowsnt*)
+ os=`echo $os | sed -e 's/windowsnt/winnt/'`
+ ;;
+ -psos*)
+ os=-psos
+ ;;
+ -mint | -mint[0-9]*)
+ basic_machine=m68k-atari
+ os=-mint
+ ;;
+esac
+
+# Decode aliases for certain CPU-COMPANY combinations.
+case $basic_machine in
+ # Recognize the basic CPU types without company name.
+ # Some are omitted here because they have special meanings below.
+ 1750a | 580 \
+ | a29k \
+ | alpha | alphaev[4-8] | alphaev56 | alphaev6[78] | alphapca5[67] \
+ | alpha64 | alpha64ev[4-8] | alpha64ev56 | alpha64ev6[78] | alpha64pca5[67] \
+ | am33_2.0 \
+ | arc | arm | arm[bl]e | arme[lb] | armv[2345] | armv[345][lb] | avr \
+ | c4x | clipper \
+ | d10v | d30v | dlx | dsp16xx \
+ | fr30 | frv \
+ | h8300 | h8500 | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \
+ | i370 | i860 | i960 | ia64 \
+ | ip2k | iq2000 \
+ | m32r | m68000 | m68k | m88k | mcore \
+ | mips | mipsbe | mipseb | mipsel | mipsle \
+ | mips16 \
+ | mips64 | mips64el \
+ | mips64vr | mips64vrel \
+ | mips64orion | mips64orionel \
+ | mips64vr4100 | mips64vr4100el \
+ | mips64vr4300 | mips64vr4300el \
+ | mips64vr5000 | mips64vr5000el \
+ | mipsisa32 | mipsisa32el \
+ | mipsisa32r2 | mipsisa32r2el \
+ | mipsisa64 | mipsisa64el \
+ | mipsisa64sb1 | mipsisa64sb1el \
+ | mipsisa64sr71k | mipsisa64sr71kel \
+ | mipstx39 | mipstx39el \
+ | mn10200 | mn10300 \
+ | msp430 \
+ | ns16k | ns32k \
+ | openrisc | or32 \
+ | pdp10 | pdp11 | pj | pjl \
+ | powerpc | powerpc64 | powerpc64le | powerpcle | ppcbe \
+ | pyramid \
+ | sh | sh[1234] | sh[23]e | sh[34]eb | shbe | shle | sh[1234]le | sh3ele \
+ | sh64 | sh64le \
+ | sparc | sparc64 | sparc86x | sparclet | sparclite | sparcv9 | sparcv9b \
+ | strongarm \
+ | tahoe | thumb | tic4x | tic80 | tron \
+ | v850 | v850e \
+ | we32k \
+ | x86 | xscale | xstormy16 | xtensa \
+ | z8k)
+ basic_machine=$basic_machine-unknown
+ ;;
+ m6811 | m68hc11 | m6812 | m68hc12)
+ # Motorola 68HC11/12.
+ basic_machine=$basic_machine-unknown
+ os=-none
+ ;;
+ m88110 | m680[12346]0 | m683?2 | m68360 | m5200 | v70 | w65 | z8k)
+ ;;
+
+ # We use `pc' rather than `unknown'
+ # because (1) that's what they normally are, and
+ # (2) the word "unknown" tends to confuse beginning users.
+ i*86 | x86_64)
+ basic_machine=$basic_machine-pc
+ ;;
+ # Object if more than one company name word.
+ *-*-*)
+ echo Invalid configuration \`$1\': machine \`$basic_machine\' not recognized 1>&2
+ exit 1
+ ;;
+ # Recognize the basic CPU types with company name.
+ 580-* \
+ | a29k-* \
+ | alpha-* | alphaev[4-8]-* | alphaev56-* | alphaev6[78]-* \
+ | alpha64-* | alpha64ev[4-8]-* | alpha64ev56-* | alpha64ev6[78]-* \
+ | alphapca5[67]-* | alpha64pca5[67]-* | arc-* \
+ | arm-* | armbe-* | armle-* | armeb-* | armv*-* \
+ | avr-* \
+ | bs2000-* \
+ | c[123]* | c30-* | [cjt]90-* | c4x-* | c54x-* | c55x-* | c6x-* \
+ | clipper-* | cydra-* \
+ | d10v-* | d30v-* | dlx-* \
+ | elxsi-* \
+ | f30[01]-* | f700-* | fr30-* | frv-* | fx80-* \
+ | h8300-* | h8500-* \
+ | hppa-* | hppa1.[01]-* | hppa2.0-* | hppa2.0[nw]-* | hppa64-* \
+ | i*86-* | i860-* | i960-* | ia64-* \
+ | ip2k-* | iq2000-* \
+ | m32r-* \
+ | m68000-* | m680[012346]0-* | m68360-* | m683?2-* | m68k-* \
+ | m88110-* | m88k-* | mcore-* \
+ | mips-* | mipsbe-* | mipseb-* | mipsel-* | mipsle-* \
+ | mips16-* \
+ | mips64-* | mips64el-* \
+ | mips64vr-* | mips64vrel-* \
+ | mips64orion-* | mips64orionel-* \
+ | mips64vr4100-* | mips64vr4100el-* \
+ | mips64vr4300-* | mips64vr4300el-* \
+ | mips64vr5000-* | mips64vr5000el-* \
+ | mipsisa32-* | mipsisa32el-* \
+ | mipsisa32r2-* | mipsisa32r2el-* \
+ | mipsisa64-* | mipsisa64el-* \
+ | mipsisa64sb1-* | mipsisa64sb1el-* \
+ | mipsisa64sr71k-* | mipsisa64sr71kel-* \
+ | mipstx39-* | mipstx39el-* \
+ | msp430-* \
+ | none-* | np1-* | nv1-* | ns16k-* | ns32k-* \
+ | orion-* \
+ | pdp10-* | pdp11-* | pj-* | pjl-* | pn-* | power-* \
+ | powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* | ppcbe-* \
+ | pyramid-* \
+ | romp-* | rs6000-* \
+ | sh-* | sh[1234]-* | sh[23]e-* | sh[34]eb-* | shbe-* \
+ | shle-* | sh[1234]le-* | sh3ele-* | sh64-* | sh64le-* \
+ | sparc-* | sparc64-* | sparc86x-* | sparclet-* | sparclite-* \
+ | sparcv9-* | sparcv9b-* | strongarm-* | sv1-* | sx?-* \
+ | tahoe-* | thumb-* \
+ | tic30-* | tic4x-* | tic54x-* | tic55x-* | tic6x-* | tic80-* \
+ | tron-* \
+ | v850-* | v850e-* | vax-* \
+ | we32k-* \
+ | x86-* | x86_64-* | xps100-* | xscale-* | xstormy16-* \
+ | xtensa-* \
+ | ymp-* \
+ | z8k-*)
+ ;;
+ # Recognize the various machine names and aliases which stand
+ # for a CPU type and a company and sometimes even an OS.
+ 386bsd)
+ basic_machine=i386-unknown
+ os=-bsd
+ ;;
+ 3b1 | 7300 | 7300-att | att-7300 | pc7300 | safari | unixpc)
+ basic_machine=m68000-att
+ ;;
+ 3b*)
+ basic_machine=we32k-att
+ ;;
+ a29khif)
+ basic_machine=a29k-amd
+ os=-udi
+ ;;
+ adobe68k)
+ basic_machine=m68010-adobe
+ os=-scout
+ ;;
+ alliant | fx80)
+ basic_machine=fx80-alliant
+ ;;
+ altos | altos3068)
+ basic_machine=m68k-altos
+ ;;
+ am29k)
+ basic_machine=a29k-none
+ os=-bsd
+ ;;
+ amd64)
+ basic_machine=x86_64-pc
+ ;;
+ amdahl)
+ basic_machine=580-amdahl
+ os=-sysv
+ ;;
+ amiga | amiga-*)
+ basic_machine=m68k-unknown
+ ;;
+ amigaos | amigados)
+ basic_machine=m68k-unknown
+ os=-amigaos
+ ;;
+ amigaunix | amix)
+ basic_machine=m68k-unknown
+ os=-sysv4
+ ;;
+ apollo68)
+ basic_machine=m68k-apollo
+ os=-sysv
+ ;;
+ apollo68bsd)
+ basic_machine=m68k-apollo
+ os=-bsd
+ ;;
+ aux)
+ basic_machine=m68k-apple
+ os=-aux
+ ;;
+ balance)
+ basic_machine=ns32k-sequent
+ os=-dynix
+ ;;
+ c90)
+ basic_machine=c90-cray
+ os=-unicos
+ ;;
+ convex-c1)
+ basic_machine=c1-convex
+ os=-bsd
+ ;;
+ convex-c2)
+ basic_machine=c2-convex
+ os=-bsd
+ ;;
+ convex-c32)
+ basic_machine=c32-convex
+ os=-bsd
+ ;;
+ convex-c34)
+ basic_machine=c34-convex
+ os=-bsd
+ ;;
+ convex-c38)
+ basic_machine=c38-convex
+ os=-bsd
+ ;;
+ cray | j90)
+ basic_machine=j90-cray
+ os=-unicos
+ ;;
+ crds | unos)
+ basic_machine=m68k-crds
+ ;;
+ cris | cris-* | etrax*)
+ basic_machine=cris-axis
+ ;;
+ da30 | da30-*)
+ basic_machine=m68k-da30
+ ;;
+ decstation | decstation-3100 | pmax | pmax-* | pmin | dec3100 | decstatn)
+ basic_machine=mips-dec
+ ;;
+ decsystem10* | dec10*)
+ basic_machine=pdp10-dec
+ os=-tops10
+ ;;
+ decsystem20* | dec20*)
+ basic_machine=pdp10-dec
+ os=-tops20
+ ;;
+ delta | 3300 | motorola-3300 | motorola-delta \
+ | 3300-motorola | delta-motorola)
+ basic_machine=m68k-motorola
+ ;;
+ delta88)
+ basic_machine=m88k-motorola
+ os=-sysv3
+ ;;
+ dpx20 | dpx20-*)
+ basic_machine=rs6000-bull
+ os=-bosx
+ ;;
+ dpx2* | dpx2*-bull)
+ basic_machine=m68k-bull
+ os=-sysv3
+ ;;
+ ebmon29k)
+ basic_machine=a29k-amd
+ os=-ebmon
+ ;;
+ elxsi)
+ basic_machine=elxsi-elxsi
+ os=-bsd
+ ;;
+ encore | umax | mmax)
+ basic_machine=ns32k-encore
+ ;;
+ es1800 | OSE68k | ose68k | ose | OSE)
+ basic_machine=m68k-ericsson
+ os=-ose
+ ;;
+ fx2800)
+ basic_machine=i860-alliant
+ ;;
+ genix)
+ basic_machine=ns32k-ns
+ ;;
+ gmicro)
+ basic_machine=tron-gmicro
+ os=-sysv
+ ;;
+ go32)
+ basic_machine=i386-pc
+ os=-go32
+ ;;
+ h3050r* | hiux*)
+ basic_machine=hppa1.1-hitachi
+ os=-hiuxwe2
+ ;;
+ h8300hms)
+ basic_machine=h8300-hitachi
+ os=-hms
+ ;;
+ h8300xray)
+ basic_machine=h8300-hitachi
+ os=-xray
+ ;;
+ h8500hms)
+ basic_machine=h8500-hitachi
+ os=-hms
+ ;;
+ harris)
+ basic_machine=m88k-harris
+ os=-sysv3
+ ;;
+ hp300-*)
+ basic_machine=m68k-hp
+ ;;
+ hp300bsd)
+ basic_machine=m68k-hp
+ os=-bsd
+ ;;
+ hp300hpux)
+ basic_machine=m68k-hp
+ os=-hpux
+ ;;
+ hp3k9[0-9][0-9] | hp9[0-9][0-9])
+ basic_machine=hppa1.0-hp
+ ;;
+ hp9k2[0-9][0-9] | hp9k31[0-9])
+ basic_machine=m68000-hp
+ ;;
+ hp9k3[2-9][0-9])
+ basic_machine=m68k-hp
+ ;;
+ hp9k6[0-9][0-9] | hp6[0-9][0-9])
+ basic_machine=hppa1.0-hp
+ ;;
+ hp9k7[0-79][0-9] | hp7[0-79][0-9])
+ basic_machine=hppa1.1-hp
+ ;;
+ hp9k78[0-9] | hp78[0-9])
+ # FIXME: really hppa2.0-hp
+ basic_machine=hppa1.1-hp
+ ;;
+ hp9k8[67]1 | hp8[67]1 | hp9k80[24] | hp80[24] | hp9k8[78]9 | hp8[78]9 | hp9k893 | hp893)
+ # FIXME: really hppa2.0-hp
+ basic_machine=hppa1.1-hp
+ ;;
+ hp9k8[0-9][13679] | hp8[0-9][13679])
+ basic_machine=hppa1.1-hp
+ ;;
+ hp9k8[0-9][0-9] | hp8[0-9][0-9])
+ basic_machine=hppa1.0-hp
+ ;;
+ hppa-next)
+ os=-nextstep3
+ ;;
+ hppaosf)
+ basic_machine=hppa1.1-hp
+ os=-osf
+ ;;
+ hppro)
+ basic_machine=hppa1.1-hp
+ os=-proelf
+ ;;
+ i370-ibm* | ibm*)
+ basic_machine=i370-ibm
+ ;;
+# I'm not sure what "Sysv32" means. Should this be sysv3.2?
+ i*86v32)
+ basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'`
+ os=-sysv32
+ ;;
+ i*86v4*)
+ basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'`
+ os=-sysv4
+ ;;
+ i*86v)
+ basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'`
+ os=-sysv
+ ;;
+ i*86sol2)
+ basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'`
+ os=-solaris2
+ ;;
+ i386mach)
+ basic_machine=i386-mach
+ os=-mach
+ ;;
+ i386-vsta | vsta)
+ basic_machine=i386-unknown
+ os=-vsta
+ ;;
+ iris | iris4d)
+ basic_machine=mips-sgi
+ case $os in
+ -irix*)
+ ;;
+ *)
+ os=-irix4
+ ;;
+ esac
+ ;;
+ isi68 | isi)
+ basic_machine=m68k-isi
+ os=-sysv
+ ;;
+ m88k-omron*)
+ basic_machine=m88k-omron
+ ;;
+ magnum | m3230)
+ basic_machine=mips-mips
+ os=-sysv
+ ;;
+ merlin)
+ basic_machine=ns32k-utek
+ os=-sysv
+ ;;
+ mingw32)
+ basic_machine=i386-pc
+ os=-mingw32
+ ;;
+ miniframe)
+ basic_machine=m68000-convergent
+ ;;
+ *mint | -mint[0-9]* | *MiNT | *MiNT[0-9]*)
+ basic_machine=m68k-atari
+ os=-mint
+ ;;
+ mips3*-*)
+ basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'`
+ ;;
+ mips3*)
+ basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'`-unknown
+ ;;
+ mmix*)
+ basic_machine=mmix-knuth
+ os=-mmixware
+ ;;
+ monitor)
+ basic_machine=m68k-rom68k
+ os=-coff
+ ;;
+ morphos)
+ basic_machine=powerpc-unknown
+ os=-morphos
+ ;;
+ msdos)
+ basic_machine=i386-pc
+ os=-msdos
+ ;;
+ mvs)
+ basic_machine=i370-ibm
+ os=-mvs
+ ;;
+ ncr3000)
+ basic_machine=i486-ncr
+ os=-sysv4
+ ;;
+ netbsd386)
+ basic_machine=i386-unknown
+ os=-netbsd
+ ;;
+ netwinder)
+ basic_machine=armv4l-rebel
+ os=-linux
+ ;;
+ news | news700 | news800 | news900)
+ basic_machine=m68k-sony
+ os=-newsos
+ ;;
+ news1000)
+ basic_machine=m68030-sony
+ os=-newsos
+ ;;
+ news-3600 | risc-news)
+ basic_machine=mips-sony
+ os=-newsos
+ ;;
+ necv70)
+ basic_machine=v70-nec
+ os=-sysv
+ ;;
+ next | m*-next )
+ basic_machine=m68k-next
+ case $os in
+ -nextstep* )
+ ;;
+ -ns2*)
+ os=-nextstep2
+ ;;
+ *)
+ os=-nextstep3
+ ;;
+ esac
+ ;;
+ nh3000)
+ basic_machine=m68k-harris
+ os=-cxux
+ ;;
+ nh[45]000)
+ basic_machine=m88k-harris
+ os=-cxux
+ ;;
+ nindy960)
+ basic_machine=i960-intel
+ os=-nindy
+ ;;
+ mon960)
+ basic_machine=i960-intel
+ os=-mon960
+ ;;
+ nonstopux)
+ basic_machine=mips-compaq
+ os=-nonstopux
+ ;;
+ np1)
+ basic_machine=np1-gould
+ ;;
+ nv1)
+ basic_machine=nv1-cray
+ os=-unicosmp
+ ;;
+ nsr-tandem)
+ basic_machine=nsr-tandem
+ ;;
+ op50n-* | op60c-*)
+ basic_machine=hppa1.1-oki
+ os=-proelf
+ ;;
+ or32 | or32-*)
+ basic_machine=or32-unknown
+ os=-coff
+ ;;
+ OSE68000 | ose68000)
+ basic_machine=m68000-ericsson
+ os=-ose
+ ;;
+ os68k)
+ basic_machine=m68k-none
+ os=-os68k
+ ;;
+ pa-hitachi)
+ basic_machine=hppa1.1-hitachi
+ os=-hiuxwe2
+ ;;
+ paragon)
+ basic_machine=i860-intel
+ os=-osf
+ ;;
+ pbd)
+ basic_machine=sparc-tti
+ ;;
+ pbb)
+ basic_machine=m68k-tti
+ ;;
+ pc532 | pc532-*)
+ basic_machine=ns32k-pc532
+ ;;
+ pentium | p5 | k5 | k6 | nexgen | viac3)
+ basic_machine=i586-pc
+ ;;
+ pentiumpro | p6 | 6x86 | athlon | athlon_*)
+ basic_machine=i686-pc
+ ;;
+ pentiumii | pentium2 | pentiumiii | pentium3)
+ basic_machine=i686-pc
+ ;;
+ pentium4)
+ basic_machine=i786-pc
+ ;;
+ pentium-* | p5-* | k5-* | k6-* | nexgen-* | viac3-*)
+ basic_machine=i586-`echo $basic_machine | sed 's/^[^-]*-//'`
+ ;;
+ pentiumpro-* | p6-* | 6x86-* | athlon-*)
+ basic_machine=i686-`echo $basic_machine | sed 's/^[^-]*-//'`
+ ;;
+ pentiumii-* | pentium2-* | pentiumiii-* | pentium3-*)
+ basic_machine=i686-`echo $basic_machine | sed 's/^[^-]*-//'`
+ ;;
+ pentium4-*)
+ basic_machine=i786-`echo $basic_machine | sed 's/^[^-]*-//'`
+ ;;
+ pn)
+ basic_machine=pn-gould
+ ;;
+ power) basic_machine=power-ibm
+ ;;
+ ppc) basic_machine=powerpc-unknown
+ ;;
+ ppc-*) basic_machine=powerpc-`echo $basic_machine | sed 's/^[^-]*-//'`
+ ;;
+ ppcle | powerpclittle | ppc-le | powerpc-little)
+ basic_machine=powerpcle-unknown
+ ;;
+ ppcle-* | powerpclittle-*)
+ basic_machine=powerpcle-`echo $basic_machine | sed 's/^[^-]*-//'`
+ ;;
+ ppc64) basic_machine=powerpc64-unknown
+ ;;
+ ppc64-*) basic_machine=powerpc64-`echo $basic_machine | sed 's/^[^-]*-//'`
+ ;;
+ ppc64le | powerpc64little | ppc64-le | powerpc64-little)
+ basic_machine=powerpc64le-unknown
+ ;;
+ ppc64le-* | powerpc64little-*)
+ basic_machine=powerpc64le-`echo $basic_machine | sed 's/^[^-]*-//'`
+ ;;
+ ps2)
+ basic_machine=i386-ibm
+ ;;
+ pw32)
+ basic_machine=i586-unknown
+ os=-pw32
+ ;;
+ rom68k)
+ basic_machine=m68k-rom68k
+ os=-coff
+ ;;
+ rm[46]00)
+ basic_machine=mips-siemens
+ ;;
+ rtpc | rtpc-*)
+ basic_machine=romp-ibm
+ ;;
+ s390 | s390-*)
+ basic_machine=s390-ibm
+ ;;
+ s390x | s390x-*)
+ basic_machine=s390x-ibm
+ ;;
+ sa29200)
+ basic_machine=a29k-amd
+ os=-udi
+ ;;
+ sb1)
+ basic_machine=mipsisa64sb1-unknown
+ ;;
+ sb1el)
+ basic_machine=mipsisa64sb1el-unknown
+ ;;
+ sei)
+ basic_machine=mips-sei
+ os=-seiux
+ ;;
+ sequent)
+ basic_machine=i386-sequent
+ ;;
+ sh)
+ basic_machine=sh-hitachi
+ os=-hms
+ ;;
+ sh64)
+ basic_machine=sh64-unknown
+ ;;
+ sparclite-wrs | simso-wrs)
+ basic_machine=sparclite-wrs
+ os=-vxworks
+ ;;
+ sps7)
+ basic_machine=m68k-bull
+ os=-sysv2
+ ;;
+ spur)
+ basic_machine=spur-unknown
+ ;;
+ st2000)
+ basic_machine=m68k-tandem
+ ;;
+ stratus)
+ basic_machine=i860-stratus
+ os=-sysv4
+ ;;
+ sun2)
+ basic_machine=m68000-sun
+ ;;
+ sun2os3)
+ basic_machine=m68000-sun
+ os=-sunos3
+ ;;
+ sun2os4)
+ basic_machine=m68000-sun
+ os=-sunos4
+ ;;
+ sun3os3)
+ basic_machine=m68k-sun
+ os=-sunos3
+ ;;
+ sun3os4)
+ basic_machine=m68k-sun
+ os=-sunos4
+ ;;
+ sun4os3)
+ basic_machine=sparc-sun
+ os=-sunos3
+ ;;
+ sun4os4)
+ basic_machine=sparc-sun
+ os=-sunos4
+ ;;
+ sun4sol2)
+ basic_machine=sparc-sun
+ os=-solaris2
+ ;;
+ sun3 | sun3-*)
+ basic_machine=m68k-sun
+ ;;
+ sun4)
+ basic_machine=sparc-sun
+ ;;
+ sun386 | sun386i | roadrunner)
+ basic_machine=i386-sun
+ ;;
+ sv1)
+ basic_machine=sv1-cray
+ os=-unicos
+ ;;
+ symmetry)
+ basic_machine=i386-sequent
+ os=-dynix
+ ;;
+ t3e)
+ basic_machine=alphaev5-cray
+ os=-unicos
+ ;;
+ t90)
+ basic_machine=t90-cray
+ os=-unicos
+ ;;
+ tic54x | c54x*)
+ basic_machine=tic54x-unknown
+ os=-coff
+ ;;
+ tic55x | c55x*)
+ basic_machine=tic55x-unknown
+ os=-coff
+ ;;
+ tic6x | c6x*)
+ basic_machine=tic6x-unknown
+ os=-coff
+ ;;
+ tx39)
+ basic_machine=mipstx39-unknown
+ ;;
+ tx39el)
+ basic_machine=mipstx39el-unknown
+ ;;
+ toad1)
+ basic_machine=pdp10-xkl
+ os=-tops20
+ ;;
+ tower | tower-32)
+ basic_machine=m68k-ncr
+ ;;
+ udi29k)
+ basic_machine=a29k-amd
+ os=-udi
+ ;;
+ ultra3)
+ basic_machine=a29k-nyu
+ os=-sym1
+ ;;
+ v810 | necv810)
+ basic_machine=v810-nec
+ os=-none
+ ;;
+ vaxv)
+ basic_machine=vax-dec
+ os=-sysv
+ ;;
+ vms)
+ basic_machine=vax-dec
+ os=-vms
+ ;;
+ vpp*|vx|vx-*)
+ basic_machine=f301-fujitsu
+ ;;
+ vxworks960)
+ basic_machine=i960-wrs
+ os=-vxworks
+ ;;
+ vxworks68)
+ basic_machine=m68k-wrs
+ os=-vxworks
+ ;;
+ vxworks29k)
+ basic_machine=a29k-wrs
+ os=-vxworks
+ ;;
+ w65*)
+ basic_machine=w65-wdc
+ os=-none
+ ;;
+ w89k-*)
+ basic_machine=hppa1.1-winbond
+ os=-proelf
+ ;;
+ xps | xps100)
+ basic_machine=xps100-honeywell
+ ;;
+ ymp)
+ basic_machine=ymp-cray
+ os=-unicos
+ ;;
+ z8k-*-coff)
+ basic_machine=z8k-unknown
+ os=-sim
+ ;;
+ none)
+ basic_machine=none-none
+ os=-none
+ ;;
+
+# Here we handle the default manufacturer of certain CPU types. It is in
+# some cases the only manufacturer, in others, it is the most popular.
+ w89k)
+ basic_machine=hppa1.1-winbond
+ ;;
+ op50n)
+ basic_machine=hppa1.1-oki
+ ;;
+ op60c)
+ basic_machine=hppa1.1-oki
+ ;;
+ romp)
+ basic_machine=romp-ibm
+ ;;
+ rs6000)
+ basic_machine=rs6000-ibm
+ ;;
+ vax)
+ basic_machine=vax-dec
+ ;;
+ pdp10)
+ # there are many clones, so DEC is not a safe bet
+ basic_machine=pdp10-unknown
+ ;;
+ pdp11)
+ basic_machine=pdp11-dec
+ ;;
+ we32k)
+ basic_machine=we32k-att
+ ;;
+ sh3 | sh4 | sh[34]eb | sh[1234]le | sh[23]ele)
+ basic_machine=sh-unknown
+ ;;
+ sh64)
+ basic_machine=sh64-unknown
+ ;;
+ sparc | sparcv9 | sparcv9b)
+ basic_machine=sparc-sun
+ ;;
+ cydra)
+ basic_machine=cydra-cydrome
+ ;;
+ orion)
+ basic_machine=orion-highlevel
+ ;;
+ orion105)
+ basic_machine=clipper-highlevel
+ ;;
+ mac | mpw | mac-mpw)
+ basic_machine=m68k-apple
+ ;;
+ pmac | pmac-mpw)
+ basic_machine=powerpc-apple
+ ;;
+ *-unknown)
+ # Make sure to match an already-canonicalized machine name.
+ ;;
+ *)
+ echo Invalid configuration \`$1\': machine \`$basic_machine\' not recognized 1>&2
+ exit 1
+ ;;
+esac
+
+# Here we canonicalize certain aliases for manufacturers.
+case $basic_machine in
+ *-digital*)
+ basic_machine=`echo $basic_machine | sed 's/digital.*/dec/'`
+ ;;
+ *-commodore*)
+ basic_machine=`echo $basic_machine | sed 's/commodore.*/cbm/'`
+ ;;
+ *)
+ ;;
+esac
+
+# Decode manufacturer-specific aliases for certain operating systems.
+
+if [ x"$os" != x"" ]
+then
+case $os in
+ # First match some system type aliases
+ # that might get confused with valid system types.
+ # -solaris* is a basic system type, with this one exception.
+ -solaris1 | -solaris1.*)
+ os=`echo $os | sed -e 's|solaris1|sunos4|'`
+ ;;
+ -solaris)
+ os=-solaris2
+ ;;
+ -svr4*)
+ os=-sysv4
+ ;;
+ -unixware*)
+ os=-sysv4.2uw
+ ;;
+ -gnu/linux*)
+ os=`echo $os | sed -e 's|gnu/linux|linux-gnu|'`
+ ;;
+ # First accept the basic system types.
+ # The portable systems comes first.
+ # Each alternative MUST END IN A *, to match a version number.
+ # -sysv* is not here because it comes later, after sysvr4.
+ -gnu* | -bsd* | -mach* | -minix* | -genix* | -ultrix* | -irix* \
+ | -*vms* | -sco* | -esix* | -isc* | -aix* | -sunos | -sunos[34]*\
+ | -hpux* | -unos* | -osf* | -luna* | -dgux* | -solaris* | -sym* \
+ | -amigaos* | -amigados* | -msdos* | -newsos* | -unicos* | -aof* \
+ | -aos* \
+ | -nindy* | -vxsim* | -vxworks* | -ebmon* | -hms* | -mvs* \
+ | -clix* | -riscos* | -uniplus* | -iris* | -rtu* | -xenix* \
+ | -hiux* | -386bsd* | -netbsd* | -openbsd* | -kfreebsd* | -freebsd* | -riscix* \
+ | -lynxos* | -bosx* | -nextstep* | -cxux* | -aout* | -elf* | -oabi* \
+ | -ptx* | -coff* | -ecoff* | -winnt* | -domain* | -vsta* \
+ | -udi* | -eabi* | -lites* | -ieee* | -go32* | -aux* \
+ | -chorusos* | -chorusrdb* \
+ | -cygwin* | -pe* | -psos* | -moss* | -proelf* | -rtems* \
+ | -mingw32* | -linux-gnu* | -uxpv* | -beos* | -mpeix* | -udk* \
+ | -interix* | -uwin* | -mks* | -rhapsody* | -darwin* | -opened* \
+ | -openstep* | -oskit* | -conix* | -pw32* | -nonstopux* \
+ | -storm-chaos* | -tops10* | -tenex* | -tops20* | -its* \
+ | -os2* | -vos* | -palmos* | -uclinux* | -nucleus* \
+ | -morphos* | -superux* | -rtmk* | -rtmk-nova* | -windiss* \
+ | -powermax* | -dnix* | -nx6 | -nx7 | -sei*)
+ # Remember, each alternative MUST END IN *, to match a version number.
+ ;;
+ -qnx*)
+ case $basic_machine in
+ x86-* | i*86-*)
+ ;;
+ *)
+ os=-nto$os
+ ;;
+ esac
+ ;;
+ -nto-qnx*)
+ ;;
+ -nto*)
+ os=`echo $os | sed -e 's|nto|nto-qnx|'`
+ ;;
+ -sim | -es1800* | -hms* | -xray | -os68k* | -none* | -v88r* \
+ | -windows* | -osx | -abug | -netware* | -os9* | -beos* \
+ | -macos* | -mpw* | -magic* | -mmixware* | -mon960* | -lnews*)
+ ;;
+ -mac*)
+ os=`echo $os | sed -e 's|mac|macos|'`
+ ;;
+ -linux*)
+ os=`echo $os | sed -e 's|linux|linux-gnu|'`
+ ;;
+ -sunos5*)
+ os=`echo $os | sed -e 's|sunos5|solaris2|'`
+ ;;
+ -sunos6*)
+ os=`echo $os | sed -e 's|sunos6|solaris3|'`
+ ;;
+ -opened*)
+ os=-openedition
+ ;;
+ -wince*)
+ os=-wince
+ ;;
+ -osfrose*)
+ os=-osfrose
+ ;;
+ -osf*)
+ os=-osf
+ ;;
+ -utek*)
+ os=-bsd
+ ;;
+ -dynix*)
+ os=-bsd
+ ;;
+ -acis*)
+ os=-aos
+ ;;
+ -atheos*)
+ os=-atheos
+ ;;
+ -386bsd)
+ os=-bsd
+ ;;
+ -ctix* | -uts*)
+ os=-sysv
+ ;;
+ -nova*)
+ os=-rtmk-nova
+ ;;
+ -ns2 )
+ os=-nextstep2
+ ;;
+ -nsk*)
+ os=-nsk
+ ;;
+ # Preserve the version number of sinix5.
+ -sinix5.*)
+ os=`echo $os | sed -e 's|sinix|sysv|'`
+ ;;
+ -sinix*)
+ os=-sysv4
+ ;;
+ -triton*)
+ os=-sysv3
+ ;;
+ -oss*)
+ os=-sysv3
+ ;;
+ -svr4)
+ os=-sysv4
+ ;;
+ -svr3)
+ os=-sysv3
+ ;;
+ -sysvr4)
+ os=-sysv4
+ ;;
+ # This must come after -sysvr4.
+ -sysv*)
+ ;;
+ -ose*)
+ os=-ose
+ ;;
+ -es1800*)
+ os=-ose
+ ;;
+ -xenix)
+ os=-xenix
+ ;;
+ -*mint | -mint[0-9]* | -*MiNT | -MiNT[0-9]*)
+ os=-mint
+ ;;
+ -aros*)
+ os=-aros
+ ;;
+ -kaos*)
+ os=-kaos
+ ;;
+ -none)
+ ;;
+ *)
+ # Get rid of the `-' at the beginning of $os.
+ os=`echo $os | sed 's/[^-]*-//'`
+ echo Invalid configuration \`$1\': system \`$os\' not recognized 1>&2
+ exit 1
+ ;;
+esac
+else
+
+# Here we handle the default operating systems that come with various machines.
+# The value should be what the vendor currently ships out the door with their
+# machine or put another way, the most popular os provided with the machine.
+
+# Note that if you're going to try to match "-MANUFACTURER" here (say,
+# "-sun"), then you have to tell the case statement up towards the top
+# that MANUFACTURER isn't an operating system. Otherwise, code above
+# will signal an error saying that MANUFACTURER isn't an operating
+# system, and we'll never get to this point.
+
+case $basic_machine in
+ *-acorn)
+ os=-riscix1.2
+ ;;
+ arm*-rebel)
+ os=-linux
+ ;;
+ arm*-semi)
+ os=-aout
+ ;;
+ c4x-* | tic4x-*)
+ os=-coff
+ ;;
+ # This must come before the *-dec entry.
+ pdp10-*)
+ os=-tops20
+ ;;
+ pdp11-*)
+ os=-none
+ ;;
+ *-dec | vax-*)
+ os=-ultrix4.2
+ ;;
+ m68*-apollo)
+ os=-domain
+ ;;
+ i386-sun)
+ os=-sunos4.0.2
+ ;;
+ m68000-sun)
+ os=-sunos3
+ # This also exists in the configure program, but was not the
+ # default.
+ # os=-sunos4
+ ;;
+ m68*-cisco)
+ os=-aout
+ ;;
+ mips*-cisco)
+ os=-elf
+ ;;
+ mips*-*)
+ os=-elf
+ ;;
+ or32-*)
+ os=-coff
+ ;;
+ *-tti) # must be before sparc entry or we get the wrong os.
+ os=-sysv3
+ ;;
+ sparc-* | *-sun)
+ os=-sunos4.1.1
+ ;;
+ *-be)
+ os=-beos
+ ;;
+ *-ibm)
+ os=-aix
+ ;;
+ *-wec)
+ os=-proelf
+ ;;
+ *-winbond)
+ os=-proelf
+ ;;
+ *-oki)
+ os=-proelf
+ ;;
+ *-hp)
+ os=-hpux
+ ;;
+ *-hitachi)
+ os=-hiux
+ ;;
+ i860-* | *-att | *-ncr | *-altos | *-motorola | *-convergent)
+ os=-sysv
+ ;;
+ *-cbm)
+ os=-amigaos
+ ;;
+ *-dg)
+ os=-dgux
+ ;;
+ *-dolphin)
+ os=-sysv3
+ ;;
+ m68k-ccur)
+ os=-rtu
+ ;;
+ m88k-omron*)
+ os=-luna
+ ;;
+ *-next )
+ os=-nextstep
+ ;;
+ *-sequent)
+ os=-ptx
+ ;;
+ *-crds)
+ os=-unos
+ ;;
+ *-ns)
+ os=-genix
+ ;;
+ i370-*)
+ os=-mvs
+ ;;
+ *-next)
+ os=-nextstep3
+ ;;
+ *-gould)
+ os=-sysv
+ ;;
+ *-highlevel)
+ os=-bsd
+ ;;
+ *-encore)
+ os=-bsd
+ ;;
+ *-sgi)
+ os=-irix
+ ;;
+ *-siemens)
+ os=-sysv4
+ ;;
+ *-masscomp)
+ os=-rtu
+ ;;
+ f30[01]-fujitsu | f700-fujitsu)
+ os=-uxpv
+ ;;
+ *-rom68k)
+ os=-coff
+ ;;
+ *-*bug)
+ os=-coff
+ ;;
+ *-apple)
+ os=-macos
+ ;;
+ *-atari*)
+ os=-mint
+ ;;
+ *)
+ os=-none
+ ;;
+esac
+fi
+
+# Here we handle the case where we know the os, and the CPU type, but not the
+# manufacturer. We pick the logical manufacturer.
+vendor=unknown
+case $basic_machine in
+ *-unknown)
+ case $os in
+ -riscix*)
+ vendor=acorn
+ ;;
+ -sunos*)
+ vendor=sun
+ ;;
+ -aix*)
+ vendor=ibm
+ ;;
+ -beos*)
+ vendor=be
+ ;;
+ -hpux*)
+ vendor=hp
+ ;;
+ -mpeix*)
+ vendor=hp
+ ;;
+ -hiux*)
+ vendor=hitachi
+ ;;
+ -unos*)
+ vendor=crds
+ ;;
+ -dgux*)
+ vendor=dg
+ ;;
+ -luna*)
+ vendor=omron
+ ;;
+ -genix*)
+ vendor=ns
+ ;;
+ -mvs* | -opened*)
+ vendor=ibm
+ ;;
+ -ptx*)
+ vendor=sequent
+ ;;
+ -vxsim* | -vxworks* | -windiss*)
+ vendor=wrs
+ ;;
+ -aux*)
+ vendor=apple
+ ;;
+ -hms*)
+ vendor=hitachi
+ ;;
+ -mpw* | -macos*)
+ vendor=apple
+ ;;
+ -*mint | -mint[0-9]* | -*MiNT | -MiNT[0-9]*)
+ vendor=atari
+ ;;
+ -vos*)
+ vendor=stratus
+ ;;
+ esac
+ basic_machine=`echo $basic_machine | sed "s/unknown/$vendor/"`
+ ;;
+esac
+
+echo $basic_machine$os
+exit 0
+
+# Local variables:
+# eval: (add-hook 'write-file-hooks 'time-stamp)
+# time-stamp-start: "timestamp='"
+# time-stamp-format: "%:y-%02m-%02d"
+# time-stamp-end: "'"
+# End:
diff --git a/configure.in b/configure.in
new file mode 100644
index 0000000..c9db6c2
--- /dev/null
+++ b/configure.in
@@ -0,0 +1,273 @@
+dnl Process this file with autoconf to produce a configure script.
+AC_PREQ(2.50)
+AC_INIT(ulogd.c)
+
+dnl Checks for programs.
+AC_PROG_MAKE_SET
+AC_PROG_CC
+AC_CHECK_TOOL(LD, ld)
+AC_PROG_INSTALL
+
+dnl Checks for libraries.
+AC_CHECK_LIB(dl, dlopen)
+AC_CHECK_HEADER(pcap.h,HAVE_PCAP_H=true)
+
+dnl Checks for header files.
+AC_HEADER_DIRENT
+AC_HEADER_STDC
+AC_CHECK_HEADERS(fcntl.h unistd.h)
+
+dnl Checks for typedefs, structures, and compiler characteristics.
+AC_C_CONST
+AC_TYPE_SIZE_T
+AC_STRUCT_TM
+AC_SYS_LARGEFILE
+
+dnl Checks for library functions.
+AC_FUNC_VPRINTF
+AC_CHECK_FUNCS(socket strerror)
+
+DATABASE_DIR=""
+DATABASE_LIB=""
+DATABASE_LIB_DIR=""
+
+DATABASE_DRIVERS=""
+
+KERNEL64_USERSPACE32=""
+
+dnl
+dnl test for MySQL
+dnl
+AC_ARG_WITH(mysql,
+ --with-mysql= mysql installed in ,[
+if test $withval != yes
+then
+ dir=$withval
+else
+ dir="/usr/local"
+fi
+mysqldir=""
+AC_MSG_CHECKING(for MySQL files)
+for d in $dir/bin /usr/bin /usr/local/bin /usr/local/mysql/bin /opt/mysql/bin /opt/packages/mysql/bin
+do
+ if test -f $d/mysql_config
+ then
+ AC_MSG_RESULT(found mysql_config in $d)
+ mysqldir=$d
+ break
+ fi
+done
+
+if test x$mysqldir = x
+then
+ AC_MSG_WARN(MySQL backend not used)
+else
+ AC_DEFINE(HAVE_MYSQL)
+ MYSQLINCLUDES=`$d/mysql_config --include`
+
+ DATABASE_DIR="${DATABASE_DIR} mysql"
+
+ MYSQL_LIB=`$d/mysql_config --libs`
+ DB_DEF="${DB_DEF} -DHAVE_MYSQL "
+
+
+ AC_SUBST(MYSQLINCLUDES)
+ AC_SUBST(MYSQL_LIB)
+
+ dnl Here we check whether we have an old MySQL client library
+ dnl installed, which does not support the mysql_real_escape_string(),
+ dnl but the real_escape_string() function.
+ dnl Having a look in the libary itself should be more reliable than
+ dnl parsing the output of mysql --version.
+
+ OLDLIBS="$LIBS"
+ LIBS="$MYSQL_LIB"
+ AC_CHECK_FUNCS([mysql_real_escape_string], [], [EXTRA_MYSQL_DEF="-DOLD_MYSQL=1 "])
+ LIBS="$OLDLIBS"
+fi
+])
+
+
+dnl
+dnl Check whether the user wants log IP-addresses as strings rather
+dnl than as unsigned long-integers to his MySQL-database. Since this
+dnl feature is only used in ulogd_MYSQL.c, there are no checks in any
+dnl way.
+dnl
+
+AC_ARG_WITH(mysql-log-ip-as-string,
+ --with-mysql-log-ip-as-string log IPs as string rather than as
+ unsigned long-integer.
+,[
+ EXTRA_MYSQL_DEF="${EXTRA_MYSQL_DEF} -DIP_AS_STRING=1"
+ AC_MSG_WARN(the use of --with-mysql-log-ip-as-string is discouraged)
+])
+
+
+dnl
+dnl test for PostgreSQL
+dnl
+AC_ARG_WITH(pgsql,
+ --with-pgsql= pgsql installed in ,[
+if test $withval != yes
+then
+ dir=$withval
+else
+ dir="/usr/local"
+fi
+pgsqldir=""
+AC_MSG_CHECKING(for PGSQL files)
+for d in $dir/bin /usr/bin /usr/local/bin /usr/local/pgsql/bin /opt/pgsql/bin /opt/packages/pgsql/bin
+do
+ if test -x $d/pg_config
+ then
+ AC_MSG_RESULT(found pg_config in $d)
+ pgsqldir=$d
+ break
+ fi
+done
+
+if test x$pgsqldir = x
+then
+ AC_MSG_WARN(PGSQL backend not used)
+else
+ AC_DEFINE(HAVE_PGSQL)
+ PGSQLINCLUDES=-I`$pgsqldir/pg_config --includedir`
+ PGSQLLIBS=-L`$pgsqldir/pg_config --libdir`
+
+ DATABASE_DIR="${DATABASE_DIR} pgsql"
+ PGSQL_LIB="${PGSQLLIBS} -lpq "
+
+ DB_DEF="${DB_DEF} -DHAVE_PGSQL "
+
+ AC_SUBST(PGSQLINCLUDES)
+ AC_SUBST(PGSQL_LIB)
+
+fi
+])
+
+dnl
+dnl Check whether the user wants to log IP-addresses as strings rather
+dnl than integers to his pgsql-database.
+dnl
+
+AC_ARG_WITH(pgsql-log-ip-as-string,
+ --with-pgsql-log-ip-as-string log IPs as string rather than as interger
+,[
+ EXTRA_PGSQL_DEF="-DIP_AS_STRING=1"
+])
+
+
+dnl
+dnl test for sqlite3
+dnl
+AC_ARG_WITH(sqlite3,
+ --with-sqlite3= sqlite3 installed in ,[
+if test $withval != yes
+then
+ dir=$withval
+else
+ dir="/usr/local"
+fi
+sqlite3dir=""
+AC_MSG_CHECKING(for sqlite3 files)
+for d in $dir /usr /usr/local /usr/local/sqlite3
+do
+ if test -f $d/lib64/sqlite3/libsqlite3.so
+ then
+ AC_MSG_RESULT(found sqlite3 in $d)
+ sqlite3dir=$d
+ sqlite3dir_suffix=/sqlite3
+ sqlite3dir_libdir=${sqlite3dir}/lib64
+ break
+ elif test -f $d/lib/sqlite3/libsqlite3.so
+ then
+ AC_MSG_RESULT(found sqlite3 in $d)
+ sqlite3dir=$d
+ sqlite3dir_suffix=/sqlite3
+ sqlite3dir_libdir=${sqlite3dir}/lib
+ break
+ elif test -f $d/lib64/libsqlite3.so
+ then
+ AC_MSG_RESULT(found sqlite3 in $d)
+ sqlite3dir=$d
+ sqlite3dir_suffix=
+ sqlite3dir_libdir=${sqlite3dir}/lib64
+ break
+ elif test -f $d/lib/libsqlite3.so
+ then
+ AC_MSG_RESULT(found sqlite3 in $d)
+ sqlite3dir=$d
+ sqlite3dir_suffix=
+ sqlite3dir_libdir=${sqlite3dir}/lib
+ break
+ fi
+done
+
+if test x$sqlite3dir = x
+then
+ AC_MSG_WARN(sqlite3 backend not used)
+else
+ AC_DEFINE(HAVE_SQLITE3)
+ SQLITE3INCLUDES=-I${sqlite3dir}/include${sqlite3dir_suffix}
+ SQLITE3LIBS=-L${sqlite3dir_libdir}${sqlite3dir_suffix}
+
+ DATABASE_DIR="${DATABASE_DIR} sqlite3"
+ SQLITE3_LIB="${SQLITE3LIBS} -lsqlite3 "
+
+ DB_DEF="${DB_DEF} -DHAVE_SQLITE3 "
+
+
+ AC_SUBST(SQLITE3INCLUDES)
+ AC_SUBST(SQLITE3_LIB)
+
+fi
+])
+
+
+dnl
+dnl Check whether the user wants log IP-addresses as strings rather
+dnl than as unsigned long-integers to his sqlite3-database. Since this
+dnl feature is only used in ulogd_SQLITE3.c, there are no checks in any
+dnl way.
+dnl
+
+AC_ARG_WITH(sqlite3-log-ip-as-string,
+ --with-sqlite3-log-ip-as-string log IPs as string rather than as
+ unsigned long-integer.
+,[
+ EXTRA_SQLITE3_DEF="${EXTRA_SQLITE3_DEF} -DIP_AS_STRING=1"
+ AC_MSG_WARN(the use of --with-sqlite3-log-ip-as-string is discouraged)
+])
+
+dnl
+dnl Kernel 64
+dnl
+
+AC_ARG_WITH(kernel-64-user-32,
+ --with-kernel-64-user-32 Use this flag to compile on system where kernel is 64 bits
+ userspace is 32.
+,[
+ KERNEL64_USERSPACE32="-DKERNEL_64_USERSPACE_32"
+ AC_MSG_WARN(The use of the flag kernel-64-user-32 could interfere with kernel evolution. Use it at your own risk.)
+])
+
+
+AC_SUBST(DATABASE_DIR)
+AC_SUBST(DATABASE_LIB)
+AC_SUBST(DATABASE_LIB_DIR)
+AC_SUBST(DB_DEF)
+AC_SUBST(EXTRA_MYSQL_DEF)
+AC_SUBST(EXTRA_PGSQL_DEF)
+AC_SUBST(EXTRA_SQLITE3_DEF)
+
+AC_SUBST(DATABASE_DRIVERS)
+AC_SUBST(HAVE_PCAP_H)
+
+AC_SUBST(KERNEL64_USERSPACE32)
+
+AM_CONDITIONAL(HAVE_MYSQL, test x$mysqldir != x)
+AM_CONDITIONAL(HAVE_PGSQL, test x$pgsqldir != x)
+AM_CONDITIONAL(HAVE_SQLITE3, test x$sqlite3dir != x)
+
+AC_OUTPUT(extensions/Makefile doc/Makefile conffile/Makefile libipulog/Makefile mysql/Makefile pgsql/Makefile sqlite3/Makefile pcap/Makefile Makefile Rules.make)
diff --git a/contrib/ulog_query.php.gz b/contrib/ulog_query.php.gz
new file mode 100644
index 0000000..e57bc0b
Binary files /dev/null and b/contrib/ulog_query.php.gz differ
diff --git a/doc/Makefile.in b/doc/Makefile.in
new file mode 100644
index 0000000..e6c71a9
--- /dev/null
+++ b/doc/Makefile.in
@@ -0,0 +1,51 @@
+#! /usr/bin/make
+# this file is shamelessly stolen from the iptables CVS tree
+
+LANG_DIRS:=
+
+HOWTOS:=$(wildcard *.sgml)
+HOWTOS+=$(foreach dir, $(LANG_DIRS), $(wildcard $(dir)/*.sgml))
+
+TXT_HOWTOS:=$(HOWTOS:.sgml=.txt)
+HTML_HOWTOS:=$(HOWTOS:.sgml=.html)
+PSA4_HOWTOS:=$(HOWTOS:.sgml=.a4.ps)
+PSUS_HOWTOS:=$(HOWTOS:.sgml=.letter.ps)
+
+HOWTO_FLAGS_it/=-c latin -l it
+HOWTO_FLAGS_fr/=-c latin -l fr
+
+user_calls_make:
+
+distrib: $(TXT_HOWTOS) $(PSA4_HOWTOS) $(HTML_HOWTOS)
+
+HOWTOs: $(TXT_HOWTOS) $(HTML_HOWTOS) $(PSA4_HOWTOS) $(PSUS_HOWTOS)
+
+# Remake all if Makefile changes.
+$(TXT_HOWTOS) $(HTML_HOWTOS) $(PSA4_HOWTOS) $(PSUS_HOWTOS): Makefile
+
+# Stupid sgml2* tools strip dirnames for output files. 8(
+%.txt: %.sgml
+ @echo Making $@: && cd `dirname $<` && sgml2txt --filter $(HOWTO_FLAGS_$(dir $<)) `basename $<` 2>&1 | sed "s?^:\([0-9]*\):[^ ]* ?$<:\1:?"
+
+%.a4.dvi: %.sgml
+ @echo Making $@: && cd `dirname $<` && sgml2latex --papersize=a4 --output=dvi $(HOWTO_FLAGS_$(dir $<)) `basename $<` 2>&1 | sed "s?^:\([0-9]*\):[^ ]* ?$<:\1:?" && mv `basename $*.dvi` `basename $*.a4.dvi`
+
+%.a4.ps: %.a4.dvi
+ @dvips -t a4 -o $@ $<
+
+%.letter.dvi: %.sgml
+ @echo Making $@: && cd `dirname $<` && sgml2latex --papersize=letter --output=dvi $(HOWTO_FLAGS_$(dir $<)) `basename $<` 2>&1 | sed "s?^:\([0-9]*\):[^ ]* ?$<:\1:?" && mv `basename $*.dvi` `basename $*.letter.dvi`
+
+%.letter.ps: %.letter.dvi
+ @dvips -t letter -o $@ $<
+
+%.html: %.sgml
+ @echo Making $@: && cd `dirname $<` && sgml2html -s 0 $(HOWTO_FLAGS_$(dir $<)) `basename $<` 2>&1 | sed "s?^:\([0-9]*\):[^ ]* ?$<:\1:?"
+
+clean:
+# for d in . $(LANG_DIRS); do rm -f $$d/*.html $$d/*.ps $$d/*.aux $$d/*.log $$d/*.txt $$d/*~; done
+
+distclean:
+ rm -f Makefile
+
+install:
diff --git a/doc/mysql.table b/doc/mysql.table
new file mode 100644
index 0000000..bdfee71
--- /dev/null
+++ b/doc/mysql.table
@@ -0,0 +1,55 @@
+CREATE TABLE ulog ( id INT UNSIGNED AUTO_INCREMENT UNIQUE,
+
+ raw_mac VARCHAR(80),
+
+ oob_time_sec INT UNSIGNED,
+ oob_time_usec INT UNSIGNED,
+ oob_prefix VARCHAR(32),
+ oob_mark INT UNSIGNED,
+ oob_in VARCHAR(32),
+ oob_out VARCHAR(32),
+
+ ip_saddr INT UNSIGNED,
+ ip_daddr INT UNSIGNED,
+ ip_protocol TINYINT UNSIGNED,
+ ip_tos TINYINT UNSIGNED,
+ ip_ttl TINYINT UNSIGNED,
+ ip_totlen SMALLINT UNSIGNED,
+ ip_ihl TINYINT UNSIGNED,
+ ip_csum SMALLINT UNSIGNED,
+ ip_id SMALLINT UNSIGNED,
+ ip_fragoff SMALLINT UNSIGNED,
+
+ tcp_sport SMALLINT UNSIGNED,
+ tcp_dport SMALLINT UNSIGNED,
+ tcp_seq INT UNSIGNED,
+ tcp_ackseq INT UNSIGNED,
+ tcp_window SMALLINT UNSIGNED,
+ tcp_urg TINYINT,
+ tcp_urgp SMALLINT UNSIGNED,
+ tcp_ack TINYINT,
+ tcp_psh TINYINT,
+ tcp_rst TINYINT,
+ tcp_syn TINYINT,
+ tcp_fin TINYINT,
+
+ udp_sport SMALLINT UNSIGNED,
+ udp_dport SMALLINT UNSIGNED,
+ udp_len SMALLINT UNSIGNED,
+
+ icmp_type TINYINT UNSIGNED,
+ icmp_code TINYINT UNSIGNED,
+ icmp_echoid SMALLINT UNSIGNED,
+ icmp_echoseq SMALLINT UNSIGNED,
+ icmp_gateway INT UNSIGNED,
+ icmp_fragmtu SMALLINT UNSIGNED,
+
+ pwsniff_user VARCHAR(30),
+ pwsniff_pass VARCHAR(30),
+
+ ahesp_spi INT UNSIGNED,
+
+ KEY index_id (id)
+ );
+
+
diff --git a/doc/mysql.table.ipaddr-as-string b/doc/mysql.table.ipaddr-as-string
new file mode 100644
index 0000000..4a9cecc
--- /dev/null
+++ b/doc/mysql.table.ipaddr-as-string
@@ -0,0 +1,58 @@
+# MySQL dump 7.1
+#
+# Host: localhost Database: ulogd
+#--------------------------------------------------------
+# Server version 3.22.32
+
+# This table is intended for use with older MySQL-Servers and
+# the --with-mysql-log-ip-as-string feature. It will not work
+# without that feature.
+#
+# Table structure for table 'ulog'
+#
+CREATE TABLE ulog (
+ id int(10) unsigned NOT NULL auto_increment,
+ raw_mac varchar(80),
+ oob_time_sec int(10) unsigned,
+ oob_time_usec int(10) unsigned,
+ oob_prefix varchar(32),
+ oob_mark int(10) unsigned,
+ oob_in varchar(32),
+ oob_out varchar(32),
+ ip_saddr varchar(16),
+ ip_daddr varchar(16),
+ ip_protocol tinyint(3) unsigned,
+ ip_tos tinyint(3) unsigned,
+ ip_ttl tinyint(3) unsigned,
+ ip_totlen smallint(5) unsigned,
+ ip_ihl tinyint(3) unsigned,
+ ip_csum smallint(5) unsigned,
+ ip_id smallint(5) unsigned,
+ ip_fragoff smallint(5) unsigned,
+ tcp_sport smallint(5) unsigned,
+ tcp_dport smallint(5) unsigned,
+ tcp_seq int(10) unsigned,
+ tcp_ackseq int(10) unsigned,
+ tcp_window smallint(5) unsigned,
+ tcp_urg tinyint(4),
+ tcp_urgp smallint(5) unsigned,
+ tcp_ack tinyint(4),
+ tcp_psh tinyint(4),
+ tcp_rst tinyint(4),
+ tcp_syn tinyint(4),
+ tcp_fin tinyint(4),
+ udp_sport smallint(5) unsigned,
+ udp_dport smallint(5) unsigned,
+ udp_len smallint(5) unsigned,
+ icmp_type tinyint(3) unsigned,
+ icmp_code tinyint(3) unsigned,
+ icmp_echoid smallint(5) unsigned,
+ icmp_echoseq smallint(5) unsigned,
+ icmp_gateway int(10) unsigned,
+ icmp_fragmtu smallint(5) unsigned,
+ pwsniff_user varchar(30),
+ pwsniff_pass varchar(30),
+ ahesp_spi int(10) unsigned,
+ PRIMARY KEY (id)
+);
+
diff --git a/doc/pgsql.table b/doc/pgsql.table
new file mode 100644
index 0000000..193f747
--- /dev/null
+++ b/doc/pgsql.table
@@ -0,0 +1,81 @@
+/* ulogd.pgsql.table, Version 0.1
+ *
+ * sample of a postgres table for ulogd
+ *
+ * All columns except "id" are optional! Comment all unwanted
+ * columns out, e.g. by prefixing them with '--'
+ *
+ * "raw_pkt" is not supported by ulogd_PGSQL
+ */
+
+CREATE SEQUENCE "seq_ulog";
+
+CREATE TABLE "ulog" (
+ "id" integer DEFAULT nextval('seq_ulog') NOT NULL,
+
+ "oob_prefix" character varying(32),
+ "oob_time_sec" integer,
+ "oob_time_usec" integer,
+ "oob_mark" bigint,
+ "oob_in" character varying(32),
+ "oob_out" character varying(32),
+
+ "raw_mac" character varying(80),
+ "raw_pktlen" bigint,
+
+ "ip_ihl" smallint,
+ "ip_tos" smallint,
+ "ip_totlen" integer,
+ "ip_id" integer,
+ "ip_fragoff" integer,
+ "ip_ttl" smallint,
+ "ip_protocol" smallint,
+ "ip_csum" integer,
+
+/* log IPs as unsigned int32 (default) */
+ "ip_saddr" bigint,
+ "ip_daddr" bigint,
+
+/* log IPs as string (--with-pgsql-log-ip-as-string) */
+-- "ip_saddr" character varying(40),
+-- "ip_daddr" character varying(40),
+
+/* log IPs as inet (--with-pgsql-log-ip-as-string) */
+-- "ip_saddr" inet,
+-- "ip_daddr" inet,
+
+
+ "tcp_sport" integer,
+ "tcp_dport" integer,
+ "tcp_seq" bigint,
+ "tcp_ackseq" bigint,
+ "tcp_urg" boolean,
+ "tcp_ack" boolean,
+ "tcp_psh" boolean,
+ "tcp_rst" boolean,
+ "tcp_syn" boolean,
+ "tcp_fin" boolean,
+ "tcp_window" integer,
+ "tcp_urgp" integer,
+
+ "udp_sport" integer,
+ "udp_dport" integer,
+ "udp_len" integer,
+
+ "icmp_type" smallint,
+ "icmp_code" smallint,
+ "icmp_echoid" integer,
+ "icmp_echoseq" integer,
+ "icmp_gateway" bigint,
+ "icmp_fragmtu" integer,
+
+ "pwsniff_user" character varying(30),
+ "pwsniff_pass" character varying(30),
+
+ "ahesp_spi" smallint,
+
+ "local_time" bigint,
+ "local_hostname" character varying(40)
+);
+
+
diff --git a/doc/sqlite3.table b/doc/sqlite3.table
new file mode 100644
index 0000000..7b5e99a
--- /dev/null
+++ b/doc/sqlite3.table
@@ -0,0 +1,22 @@
+CREATE TABLE ulog (
+ raw_mac VARCHAR(80),
+ oob_time_sec INT UNSIGNED,
+ oob_time_usec INT UNSIGNED,
+ ip_saddr INT UNSIGNED,
+ ip_daddr INT UNSIGNED,
+ ip_protocol TINYINT UNSIGNED,
+ ip_totlen SMALLINT UNSIGNED,
+ tcp_sport SMALLINT UNSIGNED,
+ tcp_dport SMALLINT UNSIGNED,
+ udp_sport SMALLINT UNSIGNED,
+ udp_dport SMALLINT UNSIGNED,
+ udp_len SMALLINT UNSIGNED,
+ icmp_type TINYINT UNSIGNED,
+ icmp_code TINYINT UNSIGNED,
+ icmp_echoid SMALLINT UNSIGNED,
+ icmp_echoseq SMALLINT UNSIGNED,
+ icmp_gateway INT UNSIGNED,
+ icmp_fragmtu SMALLINT UNSIGNED
+ );
+
+
diff --git a/doc/ulogd.html b/doc/ulogd.html
new file mode 100644
index 0000000..8bf7fed
--- /dev/null
+++ b/doc/ulogd.html
@@ -0,0 +1,421 @@
+
+
+
+
+ ULOGD - the Userspace Logging Daemon
+
+
+ULOGD - the Userspace Logging Daemon
+
+Harald Welte <laforge@gnumonks.org>
Revision $Revision: 803 $, $Date: 2005-04-18 16:21:17 +0200 (Mon, 18 Apr 2005) $
+
+This is the documentation for ulogd
, the Userspace logging daemon.
+ulogd makes use of the Linux >= 2.4.x packet filter subsystem (iptables) and
+the ULOG target for iptables.
+
+
+
+
+
+I want to provide a flexible, almost universal logging daemon for my netfilter
+ULOG target. It is not optimized in any way, the goal is to keep as simple as
+possible. These are my thoughts about how the architecture which is most
+capable of doing that:
+
+
+- Interpreter lugins
It should be possible to add plugins / runtime modules for new protocols, etc.
+For example the standard logging daemon provides source-ip, dest-ip,
+source-port, dest-port, etc. Logging for variuos other protocols (GRE,
+IPsec, ...) may be implemented as modules.
+
+- Output plugins
... describe how and where to put the information gained by logging plugins.
+The easiest way is to build a line per packet and fprint it to a file.
+Some people might want to log into a SQL database or want an output
+conforming to the intrusion detection systems communication draft from the
+IETF.
+
+
+
+
+
+
+The major clue is providing a framework which is as flexible as possible.
+Nobody knows what strange network protocols are out there :) Flexibility
+depends on the communication between the output of the logging plugins
+and input of the output plugins.
+Rusty advised me to use some kind of type-key-value triples, which is in fact
+what I implemented.
+One issue is, of course, performance. Up to ulogd 0.3, ulogd did several
+linked list iterations and about 30 malloc() calls _per packet_. This
+changed with the new >= 0.9 revisions:
+
+- Not a single dynamic allocation in the core during runtime.
+Everything is pre-allocated at start of ulogd to provide the highest
+possible throughput.
+- Hash tables in addition to the linked lists. Linked lists are only
+traversed if we really want to access each element of the list.
+
+
+
+
+
+
+
+
+First you will need a recent 2.4.x kernel. If you have a kernel >=
+2.4.18-pre8, it already has the kernel suport for ULOG (ipt_ULOG.o).
+If you have an older kernel version (between 2.4.0 and 2.4.18-pre6), you
+can use the patch-o-matic system of netfilter/iptables, as described in
+the following section.
+
+
+
+You only need to read this chapter if you have a 2.4.x kernel <=
+2.4.18-pre6.
+In order to put the ipt_ULOG module into your kernel source,you need the latest
+iptables package, or even better: the latest CVS snapshot. A description how to
+obtain this is provided on the netfilter
+homepage
+http://www.netfilter.org/.
+To run patch-o-matic, just type
+
+
+make patch-o-matic
+
+
+
+in the userspace directory of netfilter CVS.
+
+
+
+Recompiling the source
+
+Download the ulogd package from
+http://ftp.netfilter.org/pub/ulogd/ and
+untar it.
+If you want to build ulogd with MySQL support, type './configure --with-mysql'. You may also have to specify the path of the mysql libraries using '--with-mysql=path'. To build ulogd without MySQL support, just use './configure'.
+To compile and install the program, call 'make install'.
+
+Using a precompiled package
+
+I also provide a SRPM, which should compile on almost any rpm-based distribution. It is available at
+http://ftp.netfilter.org/pub/ulogd/
+Just download the package and do the usual 'rpm --rebuild <file>'.
+
+
+
+
+
+Quick Setup
+
+Just add rules using the ULOG target to your firewalling chain. A very basic
+example:
+
+
+iptables -A FORWARD -j ULOG --ulog-nlgroup 32 --ulog-prefix foo
+
+
+
+To increase logging performance, try to use the
+
+
+--ulog-qthreshold N
+
+
+
+option (where 1 < N <= 50). The number you specify is the amout of packets
+batched together in one multipart netlink message. If you set this to 20, the
+kernel schedules ulogd only once every 20 packets. All 20 packets are then
+processed by ulogd. This reduces the number of context switches between kernel
+and userspace.
+Of course you can combine the ULOG target with the different netfilter match
+modules. For a more detailed description, have a look at the netfilter
+HOWTO's, available on the netfilter homepage.
+ULOG target reference
+
+
+
+- --ulog-nlgroup N
The number of the netlink multicast group to which ULOG'ed packets are sent.
+You will have to use the same group number in the ULOG target and ulogd in
+order to make logging work.
+- --ulog-cprange N
Copyrange. This works like the 'snaplen' paramter of tcpdump. You can specify
+a number of bytes up to which the packet is copied. If you say '40', you will
+receive the first fourty bytes of every packet. Leave it to '0'
+- --ulog-qthreshold N
Queue threshold. If a packet is matched by the iptables rule, and already N
+packets are in the queue, the queue is flushed to userspace. You can use this
+to implement a policy like: Use a big queue in order to gain high performance,
+but still have certain packets logged immediately to userspace.
+- --ulog-prefix STRING
A string that is associated with every packet logged by this rule. You can use
+this option to later tell from which rule the packet was logged.
+
+
+
+ipt_ULOG module parameters
+
+The ipt_ULOG kernel module has a couple of module loadtime parameters which can
+(and should) be tuned to accomodate the needs of the application:
+
+- nlbufsiz N
Netlink buffer size. A buffer of the specified size N is allocated for every
+netlink group that is used. Please note that due to restrictions of the kernel
+memory allocator, we cannot have a buffer size > 128kBytes. Larger buffer
+sizes increase the performance, since less kernel/userspace context switches
+are needed for the same amount of packets. The backside of this performance
+gain is a potentially larger delay. The default value is 4096 bytes, which is
+quite small.
+- flushtimeout N
The flushtimeout determines, after how many clock ticks (on alpha: 1ms, on
+x86 and most other platforms: 10ms time units) the buffer/queue is to be
+flushed, even if it is not full. This can be used to have the advantage of a
+large buffer, but still a finite maximum delay introduced. The default value
+is set to 10 seconds.
+
+
+Example:
+
+
+modprobe ipt_ULOG nlbufsiz=65535 flushtimeout=100
+
+
+
+This would use a buffer size of 64k and a flushtimeout of 100 clockticks (1 second on x86).
+
+
+
+ulogd is what this is all about, so let's describe it's configuration...
+ulogd configfile syntax reference
+
+All configurable parameters of ulogd are in the configfile, typically located
+at '/etc/ulogd.conf'.
+The following configuration parameters are available:
+
+- nlgroup
The netlink multicast group, which ulgogd should bind to. This is the same as
+given with the '--ulog-nlgroup' option to iptables.
+- logfile
The main logfile, where ulogd reports any errors, warnings and other unexpected conditions. Apart from a regular filename, the following special values can be used; ``syslog'' to log via the unix syslog(3) mechanism. ``stdout'' to log to stdout.
+- loglevel
This specifies, how verbose the logging to logfile is. Currently defined
+loglevels are: 1=debug information, 3=informational messages, 5=noticable
+exceptional conditions, 7=error conditions, 8=fatal errors, program abort.
+- plugin
This option is followed by a filename of a ulogd plugin, which ulogd shold load
+upon initialization. This option may appear more than once.
+- rmem
Size of the netlink socket receive memory. You should set this to at least the
+size of the kernel buffer (nlbufsiz parameter of the ipt_ULOG module). Please
+note that there is a maximum limit in /proc/sys/net/core/rmem_max which you
+cannot exceed by increasing the ``rmem'' parameter. You may need to raise the
+system-wide maximum limit before.
+- bufsize
Size of the receive buffer. You should set this to at least the socket receive buffer (rmem).
+
+
+ulogd commandline option reference
+
+Apart from the configfile, there are a couple of commandline options to ulogd:
+
+- -h --help
Print a help message about the commandline options.
+- -V --version
Print version information about ulogd.
+- -d --daemon
For off into daemon mode. Unless you are debugging, you will want to use this
+most of the time.
+- -c --configfile
Using this commandline option, an alternate config file can be used. This is
+important if multiple instances of ulogd are to be run on a single machine.
+
+
+
+
+
+It is important to understand that ulogd without plugins does nothing. It will receive packets, and do nothing with them.
+There are two kinds of plugins, interpreter and output plugins. Interpreter
+plugins parse the packet, output plugin write the interpreted information to
+some logfile/database/...
+
+
+
+ulogd comes with the following interpreter plugins:
+ulogd_BASE.so
+
+Basic interpreter plugin for nfmark, timestamp, mac address, ip header, tcp
+header, udp header, icmp header, ah/esp header... Most people will want to load
+this very important plugin.
+ulogd_PWSNIFF.so
+
+Example interpreter plugin to log plaintext passwords as used with FTP and
+POP3. Don't blame me for writing this plugin! The protocols are inherently
+insecure, and there are a lot of other tools for sniffing passwords... it's
+just an example.
+ulogd_LOCAL.so
+
+This is a 'virtual interpreter'. It doesn't really return any information on
+the packet itself, rather the local system time and hostname. Please note that
+the time is the time at the time of logging, not the packets receive time.
+
+
+
+ulogd comes with the following output plugins:
+
+ulogd_OPRINT.so
+
+A very simple output module, dumping all packets in the format
+
+
+===>PACKET BOUNDARY
+key=value
+key=value
+...
+===>PACKET BOUNDARY
+...
+
+
+
+to a file. The only useful application is debugging.
+The module defines the following configuration directives:
+
+- dumpfile
The filename where it should log to. The default is
+/var/log/ulogd.pktlog
+
+
+
+ulogd_LOGEMU.so
+
+An output module which tries to emulate the old syslog-based LOG targed as far
+as possible. Logging is done to a seperate textfile instead of syslog, though.
+The module defines the following configuration directives:
+
+- file
The filename where it should log to. The default is
+/var/log/ulogd.syslogemu
+- sync
Set this to 1 if you want to have your logfile written
+synchronously. This may reduce performance, but makes your log-lines appear
+immediately. The default is 0
+
+
+
+ulogd_MYSQL.so
+
+An output plugin for logging into a mysql database. This is only compiled if
+you have the mysql libraries installed, and the configure script was able to
+detect them. (that is: --with-mysql was specified for ./configure)
+
+The plugin automagically inserts the data into the configured table; It
+connects to mysql during the startup phase of ulogd and obtains a list of the
+columns in the table. Then it tries to resolve the column names against keys of
+interpreter plugins. This way you can easly select which information you want
+to log - just by the layout of the table.
+
+If, for example, your table contains a field called 'ip_saddr', ulogd will
+resolve this against the key 'ip.saddr' and put the ip address as 32bit
+unsigned integer into the table.
+
+You may want to have a look at the file 'doc/mysql.table
' as an
+example table including fields to log all keys from ulogd_BASE.so. Just delete
+the fields you are not interested in, and create the table.
+
+The module defines the following configuration directives:
+
+- table
Name of the table to which ulogd should log
+- ldb
Name of the mysql database
+- host
Name of the mysql database host
+- port
TCP port number of mysql database server
+- user
Name of the mysql user
+- pass
Password for mysql
+
+
+
+ulogd_PGSQL.so
+
+An output plugin for logging into a postgresql database. This is only compiled
+if you have the mysql libraries installed, and the configure script was able to
+detect them. (that is: --with-pgsql was specified for ./configure)
+
+The plugin automagically inserts the data into the configured table; It
+connects to pgsql during the startup phase of ulogd and obtains a list of the
+columns in the table. Then it tries to resolve the column names against keys of
+interpreter plugins. This way you can easly select which information you want
+to log - just by the layout of the table.
+
+If, for example, your table contains a field called 'ip_saddr', ulogd will
+resolve this against the key 'ip.saddr' and put the ip address as 32bit
+unsigned integer into the table.
+
+You may want to have a look at the file 'doc/mysql.table
' as an
+example table including fields to log all keys from ulogd_BASE.so. Just delete
+the fields you are not interested in, and create the table.
+
+The module defines the following configuration directives:
+
+- table
Name of the table to which ulogd should log
+- db
Name of the database
+- host
Name of the mysql database host
+- port
TCP port number of database server
+- user
Name of the sql user
+- pass
Password for sql user
+
+
+
+ulogd_PCAP.so
+
+An output plugin that can be used to generate libpcap-style packet logfiles.
+This can be useful for later analysing the packet log with tools like tcpdump
+or ethereal.
+The module defines the following configuration directives:
+
+- file
The filename where it should log to. The default is:
+/var/log/ulogd.pcap
+- sync
Set this to 1
if you want to have your pcap logfile written
+synchronously. This may reduce performance, but makes your packets appear
+immediately in the file on disk. The default is 0
+
+
+
+ulogd_SQLITE3.so
+
+An output plugin for logging into a SQLITE v3 database. This is only compiled
+if you have the sqlite libraries installed, and the configure script was able to
+detect them. (that is: --with-sqlite3 was specified for ./configure)
+
+The plugin automagically inserts the data into the configured table; It
+opens the sqlite db during the startup phase of ulogd and obtains a list of the
+columns in the table. Then it tries to resolve the column names against keys of
+interpreter plugins. This way you can easly select which information you want
+to log - just by the layout of the table.
+
+If, for example, your table contains a field called 'ip_saddr', ulogd will
+resolve this against the key 'ip.saddr' and put the ip address as 32bit
+unsigned integer into the table.
+
+You may want to have a look at the file 'doc/sqlite3.table
' as an
+example table including fields to log all keys from ulogd_BASE.so. Just delete
+the fields you are not interested in, and create the table.
+
+The module defines the following configuration directives:
+
+- table
Name of the table to which ulogd should log
+- db
Name of the database
+- buffer
Size of the sqlite buffer
+
+
+ulogd_SYSLOG.so
+
+An output plugin that really logs via syslogd. Lines will look exactly like printed with traditional LOG target.
+The module defines the following configuration directives:
+
+- facility
The syslog facility (LOG_DAEMON, LOG_KERN, LOG_LOCAL0 .. LOG_LOCAL7, LOG_USER)
+- level
The syslog level (LOG_EMERG, LOG_ALERT, LOG_CRIT, LOG_ERR, LOG_WARNING, LOG_NOTICE, LOG_INFO, LOG_DEBUG)
+
+
+
+
+All comments / questions / ... are appreciated.
+Just drop me a note to laforge@gnumonks.org
+Please note also that there is now a mailinglist, ulogd@lists.gnumonks.org.
+You can subscribe at
+http://lists.gnumonks.org/mailman/listinfo/ulogd/
+
+The preferred method for reporting bugs is the netfilter bugzilla system,
+available at
+http://bugzilla.netfilter.org/.
+
+
+
diff --git a/doc/ulogd.sgml b/doc/ulogd.sgml
new file mode 100644
index 0000000..c019c63
--- /dev/null
+++ b/doc/ulogd.sgml
@@ -0,0 +1,449 @@
+
+
+
+
+
+
+ULOGD - the Userspace Logging Daemon
+Harald Welte <laforge@gnumonks.org>
+Revision $Revision$, $Date$
+
+
+This is the documentation for ulogd, the Userspace logging daemon.
+ulogd makes use of the Linux >= 2.4.x packet filter subsystem (iptables) and
+the ULOG target for iptables.
+
+
+
+
+DESIGN
+
+CONCEPT
+
+I want to provide a flexible, almost universal logging daemon for my netfilter
+ULOG target. It is not optimized in any way, the goal is to keep as simple as
+possible. These are my thoughts about how the architecture which is most
+capable of doing that:
+
+
+Interpreter plugins
+It should be possible to add plugins / runtime modules for new protocols, etc.
+For example the standard logging daemon provides source-ip, dest-ip,
+source-port, dest-port, etc. Logging for various other protocols (GRE,
+IPsec, ...) may be implemented as modules.
+
+Output plugins
+... describe how and where to put the information gained by logging plugins.
+The easiest way is to build a line per packet and fprint it to a file.
+Some people might want to log into a SQL database or want an output
+conforming to the intrusion detection systems communication draft from the
+IETF.
+
+
+
+DETAILS
+
+The major clue is providing a framework which is as flexible as possible.
+Nobody knows what strange network protocols are out there :) Flexibility
+depends on the communication between the output of the logging plugins
+and input of the output plugins.
+
+Rusty advised me to use some kind of type-key-value triples, which is in fact
+what I implemented.
+
+One issue is, of course, performance. Up to ulogd 0.3, ulogd did several
+linked list iterations and about 30 malloc() calls _per packet_. This
+changed with the new >= 0.9 revisions:
+
+- Not a single dynamic allocation in the core during runtime.
+Everything is pre-allocated at start of ulogd to provide the highest
+possible throughput.
+
- Hash tables in addition to the linked lists. Linked lists are only
+traversed if we really want to access each element of the list.
+
+
+INSTALLATION
+
+Linux kernel
+
+First you will need a recent 2.4.x kernel. If you have a kernel >=
+2.4.18-pre8, it already has the kernel support for ULOG (ipt_ULOG.o).
+
+If you have an older kernel version (between 2.4.0 and 2.4.18-pre6), you
+can use the patch-o-matic system of netfilter/iptables, as described in
+the following section.
+
+ipt_ULOG from netfilter/iptables patch-o-matic
+
+You only need to read this chapter if you have a 2.4.x kernel <=
+2.4.18-pre6.
+
+In order to put the ipt_ULOG module into your kernel source,you need the latest
+iptables package, or even better: the latest CVS snapshot. A description how to
+obtain this is provided on the netfilter
+homepage .
+
+To run patch-o-matic, just type
+
+make patch-o-matic
+
+in the userspace directory of netfilter CVS.
+
+ulogd
+Recompiling the source
+
+Download the ulogd package from and
+untar it.
+
+If you want to build ulogd with MySQL support, type './configure --with-mysql'. You may also have to specify the path of the mysql libraries using '--with-mysql=path'. To build ulogd without MySQL support, just use './configure'.
+
+To compile and install the program, call 'make install'.
+
+Using a precompiled package
+
+I also provide a SRPM, which should compile on almost any rpm-based distribution. It is available at
+
+Just download the package and do the usual 'rpm --rebuild <file>'.
+
+Configuration
+iptables ULOG target
+Quick Setup
+
+Just add rules using the ULOG target to your firewalling chain. A very basic
+example:
+
+iptables -A FORWARD -j ULOG --ulog-nlgroup 32 --ulog-prefix foo
+
+
+To increase logging performance, try to use the
+
+--ulog-qthreshold N
+
+option (where 1 < N <= 50). The number you specify is the amount of packets
+batched together in one multipart netlink message. If you set this to 20, the
+kernel schedules ulogd only once every 20 packets. All 20 packets are then
+processed by ulogd. This reduces the number of context switches between kernel
+and userspace.
+
+Of course you can combine the ULOG target with the different netfilter match
+modules. For a more detailed description, have a look at the netfilter
+HOWTO's, available on the netfilter homepage.
+ULOG target reference
+
+
+--ulog-nlgroup N
+The number of the netlink multicast group to which ULOG'ed packets are sent.
+You will have to use the same group number in the ULOG target and ulogd in
+order to make logging work.
+--ulog-cprange N
+Copyrange. This works like the 'snaplen' parameter of tcpdump. You can specify
+a number of bytes up to which the packet is copied. If you say '40', you will
+receive the first fourty bytes of every packet. Leave it to 0
+--ulog-qthreshold N
+Queue threshold. If a packet is matched by the iptables rule, and already N
+packets are in the queue, the queue is flushed to userspace. You can use this
+to implement a policy like: Use a big queue in order to gain high performance,
+but still have certain packets logged immediately to userspace.
+--ulog-prefix STRING
+A string that is associated with every packet logged by this rule. You can use
+this option to later tell from which rule the packet was logged.
+
+
+ipt_ULOG module parameters
+
+The ipt_ULOG kernel module has a couple of module loadtime parameters which can
+(and should) be tuned to accomodate the needs of the application:
+
+nlbufsiz N
+Netlink buffer size. A buffer of the specified size N is allocated for every
+netlink group that is used. Please note that due to restrictions of the kernel
+memory allocator, we cannot have a buffer size > 128kBytes. Larger buffer
+sizes increase the performance, since less kernel/userspace context switches
+are needed for the same amount of packets. The backside of this performance
+gain is a potentially larger delay. The default value is 4096 bytes, which is
+quite small.
+flushtimeout N
+The flushtimeout determines, after how many clock ticks (on alpha: 1ms, on
+x86 and most other platforms: 10ms time units) the buffer/queue is to be
+flushed, even if it is not full. This can be used to have the advantage of a
+large buffer, but still a finite maximum delay introduced. The default value
+is set to 10 seconds.
+
+Example:
+
+modprobe ipt_ULOG nlbufsiz=65535 flushtimeout=100
+
+This would use a buffer size of 64k and a flushtimeout of 100 clockticks (1 second on x86).
+
+ulogd
+
+ulogd is what this is all about, so let's describe it's configuration...
+ulogd configfile syntax reference
+
+All configurable parameters of ulogd are in the configfile, typically located
+at '/etc/ulogd.conf'.
+
+The following configuration parameters are available:
+
+nlgroup
+The netlink multicast group, which ulgogd should bind to. This is the same as
+given with the '--ulog-nlgroup' option to iptables.
+logfile
+The main logfile, where ulogd reports any errors, warnings and other unexpected conditions. Apart from a regular filename, the following special values can be used; ``syslog'' to log via the unix syslog(3) mechanism. ``stdout'' to log to stdout.
+loglevel
+This specifies, how verbose the logging to logfile is. Currently defined
+loglevels are: 1=debug information, 3=informational messages, 5=noticable
+exceptional conditions, 7=error conditions, 8=fatal errors, program abort.
+plugin
+This option is followed by a filename of a ulogd plugin, which ulogd shold load
+upon initialization. This option may appear more than once.
+rmem
+Size of the netlink socket receive memory. You should set this to at least the
+size of the kernel buffer (nlbufsiz parameter of the ipt_ULOG module). Please
+note that there is a maximum limit in /proc/sys/net/core/rmem_max which you
+cannot exceed by increasing the ``rmem'' parameter. You may need to raise the
+system-wide maximum limit before.
+bufsize
+Size of the receive buffer. You should set this to at least the socket receive buffer (rmem).
+
+ulogd commandline option reference
+
+Apart from the configfile, there are a couple of commandline options to ulogd:
+
+-h --help
+Print a help message about the commandline options.
+-V --version
+Print version information about ulogd.
+-d --daemon
+For off into daemon mode. Unless you are debugging, you will want to use this
+most of the time.
+-c --configfile
+Using this commandline option, an alternate config file can be used. This is
+important if multiple instances of ulogd are to be run on a single machine.
+
+
+Available plugins
+
+It is important to understand that ulogd without plugins does nothing. It will receive packets, and do nothing with them.
+
+There are two kinds of plugins, interpreter and output plugins. Interpreter
+plugins parse the packet, output plugins write the interpreted information to
+some logfile/database/...
+
+Interpreter plugins
+
+ulogd comes with the following interpreter plugins:
+ulogd_BASE.so
+
+Basic interpreter plugin for nfmark, timestamp, mac address, ip header, tcp
+header, udp header, icmp header, ah/esp header... Most people will want to load
+this very important plugin.
+ulogd_PWSNIFF.so
+
+Example interpreter plugin to log plaintext passwords as used with FTP and
+POP3. Don't blame me for writing this plugin! The protocols are inherently
+insecure, and there are a lot of other tools for sniffing passwords... it's
+just an example.
+ulogd_LOCAL.so
+
+This is a 'virtual interpreter'. It doesn't really return any information on
+the packet itself, rather the local system time and hostname. Please note that
+the time is the time at the time of logging, not the packets receive time.
+
+Output plugins
+
+ulogd comes with the following output plugins:
+
+ulogd_OPRINT.so
+
+A very simple output module, dumping all packets in the format
+
+===>PACKET BOUNDARY
+key=value
+key=value
+...
+===>PACKET BOUNDARY
+...
+
+to a file. The only useful application is debugging.
+
The module defines the following configuration directives:
+
+dumpfile
+The filename where it should log to. The default is
+/var/log/ulogd.pktlog
+
+
+ulogd_LOGEMU.so
+
+An output module which tries to emulate the old syslog-based LOG targed as far
+as possible. Logging is done to a seperate textfile instead of syslog, though.
+
+The module defines the following configuration directives:
+
+fileThe filename where it should log to. The default is
+/var/log/ulogd.syslogemu
+syncSet this to 1 if you want to have your logfile written
+synchronously. This may reduce performance, but makes your log-lines appear
+immediately. The default is 0
+
+
+ulogd_MYSQL.so
+
+An output plugin for logging into a mysql database. This is only compiled if
+you have the mysql libraries installed, and the configure script was able to
+detect them. (that is: --with-mysql was specified for ./configure)
+
+
+The plugin automagically inserts the data into the configured table; It
+connects to mysql during the startup phase of ulogd and obtains a list of the
+columns in the table. Then it tries to resolve the column names against keys of
+interpreter plugins. This way you can easily select which information you want
+to log - just by the layout of the table.
+
+
+If, for example, your table contains a field called 'ip_saddr', ulogd will
+resolve this against the key 'ip.saddr' and put the ip address as 32bit
+unsigned integer into the table.
+
+
+You may want to have a look at the file 'doc/mysql.table' as an
+example table including fields to log all keys from ulogd_BASE.so. Just delete
+the fields you are not interested in, and create the table.
+
+
+The module defines the following configuration directives:
+
+table
+Name of the table to which ulogd should log.
+ldb
+Name of the mysql database.
+host
+Name of the mysql database host.
+port
+TCP port number of mysql database server.
+user
+Name of the mysql user.
+pass
+Password for mysql.
+
+
+ulogd_PGSQL.so
+
+An output plugin for logging into a postgresql database. This is only compiled
+if you have the mysql libraries installed, and the configure script was able to
+detect them. (that is: --with-pgsql was specified for ./configure)
+
+
+The plugin automagically inserts the data into the configured table; It
+connects to pgsql during the startup phase of ulogd and obtains a list of the
+columns in the table. Then it tries to resolve the column names against keys of
+interpreter plugins. This way you can easily select which information you want
+to log - just by the layout of the table.
+
+
+If, for example, your table contains a field called 'ip_saddr', ulogd will
+resolve this against the key 'ip.saddr' and put the ip address as 32bit
+unsigned integer into the table.
+
+
+You may want to have a look at the file 'doc/mysql.table' as an
+example table including fields to log all keys from ulogd_BASE.so. Just delete
+the fields you are not interested in, and create the table.
+
+
+The module defines the following configuration directives:
+
+table
+Name of the table to which ulogd should log.
+db
+Name of the database.
+host
+Name of the mysql database host.
+port
+TCP port number of database server.
+user
+Name of the sql user.
+pass
+Password for sql user.
+
+
+ulogd_PCAP.so
+
+An output plugin that can be used to generate libpcap-style packet logfiles.
+This can be useful for later analysing the packet log with tools like tcpdump
+or ethereal.
+
+The module defines the following configuration directives:
+
+file
+The filename where it should log to. The default is:
+/var/log/ulogd.pcap
+sync
+Set this to 1 if you want to have your pcap logfile written
+synchronously. This may reduce performance, but makes your packets appear
+immediately in the file on disk. The default is 0
+
+
+ulogd_SQLITE3.so
+
+An output plugin for logging into a SQLITE v3 database. This is only compiled
+if you have the sqlite libraries installed, and the configure script was able to
+detect them. (that is: --with-sqlite3 was specified for ./configure)
+
+
+The plugin automagically inserts the data into the configured table; It
+opens the sqlite db during the startup phase of ulogd and obtains a list of the
+columns in the table. Then it tries to resolve the column names against keys of
+interpreter plugins. This way you can easily select which information you want
+to log - just by the layout of the table.
+
+
+If, for example, your table contains a field called 'ip_saddr', ulogd will
+resolve this against the key 'ip.saddr' and put the ip address as 32bit
+unsigned integer into the table.
+
+
+You may want to have a look at the file 'doc/sqlite3.table' as an
+example table including fields to log all keys from ulogd_BASE.so. Just delete
+the fields you are not interested in, and create the table.
+
+
+The module defines the following configuration directives:
+
+table
+Name of the table to which ulogd should log.
+db
+Name of the database.
+buffer
+Size of the sqlite buffer.
+
+
+
+ulogd_SYSLOG.so
+
+An output plugin that really logs via syslogd. Lines will look exactly like printed with traditional LOG target.
+
+
+The module defines the following configuration directives:
+
+facility
+The syslog facility (LOG_DAEMON, LOG_KERN, LOG_LOCAL0 .. LOG_LOCAL7, LOG_USER)
+level
+The syslog level (LOG_EMERG, LOG_ALERT, LOG_CRIT, LOG_ERR, LOG_WARNING, LOG_NOTICE, LOG_INFO, LOG_DEBUG)
+
+
+
+ QUESTIONS / COMMENTS
+
+All comments / questions / ... are appreciated.
+
+Just drop me a note to laforge@gnumonks.org
+
+Please note also that there is now a mailinglist, ulogd@lists.gnumonks.org.
+You can subscribe at
+.
+
+The preferred method for reporting bugs is the netfilter bugzilla system,
+available at .
+
+
diff --git a/extensions/Makefile.in b/extensions/Makefile.in
new file mode 100644
index 0000000..589bf7b
--- /dev/null
+++ b/extensions/Makefile.in
@@ -0,0 +1,37 @@
+#
+
+# Normally You should not need to change anything below
+#
+include @top_srcdir@/Rules.make
+
+CFLAGS+=-I@top_srcdir@ -I@top_srcdir@/libipulog/include -I@top_srcdir@/include
+SH_CFLAGS:=$(CFLAGS) -fPIC
+
+SHARED_LIBS+=$(foreach T,$(ULOGD_SL),ulogd_$(T).so)
+
+
+all: $(SHARED_LIBS)
+
+distrib:
+
+printpkt.o: printpkt.c
+ $(CC) $(SH_CFLAGS) -o $@ -c $<
+
+$(SHARED_LIBS): %.so: %_sh.o
+ $(LD) -shared -o $@ $< -lc
+
+ulogd_SYSLOG.so: printpkt.o ulogd_SYSLOG_sh.o
+ $(LD) -shared -o $@ $^ -lc
+
+%_sh.o: %.c
+ $(CC) $(SH_CFLAGS) -o $@ -c $<
+
+clean:
+ $(RM) $(SHARED_LIBS) *.o
+
+distclean:
+ $(RM) Makefile
+
+install: all
+ $(INSTALL) -m 755 -d $(DESTDIR)$(ULOGD_LIB_PATH)
+ $(INSTALL) -m 755 *.so $(DESTDIR)$(ULOGD_LIB_PATH)
diff --git a/extensions/chtons.h b/extensions/chtons.h
new file mode 100644
index 0000000..4506e33
--- /dev/null
+++ b/extensions/chtons.h
@@ -0,0 +1,32 @@
+#ifndef _CHTONS_H_
+#define _CHTONS_H_
+
+#include
+
+#if __BYTE_ORDER == __BIG_ENDIAN
+# define BITNR(X) ((X)^31)
+# if !defined(__constant_htonl)
+# define __constant_htonl(x) (x)
+# endif
+# if !defined(__constant_htons)
+# define __constant_htons(x) (x)
+# endif
+#elif __BYTE_ORDER == __LITTLE_ENDIAN
+# define BITNR(X) ((X)^7)
+# if !defined(__constant_htonl)
+# define __constant_htonl(x) \
+ ((unsigned long int)((((unsigned long int)(x) & 0x000000ffU) << 24) | \
+ (((unsigned long int)(x) & 0x0000ff00U) << 8) | \
+ (((unsigned long int)(x) & 0x00ff0000U) >> 8) | \
+ (((unsigned long int)(x) & 0xff000000U) >> 24)))
+# endif
+# if !defined(__constant_htons)
+# define __constant_htons(x) \
+ ((unsigned short int)((((unsigned short int)(x) & 0x00ff) << 8) | \
+ (((unsigned short int)(x) & 0xff00) >> 8)))
+# endif
+#else
+# error "Don't know if bytes are big- or little-endian!"
+#endif
+
+#endif
diff --git a/extensions/printpkt.c b/extensions/printpkt.c
new file mode 100644
index 0000000..a9e78d7
--- /dev/null
+++ b/extensions/printpkt.c
@@ -0,0 +1,276 @@
+/* printpkt.c
+ *
+ * build something looking like a iptables LOG message
+ *
+ * (C) 2000-2003 by Harald Welte
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2
+ * as published by the Free Software Foundation
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ *
+ * $Id$
+ *
+ */
+
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+
+#ifndef HOST_NAME_MAX
+#warning this libc does not define HOST_NAME_MAX
+#define HOST_NAME_MAX (255+1)
+#endif
+
+#define NIPQUAD(addr) \
+ ((unsigned char *)&addr)[0], \
+ ((unsigned char *)&addr)[1], \
+ ((unsigned char *)&addr)[2], \
+ ((unsigned char *)&addr)[3]
+
+struct intr_id {
+ char* name;
+ unsigned int id;
+};
+
+static char hostname[HOST_NAME_MAX+1];
+
+#define INTR_IDS 35
+static struct intr_id intr_ids[INTR_IDS] = {
+ { "oob.time.sec", 0 },
+ { "oob.prefix", 0 },
+ { "oob.in", 0 },
+ { "oob.out", 0 },
+ { "raw.mac", 0 },
+ { "ip.saddr", 0 },
+ { "ip.daddr", 0 },
+ { "ip.totlen", 0 },
+ { "ip.tos", 0 },
+ { "ip.ttl", 0 },
+ { "ip.id", 0 },
+ { "ip.fragoff", 0 },
+ { "ip.protocol", 0 },
+ { "tcp.sport", 0 },
+ { "tcp.dport", 0 },
+ { "tcp.seq", 0 },
+ { "tcp.ackseq", 0 },
+ { "tcp.window", 0 },
+ { "tcp.urg", 0 },
+ { "tcp.ack", 0 },
+ { "tcp.psh", 0 },
+ { "tcp.rst", 0 },
+ { "tcp.syn", 0 },
+ { "tcp.fin", 0 },
+ { "tcp.urgp", 0 },
+ { "udp.sport", 0 },
+ { "udp.dport", 0 },
+ { "udp.len", 0 },
+ { "icmp.type", 0 },
+ { "icmp.code", 0 },
+ { "icmp.echoid", 0 },
+ { "icmp.echoseq", 0 },
+ { "icmp.gateway", 0 },
+ { "icmp.fragmtu", 0 },
+ { "ahesp.spi", 0 },
+};
+
+#define GET_VALUE(x) ulogd_keyh[intr_ids[x].id].interp->result[ulogd_keyh[intr_ids[x].id].offset].value
+#define GET_FLAGS(x) ulogd_keyh[intr_ids[x].id].interp->result[ulogd_keyh[intr_ids[x].id].offset].flags
+
+int printpkt_print(ulog_iret_t *res, char *buf, int prefix)
+{
+ char *timestr;
+ char *tmp;
+ time_t now;
+
+ char *buf_cur = buf;
+
+ if (prefix) {
+ now = (time_t) GET_VALUE(0).ui32;
+ timestr = ctime(&now) + 4;
+
+ /* truncate time */
+ if ((tmp = strchr(timestr, '\n')))
+ *tmp = '\0';
+
+ /* truncate hostname */
+ if ((tmp = strchr(hostname, '.')))
+ *tmp = '\0';
+
+ /* print time and hostname */
+ buf_cur += sprintf(buf_cur, "%.15s %s", timestr, hostname);
+ }
+
+ if (*(char *) GET_VALUE(1).ptr)
+ buf_cur += sprintf(buf_cur, " %s", (char *) GET_VALUE(1).ptr);
+
+ buf_cur += sprintf(buf_cur," IN=%s OUT=%s ",
+ (char *) GET_VALUE(2).ptr,
+ (char *) GET_VALUE(3).ptr);
+
+ /* FIXME: configurable */
+ buf_cur += sprintf(buf_cur, "MAC=%s ",
+ (GET_FLAGS(4) & ULOGD_RETF_VALID) ? (char *) GET_VALUE(4).ptr : "");
+
+ buf_cur += sprintf(buf_cur, "SRC=%s ",
+ inet_ntoa((struct in_addr) {htonl(GET_VALUE(5).ui32)}));
+ buf_cur += sprintf(buf_cur, "DST=%s ",
+ inet_ntoa((struct in_addr) {htonl(GET_VALUE(6).ui32)}));
+
+ buf_cur += sprintf(buf_cur,"LEN=%u TOS=%02X PREC=0x%02X TTL=%u ID=%u ",
+ GET_VALUE(7).ui16, GET_VALUE(8).ui8 & IPTOS_TOS_MASK,
+ GET_VALUE(8).ui8 & IPTOS_PREC_MASK, GET_VALUE(9).ui8,
+ GET_VALUE(10).ui16);
+
+ if (GET_VALUE(10).ui16 & IP_RF)
+ buf_cur += sprintf(buf_cur, "CE ");
+
+ if (GET_VALUE(11).ui16 & IP_DF)
+ buf_cur += sprintf(buf_cur, "DF ");
+
+ if (GET_VALUE(11).ui16 & IP_MF)
+ buf_cur += sprintf(buf_cur, "MF ");
+
+ if (GET_VALUE(11).ui16 & IP_OFFMASK)
+ buf_cur += sprintf(buf_cur, "FRAG:%u ",
+ GET_VALUE(11).ui16 & IP_OFFMASK);
+
+ switch (GET_VALUE(12).ui8) {
+
+ case IPPROTO_TCP:
+ buf_cur += sprintf(buf_cur, "PROTO=TCP ");
+ buf_cur += sprintf(buf_cur, "SPT=%u DPT=%u ",
+ GET_VALUE(13).ui16, GET_VALUE(14).ui16);
+ /* FIXME: config */
+ buf_cur += sprintf(buf_cur, "SEQ=%u ACK=%u ",
+ GET_VALUE(15).ui32, GET_VALUE(16).ui32);
+
+ buf_cur += sprintf(buf_cur, "WINDOW=%u ", GET_VALUE(17).ui16);
+
+// buf_cur += sprintf(buf_cur, "RES=0x%02x ",
+
+ if (GET_VALUE(18).b)
+ buf_cur += sprintf(buf_cur, "URG ");
+
+ if (GET_VALUE(19).b)
+ buf_cur += sprintf(buf_cur, "ACK ");
+
+ if (GET_VALUE(20).b)
+ buf_cur += sprintf(buf_cur, "PSH ");
+
+ if (GET_VALUE(21).b)
+ buf_cur += sprintf(buf_cur, "RST ");
+
+ if (GET_VALUE(22).b)
+ buf_cur += sprintf(buf_cur, "SYN ");
+
+ if (GET_VALUE(23).b)
+ buf_cur += sprintf(buf_cur, "FIN ");
+
+ buf_cur += sprintf(buf_cur, "URGP=%u ", GET_VALUE(24).ui16);
+
+ break;
+ case IPPROTO_UDP:
+
+ buf_cur += sprintf(buf_cur, "PROTO=UDP ");
+
+ buf_cur += sprintf(buf_cur, "SPT=%u DPT=%u LEN=%u ",
+ GET_VALUE(25).ui16, GET_VALUE(26).ui16,
+ GET_VALUE(27).ui16);
+ break;
+ case IPPROTO_ICMP:
+
+ buf_cur += sprintf(buf_cur, "PROTO=ICMP ");
+
+ buf_cur += sprintf(buf_cur, "TYPE=%u CODE=%u ",
+ GET_VALUE(28).ui8, GET_VALUE(29).ui8);
+
+ switch (GET_VALUE(28).ui8) {
+ case ICMP_ECHO:
+ case ICMP_ECHOREPLY:
+ buf_cur += sprintf(buf_cur, "ID=%u SEQ=%u ",
+ GET_VALUE(30).ui16,
+ GET_VALUE(31).ui16);
+ break;
+ case ICMP_PARAMETERPROB:
+ buf_cur += sprintf(buf_cur, "PARAMETER=%u ",
+ GET_VALUE(32).ui32 >> 24);
+ break;
+ case ICMP_REDIRECT:
+ buf_cur += sprintf(buf_cur, "GATEWAY=%s ", inet_ntoa((struct in_addr) {htonl(GET_VALUE(32).ui32)}));
+ break;
+ case ICMP_DEST_UNREACH:
+ if (GET_VALUE(29).ui8 == ICMP_FRAG_NEEDED)
+ buf_cur += sprintf(buf_cur, "MTU=%u ",
+ GET_VALUE(33).ui16);
+ break;
+ }
+ break;
+ case IPPROTO_ESP:
+ case IPPROTO_AH:
+ buf_cur += sprintf(buf_cur, "PROTO=%s ", GET_VALUE(12).ui8 == IPPROTO_ESP ? "ESP" : "AH");
+ /* FIXME: "INCOMPLETE [%u bytes]" in case of short pkt */
+ if (intr_ids[34].id > 0) {
+ buf_cur += sprintf(buf_cur, "SPI=0x%x ", GET_VALUE(34).ui32);
+ }
+ break;
+ default:
+
+ buf_cur += sprintf(buf_cur, "PROTO=%u ", GET_VALUE(12).ui8);
+ }
+ strcat(buf_cur, "\n");
+
+ return 0;
+}
+
+/* get all key id's for the keys we are intrested in */
+static int get_ids(void)
+{
+ int i;
+ struct intr_id *cur_id;
+
+ for (i = 0; i < INTR_IDS; i++) {
+ cur_id = &intr_ids[i];
+ cur_id->id = keyh_getid(cur_id->name);
+ if (!cur_id->id) {
+ ulogd_log(ULOGD_ERROR,
+ "Cannot resolve keyhash id for %s\n",
+ cur_id->name);
+ return 1;
+ }
+ }
+ return 0;
+}
+
+int printpkt_init(void)
+{
+ if (gethostname(hostname, sizeof(hostname)) < 0) {
+ ulogd_log(ULOGD_FATAL, "can't gethostname(): %s\n",
+ strerror(errno));
+ exit(2);
+ }
+ hostname[sizeof(hostname)-1] = '\0';
+
+ if (get_ids())
+ return 1;
+
+ return 0;
+}
diff --git a/extensions/printpkt.h b/extensions/printpkt.h
new file mode 100644
index 0000000..ce42de4
--- /dev/null
+++ b/extensions/printpkt.h
@@ -0,0 +1,7 @@
+#ifndef _PRINTPKT_H
+#define _PRINTPKT_H
+
+int printpkt_print(ulog_iret_t *res, char *buf, int prefix);
+int printpkt_init(void);
+
+#endif
diff --git a/extensions/ulogd_BASE.c b/extensions/ulogd_BASE.c
new file mode 100644
index 0000000..61bad21
--- /dev/null
+++ b/extensions/ulogd_BASE.c
@@ -0,0 +1,569 @@
+/* ulogd_MAC.c, Version $Revision$
+ *
+ * ulogd interpreter plugin for
+ * o MAC addresses
+ * o NFMARK field
+ * o TIME
+ * o Interface names
+ * o IP header
+ * o TCP header
+ * o UDP header
+ * o ICMP header
+ * o AH/ESP header
+ *
+ * (C) 2000-2001 by Harald Welte
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2
+ * as published by the Free Software Foundation
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+
+ * $Id$
+ *
+ */
+
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+
+/***********************************************************************
+ * Raw header
+ ***********************************************************************/
+static ulog_iret_t raw_rets[] = {
+ { .type = ULOGD_RET_STRING,
+ .flags = ULOGD_RETF_FREE,
+ .key = "raw.mac",
+ },
+ { .type = ULOGD_RET_RAW,
+ .flags = ULOGD_RETF_NONE,
+ .key = "raw.pkt",
+ },
+ { .type = ULOGD_RET_UINT32,
+ .flags = ULOGD_RETF_NONE,
+ .key = "raw.pktlen",
+ },
+};
+
+static ulog_iret_t *_interp_raw(ulog_interpreter_t *ip,
+ ulog_packet_msg_t *pkt)
+{
+ unsigned char *p;
+ int i, tmp, len = 0;
+ char *buf, *ptr = NULL;
+ ulog_iret_t *ret = ip->result;
+ size_t siz;
+
+ if (pkt->mac_len) {
+ siz = 3 * pkt->mac_len + 1;
+ buf = (char *) malloc(siz);
+ if (!buf) {
+ ulogd_log(ULOGD_ERROR, "OOM!!!\n");
+ return NULL;
+ }
+ *buf = '\0';
+
+ p = pkt->mac;
+ ptr = buf;
+ for (i = 0; i < pkt->mac_len; i++, p++) {
+ tmp = snprintf(ptr+len, siz-len, "%02x%s",
+ *p, i==pkt->mac_len-1 ? "":":");
+ if (tmp < 0)
+ break;
+ if (tmp >= siz-len) {
+ buf[siz] = '\0';
+ break;
+ }
+ len += tmp;
+ }
+ ret[0].value.ptr = buf;
+ ret[0].flags |= ULOGD_RETF_VALID;
+ }
+
+ /* include pointer to raw ipv4 packet */
+ ret[1].value.ptr = pkt->payload;
+ ret[1].flags |= ULOGD_RETF_VALID;
+ ret[2].value.ui32 = pkt->data_len;
+ ret[2].flags |= ULOGD_RETF_VALID;
+
+ return ret;
+}
+
+/***********************************************************************
+ * OUT OF BAND
+ ***********************************************************************/
+
+static ulog_iret_t oob_rets[] = {
+ { .type = ULOGD_RET_STRING,
+ .flags = ULOGD_RETF_NONE,
+ .key = "oob.prefix",
+ },
+ { .type = ULOGD_RET_UINT32,
+ .flags = ULOGD_RETF_NONE,
+ .key = "oob.time.sec",
+ },
+ { .type = ULOGD_RET_UINT32,
+ .flags = ULOGD_RETF_NONE,
+ .key = "oob.time.usec",
+ },
+ { .type = ULOGD_RET_UINT32,
+ .flags = ULOGD_RETF_NONE,
+ .key = "oob.mark",
+ },
+ { .type = ULOGD_RET_STRING,
+ .flags = ULOGD_RETF_NONE,
+ .key = "oob.in",
+ },
+ { .type = ULOGD_RET_STRING,
+ .flags = ULOGD_RETF_NONE,
+ .key = "oob.out",
+ },
+};
+
+static ulog_iret_t *_interp_oob(struct ulog_interpreter *ip,
+ ulog_packet_msg_t *pkt)
+{
+ ulog_iret_t *ret = ip->result;
+
+ ret[0].value.ptr = pkt->prefix;
+ ret[0].flags |= ULOGD_RETF_VALID;
+
+ /* god knows why timestamp_usec contains crap if timestamp_sec == 0
+ * if (pkt->timestamp_sec || pkt->timestamp_usec) { */
+ if (pkt->timestamp_sec) {
+ ret[1].value.ui32 = pkt->timestamp_sec;
+ ret[1].flags |= ULOGD_RETF_VALID;
+ ret[2].value.ui32 = pkt->timestamp_usec;
+ ret[2].flags |= ULOGD_RETF_VALID;
+ } else {
+ ret[1].flags &= ~ULOGD_RETF_VALID;
+ ret[2].flags &= ~ULOGD_RETF_VALID;
+ }
+
+ ret[3].value.ui32 = pkt->mark;
+ ret[3].flags |= ULOGD_RETF_VALID;
+ ret[4].value.ptr = pkt->indev_name;
+ ret[4].flags |= ULOGD_RETF_VALID;
+ ret[5].value.ptr = pkt->outdev_name;
+ ret[5].flags |= ULOGD_RETF_VALID;
+
+ return ret;
+}
+
+/***********************************************************************
+ * IP HEADER
+ ***********************************************************************/
+
+static ulog_iret_t iphdr_rets[] = {
+ { .type = ULOGD_RET_IPADDR,
+ .flags = ULOGD_RETF_NONE,
+ .key = "ip.saddr",
+ },
+ { .type = ULOGD_RET_IPADDR,
+ .flags = ULOGD_RETF_NONE,
+ .key = "ip.daddr",
+ },
+ { .type = ULOGD_RET_UINT8,
+ .flags = ULOGD_RETF_NONE,
+ .key = "ip.protocol",
+ },
+ { .type = ULOGD_RET_UINT8,
+ .flags = ULOGD_RETF_NONE,
+ .key = "ip.tos",
+ },
+ { .type = ULOGD_RET_UINT8,
+ .flags = ULOGD_RETF_NONE,
+ .key = "ip.ttl",
+ },
+ { .type = ULOGD_RET_UINT16,
+ .flags = ULOGD_RETF_NONE,
+ .key = "ip.totlen",
+ },
+ { .type = ULOGD_RET_UINT8,
+ .flags = ULOGD_RETF_NONE,
+ .key = "ip.ihl",
+ },
+ { .type = ULOGD_RET_UINT16,
+ .flags = ULOGD_RETF_NONE,
+ .key = "ip.csum",
+ },
+ { .type = ULOGD_RET_UINT16,
+ .flags = ULOGD_RETF_NONE,
+ .key = "ip.id",
+ },
+ { .type = ULOGD_RET_UINT16,
+ .flags = ULOGD_RETF_NONE,
+ .key = "ip.fragoff",
+ },
+};
+
+static ulog_iret_t *_interp_iphdr(struct ulog_interpreter *ip,
+ ulog_packet_msg_t *pkt)
+{
+ ulog_iret_t *ret = ip->result;
+ struct iphdr *iph = (struct iphdr *) pkt->payload;
+
+ ret[0].value.ui32 = ntohl(iph->saddr);
+ ret[0].flags |= ULOGD_RETF_VALID;
+ ret[1].value.ui32 = ntohl(iph->daddr);
+ ret[1].flags |= ULOGD_RETF_VALID;
+ ret[2].value.ui8 = iph->protocol;
+ ret[2].flags |= ULOGD_RETF_VALID;
+ ret[3].value.ui8 = iph->tos;
+ ret[3].flags |= ULOGD_RETF_VALID;
+ ret[4].value.ui8 = iph->ttl;
+ ret[4].flags |= ULOGD_RETF_VALID;
+ ret[5].value.ui16 = ntohs(iph->tot_len);
+ ret[5].flags |= ULOGD_RETF_VALID;
+ ret[6].value.ui8 = iph->ihl;
+ ret[6].flags |= ULOGD_RETF_VALID;
+ ret[7].value.ui16 = ntohs(iph->check);
+ ret[7].flags |= ULOGD_RETF_VALID;
+ ret[8].value.ui16 = ntohs(iph->id);
+ ret[8].flags |= ULOGD_RETF_VALID;
+ ret[9].value.ui16 = ntohs(iph->frag_off);
+ ret[9].flags |= ULOGD_RETF_VALID;
+
+ return ret;
+}
+
+/***********************************************************************
+ * TCP HEADER
+ ***********************************************************************/
+static ulog_iret_t tcphdr_rets[] = {
+ { .type = ULOGD_RET_UINT16,
+ .flags = ULOGD_RETF_NONE,
+ .key = "tcp.sport",
+ },
+ { .type = ULOGD_RET_UINT16,
+ .flags = ULOGD_RETF_NONE,
+ .key = "tcp.dport",
+ },
+ { .type = ULOGD_RET_UINT32,
+ .flags = ULOGD_RETF_NONE,
+ .key = "tcp.seq",
+ },
+ { .type = ULOGD_RET_UINT32,
+ .flags = ULOGD_RETF_NONE,
+ .key = "tcp.ackseq",
+ },
+ { .type = ULOGD_RET_UINT8,
+ .flags = ULOGD_RETF_NONE,
+ .key = "tcp.offset",
+ },
+ { .type = ULOGD_RET_UINT8,
+ .flags = ULOGD_RETF_NONE,
+ .key = "tcp.reserved",
+ },
+ { .type = ULOGD_RET_UINT16,
+ .flags = ULOGD_RETF_NONE,
+ .key = "tcp.window",
+ },
+ { .type = ULOGD_RET_BOOL,
+ .flags = ULOGD_RETF_NONE,
+ .key = "tcp.urg",
+ },
+ { .type = ULOGD_RET_UINT16,
+ .flags = ULOGD_RETF_NONE,
+ .key = "tcp.urgp",
+ },
+ { .type = ULOGD_RET_BOOL,
+ .flags = ULOGD_RETF_NONE,
+ .key = "tcp.ack",
+ },
+ { .type = ULOGD_RET_BOOL,
+ .flags = ULOGD_RETF_NONE,
+ .key = "tcp.psh",
+ },
+ { .type = ULOGD_RET_BOOL,
+ .flags = ULOGD_RETF_NONE,
+ .key = "tcp.rst",
+ },
+ { .type = ULOGD_RET_BOOL,
+ .flags = ULOGD_RETF_NONE,
+ .key = "tcp.syn",
+ },
+ { .type = ULOGD_RET_BOOL,
+ .flags = ULOGD_RETF_NONE,
+ .key = "tcp.fin",
+ },
+ { .type = ULOGD_RET_BOOL,
+ .flags = ULOGD_RETF_NONE,
+ .key = "tcp.res1",
+ },
+ { .type = ULOGD_RET_BOOL,
+ .flags = ULOGD_RETF_NONE,
+ .key = "tcp.res2",
+ },
+ { .type = ULOGD_RET_UINT16,
+ .flags = ULOGD_RETF_NONE,
+ .key = "tcp.csum",
+ },
+};
+
+static ulog_iret_t *_interp_tcphdr(struct ulog_interpreter *ip,
+ ulog_packet_msg_t *pkt)
+{
+ struct iphdr *iph = (struct iphdr *) pkt->payload;
+ void *protoh = (u_int32_t *)iph + iph->ihl;
+ struct tcphdr *tcph = (struct tcphdr *) protoh;
+ ulog_iret_t *ret = ip->result;
+
+ if (iph->protocol != IPPROTO_TCP)
+ return NULL;
+
+ ret[0].value.ui16 = ntohs(tcph->source);
+ ret[0].flags |= ULOGD_RETF_VALID;
+ ret[1].value.ui16 = ntohs(tcph->dest);
+ ret[1].flags |= ULOGD_RETF_VALID;
+ ret[2].value.ui32 = ntohl(tcph->seq);
+ ret[2].flags |= ULOGD_RETF_VALID;
+ ret[3].value.ui32 = ntohl(tcph->ack_seq);
+ ret[3].flags |= ULOGD_RETF_VALID;
+ ret[4].value.ui8 = ntohs(tcph->doff);
+ ret[4].flags |= ULOGD_RETF_VALID;
+ ret[5].value.ui8 = ntohs(tcph->res1);
+ ret[5].flags |= ULOGD_RETF_VALID;
+ ret[6].value.ui16 = ntohs(tcph->window);
+ ret[6].flags |= ULOGD_RETF_VALID;
+
+ ret[7].value.b = tcph->urg;
+ ret[7].flags |= ULOGD_RETF_VALID;
+ if (tcph->urg) {
+ ret[8].value.ui16 = ntohs(tcph->urg_ptr);
+ ret[8].flags |= ULOGD_RETF_VALID;
+ }
+ ret[9].value.b = tcph->ack;
+ ret[9].flags |= ULOGD_RETF_VALID;
+ ret[10].value.b = tcph->psh;
+ ret[10].flags |= ULOGD_RETF_VALID;
+ ret[11].value.b = tcph->rst;
+ ret[11].flags |= ULOGD_RETF_VALID;
+ ret[12].value.b = tcph->syn;
+ ret[12].flags |= ULOGD_RETF_VALID;
+ ret[13].value.b = tcph->fin;
+ ret[13].flags |= ULOGD_RETF_VALID;
+ ret[14].value.b = tcph->res1;
+ ret[14].flags |= ULOGD_RETF_VALID;
+ ret[15].value.b = tcph->res2;
+ ret[15].flags |= ULOGD_RETF_VALID;
+ ret[16].value.ui16 = ntohs(tcph->check);
+ ret[16].value.ui16 = ULOGD_RETF_VALID;
+
+ return ret;
+}
+
+/***********************************************************************
+ * UDP HEADER
+ ***********************************************************************/
+static ulog_iret_t udphdr_rets[] = {
+ { .type = ULOGD_RET_UINT16,
+ .flags = ULOGD_RETF_NONE,
+ .key = "udp.sport",
+ },
+ { .type = ULOGD_RET_UINT16,
+ .flags = ULOGD_RETF_NONE,
+ .key = "udp.dport",
+ },
+ { .type = ULOGD_RET_UINT16,
+ .flags = ULOGD_RETF_NONE,
+ .key = "udp.len",
+ },
+ { .type = ULOGD_RET_UINT16,
+ .flags = ULOGD_RETF_NONE,
+ .key = "udp.csum",
+ },
+};
+
+static ulog_iret_t *_interp_udp(struct ulog_interpreter *ip,
+ ulog_packet_msg_t *pkt)
+{
+ struct iphdr *iph = (struct iphdr *) pkt->payload;
+ void *protoh = (u_int32_t *)iph + iph->ihl;
+ struct udphdr *udph = protoh;
+ ulog_iret_t *ret = ip->result;
+
+ if (iph->protocol != IPPROTO_UDP)
+ return NULL;
+
+ ret[0].value.ui16 = ntohs(udph->source);
+ ret[0].flags |= ULOGD_RETF_VALID;
+ ret[1].value.ui16 = ntohs(udph->dest);
+ ret[1].flags |= ULOGD_RETF_VALID;
+ ret[2].value.ui16 = ntohs(udph->len);
+ ret[2].flags |= ULOGD_RETF_VALID;
+ ret[3].value.ui16 = ntohs(udph->check);
+ ret[3].flags |= ULOGD_RETF_VALID;
+
+ return ret;
+}
+
+/***********************************************************************
+ * ICMP HEADER
+ ***********************************************************************/
+
+static ulog_iret_t icmphdr_rets[] = {
+ { .type = ULOGD_RET_UINT8,
+ .flags = ULOGD_RETF_NONE,
+ .key = "icmp.type",
+ },
+ { .type = ULOGD_RET_UINT8,
+ .flags = ULOGD_RETF_NONE,
+ .key = "icmp.code",
+ },
+ { .type = ULOGD_RET_UINT16,
+ .flags = ULOGD_RETF_NONE,
+ .key = "icmp.echoid",
+ },
+ { .type = ULOGD_RET_UINT16,
+ .flags = ULOGD_RETF_NONE,
+ .key = "icmp.echoseq",
+ },
+ { .type = ULOGD_RET_IPADDR,
+ .flags = ULOGD_RETF_NONE,
+ .key = "icmp.gateway",
+ },
+ { .type = ULOGD_RET_UINT16,
+ .flags = ULOGD_RETF_NONE,
+ .key = "icmp.fragmtu",
+ },
+ { .type = ULOGD_RET_UINT16,
+ .flags = ULOGD_RETF_NONE,
+ .key = "icmp.csum",
+ },
+};
+
+static ulog_iret_t *_interp_icmp(struct ulog_interpreter *ip,
+ ulog_packet_msg_t *pkt)
+{
+ struct iphdr *iph = (struct iphdr *) pkt->payload;
+ void *protoh = (u_int32_t *)iph + iph->ihl;
+ struct icmphdr *icmph = protoh;
+ ulog_iret_t *ret = ip->result;
+
+ if (iph->protocol != IPPROTO_ICMP)
+ return NULL;
+
+ ret[0].value.ui8 = icmph->type;
+ ret[0].flags |= ULOGD_RETF_VALID;
+ ret[1].value.ui8 = icmph->code;
+ ret[1].flags |= ULOGD_RETF_VALID;
+
+ switch(icmph->type) {
+ case ICMP_ECHO:
+ case ICMP_ECHOREPLY:
+ ret[2].value.ui16 = ntohs(icmph->un.echo.id);
+ ret[2].flags |= ULOGD_RETF_VALID;
+ ret[3].value.ui16 = ntohs(icmph->un.echo.sequence);
+ ret[3].flags |= ULOGD_RETF_VALID;
+ break;
+ case ICMP_REDIRECT:
+ case ICMP_PARAMETERPROB:
+ ret[4].value.ui32 = ntohl(icmph->un.gateway);
+ ret[4].flags |= ULOGD_RETF_VALID;
+ break;
+ case ICMP_DEST_UNREACH:
+ if (icmph->code == ICMP_FRAG_NEEDED) {
+ ret[5].value.ui16 = ntohs(icmph->un.frag.mtu);
+ ret[5].flags |= ULOGD_RETF_VALID;
+ }
+ break;
+ }
+ ret[6].value.ui16 = icmph->checksum;
+ ret[6].flags |= ULOGD_RETF_VALID;
+
+ return ret;
+}
+
+/***********************************************************************
+ * IPSEC HEADER
+ ***********************************************************************/
+
+static ulog_iret_t ahesphdr_rets[] = {
+ { .type = ULOGD_RET_UINT32,
+ .flags = ULOGD_RETF_NONE,
+ .key = "ahesp.spi",
+ },
+};
+
+static ulog_iret_t *_interp_ahesp(struct ulog_interpreter *ip,
+ ulog_packet_msg_t *pkt)
+{
+
+ ulog_iret_t *ret = ip->result;
+#if 0
+ struct iphdr *iph = (struct iphdr *) pkt->payload;
+ void *protoh = (u_int32_t *) (iph + iph->ihl);
+ struct esphdr *esph = protoh;
+
+ if (iph->protocol != IPPROTO_ESP)
+ return NULL;
+
+ ret[0].value.ui32 = ntohl(esph->spi);
+ ret[0].flags |= ULOGD_RETF_VALID;
+#endif
+
+ return ret;
+}
+
+
+static ulog_interpreter_t base_ip[] = {
+ { .name = "raw",
+ .interp = &_interp_raw,
+ .key_num = 3,
+ .result = raw_rets },
+ { .name = "oob",
+ .interp = &_interp_oob,
+ .key_num = 6,
+ .result = oob_rets },
+ { .name = "ip",
+ .interp = &_interp_iphdr,
+ .key_num = 10,
+ .result = iphdr_rets },
+ { .name = "tcp",
+ .interp = &_interp_tcphdr,
+ .key_num = 17,
+ .result = tcphdr_rets },
+ { .name = "icmp",
+ .interp = &_interp_icmp,
+ .key_num = 7,
+ .result = icmphdr_rets },
+ { .name = "udp",
+ .interp = &_interp_udp,
+ .key_num = 4,
+ .result = udphdr_rets },
+ { .name = "ahesp",
+ .interp = &_interp_ahesp,
+ .key_num = 1,
+ .result = ahesphdr_rets },
+ { NULL, "", 0, NULL, 0, NULL },
+};
+
+void _base_reg_ip(void)
+{
+ ulog_interpreter_t *ip = base_ip;
+ ulog_interpreter_t *p;
+
+ for (p = ip; p->interp; p++) {
+ register_interpreter(p);
+ }
+}
+
+void _init(void)
+{
+ _base_reg_ip();
+}
diff --git a/extensions/ulogd_LOCAL.c b/extensions/ulogd_LOCAL.c
new file mode 100644
index 0000000..6504ec6
--- /dev/null
+++ b/extensions/ulogd_LOCAL.c
@@ -0,0 +1,102 @@
+/* ulogd_LOCAL.c, Version 0.3
+ *
+ * ulogd interpreter plugin for: - local time of packet
+ * - hostname of localhost
+ *
+ * (C) 2001-2002 by Florent AIDE
+ * with the help of Moez MKADMI
+ * shamelessly ripped from Harald Welte
+ *
+ * 2002 extended by Martin Kaehmer
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2
+ * as published by the Free Software Foundation
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ *
+ *
+ */
+
+#include
+#include
+#include
+#include
+#include
+
+#ifdef DEBUG_LOCAL
+#define DEBUGP(x) ulogd_log(ULOGD_DEBUG, x)
+#else
+#define DEBUGP(format, args...)
+#endif
+
+
+static char hostname[255];
+
+static ulog_iret_t *_interp_local(ulog_interpreter_t *ip,
+ ulog_packet_msg_t *pkt)
+{
+ struct timeval tv;
+ ulog_iret_t *ret = ip->result;
+
+ /* Get date */
+ gettimeofday(&tv, NULL);
+
+ /* put date */
+ ret[0].value.ui32 = (unsigned long) tv.tv_sec;
+ ret[0].flags |= ULOGD_RETF_VALID;
+
+ ret[1].value.ptr = hostname;
+ ret[1].flags |= ULOGD_RETF_VALID;
+
+ return ret;
+}
+
+static ulog_iret_t local_rets[] = {
+ { .type = ULOGD_RET_UINT32,
+ .flags = ULOGD_RETF_NONE,
+ .key = "local.time",
+ },
+ { .type = ULOGD_RET_STRING,
+ .flags = ULOGD_RETF_NONE,
+ .key = "local.hostname",
+ },
+};
+
+static ulog_interpreter_t local_ip[] = {
+ { NULL, "local", 0, &_interp_local, 2, local_rets },
+ { NULL, "", 0, NULL, 0, NULL },
+};
+
+static void _local_reg_ip(void)
+{
+ ulog_interpreter_t *ip = local_ip;
+ ulog_interpreter_t *p;
+
+ for (p = ip; p->interp; p++)
+ register_interpreter(p);
+}
+
+void _init(void)
+{
+ /* get hostname */
+ char *tmp;
+ if (gethostname(hostname, sizeof(hostname)) < 0) {
+ ulogd_log(ULOGD_FATAL, "can't gethostname(): %s\n",
+ strerror(errno));
+ exit(2);
+ }
+ hostname[sizeof(hostname)-1] = '\0';
+ /* strip off everything after first '.' */
+ if ((tmp = strchr(hostname, '.')))
+ *tmp = '\0';
+
+ _local_reg_ip();
+}
diff --git a/extensions/ulogd_LOCALTIME.c b/extensions/ulogd_LOCALTIME.c
new file mode 100644
index 0000000..e69de29
diff --git a/extensions/ulogd_LOGEMU.c b/extensions/ulogd_LOGEMU.c
new file mode 100644
index 0000000..5473668
--- /dev/null
+++ b/extensions/ulogd_LOGEMU.c
@@ -0,0 +1,139 @@
+/* ulogd_LOGEMU.c, Version $Revision$
+ *
+ * ulogd output target for syslog logging emulation
+ *
+ * This target produces a file which looks the same like the syslog-entries
+ * of the LOG target.
+ *
+ * (C) 2000-2001 by Harald Welte
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2
+ * as published by the Free Software Foundation
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ *
+ * $Id$
+ *
+ */
+
+#include
+#include
+#include
+#include
+#include
+#include
+#include "printpkt.c"
+
+#ifndef ULOGD_LOGEMU_DEFAULT
+#define ULOGD_LOGEMU_DEFAULT "/var/log/ulogd.syslogemu"
+#endif
+
+#ifndef ULOGD_LOGEMU_SYNC_DEFAULT
+#define ULOGD_LOGEMU_SYNC_DEFAULT 0
+#endif
+
+#define NIPQUAD(addr) \
+ ((unsigned char *)&addr)[0], \
+ ((unsigned char *)&addr)[1], \
+ ((unsigned char *)&addr)[2], \
+ ((unsigned char *)&addr)[3]
+
+static config_entry_t syslogf_ce = {
+ .key = "file",
+ .type = CONFIG_TYPE_STRING,
+ .options = CONFIG_OPT_NONE,
+ .u = { .string = ULOGD_LOGEMU_DEFAULT }
+};
+
+static config_entry_t syslsync_ce = {
+ .next = &syslogf_ce,
+ .key = "sync",
+ .type = CONFIG_TYPE_INT,
+ .options = CONFIG_OPT_NONE,
+ .u = { .value = ULOGD_LOGEMU_SYNC_DEFAULT }
+};
+
+static FILE *of = NULL;
+
+static int _output_logemu(ulog_iret_t *res)
+{
+ static char buf[4096];
+
+ printpkt_print(res, buf, 1);
+
+ fprintf(of, "%s", buf);
+
+ if (syslsync_ce.u.value)
+ fflush(of);
+
+ return 0;
+}
+
+static void signal_handler_logemu(int signal)
+{
+ FILE *old=of;
+
+ switch (signal) {
+ case SIGHUP:
+ ulogd_log(ULOGD_NOTICE, "syslogemu: reopening logfile\n");
+ of = fopen(syslogf_ce.u.string, "a");
+ if (!of) {
+ ulogd_log(ULOGD_FATAL, "can't open syslogemu: %s\n",
+ strerror(errno));
+ of=old;
+ } else {
+ fclose(old);
+ }
+ break;
+ default:
+ break;
+ }
+}
+
+
+static int init_logemu(void) {
+ /* FIXME: error handling */
+ config_parse_file("LOGEMU", &syslsync_ce);
+
+#ifdef DEBUG_LOGEMU
+ of = stdout;
+#else
+ of = fopen(syslogf_ce.u.string, "a");
+ if (!of) {
+ ulogd_log(ULOGD_FATAL, "can't open syslogemu: %s\n",
+ strerror(errno));
+ exit(2);
+ }
+#endif
+ if (printpkt_init()) {
+ ulogd_log(ULOGD_ERROR, "can't resolve all keyhash id's\n");
+ }
+
+ return 1;
+}
+
+static void fini_logemu(void) {
+ if (of != stdout)
+ fclose(of);
+}
+
+static ulog_output_t logemu_op = {
+ .name = "syslogemu",
+ .init = &init_logemu,
+ .fini = &fini_logemu,
+ .output = &_output_logemu,
+ .signal = &signal_handler_logemu,
+};
+
+void _init(void)
+{
+ register_output(&logemu_op);
+}
diff --git a/extensions/ulogd_OPRINT.c b/extensions/ulogd_OPRINT.c
new file mode 100644
index 0000000..ed34382
--- /dev/null
+++ b/extensions/ulogd_OPRINT.c
@@ -0,0 +1,149 @@
+/* ulogd_MAC.c, Version $Revision$
+ *
+ * ulogd output target for logging to a file
+ *
+ * (C) 2000-2001 by Harald Welte
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2
+ * as published by the Free Software Foundation
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ *
+ * $Id$
+ *
+ */
+
+#include
+#include
+#include
+#include
+#include
+
+#ifndef ULOGD_OPRINT_DEFAULT
+#define ULOGD_OPRINT_DEFAULT "/var/log/ulogd.pktlog"
+#endif
+
+#define NIPQUAD(addr) \
+ ((unsigned char *)&addr)[0], \
+ ((unsigned char *)&addr)[1], \
+ ((unsigned char *)&addr)[2], \
+ ((unsigned char *)&addr)[3]
+
+#define HIPQUAD(addr) \
+ ((unsigned char *)&addr)[3], \
+ ((unsigned char *)&addr)[2], \
+ ((unsigned char *)&addr)[1], \
+ ((unsigned char *)&addr)[0]
+
+static FILE *of = NULL;
+
+static int _output_print(ulog_iret_t *res)
+{
+ ulog_iret_t *ret;
+
+ fprintf(of, "===>PACKET BOUNDARY\n");
+ for (ret = res; ret; ret = ret->cur_next) {
+ fprintf(of,"%s=", ret->key);
+ switch (ret->type) {
+ case ULOGD_RET_STRING:
+ fprintf(of, "%s\n", (char *) ret->value.ptr);
+ break;
+ case ULOGD_RET_BOOL:
+ case ULOGD_RET_INT8:
+ case ULOGD_RET_INT16:
+ case ULOGD_RET_INT32:
+ fprintf(of, "%d\n", ret->value.i32);
+ break;
+ case ULOGD_RET_UINT8:
+ case ULOGD_RET_UINT16:
+ case ULOGD_RET_UINT32:
+ fprintf(of, "%u\n", ret->value.ui32);
+ break;
+ case ULOGD_RET_IPADDR:
+ fprintf(of, "%u.%u.%u.%u\n",
+ HIPQUAD(ret->value.ui32));
+ break;
+ case ULOGD_RET_NONE:
+ fprintf(of, "\n");
+ break;
+ default:
+ fprintf(of, "\n");
+ break;
+ }
+ }
+ return 0;
+}
+
+static config_entry_t outf_ce = {
+ .key = "file",
+ .type = CONFIG_TYPE_STRING,
+ .options = CONFIG_OPT_NONE,
+ .u = { .string = ULOGD_OPRINT_DEFAULT }
+};
+
+static void sighup_handler_print(int signal)
+{
+ FILE *old=of;
+
+ switch (signal) {
+ case SIGHUP:
+ ulogd_log(ULOGD_NOTICE, "PKTLOG: reopening logfile\n");
+ of = fopen(outf_ce.u.string, "a");
+ if (!of) {
+ ulogd_log(ULOGD_FATAL, "can't open PKTLOG: %s\n",
+ strerror(errno));
+ of=old;
+ } else {
+ fclose(old);
+ }
+ break;
+ default:
+ break;
+ }
+}
+
+static int oprint_init(void)
+{
+#ifdef DEBUG
+ of = stdout;
+#else
+ config_parse_file("OPRINT", &outf_ce);
+
+ of = fopen(outf_ce.u.string, "a");
+ if (!of) {
+ ulogd_log(ULOGD_FATAL, "can't open PKTLOG: %s\n",
+ strerror(errno));
+ exit(2);
+ }
+#endif
+ return 0;
+}
+
+static void oprint_fini(void)
+{
+ if (of != stdout)
+ fclose(of);
+
+ return;
+}
+
+static ulog_output_t oprint_op = {
+ .name = "oprint",
+ .output = &_output_print,
+ .signal = &sighup_handler_print,
+ .init = &oprint_init,
+ .fini = &oprint_fini,
+};
+
+void _init(void)
+{
+ register_output(&oprint_op);
+}
diff --git a/extensions/ulogd_PWSNIFF.c b/extensions/ulogd_PWSNIFF.c
new file mode 100644
index 0000000..d205cdd
--- /dev/null
+++ b/extensions/ulogd_PWSNIFF.c
@@ -0,0 +1,167 @@
+/* ulogd_PWSNIFF.c, Version $Revision$
+ *
+ * ulogd logging interpreter for POP3 / FTP like plaintext passwords.
+ *
+ * (C) 2000-2003 by Harald Welte
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2
+ * as published by the Free Software Foundation
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ *
+ * $Id$
+ *
+ */
+
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include "chtons.h"
+#include
+
+#ifdef DEBUG_PWSNIFF
+#define DEBUGP(x) ulogd_log(ULOGD_DEBUG, x)
+#else
+#define DEBUGP(format, args...)
+#endif
+
+
+#define PORT_POP3 110
+#define PORT_FTP 21
+
+static u_int16_t pwsniff_ports[] = {
+ __constant_htons(PORT_POP3),
+ __constant_htons(PORT_FTP),
+ /* feel free to include any other ports here, provided that their
+ * user/password syntax is the same */
+};
+
+#define PWSNIFF_MAX_PORTS 2
+
+static char *_get_next_blank(char* begp, char *endp)
+{
+ char *ptr;
+
+ for (ptr = begp; ptr < endp; ptr++) {
+ if (*ptr == ' ' || *ptr == '\n' || *ptr == '\r') {
+ return ptr-1;
+ }
+ }
+ return NULL;
+}
+
+static ulog_iret_t *_interp_pwsniff(ulog_interpreter_t *ip, ulog_packet_msg_t *pkt)
+{
+ struct iphdr *iph = (struct iphdr *) pkt->payload;
+ void *protoh = (u_int32_t *)iph + iph->ihl;
+ struct tcphdr *tcph = protoh;
+ u_int32_t tcplen = ntohs(iph->tot_len) - iph->ihl * 4;
+ unsigned char *ptr, *begp, *pw_begp, *endp, *pw_endp;
+ ulog_iret_t *ret = ip->result;
+ int len, pw_len, i, cont = 0;
+
+ len = pw_len = 0;
+ begp = pw_begp = NULL;
+
+ if (iph->protocol != IPPROTO_TCP)
+ return NULL;
+
+ for (i = 0; i < PWSNIFF_MAX_PORTS; i++)
+ {
+ if (tcph->dest == pwsniff_ports[i]) {
+ cont = 1;
+ break;
+ }
+ }
+ if (!cont)
+ return NULL;
+
+ DEBUGP("----> pwsniff detected, tcplen=%d, struct=%d, iphtotlen=%d, ihl=%d\n", tcplen, sizeof(struct tcphdr), ntohs(iph->tot_len), iph->ihl);
+
+ for (ptr = (unsigned char *) tcph + sizeof(struct tcphdr);
+ ptr < (unsigned char *) tcph + tcplen; ptr++)
+ {
+ if (!strncasecmp((char *)ptr, "USER ", 5)) {
+ begp = ptr+5;
+ endp = (unsigned char *)_get_next_blank((char *)begp, (char *)tcph + tcplen);
+ if (endp)
+ len = endp - begp + 1;
+ }
+ if (!strncasecmp((char *)ptr, "PASS ", 5)) {
+ pw_begp = ptr+5;
+ pw_endp = (unsigned char *)_get_next_blank((char *)pw_begp,
+ (char *)tcph + tcplen);
+ if (pw_endp)
+ pw_len = pw_endp - pw_begp + 1;
+ }
+ }
+
+ if (len) {
+ ret[0].value.ptr = (char *) malloc(len+1);
+ ret[0].flags |= ULOGD_RETF_VALID;
+ if (!ret[0].value.ptr) {
+ ulogd_log(ULOGD_ERROR, "OOM (size=%u)\n", len);
+ return NULL;
+ }
+ strncpy(ret[0].value.ptr, (char *)begp, len);
+ *((char *)ret[0].value.ptr + len) = '\0';
+ }
+ if (pw_len) {
+ ret[1].value.ptr = (char *) malloc(pw_len+1);
+ ret[1].flags |= ULOGD_RETF_VALID;
+ if (!ret[1].value.ptr){
+ ulogd_log(ULOGD_ERROR, "OOM (size=%u)\n", pw_len);
+ return NULL;
+ }
+ strncpy(ret[1].value.ptr, (char *)pw_begp, pw_len);
+ *((char *)ret[1].value.ptr + pw_len) = '\0';
+
+ }
+ return ret;
+}
+
+static ulog_iret_t pwsniff_rets[] = {
+ { .type = ULOGD_RET_STRING,
+ .flags = ULOGD_RETF_FREE,
+ .key = "pwsniff.user",
+ },
+ { .type = ULOGD_RET_STRING,
+ .flags = ULOGD_RETF_FREE,
+ .key = "pwsniff.pass",
+ },
+};
+
+static ulog_interpreter_t base_ip[] = {
+ { .name = "pwsniff",
+ .interp = &_interp_pwsniff,
+ .key_num = 2,
+ .result = pwsniff_rets },
+ { NULL, "", 0, NULL, 0, NULL },
+};
+
+static void _base_reg_ip(void)
+{
+ ulog_interpreter_t *ip = base_ip;
+ ulog_interpreter_t *p;
+
+ for (p = ip; p->interp; p++)
+ register_interpreter(p);
+}
+
+
+void _init(void)
+{
+ _base_reg_ip();
+}
diff --git a/extensions/ulogd_SYSLOG.c b/extensions/ulogd_SYSLOG.c
new file mode 100644
index 0000000..3b8dd44
--- /dev/null
+++ b/extensions/ulogd_SYSLOG.c
@@ -0,0 +1,149 @@
+/* ulogd_SYSLOG.c, Version $Revision$
+ *
+ * ulogd output target for real syslog() logging
+ *
+ * This target produces a syslog entries identical to the LOG target.
+ *
+ * (C) 2003 by Harald Welte
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2
+ * as published by the Free Software Foundation
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ *
+ * $Id$
+ *
+ */
+
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include "printpkt.h"
+
+#ifndef SYSLOG_FACILITY_DEFAULT
+#define SYSLOG_FACILITY_DEFAULT "LOG_KERN"
+#endif
+
+#ifndef SYSLOG_LEVEL_DEFAULT
+#define SYSLOG_LEVEL_DEFAULT "LOG_NOTICE"
+#endif
+
+static config_entry_t facility_ce = {
+ .key = "facility",
+ .type = CONFIG_TYPE_STRING,
+ .options = CONFIG_OPT_NONE,
+ .u = { .string = SYSLOG_FACILITY_DEFAULT }
+};
+
+static config_entry_t level_ce = {
+ .next = &facility_ce,
+ .key = "level",
+ .type = CONFIG_TYPE_STRING,
+ .options = CONFIG_OPT_NONE,
+ .u = { .string = SYSLOG_LEVEL_DEFAULT }
+};
+
+static int syslog_level, syslog_facility;
+
+static int _output_syslog(ulog_iret_t *res)
+{
+ static char buf[4096];
+
+ printpkt_print(res, buf, 0);
+ syslog(syslog_level|syslog_facility, buf);
+
+ return 0;
+}
+
+static int syslog_init(void)
+{
+ /* FIXME: error handling */
+ config_parse_file("SYSLOG", &level_ce);
+
+ if (!strcmp(facility_ce.u.string, "LOG_DAEMON"))
+ syslog_facility = LOG_DAEMON;
+ else if (!strcmp(facility_ce.u.string, "LOG_KERN"))
+ syslog_facility = LOG_KERN;
+ else if (!strcmp(facility_ce.u.string, "LOG_LOCAL0"))
+ syslog_facility = LOG_LOCAL0;
+ else if (!strcmp(facility_ce.u.string, "LOG_LOCAL1"))
+ syslog_facility = LOG_LOCAL1;
+ else if (!strcmp(facility_ce.u.string, "LOG_LOCAL2"))
+ syslog_facility = LOG_LOCAL2;
+ else if (!strcmp(facility_ce.u.string, "LOG_LOCAL3"))
+ syslog_facility = LOG_LOCAL3;
+ else if (!strcmp(facility_ce.u.string, "LOG_LOCAL4"))
+ syslog_facility = LOG_LOCAL4;
+ else if (!strcmp(facility_ce.u.string, "LOG_LOCAL5"))
+ syslog_facility = LOG_LOCAL5;
+ else if (!strcmp(facility_ce.u.string, "LOG_LOCAL6"))
+ syslog_facility = LOG_LOCAL6;
+ else if (!strcmp(facility_ce.u.string, "LOG_LOCAL7"))
+ syslog_facility = LOG_LOCAL7;
+ else if (!strcmp(facility_ce.u.string, "LOG_USER"))
+ syslog_facility = LOG_USER;
+ else {
+ ulogd_log(ULOGD_FATAL, "unknown facility '%s'\n",
+ facility_ce.u.string);
+ exit(2);
+ }
+
+ if (!strcmp(level_ce.u.string, "LOG_EMERG"))
+ syslog_level = LOG_EMERG;
+ else if (!strcmp(level_ce.u.string, "LOG_ALERT"))
+ syslog_level = LOG_ALERT;
+ else if (!strcmp(level_ce.u.string, "LOG_CRIT"))
+ syslog_level = LOG_CRIT;
+ else if (!strcmp(level_ce.u.string, "LOG_ERR"))
+ syslog_level = LOG_ERR;
+ else if (!strcmp(level_ce.u.string, "LOG_WARNING"))
+ syslog_level = LOG_WARNING;
+ else if (!strcmp(level_ce.u.string, "LOG_NOTICE"))
+ syslog_level = LOG_NOTICE;
+ else if (!strcmp(level_ce.u.string, "LOG_INFO"))
+ syslog_level = LOG_INFO;
+ else if (!strcmp(level_ce.u.string, "LOG_DEBUG"))
+ syslog_level = LOG_DEBUG;
+ else {
+ ulogd_log(ULOGD_FATAL, "unknown level '%s'\n",
+ level_ce.u.string);
+ exit(2);
+ }
+
+ openlog("ulogd", LOG_NDELAY|LOG_PID, syslog_facility);
+
+ return 0;
+}
+
+static void syslog_fini(void)
+{
+ closelog();
+}
+
+static ulog_output_t syslog_op = {
+ .name = "syslog",
+ .init = &syslog_init,
+ .fini = &syslog_fini,
+ .output = &_output_syslog,
+};
+
+
+void _init(void)
+{
+ if (printpkt_init())
+ ulogd_log(ULOGD_ERROR, "can't resolve all keyhash id's\n");
+
+ register_output(&syslog_op);
+}
diff --git a/include/ulogd/conffile.h b/include/ulogd/conffile.h
new file mode 100644
index 0000000..4a390d2
--- /dev/null
+++ b/include/ulogd/conffile.h
@@ -0,0 +1,66 @@
+/* config file parser functions
+ *
+ * (C) 2000 by Harald Welte
+ *
+ * $Id: conffile.h,v 1.2 2001/05/26 23:19:28 laforge Exp $
+ *
+ * This code is distributed under the terms of GNU GPL */
+
+#ifndef _CONFFILE_H
+#define _CONFFILE_H
+
+#include
+
+/* errors returned by config functions */
+enum {
+ ERRNONE = 0,
+ ERROPEN, /* unable to open config file */
+ ERROOM, /* out of memory */
+ ERRMULT, /* non-multiple option occured more than once */
+ ERRMAND, /* mandatory option not found */
+ ERRUNKN, /* unknown config key */
+ ERRSECTION, /* section not found */
+};
+
+/* maximum line lenght of config file entries */
+#define LINE_LEN 255
+
+/* maximum lenght of config key name */
+#define CONFIG_KEY_LEN 30
+
+/* maximum lenght of string config value */
+#define CONFIG_VAL_STRING_LEN 225
+
+/* valid config types */
+#define CONFIG_TYPE_INT 0x0001
+#define CONFIG_TYPE_STRING 0x0002
+#define CONFIG_TYPE_CALLBACK 0x0003
+
+/* valid config options */
+#define CONFIG_OPT_NONE 0x0000
+#define CONFIG_OPT_MANDATORY 0x0001
+#define CONFIG_OPT_MULTI 0x0002
+
+typedef struct config_entry {
+ struct config_entry *next; /* the next one in linked list */
+ char key[CONFIG_KEY_LEN]; /* name of config directive */
+ u_int8_t type; /* type; see above */
+ u_int8_t options; /* options; see above */
+ u_int8_t hit; /* found? */
+ union {
+ char string[CONFIG_VAL_STRING_LEN];
+ int value;
+ int (*parser)(char *argstr);
+ } u;
+} config_entry_t;
+
+/* if an error occurs, config_errce is set to the erroneous ce */
+extern config_entry_t *config_errce;
+
+/* tell us the name of the config file */
+int config_register_file(const char *file);
+
+/* parse the config file */
+int config_parse_file(const char *section, config_entry_t *keys);
+
+#endif /* ifndef _CONFFILE_H */
diff --git a/include/ulogd/ulogd.h b/include/ulogd/ulogd.h
new file mode 100644
index 0000000..36816dc
--- /dev/null
+++ b/include/ulogd/ulogd.h
@@ -0,0 +1,162 @@
+#ifndef _ULOGD_H
+#define _ULOGD_H
+/* ulogd, Version $Revision$
+ *
+ * userspace logging daemon for netfilter ULOG target
+ * of the linux 2.4 netfilter subsystem.
+ *
+ * (C) 2000 by Harald Welte
+ *
+ * this code is released under the terms of GNU GPL
+ *
+ * $Id$
+ */
+
+#include
+#include
+#include /* need this because of extension-sighandler */
+
+/* All types with MSB = 1 make use of value.ptr
+ * other types use one of the union's member */
+
+/* types without length */
+#define ULOGD_RET_NONE 0x0000
+
+#define ULOGD_RET_INT8 0x0001
+#define ULOGD_RET_INT16 0x0002
+#define ULOGD_RET_INT32 0x0003
+#define ULOGD_RET_INT64 0x0004
+
+#define ULOGD_RET_UINT8 0x0011
+#define ULOGD_RET_UINT16 0x0012
+#define ULOGD_RET_UINT32 0x0013
+#define ULOGD_RET_UINT64 0x0014
+
+#define ULOGD_RET_BOOL 0x0050
+
+#define ULOGD_RET_IPADDR 0x0100
+
+/* types with length field */
+#define ULOGD_RET_STRING 0x8020
+#define ULOGD_RET_RAW 0x8030
+
+
+/* FLAGS */
+#define ULOGD_RETF_NONE 0x0000
+#define ULOGD_RETF_VALID 0x0001 /* contains a valid result */
+#define ULOGD_RETF_FREE 0x0002 /* ptr needs to be free()d */
+
+
+/* maximum length of ulogd key */
+#define ULOGD_MAX_KEYLEN 32
+
+#define ULOGD_DEBUG 1 /* debugging information */
+#define ULOGD_INFO 3
+#define ULOGD_NOTICE 5 /* abnormal/unexpected condition */
+#define ULOGD_ERROR 7 /* error condition, requires user action */
+#define ULOGD_FATAL 8 /* fatal, program aborted */
+
+typedef struct ulog_iret {
+ /* next interpreter return (key) in the global list */
+ struct ulog_iret *next;
+ /* next interpreter in linked list for current result */
+ struct ulog_iret *cur_next;
+ /* length of the returned value (only for lengthed types */
+ u_int32_t len;
+ /* type of the returned value (ULOGD_IRET_...) */
+ u_int16_t type;
+ /* flags (i.e. free, ...) */
+ u_int16_t flags;
+ /* name of this key */
+ char key[ULOGD_MAX_KEYLEN];
+ /* and finally the returned value */
+ union {
+ u_int8_t b;
+ u_int8_t ui8;
+ u_int16_t ui16;
+ u_int32_t ui32;
+ u_int64_t ui64;
+ int8_t i8;
+ int16_t i16;
+ int32_t i32;
+ int64_t i64;
+ void *ptr;
+ } value;
+} ulog_iret_t;
+
+typedef struct ulog_interpreter {
+ /* next interpreter in old-style linked list */
+ struct ulog_interpreter *next;
+ /* name of this interpreter (predefined by plugin) */
+ char name[ULOGD_MAX_KEYLEN];
+ /* ID for this interpreter (dynamically assigned) */
+ unsigned int id;
+ /* function to call for each packet */
+ ulog_iret_t* (*interp)(struct ulog_interpreter *ip,
+ ulog_packet_msg_t *pkt);
+ /* number of keys this interpreter has */
+ unsigned int key_num;
+ /* keys of this particular interpreter */
+ ulog_iret_t *result;
+} ulog_interpreter_t;
+
+typedef struct ulog_output {
+ /* next output in the linked list */
+ struct ulog_output *next;
+ /* name of this ouput plugin */
+ char name[ULOGD_MAX_KEYLEN];
+ /* callback for initialization */
+ int (*init)(void);
+ /* callback for de-initialization */
+ void (*fini)(void);
+ /* callback function */
+ int (*output)(ulog_iret_t *ret);
+ /* callback function for signals (SIGHUP, ..) */
+ void (*signal)(int signal);
+} ulog_output_t;
+
+/* entries of the key hash */
+struct ulogd_keyh_entry {
+ ulog_interpreter_t *interp; /* interpreter for this key */
+ unsigned int offset; /* offset within interpreter */
+ const char *name; /* name of this particular key */
+};
+
+/***********************************************************************
+ * PUBLIC INTERFACE
+ ***********************************************************************/
+
+/* register a new interpreter plugin */
+void register_interpreter(ulog_interpreter_t *me);
+
+/* register a new output target */
+void register_output(ulog_output_t *me);
+
+/* allocate a new ulog_iret_t */
+ulog_iret_t *alloc_ret(const u_int16_t type, const char*);
+
+/* write a message to the daemons' logfile */
+void __ulogd_log(int level, char *file, int line, const char *message, ...);
+/* macro for logging including filename and line number */
+#define ulogd_log(level, format, args...) \
+ __ulogd_log(level, __FILE__, __LINE__, format, ## args)
+/* backwards compatibility */
+#define ulogd_error(format, args...) ulogd_log(ULOGD_ERROR, format, ## args)
+
+/* get an interpreter hash id by name */
+unsigned int interh_getid(const char *name);
+
+/* get a key id if you have the name */
+unsigned int keyh_getid(const char *name);
+
+/* get a result for a given key id */
+ulog_iret_t *keyh_getres(unsigned int id);
+
+/* the key hash itself */
+extern struct ulogd_keyh_entry *ulogd_keyh;
+
+#define IS_VALID(x) (x.flags & ULOGD_RETF_VALID)
+
+#define SET_VALID(x) (x.flags |= ULOGD_RETF_VALID)
+
+#endif /* _ULOGD_H */
diff --git a/install-sh b/install-sh
new file mode 100755
index 0000000..e9de238
--- /dev/null
+++ b/install-sh
@@ -0,0 +1,251 @@
+#!/bin/sh
+#
+# install - install a program, script, or datafile
+# This comes from X11R5 (mit/util/scripts/install.sh).
+#
+# Copyright 1991 by the Massachusetts Institute of Technology
+#
+# Permission to use, copy, modify, distribute, and sell this software and its
+# documentation for any purpose is hereby granted without fee, provided that
+# the above copyright notice appear in all copies and that both that
+# copyright notice and this permission notice appear in supporting
+# documentation, and that the name of M.I.T. not be used in advertising or
+# publicity pertaining to distribution of the software without specific,
+# written prior permission. M.I.T. makes no representations about the
+# suitability of this software for any purpose. It is provided "as is"
+# without express or implied warranty.
+#
+# Calling this script install-sh is preferred over install.sh, to prevent
+# `make' implicit rules from creating a file called install from it
+# when there is no Makefile.
+#
+# This script is compatible with the BSD install script, but was written
+# from scratch. It can only install one file at a time, a restriction
+# shared with many OS's install programs.
+
+
+# set DOITPROG to echo to test this script
+
+# Don't use :- since 4.3BSD and earlier shells don't like it.
+doit="${DOITPROG-}"
+
+
+# put in absolute paths if you don't have them in your path; or use env. vars.
+
+mvprog="${MVPROG-mv}"
+cpprog="${CPPROG-cp}"
+chmodprog="${CHMODPROG-chmod}"
+chownprog="${CHOWNPROG-chown}"
+chgrpprog="${CHGRPPROG-chgrp}"
+stripprog="${STRIPPROG-strip}"
+rmprog="${RMPROG-rm}"
+mkdirprog="${MKDIRPROG-mkdir}"
+
+transformbasename=""
+transform_arg=""
+instcmd="$mvprog"
+chmodcmd="$chmodprog 0755"
+chowncmd=""
+chgrpcmd=""
+stripcmd=""
+rmcmd="$rmprog -f"
+mvcmd="$mvprog"
+src=""
+dst=""
+dir_arg=""
+
+while [ x"$1" != x ]; do
+ case $1 in
+ -c) instcmd="$cpprog"
+ shift
+ continue;;
+
+ -d) dir_arg=true
+ shift
+ continue;;
+
+ -m) chmodcmd="$chmodprog $2"
+ shift
+ shift
+ continue;;
+
+ -o) chowncmd="$chownprog $2"
+ shift
+ shift
+ continue;;
+
+ -g) chgrpcmd="$chgrpprog $2"
+ shift
+ shift
+ continue;;
+
+ -s) stripcmd="$stripprog"
+ shift
+ continue;;
+
+ -t=*) transformarg=`echo $1 | sed 's/-t=//'`
+ shift
+ continue;;
+
+ -b=*) transformbasename=`echo $1 | sed 's/-b=//'`
+ shift
+ continue;;
+
+ *) if [ x"$src" = x ]
+ then
+ src=$1
+ else
+ # this colon is to work around a 386BSD /bin/sh bug
+ :
+ dst=$1
+ fi
+ shift
+ continue;;
+ esac
+done
+
+if [ x"$src" = x ]
+then
+ echo "install: no input file specified"
+ exit 1
+else
+ true
+fi
+
+if [ x"$dir_arg" != x ]; then
+ dst=$src
+ src=""
+
+ if [ -d $dst ]; then
+ instcmd=:
+ chmodcmd=""
+ else
+ instcmd=mkdir
+ fi
+else
+
+# Waiting for this to be detected by the "$instcmd $src $dsttmp" command
+# might cause directories to be created, which would be especially bad
+# if $src (and thus $dsttmp) contains '*'.
+
+ if [ -f $src -o -d $src ]
+ then
+ true
+ else
+ echo "install: $src does not exist"
+ exit 1
+ fi
+
+ if [ x"$dst" = x ]
+ then
+ echo "install: no destination specified"
+ exit 1
+ else
+ true
+ fi
+
+# If destination is a directory, append the input filename; if your system
+# does not like double slashes in filenames, you may need to add some logic
+
+ if [ -d $dst ]
+ then
+ dst="$dst"/`basename $src`
+ else
+ true
+ fi
+fi
+
+## this sed command emulates the dirname command
+dstdir=`echo $dst | sed -e 's,[^/]*$,,;s,/$,,;s,^$,.,'`
+
+# Make sure that the destination directory exists.
+# this part is taken from Noah Friedman's mkinstalldirs script
+
+# Skip lots of stat calls in the usual case.
+if [ ! -d "$dstdir" ]; then
+defaultIFS='
+'
+IFS="${IFS-${defaultIFS}}"
+
+oIFS="${IFS}"
+# Some sh's can't handle IFS=/ for some reason.
+IFS='%'
+set - `echo ${dstdir} | sed -e 's@/@%@g' -e 's@^%@/@'`
+IFS="${oIFS}"
+
+pathcomp=''
+
+while [ $# -ne 0 ] ; do
+ pathcomp="${pathcomp}${1}"
+ shift
+
+ if [ ! -d "${pathcomp}" ] ;
+ then
+ $mkdirprog "${pathcomp}"
+ else
+ true
+ fi
+
+ pathcomp="${pathcomp}/"
+done
+fi
+
+if [ x"$dir_arg" != x ]
+then
+ $doit $instcmd $dst &&
+
+ if [ x"$chowncmd" != x ]; then $doit $chowncmd $dst; else true ; fi &&
+ if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dst; else true ; fi &&
+ if [ x"$stripcmd" != x ]; then $doit $stripcmd $dst; else true ; fi &&
+ if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dst; else true ; fi
+else
+
+# If we're going to rename the final executable, determine the name now.
+
+ if [ x"$transformarg" = x ]
+ then
+ dstfile=`basename $dst`
+ else
+ dstfile=`basename $dst $transformbasename |
+ sed $transformarg`$transformbasename
+ fi
+
+# don't allow the sed command to completely eliminate the filename
+
+ if [ x"$dstfile" = x ]
+ then
+ dstfile=`basename $dst`
+ else
+ true
+ fi
+
+# Make a temp file name in the proper directory.
+
+ dsttmp=$dstdir/#inst.$$#
+
+# Move or copy the file name to the temp name
+
+ $doit $instcmd $src $dsttmp &&
+
+ trap "rm -f ${dsttmp}" 0 &&
+
+# and set any options; do chmod last to preserve setuid bits
+
+# If any of these fail, we abort the whole thing. If we want to
+# ignore errors from any of these, just make sure not to ignore
+# errors from the above "$doit $instcmd $src $dsttmp" command.
+
+ if [ x"$chowncmd" != x ]; then $doit $chowncmd $dsttmp; else true;fi &&
+ if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dsttmp; else true;fi &&
+ if [ x"$stripcmd" != x ]; then $doit $stripcmd $dsttmp; else true;fi &&
+ if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dsttmp; else true;fi &&
+
+# Now rename the file to the real destination.
+
+ $doit $rmcmd -f $dstdir/$dstfile &&
+ $doit $mvcmd $dsttmp $dstdir/$dstfile
+
+fi &&
+
+
+exit 0
diff --git a/iptables/Makefile b/iptables/Makefile
deleted file mode 100644
index 64a6b73..0000000
--- a/iptables/Makefile
+++ /dev/null
@@ -1,10 +0,0 @@
-CFLAGS = -DNETFILTER_VERSION=\"1.1.1\" -fPIC
-
-libipt_ULOG.so: libipt_ULOG_sh.o
- ld -shared libipt_ULOG_sh.o -o libipt_ULOG.so
-
-libipt_ULOG_sh.o: libipt_ULOG.c
- gcc $(CFLAGS) -include ../kernel/ipt_ULOG.h -c libipt_ULOG.c -o libipt_ULOG_sh.o
-
-clean:
- rm -f libipt_ULOG_sh.o libipt_ULOG.so
diff --git a/iptables/libipt_ULOG.c b/iptables/libipt_ULOG.c
deleted file mode 100644
index fd44a50..0000000
--- a/iptables/libipt_ULOG.c
+++ /dev/null
@@ -1,207 +0,0 @@
-/* Shared library add-on to iptables to add ULOG support.
- *
- * (C) 2000 by Harald Welte
- *
- * multipart netlink support based on ideas by Sebastian Zander
- *
- *
- * This software is released under the terms of GNU GPL
- *
- * $Id: libipt_ULOG.c,v 1.6 2001/01/30 11:17:26 laforge Exp $
- */
-#include
-#include
-#include
-#include
-#include
-#include
-#include
-#include
-#include
-
-#define ULOG_DEFAULT_NLGROUP 1
-#define ULOG_DEFAULT_QTHRESHOLD 1
-
-
-void print_groups(unsigned int gmask)
-{
- int b;
- unsigned int test;
-
- for (b = 31; b >= 0; b--) {
- test = (1 << b);
- if (gmask & test)
- printf("%d ", b + 1);
- }
-}
-
-/* Function which prints out usage message. */
-static void help(void)
-{
- printf("ULOG v%s options:\n"
- " --ulog-nlgroup nlgroup NETLINK group used for logging\n"
- " --ulog-cprange size Bytes of each packet to be passed\n"
- " --ulog-qthreshold Threshold of in-kernel queue\n"
- " --ulog-prefix prefix Prefix log messages with this prefix.\n\n",
- NETFILTER_VERSION);
-}
-
-static struct option opts[] = {
- {"ulog-nlgroup", 1, 0, '!'},
- {"ulog-prefix", 1, 0, '#'},
- {"ulog-cprange", 1, 0, 'A'},
- {"ulog-qthreshold", 1, 0, 'B'},
- {0}
-};
-
-/* Initialize the target. */
-static void init(struct ipt_entry_target *t, unsigned int *nfcache)
-{
- struct ipt_ulog_info *loginfo = (struct ipt_ulog_info *) t->data;
-
- loginfo->nl_group = ULOG_DEFAULT_NLGROUP;
- loginfo->qthreshold = ULOG_DEFAULT_QTHRESHOLD;
-
- /* Can't cache this */
- *nfcache |= NFC_UNKNOWN;
-}
-
-#define IPT_LOG_OPT_NLGROUP 0x01
-#define IPT_LOG_OPT_PREFIX 0x02
-#define IPT_LOG_OPT_CPRANGE 0x04
-#define IPT_LOG_OPT_QTHRESHOLD 0x08
-
-/* Function which parses command options; returns true if it
- ate an option */
-static int parse(int c, char **argv, int invert, unsigned int *flags,
- const struct ipt_entry *entry,
- struct ipt_entry_target **target)
-{
- struct ipt_ulog_info *loginfo =
- (struct ipt_ulog_info *) (*target)->data;
- int group_d;
-
- switch (c) {
- case '!':
- if (*flags & IPT_LOG_OPT_NLGROUP)
- exit_error(PARAMETER_PROBLEM,
- "Can't specify --ulog-nlgroup twice");
-
- if (check_inverse(optarg, &invert))
- exit_error(PARAMETER_PROBLEM,
- "Unexpected `!' after --ulog-nlgroup");
- group_d = atoi(optarg);
- if (group_d > 32 || group_d < 1)
- exit_error(PARAMETER_PROBLEM,
- "--ulog-nlgroup has to be between 1 and 32");
-
- loginfo->nl_group = (1 << (group_d - 1));
-
- *flags |= IPT_LOG_OPT_NLGROUP;
- break;
-
- case '#':
- if (*flags & IPT_LOG_OPT_PREFIX)
- exit_error(PARAMETER_PROBLEM,
- "Can't specify --ulog-prefix twice");
-
- if (check_inverse(optarg, &invert))
- exit_error(PARAMETER_PROBLEM,
- "Unexpected `!' after --ulog-prefix");
-
- if (strlen(optarg) > sizeof(loginfo->prefix) - 1)
- exit_error(PARAMETER_PROBLEM,
- "Maximum prefix length %u for --ulog-prefix",
- sizeof(loginfo->prefix) - 1);
-
- strcpy(loginfo->prefix, optarg);
- *flags |= IPT_LOG_OPT_PREFIX;
- break;
- case 'A':
- if (*flags & IPT_LOG_OPT_CPRANGE)
- exit_error(PARAMETER_PROBLEM,
- "Can't specify --ulog-cprange twice");
- if (atoi(optarg) < 0)
- exit_error(PARAMETER_PROBLEM,
- "Negative copy range?");
- loginfo->copy_range = atoi(optarg);
- *flags |= IPT_LOG_OPT_CPRANGE;
- break;
- case 'B':
- if (*flags & IPT_LOG_OPT_QTHRESHOLD)
- exit_error(PARAMETER_PROBLEM,
- "Can't specify --ulog-qthreshold twice");
- if (atoi(optarg) < 1)
- exit_error(PARAMETER_PROBLEM,
- "Negative or zero queue threshold ?");
- if (atoi(optarg) > ULOG_MAX_QLEN)
- exit_error(PARAMETER_PROBLEM,
- "Maximum queue length exceeded");
- loginfo->qthreshold = atoi(optarg);
- *flags |= IPT_LOG_OPT_QTHRESHOLD;
- break;
- }
- return 1;
-}
-
-/* Final check; nothing. */
-static void final_check(unsigned int flags)
-{
-}
-
-/* Saves the union ipt_targinfo in parsable form to stdout. */
-static void save(const struct ipt_ip *ip,
- const struct ipt_entry_target *target)
-{
- const struct ipt_ulog_info *loginfo
- = (const struct ipt_ulog_info *) target->data;
-
- if (strcmp(loginfo->prefix, "") != 0)
- printf("--ulog-prefix %s ", loginfo->prefix);
-
- if (loginfo->nl_group != ULOG_DEFAULT_NLGROUP) {
- printf("--ulog-nlgroup ");
- print_groups(loginfo->nl_group);
- printf("\n");
- }
- if (loginfo->copy_range)
- printf("--ulog-cprange %d ", loginfo->copy_range);
-
- if (loginfo->qthreshold != ULOG_DEFAULT_QTHRESHOLD)
- printf("--ulog-qthreshold %d ", loginfo->qthreshold);
-}
-
-/* Prints out the targinfo. */
-static void
-print(const struct ipt_ip *ip,
- const struct ipt_entry_target *target, int numeric)
-{
- const struct ipt_ulog_info *loginfo
- = (const struct ipt_ulog_info *) target->data;
-
- printf("ULOG ");
- printf("copy_range %d nlgroup ", loginfo->copy_range);
- print_groups(loginfo->nl_group);
- if (strcmp(loginfo->prefix, "") != 0)
- printf("prefix `%s' ", loginfo->prefix);
- printf("queue_threshold %d ", loginfo->qthreshold);
-}
-
-struct iptables_target ulog = { NULL,
- "ULOG",
- NETFILTER_VERSION,
- IPT_ALIGN(sizeof(struct ipt_ulog_info)),
- IPT_ALIGN(sizeof(struct ipt_ulog_info)),
- &help,
- &init,
- &parse,
- &final_check,
- &print,
- &save,
- opts
-};
-
-void _init(void)
-{
- register_target(&ulog);
-}
diff --git a/kernel-ULOG-2.4.0-test4.diff b/kernel-ULOG-2.4.0-test4.diff
deleted file mode 100644
index f4a5501..0000000
--- a/kernel-ULOG-2.4.0-test4.diff
+++ /dev/null
@@ -1,229 +0,0 @@
-diff -Nru linux-2.4.0-test4-plain/Documentation/Configure.help linux-2.4.0-test4-work/Documentation/Configure.help
---- linux-2.4.0-test4-plain/Documentation/Configure.help Thu Jul 13 18:42:51 2000
-+++ linux-2.4.0-test4-work/Documentation/Configure.help Sun Jul 30 21:56:01 2000
-@@ -2010,6 +2010,16 @@
- If you want to compile it as a module, say M here and read
- Documentation/modules.txt. If unsure, say `N'.
-
-+ULOG target support
-+CONFIG_IP_NF_TARGET_ULOG
-+ This option adds a `ULOG' target, which allows you to create rules in
-+ any iptables table. The packet is passed to one or more userspace logging
-+ daemon using netlink multicast sockets. Logging is no longer forced to
-+ be in syslog, but can be done by any userspace process.
-+
-+ If you want to compile it as a module, say M here and read
-+ Documentation/modules.txt. If unsure, say `N'.
-+
- ipchains (2.2-style) support
- CONFIG_IP_NF_COMPAT_IPCHAINS
- This option places ipchains (with masquerading and redirection
-diff -Nru linux-2.4.0-test4-plain/include/linux/netfilter_ipv4/ipt_ULOG.h linux-2.4.0-test4-work/include/linux/netfilter_ipv4/ipt_ULOG.h
---- linux-2.4.0-test4-plain/include/linux/netfilter_ipv4/ipt_ULOG.h Thu Jan 1 01:00:00 1970
-+++ linux-2.4.0-test4-work/include/linux/netfilter_ipv4/ipt_ULOG.h Sun Jul 30 22:11:07 2000
-@@ -0,0 +1,36 @@
-+#ifndef _IPT_ULOG_H
-+#define _IPT_ULOG_H
-+
-+#ifdef __KERNEL__
-+#include
-+#endif
-+
-+#define ULOG_MAC_LEN 80
-+
-+
-+/* just until this is in netfilter.h */
-+#ifndef NETLINK_NFLOG
-+#define NETLINK_NFLOG 25
-+#endif
-+
-+struct ipt_ulog_info {
-+ unsigned char logflags;
-+ unsigned int nl_group;
-+ char prefix[30];
-+};
-+
-+typedef struct ulog_packet_msg {
-+ unsigned long mark;
-+ long timestamp_sec;
-+ long timestamp_usec;
-+ unsigned int hook;
-+ char indev_name[IFNAMSIZ];
-+ char outdev_name[IFNAMSIZ];
-+ size_t data_len;
-+ char prefix[30];
-+ unsigned char mac_len;
-+ unsigned char mac[ULOG_MAC_LEN];
-+ unsigned char payload[0];
-+} ulog_packet_msg_t;
-+
-+#endif /*_IPT_ULOG_H*/
-diff -Nru linux-2.4.0-test4-plain/net/ipv4/netfilter/Config.in linux-2.4.0-test4-work/net/ipv4/netfilter/Config.in
---- linux-2.4.0-test4-plain/net/ipv4/netfilter/Config.in Mon Mar 27 20:35:56 2000
-+++ linux-2.4.0-test4-work/net/ipv4/netfilter/Config.in Sun Jul 30 21:47:35 2000
-@@ -51,6 +51,7 @@
- dep_tristate ' MARK target support' CONFIG_IP_NF_TARGET_MARK $CONFIG_IP_NF_MANGLE
- fi
- dep_tristate ' LOG target support' CONFIG_IP_NF_TARGET_LOG $CONFIG_IP_NF_IPTABLES
-+ dep_tristate ' ULOG target support' CONFIG_IP_NF_TARGET_ULOG $CONFIG_IP_NF_IPTABLES
- fi
-
- # Backwards compatibility modules: only if you don't build in the others.
-diff -Nru linux-2.4.0-test4-plain/net/ipv4/netfilter/Makefile linux-2.4.0-test4-work/net/ipv4/netfilter/Makefile
---- linux-2.4.0-test4-plain/net/ipv4/netfilter/Makefile Mon Mar 27 20:35:56 2000
-+++ linux-2.4.0-test4-work/net/ipv4/netfilter/Makefile Sun Jul 30 22:02:16 2000
-@@ -197,6 +197,14 @@
- endif
- endif
-
-+ifeq ($(CONFIG_IP_NF_TARGET_ULOG),y)
-+O_OBJS += ipt_ULOG.o
-+else
-+ ifeq ($(CONFIG_IP_NF_TARGET_ULOG),m)
-+ M_OBJS += ipt_ULOG.o
-+ endif
-+endif
-+
- ifeq ($(CONFIG_IP_NF_COMPAT_IPCHAINS),y)
- O_OBJS += ipchains_core.o $(IP_NF_COMPAT_LAYER)
- else
-diff -Nru linux-2.4.0-test4-plain/net/ipv4/netfilter/ipt_ULOG.c linux-2.4.0-test4-work/net/ipv4/netfilter/ipt_ULOG.c
---- linux-2.4.0-test4-plain/net/ipv4/netfilter/ipt_ULOG.c Thu Jan 1 01:00:00 1970
-+++ linux-2.4.0-test4-work/net/ipv4/netfilter/ipt_ULOG.c Sun Jul 30 21:45:44 2000
-@@ -0,0 +1,136 @@
-+/*
-+ * netfilter module for userspace packet logging daemons
-+ *
-+ * (C) 2000 by Harald Welte
-+ *
-+ * Released under the terms of the GPL
-+ */
-+
-+#include
-+#include
-+#include
-+#include
-+#include
-+#include
-+#include
-+#include
-+#include
-+#include
-+#include
-+
-+#define NETLINK_NFLOG 25
-+#define ULOG_NL_EVENT 111
-+
-+#if 1
-+#define DEBUGP printk
-+#else
-+#define DEBUGP(format, args ...)
-+#endif
-+
-+struct sock *nflognl;
-+
-+static void nflog_rcv(struct sock *sk, int len)
-+{
-+ printk("nflog_rcv: did receive netlink message ?!?\n");
-+}
-+
-+static unsigned int ipt_ulog_target(
-+ struct sk_buff **pskb,
-+ unsigned int hooknum,
-+ const struct net_device *in,
-+ const struct net_device *out,
-+ const void *targinfo,
-+ void *userinfo)
-+{
-+ ulog_packet_msg_t *pm;
-+ size_t size;
-+ struct sk_buff *nlskb;
-+ unsigned char *old_tail;
-+ struct nlmsghdr *nlh;
-+ struct ipt_ulog_info *loginfo = (struct ipt_ulog_info *)targinfo;
-+
-+ /* calculate the size of the skb needed */
-+
-+ size = NLMSG_SPACE(sizeof(*pm) + (*pskb)->len);
-+ nlskb = alloc_skb(size, GFP_ATOMIC);
-+ if (!nlskb)
-+ goto nlmsg_failure;
-+
-+ old_tail = nlskb->tail;
-+ nlh = NLMSG_PUT(nlskb, 0, 0, ULOG_NL_EVENT, size - sizeof(*nlh));
-+ pm = NLMSG_DATA(nlh);
-+
-+ /* copy hook, prefix, timestamp, payload, etc. */
-+
-+ pm->data_len = (*pskb)->len;
-+ pm->timestamp_sec = (*pskb)->stamp.tv_sec;
-+ pm->timestamp_usec = (*pskb)->stamp.tv_usec;
-+ pm->mark = (*pskb)->nfmark;
-+ pm->hook = hooknum;
-+ if (loginfo->prefix)
-+ strcpy(pm->prefix, loginfo->prefix);
-+
-+ if (in && !out)
-+ {
-+ if ((*pskb)->dev && (*pskb)->dev->hard_header_len > 0
-+ && (*pskb)->dev->hard_header_len <= ULOG_MAC_LEN)
-+ {
-+ memcpy(pm->mac, (*pskb)->mac.raw, (*pskb)->dev->hard_header_len);
-+ pm->mac_len = (*pskb)->dev->hard_header_len;
-+ }
-+
-+ }
-+/*
-+ if (in) strcpy(pm->indev_name, in->name);
-+ else pm->indev_name[0] = '\0';
-+*/
-+ if ((*pskb)->len)
-+ memcpy(pm->payload, (*pskb)->data, (*pskb)->len);
-+ nlh->nlmsg_len = nlskb->tail - old_tail;
-+ NETLINK_CB(nlskb).dst_groups = loginfo->nl_group;
-+ DEBUGP("ipt_ULOG: going to throw out a packet to netlink groupmask %u\n", loginfo->nl_group);
-+ netlink_broadcast(nflognl, nlskb, 0, loginfo->nl_group, GFP_ATOMIC);
-+
-+ return IPT_CONTINUE;
-+
-+nlmsg_failure:
-+ if (nlskb)
-+ kfree(nlskb);
-+ printk("ipt_ULOG: Error building netlink message\n");
-+ return IPT_CONTINUE;
-+
-+}
-+
-+static int ipt_ulog_checkentry(
-+ const char *tablename,
-+ const struct ipt_entry *e,
-+ void *targinfo,
-+ unsigned int targinfosize,
-+ unsigned int hookmask)
-+{
-+ return 1;
-+}
-+
-+
-+static struct ipt_target ipt_ulog_reg =
-+ { { NULL, NULL }, "ULOG", ipt_ulog_target, ipt_ulog_checkentry, NULL,
-+ THIS_MODULE };
-+
-+static int __init init(void)
-+{
-+ DEBUGP("ipt_ULOG: init module\n");
-+ nflognl = netlink_kernel_create(NETLINK_NFLOG, nflog_rcv);
-+ if (ipt_register_target(&ipt_ulog_reg))
-+ return -EINVAL;
-+
-+ return 0;
-+}
-+
-+static void __exit fini(void)
-+{
-+ DEBUGP("ipt_ULOG: cleanup_module\n");
-+ ipt_unregister_target(&ipt_ulog_reg);
-+}
-+
-+module_init(init);
-+module_exit(fini);
diff --git a/kernel-ULOG1-to-ULOG2.diff b/kernel-ULOG1-to-ULOG2.diff
deleted file mode 100644
index a690e05..0000000
--- a/kernel-ULOG1-to-ULOG2.diff
+++ /dev/null
@@ -1,210 +0,0 @@
-diff -Nru linux-2.4.0-test4-ulog1/include/linux/netfilter_ipv4/ipt_ULOG.h linux-2.4.0-test4-work/include/linux/netfilter_ipv4/ipt_ULOG.h
---- linux-2.4.0-test4-ulog1/include/linux/netfilter_ipv4/ipt_ULOG.h Mon Jul 31 13:31:51 2000
-+++ linux-2.4.0-test4-work/include/linux/netfilter_ipv4/ipt_ULOG.h Mon Jul 31 17:17:04 2000
-@@ -7,6 +7,7 @@
- struct ipt_ulog_info
- {
- unsigned int nl_group;
-+ size_t copy_range;
- char prefix[ULOG_PREFIX_LEN];
- };
-
-diff -Nru linux-2.4.0-test4-ulog1/net/ipv4/netfilter/ipt_ULOG.c linux-2.4.0-test4-work/net/ipv4/netfilter/ipt_ULOG.c
---- linux-2.4.0-test4-ulog1/net/ipv4/netfilter/ipt_ULOG.c Mon Jul 31 13:31:51 2000
-+++ linux-2.4.0-test4-work/net/ipv4/netfilter/ipt_ULOG.c Mon Jul 31 13:41:57 2000
-@@ -4,6 +4,8 @@
- * (C) 2000 by Harald Welte
- *
- * Released under the terms of the GPL
-+ *
-+ * ipt_ULOG.c,v 1.4 2000/07/31 11:41:06 laforge Exp
- */
-
- #include
-@@ -15,15 +17,17 @@
- #include
- #include
- #include
-+#include
- #include
- #include
-+#include
-
--#define ULOG_NL_EVENT 111 /* Harald's favorite number */
-+#define ULOG_NL_EVENT 111 /* Harald's favorite number */
-
- #if 0
- #define DEBUGP printk
- #else
--#define DEBUGP(format, args ...)
-+#define DEBUGP(format, args...)
- #endif
-
- static struct sock *nflognl;
-@@ -33,35 +37,38 @@
- printk("nflog_rcv: did receive netlink message ?!?\n");
- }
-
--static unsigned int ipt_ulog_target(
-- struct sk_buff **pskb,
-- unsigned int hooknum,
-- const struct net_device *in,
-- const struct net_device *out,
-- const void *targinfo,
-- void *userinfo)
-+static unsigned int ipt_ulog_target(struct sk_buff **pskb,
-+ unsigned int hooknum,
-+ const struct net_device *in,
-+ const struct net_device *out,
-+ const void *targinfo, void *userinfo)
- {
- ulog_packet_msg_t *pm;
-- size_t size;
-+ size_t size, copy_len;
- struct sk_buff *nlskb;
- unsigned char *old_tail;
- struct nlmsghdr *nlh;
-- struct ipt_ulog_info *loginfo = (struct ipt_ulog_info *)targinfo;
-+ struct ipt_ulog_info *loginfo = (struct ipt_ulog_info *) targinfo;
-
- /* calculate the size of the skb needed */
--
-- size = NLMSG_SPACE(sizeof(*pm) + (*pskb)->len);
-+ if ((loginfo->copy_range == 0) ||
-+ (loginfo->copy_range > (*pskb)->len)) {
-+ copy_len = (*pskb)->len;
-+ } else {
-+ copy_len = loginfo->copy_range;
-+ }
-+ size = NLMSG_SPACE(sizeof(*pm) + copy_len);
- nlskb = alloc_skb(size, GFP_ATOMIC);
- if (!nlskb)
- goto nlmsg_failure;
--
-+
- old_tail = nlskb->tail;
- nlh = NLMSG_PUT(nlskb, 0, 0, ULOG_NL_EVENT, size - sizeof(*nlh));
- pm = NLMSG_DATA(nlh);
--
-+
- /* copy hook, prefix, timestamp, payload, etc. */
-
-- pm->data_len = (*pskb)->len;
-+ pm->data_len = copy_len;
- pm->timestamp_sec = (*pskb)->stamp.tv_sec;
- pm->timestamp_usec = (*pskb)->stamp.tv_usec;
- pm->mark = (*pskb)->nfmark;
-@@ -70,52 +77,57 @@
- strcpy(pm->prefix, loginfo->prefix);
-
- if (in && in->hard_header_len > 0
-- && (*pskb)->mac.raw != (*pskb)->nh.iph
-+ && (*pskb)->mac.raw != (void *) (*pskb)->nh.iph
- && in->hard_header_len <= ULOG_MAC_LEN) {
- memcpy(pm->mac, (*pskb)->mac.raw, in->hard_header_len);
- pm->mac_len = in->hard_header_len;
- }
-
-- if (in) strcpy(pm->indev_name, in->name);
-- else pm->indev_name[0] = '\0';
-+ if (in)
-+ strcpy(pm->indev_name, in->name);
-+ else
-+ pm->indev_name[0] = '\0';
-+
-+ if (out)
-+ strcpy(pm->outdev_name, out->name);
-+ else
-+ pm->outdev_name[0] = '\0';
-
-- if (out) strcpy(pm->outdev_name, out->name);
-- else pm->outdev_name[0] = '\0';
--
-- if ((*pskb)->len)
-- memcpy(pm->payload, (*pskb)->data, (*pskb)->len);
-+ if (copy_len)
-+ memcpy(pm->payload, (*pskb)->data, copy_len);
- nlh->nlmsg_len = nlskb->tail - old_tail;
- NETLINK_CB(nlskb).dst_groups = loginfo->nl_group;
-- DEBUGP("ipt_ULOG: going to throw a packet to netlink groupmask %u\n",
-- loginfo->nl_group);
-- netlink_broadcast(nflognl, nlskb, 0, loginfo->nl_group, GFP_ATOMIC);
-+ DEBUGP
-+ ("ipt_ULOG: going to throw a packet to netlink groupmask %u\n",
-+ loginfo->nl_group);
-+ netlink_broadcast(nflognl, nlskb, 0, loginfo->nl_group,
-+ GFP_ATOMIC);
-
- return IPT_CONTINUE;
-
--nlmsg_failure:
-+ nlmsg_failure:
- if (nlskb)
-- kfree(nlskb);
-+ kfree(nlskb);
- printk("ipt_ULOG: Error building netlink message\n");
- return IPT_CONTINUE;
- }
-
--static int ipt_ulog_checkentry(
-- const char *tablename,
-- const struct ipt_entry *e,
-- void *targinfo,
-- unsigned int targinfosize,
-- unsigned int hookmask)
-+static int ipt_ulog_checkentry(const char *tablename,
-+ const struct ipt_entry *e,
-+ void *targinfo,
-+ unsigned int targinfosize,
-+ unsigned int hookmask)
- {
-- struct ipt_ulog_info *loginfo = (struct ipt_ulog_info *)targinfo;
-+ struct ipt_ulog_info *loginfo = (struct ipt_ulog_info *) targinfo;
-
-- if (targinfosize != IPT_ALIGN(sizeof(struct ipt_ulog_info))) {
-- DEBUGP("ULOG: targinfosize %u != 0\n", targinfosize);
-- return 0;
-- }
-+ if (targinfosize != IPT_ALIGN(sizeof(struct ipt_ulog_info))) {
-+ DEBUGP("ULOG: targinfosize %u != 0\n", targinfosize);
-+ return 0;
-+ }
-
-- if (loginfo->prefix[sizeof(loginfo->prefix)-1] != '\0') {
-+ if (loginfo->prefix[sizeof(loginfo->prefix) - 1] != '\0') {
- DEBUGP("ULOG: prefix term %i\n",
-- loginfo->prefix[sizeof(loginfo->prefix)-1]);
-+ loginfo->prefix[sizeof(loginfo->prefix) - 1]);
- return 0;
- }
-
-@@ -123,8 +135,9 @@
- }
-
- static struct ipt_target ipt_ulog_reg =
-- { { NULL, NULL }, "ULOG", ipt_ulog_target, ipt_ulog_checkentry, NULL,
-- THIS_MODULE };
-+ { {NULL, NULL}, "ULOG", ipt_ulog_target, ipt_ulog_checkentry, NULL,
-+THIS_MODULE
-+};
-
- static int __init init(void)
- {
-@@ -134,7 +147,7 @@
- return -ENOMEM;
-
- if (ipt_register_target(&ipt_ulog_reg) != 0) {
-- sock_release(nflognl->socket);
-+ sock_release(nflognl->socket);
- return -EINVAL;
- }
-
-@@ -144,7 +157,7 @@
- static void __exit fini(void)
- {
- DEBUGP("ipt_ULOG: cleanup_module\n");
--
-+
- ipt_unregister_target(&ipt_ulog_reg);
- sock_release(nflognl->socket);
- }
diff --git a/kernel/Makefile b/kernel/Makefile
deleted file mode 100644
index 801561c..0000000
--- a/kernel/Makefile
+++ /dev/null
@@ -1,8 +0,0 @@
-CFLAGS = -D__KERNEL__ -march=i586 -DMODULE -DMODVERSIONS -include /usr/src/linux/include/linux/modversions.h -include ./ipt_ULOG.h -I/usr/src/linux/include -Wall -O2 -fomit-frame-pointer
-
-
-ipt_ULOG.o: ipt_ULOG.c Makefile
- gcc $(CFLAGS) -c ipt_ULOG.c
-
-clean:
- rm -f *.o
diff --git a/kernel/ipt_ULOG.c b/kernel/ipt_ULOG.c
deleted file mode 100644
index 90b5a8e..0000000
--- a/kernel/ipt_ULOG.c
+++ /dev/null
@@ -1,370 +0,0 @@
-/*
- * netfilter module for userspace packet logging daemons
- *
- * (C) 2000-2002 by Harald Welte
- *
- * 2000/09/22 ulog-cprange feature added
- * 2001/01/04 in-kernel queue as proposed by Sebastian Zander
- *
- * 2001/01/30 per-rule nlgroup conflicts with global queue.
- * nlgroup now global (sysctl)
- * 2001/04/19 ulog-queue reworked, now fixed buffer size specified at
- * module loadtime -HW
- * 2002/07/07 remove broken nflog_rcv() function -HW
- * 2002/08/29 fix shifted/unshifted nlgroup bug -HW
- * 2002/10/30 fix uninitialized mac_len field -
- *
- * Released under the terms of the GPL
- *
- * This module accepts two parameters:
- *
- * nlbufsiz:
- * The parameter specifies how big the buffer for each netlink multicast
- * group is. e.g. If you say nlbufsiz=8192, up to eight kb of packets will
- * get accumulated in the kernel until they are sent to userspace. It is
- * NOT possible to allocate more than 128kB, and it is strongly discouraged,
- * because atomically allocating 128kB inside the network rx softirq is not
- * reliable. Please also keep in mind that this buffer size is allocated for
- * each nlgroup you are using, so the total kernel memory usage increases
- * by that factor.
- *
- * flushtimeout:
- * Specify, after how many clock ticks (intel: 100 per second) the queue
- * should be flushed even if it is not full yet.
- *
- * $Id: ipt_ULOG.c,v 1.21 2002/08/29 10:54:34 laforge Exp $
- */
-
-#include
-#include
-#include
-#include
-#include
-#include
-#include
-#include
-#include
-#include
-#include
-#include
-#include
-#include
-#include
-#include
-#include
-
-MODULE_LICENSE("GPL");
-MODULE_AUTHOR("Harald Welte ");
-MODULE_DESCRIPTION("IP tables userspace logging module");
-
-#define ULOG_NL_EVENT 111 /* Harald's favorite number */
-#define ULOG_MAXNLGROUPS 32 /* numer of nlgroups */
-
-#if 0
-#define DEBUGP(format, args...) printk(__FILE__ ":" __FUNCTION__ ":" \
- format, ## args)
-#else
-#define DEBUGP(format, args...)
-#endif
-
-#define PRINTR(format, args...) do { if (net_ratelimit()) printk(format, ## args); } while (0)
-
-static unsigned int nlbufsiz = 4096;
-MODULE_PARM(nlbufsiz, "i");
-MODULE_PARM_DESC(nlbufsiz, "netlink buffer size");
-
-static unsigned int flushtimeout = 10 * HZ;
-MODULE_PARM(flushtimeout, "i");
-MODULE_PARM_DESC(flushtimeout, "buffer flush timeout");
-
-/* global data structures */
-
-typedef struct {
- unsigned int qlen; /* number of nlmsgs' in the skb */
- struct nlmsghdr *lastnlh; /* netlink header of last msg in skb */
- struct sk_buff *skb; /* the pre-allocated skb */
- struct timer_list timer; /* the timer function */
-} ulog_buff_t;
-
-static ulog_buff_t ulog_buffers[ULOG_MAXNLGROUPS]; /* array of buffers */
-
-static struct sock *nflognl; /* our socket */
-static size_t qlen; /* current length of multipart-nlmsg */
-DECLARE_LOCK(ulog_lock); /* spinlock */
-
-/* send one ulog_buff_t to userspace */
-static void ulog_send(unsigned int nlgroupnum)
-{
- ulog_buff_t *ub = &ulog_buffers[nlgroupnum];
-
- if (timer_pending(&ub->timer)) {
- DEBUGP("ipt_ULOG: ulog_send: timer was pending, deleting\n");
- del_timer(&ub->timer);
- }
-
- /* last nlmsg needs NLMSG_DONE */
- if (ub->qlen > 1)
- ub->lastnlh->nlmsg_type = NLMSG_DONE;
-
- NETLINK_CB(ub->skb).dst_groups = (1 << nlgroupnum);
- DEBUGP("ipt_ULOG: throwing %d packets to netlink mask %u\n",
- ub->qlen, nlgroup);
- netlink_broadcast(nflognl, ub->skb, 0, (1 << nlgroupnum), GFP_ATOMIC);
-
- ub->qlen = 0;
- ub->skb = NULL;
- ub->lastnlh = NULL;
-
-}
-
-
-/* timer function to flush queue in ULOG_FLUSH_INTERVAL time */
-static void ulog_timer(unsigned long data)
-{
- DEBUGP("ipt_ULOG: timer function called, calling ulog_send\n");
-
- /* lock to protect against somebody modifying our structure
- * from ipt_ulog_target at the same time */
- LOCK_BH(&ulog_lock);
- ulog_send(data);
- UNLOCK_BH(&ulog_lock);
-}
-
-struct sk_buff *ulog_alloc_skb(unsigned int size)
-{
- struct sk_buff *skb;
-
- /* alloc skb which should be big enough for a whole
- * multipart message. WARNING: has to be <= 131000
- * due to slab allocator restrictions */
-
- skb = alloc_skb(nlbufsiz, GFP_ATOMIC);
- if (!skb) {
- PRINTR("ipt_ULOG: can't alloc whole buffer %ub!\n",
- nlbufsiz);
-
- /* try to allocate only as much as we need for
- * current packet */
-
- skb = alloc_skb(size, GFP_ATOMIC);
- if (!skb)
- PRINTR("ipt_ULOG: can't even allocate %ub\n", size);
- }
-
- return skb;
-}
-
-static unsigned int ipt_ulog_target(struct sk_buff **pskb,
- unsigned int hooknum,
- const struct net_device *in,
- const struct net_device *out,
- const void *targinfo, void *userinfo)
-{
- ulog_buff_t *ub;
- ulog_packet_msg_t *pm;
- size_t size, copy_len;
- struct nlmsghdr *nlh;
- struct ipt_ulog_info *loginfo = (struct ipt_ulog_info *) targinfo;
-
- /* ffs == find first bit set, necessary because userspace
- * is already shifting groupnumber, but we need unshifted.
- * ffs() returns [1..32], we need [0..31] */
- unsigned int groupnum = ffs(loginfo->nl_group) - 1;
-
- /* calculate the size of the skb needed */
- if ((loginfo->copy_range == 0) ||
- (loginfo->copy_range > (*pskb)->len)) {
- copy_len = (*pskb)->len;
- } else {
- copy_len = loginfo->copy_range;
- }
-
- size = NLMSG_SPACE(sizeof(*pm) + copy_len);
-
- ub = &ulog_buffers[groupnum];
-
- LOCK_BH(&ulog_lock);
-
- if (!ub->skb) {
- if (!(ub->skb = ulog_alloc_skb(size)))
- goto alloc_failure;
- } else if (ub->qlen >= loginfo->qthreshold ||
- size > skb_tailroom(ub->skb)) {
- /* either the queue len is too high or we don't have
- * enough room in nlskb left. send it to userspace. */
-
- ulog_send(groupnum);
-
- if (!(ub->skb = ulog_alloc_skb(size)))
- goto alloc_failure;
- }
-
- DEBUGP("ipt_ULOG: qlen %d, qthreshold %d\n", ub->qlen,
- loginfo->qthreshold);
-
- /* NLMSG_PUT contains a hidden goto nlmsg_failure !!! */
- nlh = NLMSG_PUT(ub->skb, 0, ub->qlen, ULOG_NL_EVENT,
- size - sizeof(*nlh));
- ub->qlen++;
-
- pm = NLMSG_DATA(nlh);
-
- /* copy hook, prefix, timestamp, payload, etc. */
- pm->data_len = copy_len;
- pm->timestamp_sec = (*pskb)->stamp.tv_sec;
- pm->timestamp_usec = (*pskb)->stamp.tv_usec;
- pm->mark = (*pskb)->nfmark;
- pm->hook = hooknum;
- if (loginfo->prefix[0] != '\0')
- strncpy(pm->prefix, loginfo->prefix, sizeof(pm->prefix));
- else
- *(pm->prefix) = '\0';
-
- if (in && in->hard_header_len > 0
- && (*pskb)->mac.raw != (void *) (*pskb)->nh.iph
- && in->hard_header_len <= ULOG_MAC_LEN) {
- memcpy(pm->mac, (*pskb)->mac.raw, in->hard_header_len);
- pm->mac_len = in->hard_header_len;
- } else
- pm->mac_len = 0;
-
- if (in)
- strncpy(pm->indev_name, in->name, sizeof(pm->indev_name));
- else
- pm->indev_name[0] = '\0';
-
- if (out)
- strncpy(pm->outdev_name, out->name, sizeof(pm->outdev_name));
- else
- pm->outdev_name[0] = '\0';
-
- if (copy_len)
- memcpy(pm->payload, (*pskb)->data, copy_len);
-
- /* check if we are building multi-part messages */
- if (ub->qlen > 1) {
- ub->lastnlh->nlmsg_flags |= NLM_F_MULTI;
- }
-
- /* if threshold is reached, send message to userspace */
- if (qlen >= loginfo->qthreshold) {
- if (loginfo->qthreshold > 1)
- nlh->nlmsg_type = NLMSG_DONE;
- }
-
- ub->lastnlh = nlh;
-
- /* if timer isn't already running, start it */
- if (!timer_pending(&ub->timer)) {
- ub->timer.expires = jiffies + flushtimeout;
- add_timer(&ub->timer);
- }
-
- UNLOCK_BH(&ulog_lock);
-
- return IPT_CONTINUE;
-
-
-nlmsg_failure:
- PRINTR("ipt_ULOG: error during NLMSG_PUT\n");
-
-alloc_failure:
- PRINTR("ipt_ULOG: Error building netlink message\n");
-
- UNLOCK_BH(&ulog_lock);
-
- return IPT_CONTINUE;
-}
-
-static int ipt_ulog_checkentry(const char *tablename,
- const struct ipt_entry *e,
- void *targinfo,
- unsigned int targinfosize,
- unsigned int hookmask)
-{
- struct ipt_ulog_info *loginfo = (struct ipt_ulog_info *) targinfo;
-
- if (targinfosize != IPT_ALIGN(sizeof(struct ipt_ulog_info))) {
- DEBUGP("ipt_ULOG: targinfosize %u != 0\n", targinfosize);
- return 0;
- }
-
- if (loginfo->prefix[sizeof(loginfo->prefix) - 1] != '\0') {
- DEBUGP("ipt_ULOG: prefix term %i\n",
- loginfo->prefix[sizeof(loginfo->prefix) - 1]);
- return 0;
- }
-
- if (loginfo->qthreshold > ULOG_MAX_QLEN) {
- DEBUGP("ipt_ULOG: queue threshold %i > MAX_QLEN\n",
- loginfo->qthreshold);
- return 0;
- }
-
- return 1;
-}
-
-static struct ipt_target ipt_ulog_reg =
- { {NULL, NULL}, "ULOG", ipt_ulog_target, ipt_ulog_checkentry, NULL,
-THIS_MODULE
-};
-
-static int __init init(void)
-{
- int i;
-
- DEBUGP("ipt_ULOG: init module\n");
-
- if (nlbufsiz >= 128*1024) {
- printk("Netlink buffer has to be <= 128kB\n");
- return -EINVAL;
- }
-
- /* initialize ulog_buffers */
- for (i = 0; i < ULOG_MAXNLGROUPS; i++) {
- memset(&ulog_buffers[i], 0, sizeof(ulog_buff_t));
- init_timer(&ulog_buffers[i].timer);
- ulog_buffers[i].timer.function = ulog_timer;
- ulog_buffers[i].timer.data = i;
- }
-
- nflognl = netlink_kernel_create(NETLINK_NFLOG, NULL);
- if (!nflognl)
- return -ENOMEM;
-
- if (ipt_register_target(&ipt_ulog_reg) != 0) {
- sock_release(nflognl->socket);
- return -EINVAL;
- }
-
- return 0;
-}
-
-static void __exit fini(void)
-{
- ulog_buff_t *ub;
- int i;
-
- DEBUGP("ipt_ULOG: cleanup_module\n");
-
- ipt_unregister_target(&ipt_ulog_reg);
- sock_release(nflognl->socket);
-
- /* remove pending timers and free allocated skb's */
- for (i = 0; i < ULOG_MAXNLGROUPS; i++) {
- ub = &ulog_buffers[i];
- if (timer_pending(&ub->timer)) {
- DEBUGP("timer was pending, deleting\n");
- del_timer(&ub->timer);
- }
-
- if (ub->skb) {
- kfree_skb(ub->skb);
- ub->skb = NULL;
- }
- }
-
-}
-
-module_init(init);
-module_exit(fini);
diff --git a/kernel/ipt_ULOG.h b/kernel/ipt_ULOG.h
deleted file mode 100644
index a4d8b01..0000000
--- a/kernel/ipt_ULOG.h
+++ /dev/null
@@ -1,46 +0,0 @@
-/* Header file for IP tables userspace logging, Version $Revision: 1.8 $
- *
- * (C) 2000-2002 by Harald Welte
- *
- * Distributed under the terms of GNU GPL */
-
-#ifndef _IPT_ULOG_H
-#define _IPT_ULOG_H
-
-#ifndef NETLINK_NFLOG
-#define NETLINK_NFLOG 5
-#endif
-
-#define ULOG_MAC_LEN 80
-#define ULOG_PREFIX_LEN 32
-
-#define ULOG_MAX_QLEN 50
-/* Why 50? Well... there is a limit imposed by the slab cache 131000
- * bytes. So the multipart netlink-message has to be < 131000 bytes.
- * Assuming a standard ethernet-mtu of 1500, we could define this up
- * to 80... but even 50 seems to be big enough. */
-
-/* private data structure for each rule with a ULOG target */
-struct ipt_ulog_info {
- unsigned int nl_group;
- size_t copy_range;
- size_t qthreshold;
- char prefix[ULOG_PREFIX_LEN];
-};
-
-/* Format of the ULOG packets passed through netlink */
-typedef struct ulog_packet_msg {
- unsigned long mark;
- long timestamp_sec;
- long timestamp_usec;
- unsigned int hook;
- char indev_name[IFNAMSIZ];
- char outdev_name[IFNAMSIZ];
- size_t data_len;
- char prefix[ULOG_PREFIX_LEN];
- unsigned char mac_len;
- unsigned char mac[ULOG_MAC_LEN];
- unsigned char payload[0];
-} ulog_packet_msg_t;
-
-#endif /*_IPT_ULOG_H*/
diff --git a/libipulog/Makefile.in b/libipulog/Makefile.in
new file mode 100644
index 0000000..52a3394
--- /dev/null
+++ b/libipulog/Makefile.in
@@ -0,0 +1,23 @@
+#
+
+include @top_srcdir@/Rules.make
+CFLAGS+=-Iinclude -I/usr/src/linux/include
+
+libipulog.a: libipulog.o
+ $(LD) -i $< -o $@
+
+distrib:
+
+ulog_test: ulog_test.c libipulog.a
+ $(CC) $(CFLAGS) ulog_test.c libipulog.a -o ulog_test
+
+libipulog.o: libipulog.c
+ $(CC) $(CFLAGS) -c $< -o $@
+
+clean:
+ $(RM) ulog_test libipulog.o libipulog.a
+
+distclean: clean
+ $(RM) Makefile
+
+install: libipulog.a
diff --git a/libipulog/include/libipulog/libipulog.h b/libipulog/include/libipulog/libipulog.h
new file mode 100644
index 0000000..b3805d7
--- /dev/null
+++ b/libipulog/include/libipulog/libipulog.h
@@ -0,0 +1,58 @@
+#ifndef _LIBIPULOG_H
+#define _LIBIPULOG_H
+
+/* $Id$ */
+
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include "linux/netfilter_ipv4/ipt_ULOG.h"
+
+/* FIXME: glibc sucks */
+#ifndef MSG_TRUNC
+#define MSG_TRUNC 0x20
+#endif
+
+struct ipulog_handle;
+extern int ipulog_errno;
+
+u_int32_t ipulog_group2gmask(u_int32_t group);
+
+struct ipulog_handle *ipulog_create_handle(u_int32_t gmask, u_int32_t rmem);
+
+void ipulog_destroy_handle(struct ipulog_handle *h);
+
+ssize_t ipulog_read(struct ipulog_handle *h,
+ unsigned char *buf, size_t len, int timeout);
+
+ulog_packet_msg_t *ipulog_get_packet(struct ipulog_handle *h,
+ const unsigned char *buf,
+ size_t len);
+
+char *ipulog_strerror(int errcode);
+
+void ipulog_perror(const char *s);
+
+enum
+{
+ IPULOG_ERR_NONE = 0,
+ IPULOG_ERR_IMPL,
+ IPULOG_ERR_HANDLE,
+ IPULOG_ERR_SOCKET,
+ IPULOG_ERR_BIND,
+ IPULOG_ERR_RECVBUF,
+ IPULOG_ERR_RECV,
+ IPULOG_ERR_NLEOF,
+ IPULOG_ERR_TRUNC,
+ IPULOG_ERR_INVGR,
+ IPULOG_ERR_INVNL,
+};
+#define IPULOG_MAXERR IPULOG_ERR_INVNL
+
+#endif /* _LIBULOG_H */
diff --git a/libipulog/include/linux/netfilter_ipv4/ipt_ULOG.h b/libipulog/include/linux/netfilter_ipv4/ipt_ULOG.h
new file mode 100644
index 0000000..de062cd
--- /dev/null
+++ b/libipulog/include/linux/netfilter_ipv4/ipt_ULOG.h
@@ -0,0 +1,62 @@
+/* Header file for IP tables userspace logging, Version 1.8
+ *
+ * (C) 2000-2002 by Harald Welte
+ *
+ * Distributed under the terms of GNU GPL */
+#ifndef _IPT_ULOG_H
+#define _IPT_ULOG_H
+
+#ifndef NETLINK_NFLOG
+#define NETLINK_NFLOG 5
+#endif
+
+#define ULOG_DEFAULT_NLGROUP 1
+#define ULOG_DEFAULT_QTHRESHOLD 1
+
+#define ULOG_MAC_LEN 80
+#define ULOG_PREFIX_LEN 32
+
+#define ULOG_MAX_QLEN 50
+/* Why 50? Well... there is a limit imposed by the slab cache 131000
+ * bytes. So the multipart netlink-message has to be < 131000 bytes.
+ * Assuming a standard ethernet-mtu of 1500, we could define this up
+ * to 80... but even 50 seems to be big enough. */
+
+/* private data structure for each rule with a ULOG target */
+struct ipt_ulog_info {
+ unsigned int nl_group;
+#ifdef KERNEL_64_USERSPACE_32
+ unsigned long long copy_range;
+ unsigned long long qthreshold;
+#else
+ size_t copy_range;
+ size_t qthreshold;
+#endif
+ char prefix[ULOG_PREFIX_LEN];
+};
+
+/* Format of the ULOG packets passed through netlink */
+typedef struct ulog_packet_msg {
+ unsigned long mark;
+#ifdef KERNEL_64_USERSPACE_32
+ long long timestamp_sec;
+ long long timestamp_usec;
+#else
+ long timestamp_sec;
+ long timestamp_usec;
+#endif
+ unsigned int hook;
+ char indev_name[IFNAMSIZ];
+ char outdev_name[IFNAMSIZ];
+#ifdef KERNEL_64_USERSPACE_32
+ unsigned long long data_len;
+#else
+ size_t data_len;
+#endif
+ char prefix[ULOG_PREFIX_LEN];
+ unsigned char mac_len;
+ unsigned char mac[ULOG_MAC_LEN];
+ unsigned char payload[0];
+} ulog_packet_msg_t;
+
+#endif /*_IPT_ULOG_H*/
diff --git a/libipulog/libipulog.c b/libipulog/libipulog.c
new file mode 100644
index 0000000..415b712
--- /dev/null
+++ b/libipulog/libipulog.c
@@ -0,0 +1,256 @@
+/*
+ * libipulog.c, $Revision$
+ *
+ * netfilter ULOG userspace library.
+ *
+ * (C) 2000-2001 by Harald Welte
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2
+ * as published by the Free Software Foundation
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ *
+ * This library is still under development, so be aware of sudden interface
+ * changes
+ *
+ * $Id$
+ */
+
+#include
+#include
+#include
+#include
+#include
+#include
+
+struct ipulog_handle
+{
+ int fd;
+ u_int8_t blocking;
+ struct sockaddr_nl local;
+ struct sockaddr_nl peer;
+ struct nlmsghdr* last_nlhdr;
+};
+
+/* internal */
+
+
+int ipulog_errno = IPULOG_ERR_NONE;
+
+struct ipulog_errmap_t
+{
+ int errcode;
+ char *message;
+} ipulog_errmap[] =
+{
+ { IPULOG_ERR_NONE, "No error" },
+ { IPULOG_ERR_IMPL, "Not implemented yet" },
+ { IPULOG_ERR_HANDLE, "Unable to create netlink handle" },
+ { IPULOG_ERR_SOCKET, "Unable to create netlink socket" },
+ { IPULOG_ERR_BIND, "Unable to bind netlink socket" },
+ { IPULOG_ERR_RECVBUF, "Receive buffer size invalid" },
+ { IPULOG_ERR_RECV, "Error during netlink receive" },
+ { IPULOG_ERR_NLEOF, "Received EOF on netlink socket" },
+ { IPULOG_ERR_TRUNC, "Receive message truncated" },
+ { IPULOG_ERR_INVGR, "Invalid group specified" },
+ { IPULOG_ERR_INVNL, "Invalid netlink message" },
+};
+
+static ssize_t
+ipulog_netlink_recvfrom(const struct ipulog_handle *h,
+ unsigned char *buf, size_t len)
+{
+ socklen_t addrlen;
+ int status;
+ struct nlmsghdr *nlh;
+
+ if (len < sizeof(struct nlmsgerr)) {
+ ipulog_errno = IPULOG_ERR_RECVBUF;
+ return -1;
+ }
+ addrlen = sizeof(h->peer);
+ status = recvfrom(h->fd, buf, len, 0, (struct sockaddr *)&h->peer,
+ &addrlen);
+ if (status < 0) {
+ ipulog_errno = IPULOG_ERR_RECV;
+ return status;
+ }
+ if (addrlen != sizeof (h->peer)) {
+ ipulog_errno = IPULOG_ERR_RECV;
+ return -1;
+ }
+ if (h->peer.nl_pid != 0) {
+ ipulog_errno = IPULOG_ERR_RECV;
+ return -1;
+ }
+ if (status == 0) {
+ ipulog_errno = IPULOG_ERR_NLEOF;
+ return -1;
+ }
+ nlh = (struct nlmsghdr *)buf;
+ if (nlh->nlmsg_flags & MSG_TRUNC || status > len) {
+ ipulog_errno = IPULOG_ERR_TRUNC;
+ return -1;
+ }
+ return status;
+}
+
+/* public */
+
+char *ipulog_strerror(int errcode)
+{
+ if (errcode < 0 || errcode > IPULOG_MAXERR)
+ errcode = IPULOG_ERR_IMPL;
+ return ipulog_errmap[errcode].message;
+}
+
+/* convert a netlink group (1-32) to a group_mask suitable for create_handle */
+u_int32_t ipulog_group2gmask(u_int32_t group)
+{
+ if (group < 1 || group > 32)
+ {
+ ipulog_errno = IPULOG_ERR_INVGR;
+ return 0;
+ }
+ return (1 << (group - 1));
+}
+
+/* create a ipulog handle for the reception of packets sent to gmask */
+struct ipulog_handle *ipulog_create_handle(u_int32_t gmask,
+ u_int32_t rcvbufsize)
+{
+ struct ipulog_handle *h;
+ int status;
+
+ h = (struct ipulog_handle *) malloc(sizeof(struct ipulog_handle));
+ if (h == NULL)
+ {
+ ipulog_errno = IPULOG_ERR_HANDLE;
+ return NULL;
+ }
+ memset(h, 0, sizeof(struct ipulog_handle));
+ h->fd = socket(PF_NETLINK, SOCK_RAW, NETLINK_NFLOG);
+ if (h->fd == -1)
+ {
+ ipulog_errno = IPULOG_ERR_SOCKET;
+ close(h->fd);
+ free(h);
+ return NULL;
+ }
+ memset(&h->local, 0, sizeof(struct sockaddr_nl));
+ h->local.nl_family = AF_NETLINK;
+ h->local.nl_pid = getpid();
+ h->local.nl_groups = gmask;
+ status = bind(h->fd, (struct sockaddr *)&h->local, sizeof(h->local));
+ if (status == -1)
+ {
+ ipulog_errno = IPULOG_ERR_BIND;
+ close(h->fd);
+ free(h);
+ return NULL;
+ }
+ memset(&h->peer, 0, sizeof(struct sockaddr_nl));
+ h->peer.nl_family = AF_NETLINK;
+ h->peer.nl_pid = 0;
+ h->peer.nl_groups = gmask;
+
+ status = setsockopt(h->fd, SOL_SOCKET, SO_RCVBUF, &rcvbufsize,
+ sizeof(rcvbufsize));
+ if (status == -1)
+ {
+ ipulog_errno = IPULOG_ERR_RECVBUF;
+ close(h->fd);
+ free(h);
+ return NULL;
+ }
+
+ return h;
+}
+
+/* destroy a ipulog handle */
+void ipulog_destroy_handle(struct ipulog_handle *h)
+{
+ close(h->fd);
+ free(h);
+}
+
+#if 0
+int ipulog_set_mode()
+{
+}
+#endif
+
+/* do a BLOCKING read on an ipulog handle */
+ssize_t ipulog_read(struct ipulog_handle *h, unsigned char *buf,
+ size_t len, int timeout)
+{
+ return ipulog_netlink_recvfrom(h, buf, len);
+}
+
+/* get a pointer to the actual start of the ipulog packet,
+ use this to strip netlink header */
+ulog_packet_msg_t *ipulog_get_packet(struct ipulog_handle *h,
+ const unsigned char *buf,
+ size_t len)
+{
+ struct nlmsghdr *nlh;
+ size_t remain_len;
+
+ /* if last header in handle not inside this buffer,
+ * drop reference to last header */
+ if ((unsigned char *)h->last_nlhdr > (buf + len) ||
+ (unsigned char *)h->last_nlhdr < buf) {
+ h->last_nlhdr = NULL;
+ }
+
+ if (!h->last_nlhdr) {
+ /* fist message in buffer */
+ nlh = (struct nlmsghdr *) buf;
+ if (!NLMSG_OK(nlh, len)) {
+ /* ERROR */
+ ipulog_errno = IPULOG_ERR_INVNL;
+ return NULL;
+ }
+ } else {
+ /* we are in n-th part of multilink message */
+ if (h->last_nlhdr->nlmsg_type == NLMSG_DONE ||
+ !(h->last_nlhdr->nlmsg_flags & NLM_F_MULTI)) {
+ /* if last part in multilink message,
+ * or no multipart message at all: return */
+ h->last_nlhdr = NULL;
+ return NULL;
+ }
+
+ /* calculate remaining lenght from lasthdr to end of buffer */
+ remain_len = (len -
+ ((unsigned char *)h->last_nlhdr - buf));
+ nlh = NLMSG_NEXT(h->last_nlhdr, remain_len);
+ }
+
+ h->last_nlhdr = nlh;
+
+ return NLMSG_DATA(nlh);
+}
+
+/* print a human readable description of the last error to stderr */
+void ipulog_perror(const char *s)
+{
+ if (s)
+ fputs(s, stderr);
+ else
+ fputs("ERROR", stderr);
+ if (ipulog_errno)
+ fprintf(stderr, ": %s", ipulog_strerror(ipulog_errno));
+ if (errno)
+ fprintf(stderr, ": %s", strerror(errno));
+ fputc('\n', stderr);
+}
+
diff --git a/libipulog/ulog_test.c b/libipulog/ulog_test.c
new file mode 100644
index 0000000..792a793
--- /dev/null
+++ b/libipulog/ulog_test.c
@@ -0,0 +1,84 @@
+/* ulog_test, $Revision$
+ *
+ * small testing program for libipulog, part of the netfilter ULOG target
+ * for the linux 2.4 netfilter subsystem.
+ *
+ * (C) 2000-2005 by Harald Welte
+ *
+ * this code is released under the terms of GNU GPL
+ *
+ * $Id$
+ */
+
+#include
+#include
+#include
+
+#define MYBUFSIZ 2048
+
+/* prints some logging about a single packet */
+void handle_packet(ulog_packet_msg_t *pkt)
+{
+ unsigned char *p;
+ int i;
+
+ printf("Hook=%u Mark=%lu len=%d ",
+ pkt->hook, pkt->mark, pkt->data_len);
+ if (strlen(pkt->prefix))
+ printf("Prefix=%s ", pkt->prefix);
+
+ if (pkt->mac_len)
+ {
+ printf("mac=");
+ p = pkt->mac;
+ for (i = 0; i < pkt->mac_len; i++, p++)
+ printf("%02x%c", *p, i==pkt->mac_len-1 ? ' ':':');
+ }
+ printf("\n");
+
+}
+
+int main(int argc, char *argv[])
+{
+ struct ipulog_handle *h;
+ unsigned char* buf;
+ int len;
+ ulog_packet_msg_t *upkt;
+ int i;
+
+ if (argc != 4) {
+ fprintf(stderr, "Usage: %s count group timeout\n", argv[0]);
+ exit(1);
+ }
+
+ /* allocate a receive buffer */
+ buf = (unsigned char *) malloc(MYBUFSIZ);
+
+ /* create ipulog handle */
+ h = ipulog_create_handle(ipulog_group2gmask(atoi(argv[2])),150000);
+ if (!h)
+ {
+ /* if some error occurrs, print it to stderr */
+ ipulog_perror(NULL);
+ exit(1);
+ }
+
+ alarm(atoi(argv[3]));
+
+ /* loop receiving packets and handling them over to handle_packet */
+ for (i = 0; i < atoi(argv[1]); i++) {
+ len = ipulog_read(h, buf, MYBUFSIZ, 1);
+ if (len <= 0) {
+ ipulog_perror("ulog_test: short read");
+ exit(1);
+ }
+ printf("%d bytes received\n", len);
+ while (upkt = ipulog_get_packet(h, buf, len)) {
+ handle_packet(upkt);
+ }
+ }
+
+ /* just to give it a cleaner look */
+ ipulog_destroy_handle(h);
+ return 0;
+}
diff --git a/mysql/Makefile.in b/mysql/Makefile.in
new file mode 100644
index 0000000..cbab843
--- /dev/null
+++ b/mysql/Makefile.in
@@ -0,0 +1,30 @@
+#
+
+# Normally You should not need to change anything below
+#
+include @top_srcdir@/Rules.make
+
+CFLAGS+=-I@top_srcdir@ -I@top_srcdir@/libipulog/include -I@top_srcdir@/include
+SH_CFLAGS:=$(CFLAGS) -fPIC
+
+SHARED_LIBS=ulogd_MYSQL.so
+
+all: $(SHARED_LIBS)
+
+distrib:
+
+$(SHARED_LIBS): %.so: %_sh.o
+ $(LD) -shared $(MYSQL_LDFLAGS) -o $@ $< -lc
+
+%_sh.o: %.c
+ $(CC) $(MYSQL_CFLAGS) $(SH_CFLAGS) -o $@ -c $<
+
+clean:
+ $(RM) $(SHARED_LIBS) *.o
+
+distclean:
+ $(RM) Makefile
+
+install: all
+ $(INSTALL) -m 755 -d $(DESTDIR)$(ULOGD_LIB_PATH)
+ $(INSTALL) -m 755 *.so $(DESTDIR)$(ULOGD_LIB_PATH)
diff --git a/mysql/ulogd_MYSQL.c b/mysql/ulogd_MYSQL.c
new file mode 100644
index 0000000..b917ffa
--- /dev/null
+++ b/mysql/ulogd_MYSQL.c
@@ -0,0 +1,525 @@
+/* ulogd_MYSQL.c, Version $Revision$
+ *
+ * ulogd output plugin for logging to a MySQL database
+ *
+ * (C) 2000-2001 by Harald Welte
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2
+ * as published by the Free Software Foundation
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ *
+ * $Id$
+ *
+ * 15 May 2001, Alex Janssen :
+ * Added a compability option for older MySQL-servers, which
+ * don't support mysql_real_escape_string
+ *
+ * 17 May 2001, Alex Janssen :
+ * Added the --with-mysql-log-ip-as-string feature. This will log
+ * IP's as string rather than an unsigned long integer to the database.
+ * See ulogd/doc/mysql.table.ipaddr-as-string as an example.
+ * BE WARNED: This has _WAY_ less performance during table searches.
+ *
+ * 09 Feb 2005, Sven Schuster :
+ * Added the "port" parameter to specify ports different from 3306
+ *
+ * 12 May 2005, Jozsef Kadlecsik
+ * Added reconnecting to lost mysql server.
+ */
+
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+
+#ifdef DEBUG_MYSQL
+#define DEBUGP(x, args...) fprintf(stderr, x, ## args)
+#else
+#define DEBUGP(x, args...)
+#endif
+
+struct _field {
+ char name[ULOGD_MAX_KEYLEN];
+ unsigned int id;
+ unsigned int str;
+ struct _field *next;
+};
+
+/* The plugin handler */
+static ulog_output_t mysql_plugin;
+
+/* the database handle we are using */
+static MYSQL *dbh;
+
+/* a linked list of the fields the table has */
+static struct _field *fields;
+
+/* buffer for our insert statement */
+static char *stmt;
+
+/* size of our insert statement buffer */
+static size_t stmt_siz;
+
+/* pointer to the beginning of the "VALUES" part */
+static char *stmt_val;
+
+/* pointer to current inser position in statement */
+static char *stmt_ins;
+
+#define STMT_ADD(pos, fmt...) \
+ do { \
+ if ((pos) >= stmt && stmt_siz > (pos) - stmt) \
+ snprintf((pos), stmt_siz-((pos)-stmt), ##fmt); \
+ } while(0)
+
+/* Attempt to reconnect if connection is lost */
+time_t reconnect = 0;
+#define TIME_ERR ((time_t)-1) /* Be paranoid */
+
+/* our configuration directives */
+static config_entry_t db_ce = {
+ .key = "db",
+ .type = CONFIG_TYPE_STRING,
+ .options = CONFIG_OPT_MANDATORY,
+};
+
+static config_entry_t host_ce = {
+ .next = &db_ce,
+ .key = "host",
+ .type = CONFIG_TYPE_STRING,
+ .options = CONFIG_OPT_MANDATORY,
+};
+
+static config_entry_t user_ce = {
+ .next = &host_ce,
+ .key = "user",
+ .type = CONFIG_TYPE_STRING,
+ .options = CONFIG_OPT_MANDATORY,
+};
+
+static config_entry_t pass_ce = {
+ .next = &user_ce,
+ .key = "pass",
+ .type = CONFIG_TYPE_STRING,
+ .options = CONFIG_OPT_MANDATORY,
+};
+
+static config_entry_t table_ce = {
+ .next = &pass_ce,
+ .key = "table",
+ .type = CONFIG_TYPE_STRING,
+ .options = CONFIG_OPT_MANDATORY,
+};
+
+static config_entry_t port_ce = {
+ .next = &table_ce,
+ .key = "port",
+ .type = CONFIG_TYPE_INT,
+};
+
+static config_entry_t reconnect_ce = {
+ .next = &port_ce,
+ .key = "reconnect",
+ .type = CONFIG_TYPE_INT,
+};
+
+static config_entry_t connect_timeout_ce = {
+ .next = &reconnect_ce,
+ .key = "connect_timeout",
+ .type = CONFIG_TYPE_INT,
+};
+
+static int _mysql_init_db(ulog_iret_t *result);
+static void _mysql_fini(void);
+
+/* our main output function, called by ulogd */
+static int mysql_output(ulog_iret_t *result)
+{
+ struct _field *f;
+ ulog_iret_t *res;
+#ifdef IP_AS_STRING
+ char *tmpstr; /* need this for --log-ip-as-string */
+ struct in_addr addr;
+#endif
+ size_t esclen;
+
+ if (stmt_val == NULL) {
+ _mysql_fini();
+ return _mysql_init_db(result);
+ }
+
+ stmt_ins = stmt_val;
+
+ for (f = fields; f; f = f->next) {
+ res = keyh_getres(f->id);
+
+ if (!res) {
+ ulogd_log(ULOGD_NOTICE,
+ "no result for %s ?!?\n", f->name);
+ }
+
+ if (!res || !IS_VALID((*res))) {
+ /* no result, we have to fake something */
+ STMT_ADD(stmt_ins,"NULL,");
+ stmt_ins = stmt + strlen(stmt);
+ continue;
+ }
+
+ switch (res->type) {
+ case ULOGD_RET_INT8:
+ STMT_ADD(stmt_ins,"%d,", res->value.i8);
+ break;
+ case ULOGD_RET_INT16:
+ STMT_ADD(stmt_ins,"%d,", res->value.i16);
+ break;
+ case ULOGD_RET_INT32:
+ STMT_ADD(stmt_ins,"%d,", res->value.i32);
+ break;
+ case ULOGD_RET_INT64:
+ STMT_ADD(stmt_ins,"%"PRId64",", res->value.i64);
+ break;
+ case ULOGD_RET_UINT8:
+ STMT_ADD(stmt_ins,"%u,", res->value.ui8);
+ break;
+ case ULOGD_RET_UINT16:
+ STMT_ADD(stmt_ins,"%u,", res->value.ui16);
+ break;
+ case ULOGD_RET_IPADDR:
+#ifdef IP_AS_STRING
+ if (f->str) {
+ addr.s_addr = ntohl(res->value.ui32);
+ tmpstr = inet_ntoa(addr);
+ esclen = (strlen(tmpstr)*2) + 4;
+ if (stmt_siz <= (stmt_ins-stmt)+esclen){
+ STMT_ADD(stmt_ins,"'',");
+ break;
+ }
+
+ *stmt_ins++ = '\'';
+#ifdef OLD_MYSQL
+ mysql_escape_string(stmt_ins,
+ tmpstr,
+ strlen(tmpstr));
+#else
+ mysql_real_escape_string(dbh,
+ stmt_ins,
+ tmpstr,
+ strlen(tmpstr));
+#endif /* OLD_MYSQL */
+ stmt_ins = stmt + strlen(stmt);
+ STMT_ADD(stmt_ins, "',");
+ break;
+ }
+#endif /* IP_AS_STRING */
+ /* EVIL: fallthrough when logging IP as
+ * u_int32_t */
+ case ULOGD_RET_UINT32:
+ STMT_ADD(stmt_ins, "%u,", res->value.ui32);
+ break;
+ case ULOGD_RET_UINT64:
+ STMT_ADD(stmt_ins,"%"PRIu64",",res->value.ui64);
+ break;
+ case ULOGD_RET_BOOL:
+ STMT_ADD(stmt_ins, "'%d',", res->value.b);
+ break;
+ case ULOGD_RET_STRING:
+ esclen = (strlen(res->value.ptr)*2) + 4;
+ if (stmt_siz <= (stmt_ins-stmt) + esclen) {
+ STMT_ADD(stmt_ins, "'',");
+ break;
+ }
+ *stmt_ins++ = '\'';
+#ifdef OLD_MYSQL
+ mysql_escape_string(stmt_ins, res->value.ptr,
+ strlen(res->value.ptr));
+#else
+ mysql_real_escape_string(dbh, stmt_ins,
+ res->value.ptr, strlen(res->value.ptr));
+#endif
+ stmt_ins = stmt + strlen(stmt);
+ STMT_ADD(stmt_ins,"',");
+ break;
+ case ULOGD_RET_RAW:
+ ulogd_log(ULOGD_NOTICE,
+ "%s: type RAW not supported by MySQL\n",
+ res->key);
+ break;
+ default:
+ ulogd_log(ULOGD_NOTICE,
+ "unknown type %d for %s\n",
+ res->type, res->key);
+ break;
+ }
+ stmt_ins = stmt + strlen(stmt);
+ }
+ *(stmt_ins - 1) = ')';
+ *stmt_ins = '\0';
+
+ DEBUGP("stmt=#%s#\n", stmt);
+
+ /* now we have created our statement, insert it */
+
+ if (mysql_real_query(dbh, stmt, strlen(stmt))) {
+ ulogd_log(ULOGD_ERROR, "sql error during insert: %s\n",
+ mysql_error(dbh));
+ _mysql_fini();
+ return _mysql_init_db(result);
+ }
+
+ return 0;
+}
+
+/* no connection, plugin disabled */
+static int mysql_output_disabled(ulog_iret_t *result)
+{
+ return 0;
+}
+
+#define MYSQL_INSERTTEMPL "insert into X (Y) values (Z)"
+#define MYSQL_VALSIZE 100
+
+/* create the static part of our insert statement */
+static int mysql_createstmt(void)
+{
+ struct _field *f;
+ char buf[ULOGD_MAX_KEYLEN];
+ char *underscore;
+
+ if (stmt)
+ free(stmt);
+
+ /* caclulate the size for the insert statement */
+ stmt_siz = strlen(MYSQL_INSERTTEMPL) + strlen(table_ce.u.string) + 1;
+
+ for (f = fields; f; f = f->next) {
+ /* we need space for the key and a comma, as well as
+ * enough space for the values */
+ stmt_siz += strlen(f->name) + 1 + MYSQL_VALSIZE;
+ }
+
+ ulogd_log(ULOGD_DEBUG, "allocating %zu bytes for statement\n",
+ stmt_siz);
+
+ stmt = (char *) malloc(stmt_siz);
+
+ if (!stmt) {
+ stmt_val = NULL;
+ stmt_siz = 0;
+ ulogd_log(ULOGD_ERROR, "OOM!\n");
+ return -1;
+ }
+
+ snprintf(stmt, stmt_siz, "insert into %s (", table_ce.u.string);
+ stmt_val = stmt + strlen(stmt);
+
+ for (f = fields; f; f = f->next) {
+ strncpy(buf, f->name, ULOGD_MAX_KEYLEN-1);
+ buf[ULOGD_MAX_KEYLEN-1] = '\0';
+ while ((underscore = strchr(buf, '.')))
+ *underscore = '_';
+ STMT_ADD(stmt_val,"%s,", buf);
+ stmt_val = stmt + strlen(stmt);
+ }
+ *(stmt_val - 1) = ')';
+
+ STMT_ADD(stmt_val," values (");
+ stmt_val = stmt + strlen(stmt);
+
+ ulogd_log(ULOGD_DEBUG, "stmt='%s'\n", stmt);
+
+ return 0;
+}
+
+/* find out which columns the table has */
+static int mysql_get_columns(const char *table)
+{
+ MYSQL_RES *result;
+ MYSQL_FIELD *field;
+ char buf[ULOGD_MAX_KEYLEN];
+ char *underscore;
+ struct _field *f;
+ int id;
+
+ if (!dbh)
+ return -1;
+
+ result = mysql_list_fields(dbh, table, NULL);
+ if (!result)
+ return -1;
+
+ /* Cleanup before reconnect */
+ while (fields) {
+ f = fields;
+ fields = f->next;
+ free(f);
+ }
+
+ while ((field = mysql_fetch_field(result))) {
+
+ /* replace all underscores with dots */
+ strncpy(buf, field->name, ULOGD_MAX_KEYLEN-1);
+ buf[ULOGD_MAX_KEYLEN-1] = '\0';
+
+ while ((underscore = strchr(buf, '_')))
+ *underscore = '.';
+
+ DEBUGP("field '%s' found: ", buf);
+
+ if (!(id = keyh_getid(buf))) {
+ DEBUGP(" no keyid!\n");
+ continue;
+ }
+
+ DEBUGP("keyid %u\n", id);
+
+ /* prepend it to the linked list */
+ f = (struct _field *) malloc(sizeof *f);
+ if (!f) {
+ ulogd_log(ULOGD_ERROR, "OOM!\n");
+ return -1;
+ }
+ strncpy(f->name, buf, ULOGD_MAX_KEYLEN-1);
+ f->name[ULOGD_MAX_KEYLEN-1] = '\0';
+ f->id = id;
+ f->str = !IS_NUM(field->type);
+ f->next = fields;
+ fields = f;
+ }
+
+ mysql_free_result(result);
+ return 0;
+}
+
+/* make connection and select database */
+static int mysql_open_db(char *server, int port, char *user, char *pass,
+ char *db)
+{
+#ifdef MYSQL_OPT_RECONNECT
+ my_bool trueval = 1;
+#endif
+ dbh = mysql_init(NULL);
+ if (!dbh)
+ return -1;
+
+ if (connect_timeout_ce.u.value)
+ mysql_options(dbh, MYSQL_OPT_CONNECT_TIMEOUT,
+ (const char *) &connect_timeout_ce.u.value);
+
+#ifdef MYSQL_OPT_RECONNECT
+# if defined(MYSQL_VERSION_ID) && (MYSQL_VERSION_ID >= 50019)
+ mysql_options(dbh, MYSQL_OPT_RECONNECT, &trueval);
+# endif
+#endif
+
+
+ if (!mysql_real_connect(dbh, server, user, pass, db, port, NULL, 0))
+ {
+ _mysql_fini();
+ return -1;
+ }
+
+#ifdef MYSQL_OPT_RECONNECT
+# if defined(MYSQL_VERSION_ID) && (MYSQL_VERSION_ID < 50019)
+ mysql_options(dbh, MYSQL_OPT_RECONNECT, &trueval);
+# endif
+#endif
+
+ return 0;
+}
+
+static int init_reconnect(void)
+{
+ if (reconnect_ce.u.value) {
+ reconnect = time(NULL);
+ if (reconnect != TIME_ERR) {
+ ulogd_log(ULOGD_ERROR, "no connection to database, "
+ "attempting to reconnect "
+ "after %u seconds\n",
+ reconnect_ce.u.value);
+ reconnect += reconnect_ce.u.value;
+ mysql_plugin.output = &_mysql_init_db;
+ return -1;
+ }
+ }
+ /* Disable plugin permanently */
+ mysql_plugin.output = &mysql_output_disabled;
+
+ return 0;
+}
+
+static int _mysql_init_db(ulog_iret_t *result)
+{
+ if (reconnect && reconnect > time(NULL))
+ return 0;
+
+ if (mysql_open_db(host_ce.u.string, port_ce.u.value, user_ce.u.string,
+ pass_ce.u.string, db_ce.u.string)) {
+ ulogd_log(ULOGD_ERROR, "can't establish database connection\n");
+ return init_reconnect();
+ }
+
+ /* read the fieldnames to know which values to insert */
+ if (mysql_get_columns(table_ce.u.string)) {
+ ulogd_log(ULOGD_ERROR, "unable to get mysql columns\n");
+ _mysql_fini();
+ return init_reconnect();
+ }
+
+ if (mysql_createstmt())
+ {
+ ulogd_log(ULOGD_ERROR, "unable to create mysql statement\n");
+ _mysql_fini();
+ return init_reconnect();
+ }
+
+ /* enable plugin */
+ mysql_plugin.output = &mysql_output;
+
+ reconnect = 0;
+
+ if (result)
+ return mysql_output(result);
+
+ return 0;
+}
+
+static int _mysql_init(void)
+{
+ /* have the opts parsed */
+ config_parse_file("MYSQL", &connect_timeout_ce);
+
+ return _mysql_init_db(NULL);
+}
+
+static void _mysql_fini(void)
+{
+ if (dbh) {
+ mysql_close(dbh);
+ dbh = NULL;
+ }
+}
+
+static ulog_output_t mysql_plugin = {
+ .name = "mysql",
+ .output = &mysql_output,
+ .init = &_mysql_init,
+ .fini = &_mysql_fini,
+};
+
+void _init(void)
+{
+ register_output(&mysql_plugin);
+}
diff --git a/pcap/Makefile.in b/pcap/Makefile.in
new file mode 100644
index 0000000..d469c2b
--- /dev/null
+++ b/pcap/Makefile.in
@@ -0,0 +1,30 @@
+#
+include @top_srcdir@/Rules.make
+
+CFLAGS+=-I@top_srcdir@ -I@top_srcdir@/libipulog/include -I@top_srcdir@/include
+SH_CFLAGS:=$(CFLAGS) -fPIC
+
+# Normally You should not need to change anything below
+#
+
+SHARED_LIBS=ulogd_PCAP.so
+
+all: $(SHARED_LIBS)
+
+distrib:
+
+$(SHARED_LIBS): %.so: %_sh.o
+ $(LD) -shared -o $@ $< -lc -lpcap
+
+%_sh.o: %.c
+ $(CC) $(SH_CFLAGS) -o $@ -c $<
+
+clean:
+ $(RM) $(SHARED_LIBS) *.o
+
+distclean:
+ $(RM) Makefile
+
+install: all
+ $(INSTALL) -m 755 -d $(DESTDIR)$(ULOGD_LIB_PATH)
+ $(INSTALL) -m 755 *.so $(DESTDIR)$(ULOGD_LIB_PATH)
diff --git a/pcap/ulogd_PCAP.c b/pcap/ulogd_PCAP.c
new file mode 100644
index 0000000..686fe47
--- /dev/null
+++ b/pcap/ulogd_PCAP.c
@@ -0,0 +1,286 @@
+/* ulogd_PCAP.c, Version $Revision$
+ *
+ * ulogd output target for writing pcap-style files (like tcpdump)
+ *
+ * FIXME: descr.
+ *
+ *
+ * (C) 2002 by Harald Welte
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2
+ * as published by the Free Software Foundation
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ *
+ * $Id$
+ *
+ */
+
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+
+/*
+ * This is a timeval as stored in disk in a dumpfile.
+ * It has to use the same types everywhere, independent of the actual
+ * `struct timeval'
+ */
+
+struct pcap_timeval {
+ int32_t tv_sec; /* seconds */
+ int32_t tv_usec; /* microseconds */
+};
+
+/*
+ * How a `pcap_pkthdr' is actually stored in the dumpfile.
+ *
+ * Do not change the format of this structure, in any way (this includes
+ * changes that only affect the length of fields in this structure),
+ * and do not make the time stamp anything other than seconds and
+ * microseconds (e.g., seconds and nanoseconds). Instead:
+ *
+ * introduce a new structure for the new format;
+ *
+ * send mail to "tcpdump-workers@tcpdump.org", requesting a new
+ * magic number for your new capture file format, and, when
+ * you get the new magic number, put it in "savefile.c";
+ *
+ * use that magic number for save files with the changed record
+ * header;
+ *
+ * make the code in "savefile.c" capable of reading files with
+ * the old record header as well as files with the new record header
+ * (using the magic number to determine the header format).
+ *
+ * Then supply the changes to "patches@tcpdump.org", so that future
+ * versions of libpcap and programs that use it (such as tcpdump) will
+ * be able to read your new capture file format.
+ */
+
+struct pcap_sf_pkthdr {
+ struct pcap_timeval ts; /* time stamp */
+ uint32_t caplen; /* length of portion present */
+ uint32_t len; /* length this packet (off wire) */
+};
+
+#ifndef ULOGD_PCAP_DEFAULT
+#define ULOGD_PCAP_DEFAULT "/var/log/ulogd.pcap"
+#endif
+
+#ifndef ULOGD_PCAP_SYNC_DEFAULT
+#define ULOGD_PCAP_SYNC_DEFAULT 0
+#endif
+
+#define NIPQUAD(addr) \
+ ((unsigned char *)&addr)[0], \
+ ((unsigned char *)&addr)[1], \
+ ((unsigned char *)&addr)[2], \
+ ((unsigned char *)&addr)[3]
+
+static config_entry_t pcapf_ce = {
+ .key = "file",
+ .type = CONFIG_TYPE_STRING,
+ .options = CONFIG_OPT_NONE,
+ .u = { .string = ULOGD_PCAP_DEFAULT }
+};
+
+static config_entry_t pcapsync_ce = {
+ .next = &pcapf_ce,
+ .key = "sync",
+ .type = CONFIG_TYPE_INT,
+ .options = CONFIG_OPT_NONE,
+ .u = { .value = ULOGD_PCAP_SYNC_DEFAULT }
+};
+
+static FILE *of = NULL;
+
+struct intr_id {
+ char* name;
+ unsigned int id;
+};
+
+#define INTR_IDS 5
+static struct intr_id intr_ids[INTR_IDS] = {
+ { "raw.pkt", 0 },
+ { "raw.pktlen", 0 },
+ { "ip.totlen", 0 },
+ { "oob.time.sec", 0 },
+ { "oob.time.usec", 0 },
+};
+
+#define GET_VALUE(x) ulogd_keyh[intr_ids[x].id].interp->result[ulogd_keyh[intr_ids[x].id].offset].value
+#define GET_FLAGS(x) ulogd_keyh[intr_ids[x].id].interp->result[ulogd_keyh[intr_ids[x].id].offset].flags
+
+static int pcap_output(ulog_iret_t *res)
+{
+ struct pcap_sf_pkthdr pchdr;
+
+ pchdr.caplen = GET_VALUE(1).ui32;
+ pchdr.len = GET_VALUE(2).ui32;
+
+ if (GET_FLAGS(3) & ULOGD_RETF_VALID
+ && GET_FLAGS(4) & ULOGD_RETF_VALID) {
+ pchdr.ts.tv_sec = GET_VALUE(3).ui32;
+ pchdr.ts.tv_usec = GET_VALUE(4).ui32;
+ } else {
+ /* use current system time */
+ struct timeval tv;
+ gettimeofday(&tv, NULL);
+
+ pchdr.ts.tv_sec = tv.tv_sec;
+ pchdr.ts.tv_usec = tv.tv_usec;
+ }
+
+ if (fwrite(&pchdr, sizeof(pchdr), 1, of) != 1) {
+ ulogd_log(ULOGD_ERROR, "Error during write: %s\n",
+ strerror(errno));
+ return 1;
+ }
+ if (fwrite(GET_VALUE(0).ptr, pchdr.caplen, 1, of) != 1) {
+ ulogd_log(ULOGD_ERROR, "Error during write: %s\n",
+ strerror(errno));
+ return 1;
+ }
+
+ if (pcapsync_ce.u.value)
+ fflush(of);
+
+ return 0;
+}
+
+/* stolen from libpcap savefile.c */
+#define LINKTYPE_RAW 101
+#define TCPDUMP_MAGIC 0xa1b2c3d4
+
+static int write_pcap_header(void)
+{
+ struct pcap_file_header pcfh;
+ int ret;
+
+ pcfh.magic = TCPDUMP_MAGIC;
+ pcfh.version_major = PCAP_VERSION_MAJOR;
+ pcfh.version_minor = PCAP_VERSION_MINOR;
+ pcfh.thiszone = timezone;
+ pcfh.sigfigs = 0;
+ pcfh.snaplen = 65535; /* we don't know the length in advance */
+ pcfh.linktype = LINKTYPE_RAW;
+
+ ret = fwrite(&pcfh, sizeof(pcfh), 1, of);
+ fflush(of);
+
+ return ret;
+}
+
+/* get all key id's for the keys we are intrested in */
+static int get_ids(void)
+{
+ int i;
+ struct intr_id *cur_id;
+
+ for (i = 0; i < INTR_IDS; i++) {
+ cur_id = &intr_ids[i];
+ cur_id->id = keyh_getid(cur_id->name);
+ if (!cur_id->id) {
+ ulogd_log(ULOGD_ERROR,
+ "Cannot resolve keyhash id for %s\n",
+ cur_id->name);
+ return 1;
+ }
+ }
+ return 0;
+}
+
+void append_create_outfile(void) {
+ struct stat st_dummy;
+ int exist = 0;
+
+ if (stat(pcapf_ce.u.string, &st_dummy) == 0 && st_dummy.st_size > 0) {
+ exist = 1;
+ }
+
+ if (!exist) {
+ of = fopen(pcapf_ce.u.string, "w");
+ if (!of) {
+ ulogd_log(ULOGD_FATAL, "can't open pcap file %s: %s\n",
+ pcapf_ce.u.string, strerror(errno));
+ exit(2);
+ }
+ if (!write_pcap_header()) {
+ ulogd_log(ULOGD_FATAL, "can't write pcap header: %s\n",
+ strerror(errno));
+ exit(2);
+ }
+ } else {
+ of = fopen(pcapf_ce.u.string, "a");
+ if (!of) {
+ ulogd_log(ULOGD_FATAL, "can't open pcap file: %s\n",
+ strerror(errno));
+ exit(2);
+ }
+ }
+}
+
+static void pcap_signal_handler(int signal)
+{
+ switch (signal) {
+ case SIGHUP:
+ ulogd_log(ULOGD_NOTICE, "pcap: reopening capture file\n");
+ fclose(of);
+ append_create_outfile();
+ break;
+ default:
+ break;
+ }
+}
+
+static int pcap_init(void)
+{
+ /* FIXME: error handling */
+ config_parse_file("PCAP", &pcapsync_ce);
+
+#ifdef DEBUG_PCAP
+ of = stdout;
+#else
+ append_create_outfile();
+#endif
+ return 0;
+}
+
+static void pcap_fini(void)
+{
+ if (of)
+ fclose(of);
+}
+
+static ulog_output_t pcap_op = {
+ .name = "pcap",
+ .init = &pcap_init,
+ .fini = &pcap_fini,
+ .output = &pcap_output,
+ .signal = &pcap_signal_handler,
+};
+
+void _init(void)
+{
+ if (get_ids()) {
+ ulogd_log(ULOGD_ERROR, "can't resolve all keyhash id's\n");
+ }
+
+ register_output(&pcap_op);
+}
diff --git a/pgsql/Makefile.in b/pgsql/Makefile.in
new file mode 100644
index 0000000..a242e0d
--- /dev/null
+++ b/pgsql/Makefile.in
@@ -0,0 +1,30 @@
+#
+
+# Normally You should not need to change anything below
+#
+include @top_srcdir@/Rules.make
+
+CFLAGS+=-I@top_srcdir@ -I@top_srcdir@/libipulog/include -I@top_srcdir@/include
+SH_CFLAGS:=$(CFLAGS) -fPIC
+
+SHARED_LIBS=ulogd_PGSQL.so
+
+all: $(SHARED_LIBS)
+
+distrib:
+
+$(SHARED_LIBS): %.so: %_sh.o
+ $(LD) -shared $(PGSQL_LDFLAGS) -o $@ $< -lc
+
+%_sh.o: %.c
+ $(CC) $(PGSQL_CFLAGS) $(SH_CFLAGS) -o $@ -c $<
+
+clean:
+ $(RM) $(SHARED_LIBS) *.o
+
+distclean:
+ $(RM) Makefile
+
+install: all
+ $(INSTALL) -m 755 -d $(DESTDIR)$(ULOGD_LIB_PATH)
+ $(INSTALL) -m 755 *.so $(DESTDIR)$(ULOGD_LIB_PATH)
diff --git a/pgsql/ulogd_PGSQL.c b/pgsql/ulogd_PGSQL.c
new file mode 100644
index 0000000..695482a
--- /dev/null
+++ b/pgsql/ulogd_PGSQL.c
@@ -0,0 +1,543 @@
+/* ulogd_PGSQL.c, Version $Revision$
+ *
+ * ulogd output plugin for logging to a PGSQL database
+ *
+ * (C) 2000-2005 by Harald Welte
+ * This software is distributed under the terms of GNU GPL
+ *
+ * This plugin is based on the MySQL plugin made by Harald Welte.
+ * The support PostgreSQL were made by Jakab Laszlo.
+ *
+ */
+
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+
+#ifdef DEBUG_PGSQL
+#define DEBUGP(x, args...) fprintf(stderr, x, ## args)
+#else
+#define DEBUGP(x, args...)
+#endif
+
+struct _field {
+ char name[ULOGD_MAX_KEYLEN];
+ unsigned int id;
+ unsigned int str;
+ struct _field *next;
+};
+
+/* the database handle we are using */
+static PGconn *dbh;
+
+/* a linked list of the fields the table has */
+static struct _field *fields;
+
+/* buffer for our insert statement */
+static char *stmt;
+
+/* size of our insert statement buffer */
+static size_t stmt_siz;
+
+/* pointer to the beginning of the "VALUES" part */
+static char *stmt_val;
+
+/* pointer to current inser position in statement */
+static char *stmt_ins;
+
+/* our configuration directives */
+static config_entry_t db_ce = {
+ .key = "db",
+ .type = CONFIG_TYPE_STRING,
+ .options = CONFIG_OPT_MANDATORY,
+};
+
+static config_entry_t host_ce = {
+ .next = &db_ce,
+ .key = "host",
+ .type = CONFIG_TYPE_STRING,
+ .options = CONFIG_OPT_NONE,
+};
+
+static config_entry_t user_ce = {
+ .next = &host_ce,
+ .key = "user",
+ .type = CONFIG_TYPE_STRING,
+ .options = CONFIG_OPT_MANDATORY,
+};
+
+static config_entry_t pass_ce = {
+ .next = &user_ce,
+ .key = "pass",
+ .type = CONFIG_TYPE_STRING,
+ .options = CONFIG_OPT_NONE,
+};
+
+static config_entry_t table_ce = {
+ .next = &pass_ce,
+ .key = "table",
+ .type = CONFIG_TYPE_STRING,
+ .options = CONFIG_OPT_MANDATORY,
+};
+
+static config_entry_t schema_ce = {
+ .next = &table_ce,
+ .key = "schema",
+ .type = CONFIG_TYPE_STRING,
+ .options = CONFIG_OPT_NONE,
+ .u = { .string = "public" },
+};
+
+static config_entry_t port_ce = {
+ .next = &schema_ce,
+ .key = "port",
+ .type = CONFIG_TYPE_INT,
+ .options = CONFIG_OPT_NONE,
+};
+
+static unsigned char pgsql_have_schemas;
+
+#define STMT_ADD(pos,fmt...) \
+ do { \
+ if ((pos) >= stmt && stmt_siz > (pos) - stmt) \
+ snprintf((pos), stmt_siz-((pos)-stmt), ##fmt); \
+ } while(0)
+
+/* our main output function, called by ulogd */
+static int pgsql_output(ulog_iret_t *result)
+{
+ struct _field *f;
+ ulog_iret_t *res;
+ PGresult *pgres;
+#ifdef IP_AS_STRING
+ char *tmpstr; /* need this for --log-ip-as-string */
+ struct in_addr addr;
+#endif
+ size_t esclen;
+
+ if( stmt_val == NULL)
+ return 1;
+
+ stmt_ins = stmt_val;
+
+ for (f = fields; f; f = f->next) {
+ res = keyh_getres(f->id);
+
+ if (!res) {
+ ulogd_log(ULOGD_NOTICE,
+ "no result for %s ?!?\n", f->name);
+ }
+
+ if (!res || !IS_VALID((*res))) {
+ /* no result, we have to fake something */
+ STMT_ADD(stmt_ins, "NULL,");
+ stmt_ins = stmt + strlen(stmt);
+ continue;
+ }
+
+ switch (res->type) {
+ case ULOGD_RET_INT8:
+ STMT_ADD(stmt_ins, "%d,", res->value.i8);
+ break;
+ case ULOGD_RET_INT16:
+ STMT_ADD(stmt_ins, "%d,", res->value.i16);
+ break;
+ case ULOGD_RET_INT32:
+ STMT_ADD(stmt_ins, "%d,", res->value.i32);
+ break;
+ case ULOGD_RET_INT64:
+ STMT_ADD(stmt_ins, "%"PRId64",",res->value.i64);
+ break;
+ case ULOGD_RET_UINT8:
+ STMT_ADD(stmt_ins, "%u,", res->value.ui8);
+ break;
+ case ULOGD_RET_UINT16:
+ STMT_ADD(stmt_ins, "%u,", res->value.ui16);
+ break;
+ case ULOGD_RET_IPADDR:
+#ifdef IP_AS_STRING
+ if (f->str) {
+ addr.s_addr = ntohl(res->value.ui32);
+ tmpstr = (char *)inet_ntoa(addr);
+ esclen = (strlen(tmpstr)*2) + 4;
+ if (stmt_siz <= (stmt_ins-stmt)+esclen)
+ {
+ STMT_ADD(stmt_ins,"'',");
+ break;
+ }
+ *stmt_ins++ = '\'';
+ PQescapeString(stmt_ins,tmpstr,
+ strlen(tmpstr));
+ stmt_ins = stmt + strlen(stmt);
+ STMT_ADD(stmt_ins, "',");
+ break;
+ }
+#endif /* IP_AS_STRING */
+ /* EVIL: fallthrough when logging IP as
+ * u_int32_t */
+
+ case ULOGD_RET_UINT32:
+ STMT_ADD(stmt_ins, "%u,", res->value.ui32);
+ break;
+ case ULOGD_RET_UINT64:
+ STMT_ADD(stmt_ins,"%"PRIu64",",res->value.ui64);
+ break;
+ case ULOGD_RET_BOOL:
+ STMT_ADD(stmt_ins, "'%d',", res->value.b);
+ break;
+ case ULOGD_RET_STRING:
+ esclen = (strlen(res->value.ptr)*2) + 4;
+ if (stmt_siz <= (stmt_ins-stmt) + esclen) {
+ STMT_ADD(stmt_ins, "'',");
+ break;
+ }
+ *stmt_ins++ = '\'';
+ PQescapeString(stmt_ins,res->value.ptr,
+ strlen(res->value.ptr));
+ stmt_ins = stmt + strlen(stmt);
+ STMT_ADD(stmt_ins, "',");
+ break;
+ case ULOGD_RET_RAW:
+ ulogd_log(ULOGD_NOTICE,
+ "%s: pgsql doesn't support type RAW\n",
+ res->key);
+ STMT_ADD(stmt_ins, "NULL,");
+ break;
+ default:
+ ulogd_log(ULOGD_NOTICE,
+ "unknown type %d for %s\n",
+ res->type, res->key);
+ break;
+ }
+ stmt_ins = stmt + strlen(stmt);
+ }
+ *(stmt_ins - 1) = ')';
+
+ DEBUGP("stmt=#%s#\n", stmt);
+
+ /* now we have created our statement, insert it */
+ /* Added code by Jaki */
+ pgres = PQexec(dbh, stmt);
+ if(!pgres || PQresultStatus(pgres) != PGRES_COMMAND_OK) {
+ ulogd_log(ULOGD_ERROR, "sql error during insert: %s\n",
+ PQresultErrorMessage(pgres));
+ return 1;
+ }
+
+ PQclear(pgres);
+
+ return 0;
+}
+
+#define PGSQL_HAVE_NAMESPACE_TEMPLATE \
+ "SELECT nspname FROM pg_namespace n WHERE n.nspname='%s'"
+
+/* Determine if server support schemas */
+static int pgsql_namespace(void) {
+ PGresult *result;
+ char pgbuf[strlen(PGSQL_HAVE_NAMESPACE_TEMPLATE)+
+ strlen(schema_ce.u.string)+1];
+
+ if (!dbh)
+ return 1;
+
+ snprintf(pgbuf, sizeof(pgbuf), PGSQL_HAVE_NAMESPACE_TEMPLATE,
+ schema_ce.u.string);
+ ulogd_log(ULOGD_DEBUG, "%s\n", pgbuf);
+
+ result = PQexec(dbh, pgbuf);
+ if (!result) {
+ ulogd_log(ULOGD_DEBUG, "\n result false");
+ return 1;
+ }
+
+ if (PQresultStatus(result) == PGRES_TUPLES_OK) {
+ ulogd_log(ULOGD_DEBUG, "using schema %s\n", schema_ce.u.string);
+ pgsql_have_schemas = 1;
+ } else {
+ pgsql_have_schemas = 0;
+ }
+
+ PQclear(result);
+
+ return 0;
+}
+
+#define PGSQL_INSERTTEMPL "insert into X (Y) values (Z)"
+#define PGSQL_VALSIZE 100
+
+/* create the static part of our insert statement */
+static int pgsql_createstmt(void)
+{
+ struct _field *f;
+ char buf[ULOGD_MAX_KEYLEN];
+ char *underscore;
+
+ if (stmt) {
+ ulogd_log(ULOGD_NOTICE, "createstmt called, but stmt"
+ " already existing\n");
+ return 1;
+ }
+
+ /* caclulate the size for the insert statement */
+ stmt_siz = strlen(PGSQL_INSERTTEMPL) +
+ strlen(table_ce.u.string) +
+ strlen(schema_ce.u.string) + 1;
+
+ for (f = fields; f; f = f->next) {
+ /* we need space for the key and a comma, as well as
+ * enough space for the values */
+ stmt_siz += strlen(f->name) + 1 + PGSQL_VALSIZE;
+ }
+
+ ulogd_log(ULOGD_DEBUG, "allocating %u bytes for statement\n", stmt_siz);
+
+ stmt = (char *) malloc(stmt_siz);
+
+ if (!stmt) {
+ stmt_siz = 0;
+ ulogd_log(ULOGD_ERROR, "OOM!\n");
+ return 1;
+ }
+
+ if (pgsql_have_schemas) {
+ snprintf(stmt, stmt_siz, "insert into %s.%s (",
+ schema_ce.u.string, table_ce.u.string);
+ } else {
+ snprintf(stmt, stmt_siz, "insert into %s (",
+ table_ce.u.string);
+ }
+
+ stmt_val = stmt + strlen(stmt);
+
+ for (f = fields; f; f = f->next) {
+ strncpy(buf, f->name, ULOGD_MAX_KEYLEN-1);
+ buf[ULOGD_MAX_KEYLEN-1] = '\0';
+ while ((underscore = strchr(buf, '.')))
+ *underscore = '_';
+ STMT_ADD(stmt_val, "%s,", buf);
+ stmt_val = stmt + strlen(stmt);
+ }
+ *(stmt_val - 1) = ')';
+
+ STMT_ADD(stmt_val, " values (");
+ stmt_val = stmt + strlen(stmt);
+
+ ulogd_log(ULOGD_DEBUG, "stmt='%s'\n", stmt);
+
+ return 0;
+}
+
+#define PGSQL_GETCOLUMN_TEMPLATE \
+ "SELECT a.attname,t.typname FROM pg_class c, pg_attribute a, "\
+ "pg_type t WHERE c.relname ='%s' AND a.attnum>0 AND a.attrelid="\
+ "c.oid AND a.atttypid=t.oid ORDER BY a.attnum"
+
+#define PGSQL_GETCOLUMN_TEMPLATE_SCHEMA "SELECT a.attname,t.typname FROM "\
+ "pg_attribute a, pg_type t, pg_class c LEFT JOIN pg_namespace n ON "\
+ "c.relnamespace=n.oid WHERE c.relname ='%s' AND n.nspname='%s' AND "\
+ "a.attnum>0 AND a.attrelid=c.oid AND a.atttypid=t.oid AND "\
+ "a.attisdropped=FALSE ORDER BY a.attnum"
+
+/* find out which columns the table has */
+static int pgsql_get_columns(const char *table)
+{
+ PGresult *result;
+ char buf[ULOGD_MAX_KEYLEN];
+ char pgbuf[strlen(PGSQL_GETCOLUMN_TEMPLATE_SCHEMA)+
+ strlen(table)+strlen(schema_ce.u.string)+2];
+ char *underscore;
+ struct _field *f;
+ int id;
+ int intaux;
+ char *typename;
+
+ if (!dbh)
+ return 1;
+
+ if (pgsql_have_schemas) {
+ snprintf(pgbuf, sizeof(pgbuf)-1,
+ PGSQL_GETCOLUMN_TEMPLATE_SCHEMA,
+ table, schema_ce.u.string);
+ } else {
+ snprintf(pgbuf, sizeof(pgbuf)-1,
+ PGSQL_GETCOLUMN_TEMPLATE, table);
+ }
+
+ ulogd_log(ULOGD_DEBUG, "%s\n", pgbuf);
+
+ result = PQexec(dbh, pgbuf);
+ if (!result) {
+ ulogd_log(ULOGD_DEBUG, "\n result false");
+ return 1;
+ }
+
+ if (PQresultStatus(result) != PGRES_TUPLES_OK) {
+ ulogd_log(ULOGD_DEBUG, "\n pres_command_not_ok");
+ return 1;
+ }
+
+ for (intaux=0; intauxname, buf, ULOGD_MAX_KEYLEN-1);
+ f->name[ULOGD_MAX_KEYLEN-1] = '\0';
+ f->id = id;
+ f->str = 0;
+ if( (typename = PQgetvalue(result, intaux, 1)) != NULL)
+ {
+ if(strcmp(typename, "inet") == 0 ||
+ strstr(typename, "char") != NULL)
+ f->str = 1;
+ }
+ f->next = fields;
+ fields = f;
+ }
+
+ PQclear(result);
+ return 0;
+}
+
+static int exit_nicely(PGconn *conn)
+{
+ PQfinish(conn);
+ return 0;;
+}
+
+/* make connection and select database */
+static int pgsql_open_db(char *server, int port, char *user, char *pass,
+ char *db)
+{
+ int len;
+ char *connstr;
+
+ /* 80 is more than what we need for the fixed parts below */
+ len = 80 + strlen(user) + strlen(db);
+
+ /* hostname and and password are the only optionals */
+ if (server)
+ len += strlen(server);
+ if (pass)
+ len += strlen(pass);
+ if (port)
+ len += 20;
+
+ connstr = (char *) malloc(len+1);
+ if (!connstr)
+ return 1;
+ *connstr = '\0';
+
+ if (server) {
+ strncat(connstr, " host=", len-strlen(connstr));
+ strncat(connstr, server, len-strlen(connstr));
+ }
+
+ if (port) {
+ char portbuf[20];
+ snprintf(portbuf, sizeof(portbuf), " port=%u", port);
+ strncat(connstr, portbuf, len-strlen(connstr));
+ }
+
+ strncat(connstr, " dbname=", len-strlen(connstr));
+ strncat(connstr, db, len-strlen(connstr));
+ strncat(connstr, " user=", len-strlen(connstr));
+ strncat(connstr, user, len-strlen(connstr));
+
+ if (pass) {
+ strncat(connstr, " password=", len-strlen(connstr));
+ strncat(connstr, pass, len-strlen(connstr));
+ }
+
+ dbh = PQconnectdb(connstr);
+ free(connstr);
+ if (PQstatus(dbh)!=CONNECTION_OK) {
+ exit_nicely(dbh);
+ dbh = NULL;
+ return 1;
+ }
+
+ return 0;
+}
+
+static int pgsql_init(void)
+{
+ /* have the opts parsed */
+ config_parse_file("PGSQL", &port_ce);
+
+ if (pgsql_open_db(host_ce.u.string, port_ce.u.value, user_ce.u.string,
+ pass_ce.u.string, db_ce.u.string)) {
+ ulogd_log(ULOGD_ERROR, "can't establish database connection\n");
+ return 1;
+ }
+
+ if (pgsql_namespace()) {
+ PQfinish(dbh);
+ dbh = NULL;
+ ulogd_log(ULOGD_ERROR, "unable to test for pgsql schemas\n");
+ return 1;
+ }
+
+ /* read the fieldnames to know which values to insert */
+ if (pgsql_get_columns(table_ce.u.string)) {
+ PQfinish(dbh);
+ dbh = NULL;
+ ulogd_log(ULOGD_ERROR, "unable to get pgsql columns\n");
+ return 1;
+ }
+
+ if (pgsql_createstmt()) {
+ PQfinish(dbh);
+ dbh = NULL;
+ return 1;
+ }
+
+ return 0;
+}
+
+static void pgsql_fini(void)
+{
+ if (dbh)
+ PQfinish(dbh);
+ if (stmt)
+ {
+ free(stmt);
+ stmt = NULL;
+ stmt_val = NULL;
+ }
+}
+
+static ulog_output_t pgsql_plugin = {
+ .name = "pgsql",
+ .output = &pgsql_output,
+ .init = &pgsql_init,
+ .fini = &pgsql_fini,
+};
+
+void _init(void)
+{
+ register_output(&pgsql_plugin);
+}
diff --git a/plain-2.4.0-to-ulog2.diff b/plain-2.4.0-to-ulog2.diff
deleted file mode 100644
index ab858ea..0000000
--- a/plain-2.4.0-to-ulog2.diff
+++ /dev/null
@@ -1,263 +0,0 @@
-diff -Nru linux-2.4.0-test4-plain/Documentation/Configure.help linux-2.4.0-test4-work/Documentation/Configure.help
---- linux-2.4.0-test4-plain/Documentation/Configure.help Thu Jul 13 18:42:51 2000
-+++ linux-2.4.0-test4-work/Documentation/Configure.help Mon Jul 31 17:23:30 2000
-@@ -2010,6 +2010,16 @@
- If you want to compile it as a module, say M here and read
- Documentation/modules.txt. If unsure, say `N'.
-
-+ULOG target support
-+CONFIG_IP_NF_TARGET_ULOG
-+ This option adds a `ULOG' target, which allows you to create rules in
-+ any iptables table. The packet is passed to a userspace logging
-+ daemon using netlink multicast sockets; unlike the LOG target
-+ which can only be viewed through syslog.
-+
-+ If you want to compile it as a module, say M here and read
-+ Documentation/modules.txt. If unsure, say `N'.
-+
- ipchains (2.2-style) support
- CONFIG_IP_NF_COMPAT_IPCHAINS
- This option places ipchains (with masquerading and redirection
-diff -Nru linux-2.4.0-test4-plain/include/linux/netfilter_ipv4/ipt_ULOG.h linux-2.4.0-test4-work/include/linux/netfilter_ipv4/ipt_ULOG.h
---- linux-2.4.0-test4-plain/include/linux/netfilter_ipv4/ipt_ULOG.h Thu Jan 1 01:00:00 1970
-+++ linux-2.4.0-test4-work/include/linux/netfilter_ipv4/ipt_ULOG.h Mon Jul 31 17:23:31 2000
-@@ -0,0 +1,29 @@
-+#ifndef _IPT_ULOG_H
-+#define _IPT_ULOG_H
-+
-+#define ULOG_MAC_LEN 80
-+#define ULOG_PREFIX_LEN 32
-+
-+struct ipt_ulog_info
-+{
-+ unsigned int nl_group;
-+ size_t copy_range;
-+ char prefix[ULOG_PREFIX_LEN];
-+};
-+
-+typedef struct ulog_packet_msg
-+{
-+ unsigned long mark;
-+ long timestamp_sec;
-+ long timestamp_usec;
-+ unsigned int hook;
-+ char indev_name[IFNAMSIZ];
-+ char outdev_name[IFNAMSIZ];
-+ size_t data_len;
-+ char prefix[ULOG_PREFIX_LEN];
-+ unsigned char mac_len;
-+ unsigned char mac[ULOG_MAC_LEN];
-+ unsigned char payload[0];
-+} ulog_packet_msg_t;
-+
-+#endif /*_IPT_ULOG_H*/
-diff -Nru linux-2.4.0-test4-plain/include/linux/netlink.h linux-2.4.0-test4-work/include/linux/netlink.h
---- linux-2.4.0-test4-plain/include/linux/netlink.h Fri Aug 28 04:33:08 1998
-+++ linux-2.4.0-test4-work/include/linux/netlink.h Mon Jul 31 17:23:30 2000
-@@ -5,6 +5,7 @@
- #define NETLINK_SKIP 1 /* Reserved for ENskip */
- #define NETLINK_USERSOCK 2 /* Reserved for user mode socket protocols */
- #define NETLINK_FIREWALL 3 /* Firewalling hook */
-+#define NETLINK_NFLOG 4 /* Firewall logging */
- #define NETLINK_ARPD 8
- #define NETLINK_ROUTE6 11 /* af_inet6 route comm channel */
- #define NETLINK_IP6_FW 13
-diff -Nru linux-2.4.0-test4-plain/net/ipv4/netfilter/Config.in linux-2.4.0-test4-work/net/ipv4/netfilter/Config.in
---- linux-2.4.0-test4-plain/net/ipv4/netfilter/Config.in Mon Mar 27 20:35:56 2000
-+++ linux-2.4.0-test4-work/net/ipv4/netfilter/Config.in Mon Jul 31 17:23:30 2000
-@@ -51,6 +51,7 @@
- dep_tristate ' MARK target support' CONFIG_IP_NF_TARGET_MARK $CONFIG_IP_NF_MANGLE
- fi
- dep_tristate ' LOG target support' CONFIG_IP_NF_TARGET_LOG $CONFIG_IP_NF_IPTABLES
-+ dep_tristate ' ULOG target support' CONFIG_IP_NF_TARGET_ULOG $CONFIG_IP_NF_IPTABLES
- fi
-
- # Backwards compatibility modules: only if you don't build in the others.
-diff -Nru linux-2.4.0-test4-plain/net/ipv4/netfilter/Makefile linux-2.4.0-test4-work/net/ipv4/netfilter/Makefile
---- linux-2.4.0-test4-plain/net/ipv4/netfilter/Makefile Mon Mar 27 20:35:56 2000
-+++ linux-2.4.0-test4-work/net/ipv4/netfilter/Makefile Mon Jul 31 17:23:30 2000
-@@ -197,6 +197,14 @@
- endif
- endif
-
-+ifeq ($(CONFIG_IP_NF_TARGET_ULOG),y)
-+O_OBJS += ipt_ULOG.o
-+else
-+ ifeq ($(CONFIG_IP_NF_TARGET_ULOG),m)
-+ M_OBJS += ipt_ULOG.o
-+ endif
-+endif
-+
- ifeq ($(CONFIG_IP_NF_COMPAT_IPCHAINS),y)
- O_OBJS += ipchains_core.o $(IP_NF_COMPAT_LAYER)
- else
-diff -Nru linux-2.4.0-test4-plain/net/ipv4/netfilter/ipt_ULOG.c linux-2.4.0-test4-work/net/ipv4/netfilter/ipt_ULOG.c
---- linux-2.4.0-test4-plain/net/ipv4/netfilter/ipt_ULOG.c Thu Jan 1 01:00:00 1970
-+++ linux-2.4.0-test4-work/net/ipv4/netfilter/ipt_ULOG.c Mon Jul 31 17:23:31 2000
-@@ -0,0 +1,166 @@
-+/*
-+ * netfilter module for userspace packet logging daemons
-+ *
-+ * (C) 2000 by Harald Welte
-+ *
-+ * Released under the terms of the GPL
-+ *
-+ * ipt_ULOG.c,v 1.4 2000/07/31 11:41:06 laforge Exp
-+ */
-+
-+#include
-+#include
-+#include
-+#include
-+#include
-+#include
-+#include
-+#include
-+#include
-+#include
-+#include
-+#include
-+#include
-+
-+#define ULOG_NL_EVENT 111 /* Harald's favorite number */
-+
-+#if 0
-+#define DEBUGP printk
-+#else
-+#define DEBUGP(format, args...)
-+#endif
-+
-+static struct sock *nflognl;
-+
-+static void nflog_rcv(struct sock *sk, int len)
-+{
-+ printk("nflog_rcv: did receive netlink message ?!?\n");
-+}
-+
-+static unsigned int ipt_ulog_target(struct sk_buff **pskb,
-+ unsigned int hooknum,
-+ const struct net_device *in,
-+ const struct net_device *out,
-+ const void *targinfo, void *userinfo)
-+{
-+ ulog_packet_msg_t *pm;
-+ size_t size, copy_len;
-+ struct sk_buff *nlskb;
-+ unsigned char *old_tail;
-+ struct nlmsghdr *nlh;
-+ struct ipt_ulog_info *loginfo = (struct ipt_ulog_info *) targinfo;
-+
-+ /* calculate the size of the skb needed */
-+ if ((loginfo->copy_range == 0) ||
-+ (loginfo->copy_range > (*pskb)->len)) {
-+ copy_len = (*pskb)->len;
-+ } else {
-+ copy_len = loginfo->copy_range;
-+ }
-+ size = NLMSG_SPACE(sizeof(*pm) + copy_len);
-+ nlskb = alloc_skb(size, GFP_ATOMIC);
-+ if (!nlskb)
-+ goto nlmsg_failure;
-+
-+ old_tail = nlskb->tail;
-+ nlh = NLMSG_PUT(nlskb, 0, 0, ULOG_NL_EVENT, size - sizeof(*nlh));
-+ pm = NLMSG_DATA(nlh);
-+
-+ /* copy hook, prefix, timestamp, payload, etc. */
-+
-+ pm->data_len = copy_len;
-+ pm->timestamp_sec = (*pskb)->stamp.tv_sec;
-+ pm->timestamp_usec = (*pskb)->stamp.tv_usec;
-+ pm->mark = (*pskb)->nfmark;
-+ pm->hook = hooknum;
-+ if (loginfo->prefix)
-+ strcpy(pm->prefix, loginfo->prefix);
-+
-+ if (in && in->hard_header_len > 0
-+ && (*pskb)->mac.raw != (void *) (*pskb)->nh.iph
-+ && in->hard_header_len <= ULOG_MAC_LEN) {
-+ memcpy(pm->mac, (*pskb)->mac.raw, in->hard_header_len);
-+ pm->mac_len = in->hard_header_len;
-+ }
-+
-+ if (in)
-+ strcpy(pm->indev_name, in->name);
-+ else
-+ pm->indev_name[0] = '\0';
-+
-+ if (out)
-+ strcpy(pm->outdev_name, out->name);
-+ else
-+ pm->outdev_name[0] = '\0';
-+
-+ if (copy_len)
-+ memcpy(pm->payload, (*pskb)->data, copy_len);
-+ nlh->nlmsg_len = nlskb->tail - old_tail;
-+ NETLINK_CB(nlskb).dst_groups = loginfo->nl_group;
-+ DEBUGP
-+ ("ipt_ULOG: going to throw a packet to netlink groupmask %u\n",
-+ loginfo->nl_group);
-+ netlink_broadcast(nflognl, nlskb, 0, loginfo->nl_group,
-+ GFP_ATOMIC);
-+
-+ return IPT_CONTINUE;
-+
-+ nlmsg_failure:
-+ if (nlskb)
-+ kfree(nlskb);
-+ printk("ipt_ULOG: Error building netlink message\n");
-+ return IPT_CONTINUE;
-+}
-+
-+static int ipt_ulog_checkentry(const char *tablename,
-+ const struct ipt_entry *e,
-+ void *targinfo,
-+ unsigned int targinfosize,
-+ unsigned int hookmask)
-+{
-+ struct ipt_ulog_info *loginfo = (struct ipt_ulog_info *) targinfo;
-+
-+ if (targinfosize != IPT_ALIGN(sizeof(struct ipt_ulog_info))) {
-+ DEBUGP("ULOG: targinfosize %u != 0\n", targinfosize);
-+ return 0;
-+ }
-+
-+ if (loginfo->prefix[sizeof(loginfo->prefix) - 1] != '\0') {
-+ DEBUGP("ULOG: prefix term %i\n",
-+ loginfo->prefix[sizeof(loginfo->prefix) - 1]);
-+ return 0;
-+ }
-+
-+ return 1;
-+}
-+
-+static struct ipt_target ipt_ulog_reg =
-+ { {NULL, NULL}, "ULOG", ipt_ulog_target, ipt_ulog_checkentry, NULL,
-+THIS_MODULE
-+};
-+
-+static int __init init(void)
-+{
-+ DEBUGP("ipt_ULOG: init module\n");
-+ nflognl = netlink_kernel_create(NETLINK_NFLOG, nflog_rcv);
-+ if (!nflognl)
-+ return -ENOMEM;
-+
-+ if (ipt_register_target(&ipt_ulog_reg) != 0) {
-+ sock_release(nflognl->socket);
-+ return -EINVAL;
-+ }
-+
-+ return 0;
-+}
-+
-+static void __exit fini(void)
-+{
-+ DEBUGP("ipt_ULOG: cleanup_module\n");
-+
-+ ipt_unregister_target(&ipt_ulog_reg);
-+ sock_release(nflognl->socket);
-+}
-+
-+module_init(init);
-+module_exit(fini);
diff --git a/sqlite3/Makefile.in b/sqlite3/Makefile.in
new file mode 100644
index 0000000..5c0e1f1
--- /dev/null
+++ b/sqlite3/Makefile.in
@@ -0,0 +1,29 @@
+#
+# Normally You should not need to change anything below
+#
+include @top_srcdir@/Rules.make
+
+CFLAGS+=-I@top_srcdir@ -I@top_srcdir@/libipulog/include -I@top_srcdir@/include
+SH_CFLAGS:=$(CFLAGS) -fPIC
+
+SHARED_LIBS=ulogd_SQLITE3.so
+
+all: $(SHARED_LIBS)
+
+distrib:
+
+$(SHARED_LIBS): %.so: %_sh.o
+ $(LD) -shared $(SQLITE3_LDFLAGS) -o $@ $< -lc
+
+%_sh.o: %.c
+ $(CC) $(SQLITE3_CFLAGS) $(SH_CFLAGS) -o $@ -c $<
+
+clean:
+ $(RM) $(SHARED_LIBS) *.o
+
+distclean:
+ $(RM) Makefile
+
+install: all
+ $(INSTALL) -m 755 -d $(DESTDIR)$(ULOGD_LIB_PATH)
+ $(INSTALL) -m 755 *.so $(DESTDIR)$(ULOGD_LIB_PATH)
diff --git a/sqlite3/ulogd_SQLITE3.c b/sqlite3/ulogd_SQLITE3.c
new file mode 100644
index 0000000..7854f2b
--- /dev/null
+++ b/sqlite3/ulogd_SQLITE3.c
@@ -0,0 +1,435 @@
+/*
+ * ulogd output plugin for logging to a SQLITE database
+ *
+ * (C) 2005 by Ben La Monica
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2
+ * as published by the Free Software Foundation
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ *
+ * This module has been adapted from the ulogd_MYSQL.c written by
+ * Harald Welte
+ * Alex Janssen
+ *
+ * You can see benchmarks and an explanation of the testing
+ * at http://www.pojo.us/ulogd/
+ *
+ * 2005-02-09 Harald Welte :
+ * - port to ulogd-1.20
+ */
+
+#include
+#include
+#include
+#include
+#include
+#include
+
+#ifdef DEBUG_SQLITE3
+#define DEBUGP(x, args...) fprintf(stderr, x, ## args)
+#else
+#define DEBUGP(x, args...)
+#endif
+
+struct _field {
+ char name[ULOGD_MAX_KEYLEN];
+ unsigned int id;
+ struct _field *next;
+};
+
+/* the database handle we are using */
+static sqlite3 *dbh;
+
+/* a linked list of the fields the table has */
+static struct _field *fields;
+
+/* buffer for our insert statement */
+static char *stmt;
+
+/* size of our insert statement buffer */
+static size_t stmt_siz;
+
+/* pointer to the final prepared statement */
+static sqlite3_stmt *p_stmt;
+
+/* number of statements to buffer before we commit */
+static int buffer_size;
+
+/* number of statements currently in the buffer */
+static int buffer_ctr;
+
+/* our configuration directives */
+static config_entry_t db_ce = {
+ .key = "db",
+ .type = CONFIG_TYPE_STRING,
+ .options = CONFIG_OPT_MANDATORY,
+};
+
+static config_entry_t table_ce = {
+ .next = &db_ce,
+ .key = "table",
+ .type = CONFIG_TYPE_STRING,
+ .options = CONFIG_OPT_MANDATORY,
+};
+
+static config_entry_t buffer_ce = {
+ .next = &table_ce,
+ .key = "buffer",
+ .type = CONFIG_TYPE_INT,
+ .options = CONFIG_OPT_MANDATORY,
+};
+
+#define STMT_ADD(pos,beg,siz,fmt...) \
+ do { \
+ if((pos) >= (beg) && (siz) > (pos) - (beg)) \
+ snprintf((pos), (siz)-((pos)-(beg)), ##fmt); \
+ } while(0)
+
+/* our main output function, called by ulogd */
+static int _sqlite3_output(ulog_iret_t *result)
+{
+ struct _field *f;
+ ulog_iret_t *res;
+ int col_counter;
+#ifdef IP_AS_STRING
+ char *ipaddr;
+ struct in_addr addr;
+#endif
+
+ if (p_stmt == NULL || dbh == NULL)
+ return 1;
+
+ col_counter = 1;
+ for (f = fields; f; f = f->next) {
+ res = keyh_getres(f->id);
+
+ if (!res) {
+ ulogd_log(ULOGD_NOTICE,
+ "no result for %s ?!?\n", f->name);
+ }
+
+ if (!res || !IS_VALID((*res))) {
+ /* no result, pass a null */
+ sqlite3_bind_null(p_stmt, col_counter);
+ col_counter++;
+ continue;
+ }
+
+ switch (res->type) {
+ case ULOGD_RET_INT8:
+ sqlite3_bind_int(p_stmt,col_counter,res->value.i8);
+ break;
+ case ULOGD_RET_INT16:
+ sqlite3_bind_int(p_stmt,col_counter,res->value.i16);
+ break;
+ case ULOGD_RET_INT32:
+ sqlite3_bind_int(p_stmt,col_counter,res->value.i32);
+ break;
+ case ULOGD_RET_INT64:
+ sqlite3_bind_int64(p_stmt,col_counter,res->value.i64);
+ break;
+ case ULOGD_RET_UINT8:
+ sqlite3_bind_int(p_stmt,col_counter,res->value.ui8);
+ break;
+ case ULOGD_RET_UINT16:
+ sqlite3_bind_int(p_stmt,col_counter,res->value.ui16);
+ break;
+ case ULOGD_RET_IPADDR:
+#ifdef IP_AS_STRING
+ memset(&addr, 0, sizeof(addr));
+ addr.s_addr = ntohl(res->value.ui32);
+ ipaddr = inet_ntoa(addr);
+ sqlite3_bind_text(p_stmt,col_counter,ipaddr,strlen(ipaddr),SQLITE_STATIC);
+ break;
+#endif /* IP_AS_STRING */
+ /* EVIL: fallthrough when logging IP as u_int32_t */
+ case ULOGD_RET_UINT32:
+ sqlite3_bind_int(p_stmt,col_counter,res->value.ui32);
+ break;
+ case ULOGD_RET_UINT64:
+ sqlite3_bind_int64(p_stmt,col_counter,res->value.ui64);
+ break;
+ case ULOGD_RET_BOOL:
+ sqlite3_bind_int(p_stmt,col_counter,res->value.b);
+ break;
+ case ULOGD_RET_STRING:
+ sqlite3_bind_text(p_stmt,col_counter,res->value.ptr,strlen(res->value.ptr),SQLITE_STATIC);
+ break;
+ default:
+ ulogd_log(ULOGD_NOTICE,
+ "unknown type %d for %s\n",
+ res->type, res->key);
+ break;
+ }
+
+ col_counter++;
+ }
+
+ /* now we have created our statement, insert it */
+
+ if (sqlite3_step(p_stmt) == SQLITE_DONE) {
+ sqlite3_reset(p_stmt);
+ buffer_ctr++;
+ } else {
+ ulogd_log(ULOGD_ERROR, "sql error during insert: %s\n",
+ sqlite3_errmsg(dbh));
+ return 1;
+ }
+
+ /* commit all of the inserts to the database, ie flush buffer */
+ if (buffer_ctr >= buffer_size) {
+ if (sqlite3_exec(dbh,"commit",NULL,NULL,NULL) != SQLITE_OK)
+ ulogd_log(ULOGD_ERROR,"unable to commit records to db.");
+
+ if (sqlite3_exec(dbh,"begin deferred",NULL,NULL,NULL) != SQLITE_OK)
+ ulogd_log(ULOGD_ERROR,"unable to begin a new transaction.");
+
+ buffer_ctr = 0;
+ DEBUGP("committing.\n");
+ }
+
+ return 0;
+}
+
+#define _SQLITE3_INSERTTEMPL "insert into X (Y) values (Z)"
+
+/* create the static part of our insert statement */
+static int _sqlite3_createstmt(void)
+{
+ struct _field *f;
+ char buf[ULOGD_MAX_KEYLEN];
+ char *underscore;
+ char *stmt_pos;
+ int col_count;
+ int i;
+
+ if (stmt) {
+ ulogd_log(ULOGD_NOTICE, "createstmt called, but stmt"
+ " already existing\n");
+ return 1;
+ }
+
+ /* caclulate the size for the insert statement */
+ stmt_siz = strlen(_SQLITE3_INSERTTEMPL) + strlen(table_ce.u.string);
+
+ DEBUGP("initial size: %zu\n", stmt_siz);
+
+ col_count = 0;
+ for (f = fields; f; f = f->next) {
+ /* we need space for the key and a comma, and a ? */
+ stmt_siz += strlen(f->name) + 3;
+ DEBUGP("size is now %zu since adding %s\n",stmt_siz,f->name);
+ col_count++;
+ }
+
+ DEBUGP("there were %d columns\n",col_count);
+ DEBUGP("after calc name length: %zu\n",stmt_siz);
+
+ ulogd_log(ULOGD_DEBUG, "allocating %zu bytes for statement\n", stmt_siz);
+
+ stmt = (char *) malloc(stmt_siz);
+
+ if (!stmt) {
+ stmt_siz = 0;
+ ulogd_log(ULOGD_ERROR, "OOM!\n");
+ return 1;
+ }
+
+ snprintf(stmt, stmt_siz, "insert into %s (", table_ce.u.string);
+ stmt_pos = stmt + strlen(stmt);
+
+ for (f = fields; f; f = f->next) {
+ strncpy(buf, f->name, ULOGD_MAX_KEYLEN-1);
+ buf[ULOGD_MAX_KEYLEN-1] = '\0';
+ while ((underscore = strchr(buf, '.')))
+ *underscore = '_';
+ STMT_ADD(stmt_pos,stmt,stmt_siz, "%s,", buf);
+ stmt_pos = stmt + strlen(stmt);
+ }
+
+ *(stmt_pos - 1) = ')';
+
+ STMT_ADD(stmt_pos,stmt,stmt_siz, " values (");
+ stmt_pos = stmt + strlen(stmt);
+
+ for (i = 0; i < col_count - 1; i++) {
+ STMT_ADD(stmt_pos,stmt,stmt_siz, "?,");
+ stmt_pos += 2;
+ }
+
+ STMT_ADD(stmt_pos,stmt,stmt_siz, "?)");
+ ulogd_log(ULOGD_DEBUG, "stmt='%s'\n", stmt);
+
+ DEBUGP("about to prepare statement.\n");
+
+ if (sqlite3_prepare(dbh,stmt,-1,&p_stmt,0) != SQLITE_OK) {
+ p_stmt = NULL;
+ free( stmt);
+ stmt = stmt_pos = NULL;
+ ulogd_log(ULOGD_ERROR,"unable to prepare statement");
+ return 1;
+ }
+
+ DEBUGP("statement prepared.\n");
+
+ return 0;
+}
+
+
+/* length of "select * from \0" */
+#define SQLITE_SELECT_LEN 15
+
+/* find out which columns the table has */
+static int _sqlite3_get_columns(const char *table)
+{
+ char buf[ULOGD_MAX_KEYLEN];
+ char query[SQLITE_SELECT_LEN + CONFIG_VAL_STRING_LEN + 1] = "select * from \0";
+ char *underscore;
+ struct _field *f;
+ sqlite3_stmt *schema_stmt;
+ int column;
+ int result;
+ int id;
+
+ if (!dbh)
+ return 1;
+
+ strncat(query,table,sizeof(query)-strlen(query)-1);
+
+ result = sqlite3_prepare(dbh,query,-1,&schema_stmt,0);
+
+ if (result != SQLITE_OK)
+ return 1;
+
+ for (column = 0; column < sqlite3_column_count(schema_stmt); column++) {
+ /* replace all underscores with dots */
+ strncpy(buf, sqlite3_column_name(schema_stmt,column), ULOGD_MAX_KEYLEN-1);
+ buf[ULOGD_MAX_KEYLEN-1] = '\0';
+ while ((underscore = strchr(buf, '_')))
+ *underscore = '.';
+
+ DEBUGP("field '%s' found: ", buf);
+
+ if (!(id = keyh_getid(buf))) {
+ DEBUGP(" no keyid!\n");
+ continue;
+ }
+
+ DEBUGP("keyid %u\n", id);
+
+ /* prepend it to the linked list */
+ f = (struct _field *) malloc(sizeof *f);
+ if (!f) {
+ ulogd_log(ULOGD_ERROR, "OOM!\n");
+ return 1;
+ }
+ strncpy(f->name, buf, ULOGD_MAX_KEYLEN-1);
+ f->name[ULOGD_MAX_KEYLEN-1] = '\0';
+ f->id = id;
+ f->next = fields;
+ fields = f;
+ }
+
+ sqlite3_finalize(schema_stmt);
+ return 0;
+}
+
+/**
+ * make connection and select database
+ * returns 0 if database failed to open.
+ */
+static int _sqlite3_open_db(char *db_file)
+{
+ DEBUGP("opening database.\n");
+ return sqlite3_open(db_file,&dbh);
+}
+
+/* give us an opportunity to close the database down properly */
+static void _sqlite3_fini(void)
+{
+ DEBUGP("cleaning up db connection\n");
+
+ /* free up our prepared statements so we can close the db */
+ if (p_stmt) {
+ sqlite3_finalize(p_stmt);
+ DEBUGP("prepared statement finalized\n");
+ }
+
+ if (dbh) {
+ int result;
+ /* flush the remaining insert statements to the database. */
+ result = sqlite3_exec(dbh,"commit",NULL,NULL,NULL);
+
+ if (result != SQLITE_OK)
+ ulogd_log(ULOGD_ERROR,"unable to commit remaining records to db.");
+
+ sqlite3_close(dbh);
+ dbh = NULL;
+ DEBUGP("database file closed\n");
+ }
+}
+
+#define _SQLITE3_BUSY_TIMEOUT 300
+
+static int _sqlite3_init(void)
+{
+ /* have the opts parsed */
+ config_parse_file("SQLITE3", &buffer_ce);
+
+ if (_sqlite3_open_db(db_ce.u.string)) {
+ ulogd_log(ULOGD_ERROR, "can't open the database file\n");
+ return 1;
+ }
+
+ /* set the timeout so that we don't automatically fail
+ * if the table is busy. */
+ sqlite3_busy_timeout(dbh, _SQLITE3_BUSY_TIMEOUT);
+
+ /* read the fieldnames to know which values to insert */
+ if (_sqlite3_get_columns(table_ce.u.string)) {
+ sqlite3_close(dbh);
+ dbh = NULL;
+ ulogd_log(ULOGD_ERROR, "unable to get sqlite columns\n");
+ return 1;
+ }
+
+ /* initialize our buffer size and counter */
+ buffer_size = buffer_ce.u.value;
+ buffer_ctr = 0;
+
+ DEBUGP("Have a buffer size of : %d\n", buffer_size);
+
+ if (sqlite3_exec(dbh,"begin deferred",NULL,NULL,NULL) != SQLITE_OK)
+ ulogd_log(ULOGD_ERROR,"can't create a new transaction\n");
+
+ /* create and prepare the actual insert statement */
+ if(_sqlite3_createstmt()) {
+ sqlite3_close(dbh);
+ dbh = NULL;
+ return 1;
+ }
+
+ return 0;
+}
+
+static ulog_output_t _sqlite3_plugin = {
+ .name = "sqlite3",
+ .output = &_sqlite3_output,
+ .init = &_sqlite3_init,
+ .fini = &_sqlite3_fini,
+};
+
+void _init(void)
+{
+ register_output(&_sqlite3_plugin);
+}
+
diff --git a/ulogd.8 b/ulogd.8
new file mode 100644
index 0000000..7dfb2e9
--- /dev/null
+++ b/ulogd.8
@@ -0,0 +1,64 @@
+.\" Hey, EMACS: -*- nroff -*-
+.\" First parameter, NAME, should be all caps
+.\" Second parameter, SECTION, should be 1-8, maybe w/ subsection
+.\" other parameters are allowed: see man(7), man(1)
+.TH ULOGD 8 "November 05, 2002" "Linux Netfilter"
+.\" Please adjust this date whenever revising the manpage.
+.\"
+.\" Some roff macros, for reference:
+.\" .nh disable hyphenation
+.\" .hy enable hyphenation
+.\" .ad l left justify
+.\" .ad b justify to both left and right margins
+.\" .nf disable filling
+.\" .fi enable filling
+.\" .br insert line break
+.\" .sp insert n+1 empty lines
+.\" for manpage-specific macros, see man(7)
+.SH NAME
+ulogd \- netfilter/iptables ULOG daemon
+.SH SYNOPSIS
+.B ulogd [options]
+.SH DESCRIPTION
+.B ulogd
+connects to the netlink device of the Linux kernel and reads messages
+from the netfilter that get queued with the iptables ULOG target. For
+this to work you have to compile the ULOG target into your kernel or
+load the respective module.
+.PP
+The received messages can be logged into files or into a mySQL or
+PostgreSQL database.
+.SH OPTIONS
+.TP
+.B -d, --daemon
+fork ulogd into background (start as daemon)
+.TP
+.B -c , --configfile
+use as configuration file instead of
+.I /etc/ulogd.conf
+.TP
+.B -h, --help
+show usage information
+.TP
+.B -V, --version
+show version information and copyright
+.SH FILES
+.I /etc/ulogd.conf
+.br
+.I /var/log/ulogd.log
+.SH SEE ALSO
+There is more documentation about the daemon and the database plugins
+(including examples) in the directories
+.nf
+.br
+.I /usr/share/doc/ulogd
+.br
+.fi
+.I /usr/share/doc/ulogd-mysql
+and
+.nf
+.br
+.I /usr/share/doc/ulogd-pgsql
+.SH AUTHOR
+This manual page was written by Joerg Wendland ,
+for the Debian GNU/Linux system (but may be used by others).
diff --git a/ulogd.c b/ulogd.c
new file mode 100644
index 0000000..5707ef8
--- /dev/null
+++ b/ulogd.c
@@ -0,0 +1,826 @@
+/* ulogd, Version $LastChangedRevision$
+ *
+ * $Id$
+ *
+ * userspace logging daemon for the iptables ULOG target
+ * of the linux 2.4 netfilter subsystem.
+ *
+ * (C) 2000-2003 by Harald Welte
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2
+ * as published by the Free Software Foundation
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ *
+ * $Id$
+ *
+ * Modifications:
+ * 14 Jun 2001 Martin Josefsson
+ * - added SIGHUP handler for logfile cycling
+ *
+ * 10 Feb 2002 Alessandro Bono
+ * - added support for non-fork mode
+ * - added support for logging to stdout
+ *
+ * 09 Sep 2003 Magnus Boden
+ * - added support for more flexible multi-section conffile
+ *
+ * 20 Apr 2004 Nicolas Pougetoux
+ * - added suppurt for seteuid()
+ */
+
+#define ULOGD_VERSION "1.23"
+
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+
+/* Size of the socket recevive memory. Should be at least the same size as the
+ * 'nlbufsiz' module loadtime parameter of ipt_ULOG.o
+ * If you have _big_ in-kernel queues, you may have to increase this number. (
+ * --qthreshold 100 * 1500 bytes/packet = 150kB */
+#define ULOGD_RMEM_DEFAULT 131071
+
+/* Size of the receive buffer for the netlink socket. Should be at least of
+ * RMEM_DEFAULT size. */
+#define ULOGD_BUFSIZE_DEFAULT 150000
+
+#ifdef DEBUG
+#define DEBUGP(format, args...) fprintf(stderr, format, ## args)
+#else
+#define DEBUGP(format, args...)
+#endif
+
+/* default config parameters, if not changed in configfile */
+#ifndef ULOGD_LOGFILE_DEFAULT
+#define ULOGD_LOGFILE_DEFAULT "/var/log/ulogd.log"
+#endif
+#ifndef ULOGD_NLGROUP_DEFAULT
+#define ULOGD_NLGROUP_DEFAULT 32
+#endif
+
+/* where to look for the config file */
+#ifndef ULOGD_CONFIGFILE
+#define ULOGD_CONFIGFILE "/etc/ulogd.conf"
+#endif
+
+/* global variables */
+static struct ipulog_handle *libulog_h; /* our libipulog handle */
+static unsigned char* libulog_buf; /* the receive buffer */
+static FILE *logfile = NULL; /* logfile pointer */
+static char *ulogd_configfile = ULOGD_CONFIGFILE;
+
+/* linked list for all registered interpreters */
+static ulog_interpreter_t *ulogd_interpreters;
+
+/* linked list for all registered output targets */
+static ulog_output_t *ulogd_outputs;
+
+/***********************************************************************
+ * INTERPRETER AND KEY HASH FUNCTIONS (new in 0.9)
+ ***********************************************************************/
+
+/* We keep hashtables of interpreters and registered keys. The hash-tables
+ * are allocated dynamically at program load time. You may control the
+ * allocation granularity of both hashes (i.e. the amount of hashtable
+ * entries are allocated at one time) through modification of the constants
+ * INTERH_ALLOC_GRAN and KEYH_ALLOC_GRAN
+ */
+
+/* allocation granularith */
+#define INTERH_ALLOC_GRAN 5
+
+/* hashtable for all registered interpreters */
+static ulog_interpreter_t **ulogd_interh;
+
+/* current hashtable size */
+static unsigned int ulogd_interh_ids_alloc;
+
+/* total number of registered ids */
+static unsigned int ulogd_interh_ids;
+
+/* allocate a new interpreter id and write it into the interpreter struct */
+static unsigned int interh_allocid(ulog_interpreter_t *ip)
+{
+ unsigned int id;
+
+ id = ++ulogd_interh_ids;
+
+ if (id >= ulogd_interh_ids_alloc) {
+ if (!ulogd_interh)
+ ulogd_interh = (ulog_interpreter_t **)
+ malloc(INTERH_ALLOC_GRAN *
+ sizeof(ulog_interpreter_t));
+ else
+ ulogd_interh = (ulog_interpreter_t **)
+ realloc(ulogd_interh,
+ (INTERH_ALLOC_GRAN +
+ ulogd_interh_ids_alloc) *
+ sizeof(ulog_interpreter_t));
+
+ ulogd_interh_ids_alloc += INTERH_ALLOC_GRAN;
+ }
+
+ ip->id = id;
+ ulogd_interh[id] = ip;
+ return id;
+}
+
+/* get interpreter id by name */
+unsigned int interh_getid(const char *name)
+{
+ unsigned int i;
+ for (i = 1; i <= ulogd_interh_ids; i++)
+ if (!strcmp(name, (ulogd_interh[i])->name))
+ return i;
+
+ return 0;
+}
+
+#ifdef DEBUG
+/* dump out the contents of the interpreter hash */
+static void interh_dump(void)
+{
+ unsigned int i;
+
+ for (i = 1; i <= ulogd_interh_ids; i++)
+ ulogd_log(ULOGD_DEBUG, "ulogd_interh[%d] = %s\n",
+ i, (ulogd_interh[i])->name);
+
+}
+#endif
+
+/* key hash allocation granularity */
+#define KEYH_ALLOC_GRAN 20
+
+/* hash table for key ids */
+struct ulogd_keyh_entry *ulogd_keyh;
+
+/* current size of the hashtable */
+static unsigned int ulogd_keyh_ids_alloc;
+
+/* total number of registered keys */
+static unsigned int ulogd_keyh_ids;
+
+/* allocate a new key_id */
+static unsigned int keyh_allocid(ulog_interpreter_t *ip, unsigned int offset,
+ const char *name)
+{
+ unsigned int id;
+
+ id = ++ulogd_keyh_ids;
+
+ if (id >= ulogd_keyh_ids_alloc) {
+ if (!ulogd_keyh) {
+ ulogd_keyh = (struct ulogd_keyh_entry *)
+ malloc(KEYH_ALLOC_GRAN *
+ sizeof(struct ulogd_keyh_entry));
+ if (!ulogd_keyh) {
+ ulogd_log(ULOGD_ERROR, "OOM!\n");
+ return 0;
+ }
+ } else {
+ ulogd_keyh = (struct ulogd_keyh_entry *)
+ realloc(ulogd_keyh, (KEYH_ALLOC_GRAN
+ +ulogd_keyh_ids_alloc) *
+ sizeof(struct ulogd_keyh_entry));
+
+ if (!ulogd_keyh) {
+ ulogd_log(ULOGD_ERROR, "OOM!\n");
+ return 0;
+ }
+ }
+
+ ulogd_keyh_ids_alloc += KEYH_ALLOC_GRAN;
+ }
+
+ ulogd_keyh[id].interp = ip;
+ ulogd_keyh[id].offset = offset;
+ ulogd_keyh[id].name = name;
+
+ return id;
+}
+
+#ifdef DEBUG
+/* dump the keyhash to standard output */
+static void keyh_dump(void)
+{
+ unsigned int i;
+
+ printf("dumping keyh\n");
+ for (i = 1; i <= ulogd_keyh_ids; i++)
+ printf("ulogd_keyh[%lu] = %s:%u\n", i,
+ ulogd_keyh[i].interp->name, ulogd_keyh[i].offset);
+}
+#endif
+
+/* get keyid by name */
+unsigned int keyh_getid(const char *name)
+{
+ unsigned int i;
+ for (i = 1; i <= ulogd_keyh_ids; i++)
+ if (!strcmp(name, ulogd_keyh[i].name))
+ return i;
+
+ return 0;
+}
+
+/* get key name by keyid */
+char *keyh_getname(unsigned int id)
+{
+ if (id > ulogd_keyh_ids) {
+ ulogd_log(ULOGD_NOTICE,
+ "keyh_getname called with invalid id%u\n", id);
+ return NULL;
+ }
+
+ return ulogd_keyh[id].interp->name;
+}
+
+/* get result for given key id. does not check if result valid */
+ulog_iret_t *keyh_getres(unsigned int id)
+{
+ ulog_iret_t *ret;
+
+ if (id > ulogd_keyh_ids) {
+ ulogd_log(ULOGD_NOTICE,
+ "keyh_getres called with invalid id %d\n", id);
+ return NULL;
+ }
+
+ ret = &ulogd_keyh[id].interp->result[ulogd_keyh[id].offset];
+
+ return ret;
+}
+
+/***********************************************************************
+ * INTERPRETER MANAGEMENT
+ ***********************************************************************/
+
+/* try to lookup a registered interpreter for a given name */
+static ulog_interpreter_t *find_interpreter(const char *name)
+{
+ unsigned int id;
+
+ id = interh_getid(name);
+ if (!id)
+ return NULL;
+
+ return ulogd_interh[id];
+}
+
+/* the function called by all interpreter plugins for registering their
+ * target. */
+void register_interpreter(ulog_interpreter_t *me)
+{
+ unsigned int i;
+
+ /* check if we already have an interpreter with this name */
+ if (find_interpreter(me->name)) {
+ ulogd_log(ULOGD_NOTICE,
+ "interpreter `%s' already registered\n", me->name);
+ return;
+ }
+
+ ulogd_log(ULOGD_INFO, "registering interpreter `%s'\n", me->name);
+
+ /* allocate a new interpreter id for it */
+ if (!interh_allocid(me)) {
+ ulogd_log(ULOGD_ERROR, "unable to obtain interh_id for "
+ "interpreter '%s'\n", me->name);
+ return;
+ }
+
+ /* - allocate one keyh_id for each result of this interpreter
+ * - link the elements to each other */
+ for (i = 0; i < me->key_num; i++) {
+ if (!keyh_allocid(me, i, me->result[i].key)) {
+ ulogd_log(ULOGD_ERROR, "unable to obtain keyh_id "
+ "for interpreter %s, key %d", me->name,
+ me->result[i].key);
+ continue;
+ }
+ if (i != me->key_num - 1)
+ me->result[i].next = &me->result[i+1];
+ }
+
+ /* all work done, we can prepend the new interpreter to the list */
+ if (ulogd_interpreters)
+ me->result[me->key_num - 1].next =
+ &ulogd_interpreters->result[0];
+ me->next = ulogd_interpreters;
+ ulogd_interpreters = me;
+}
+
+/***********************************************************************
+ * OUTPUT MANAGEMENT
+ ***********************************************************************/
+
+/* try to lookup a registered output plugin for a given name */
+static ulog_output_t *find_output(const char *name)
+{
+ ulog_output_t *ptr;
+
+ for (ptr = ulogd_outputs; ptr; ptr = ptr->next) {
+ if (strcmp(name, ptr->name) == 0)
+ return ptr;
+ }
+
+ return NULL;
+}
+
+/* the function called by all output plugins for registering themselves */
+void register_output(ulog_output_t *me)
+{
+ if (find_output(me->name)) {
+ ulogd_log(ULOGD_NOTICE, "output `%s' already registered\n",
+ me->name);
+ exit(EXIT_FAILURE);
+ }
+ ulogd_log(ULOGD_INFO, "registering output `%s'\n", me->name);
+ me->next = ulogd_outputs;
+ ulogd_outputs = me;
+}
+
+/***********************************************************************
+ * MAIN PROGRAM
+ ***********************************************************************/
+
+static FILE syslog_dummy;
+
+static inline int ulogd2syslog_level(int level)
+{
+ int syslog_level = LOG_WARNING;
+
+ switch (level) {
+ case ULOGD_DEBUG:
+ syslog_level = LOG_DEBUG;
+ break;
+ case ULOGD_INFO:
+ syslog_level = LOG_INFO;
+ break;
+ case ULOGD_NOTICE:
+ syslog_level = LOG_NOTICE;
+ break;
+ case ULOGD_ERROR:
+ syslog_level = LOG_ERR;
+ break;
+ case ULOGD_FATAL:
+ syslog_level = LOG_CRIT;
+ break;
+ }
+ return syslog_level;
+}
+/* propagate results to all registered output plugins */
+static void propagate_results(ulog_iret_t *ret)
+{
+ ulog_output_t *p;
+
+ for (p = ulogd_outputs; p; p = p->next) {
+ (*p->output)(ret);
+ }
+}
+
+/* clean results (set all values to 0 and free pointers) */
+static void clean_results(ulog_iret_t *ret)
+{
+ ulog_iret_t *r;
+
+ for (r = ret; r; r = r->next) {
+ if (r->flags & ULOGD_RETF_FREE) {
+ free(r->value.ptr);
+ r->value.ptr = NULL;
+ }
+ memset(&r->value, 0, sizeof(r->value));
+ r->flags &= ~ULOGD_RETF_VALID;
+ }
+}
+
+/* call all registered interpreters and hand the results over to
+ * propagate_results */
+static void handle_packet(ulog_packet_msg_t *pkt)
+{
+ ulog_iret_t *ret;
+ ulog_iret_t *allret = NULL;
+ ulog_interpreter_t *ip;
+
+ unsigned int i,j;
+
+ /* If there are no interpreters registered yet,
+ * ignore this packet */
+ if (!ulogd_interh_ids) {
+ ulogd_log(ULOGD_NOTICE,
+ "packet received, but no interpreters found\n");
+ return;
+ }
+
+ for (i = 1; i <= ulogd_interh_ids; i++) {
+ ip = ulogd_interh[i];
+ /* call interpreter */
+ if ((ret = ((ip)->interp)(ip, pkt))) {
+ /* create references for result linked-list */
+ for (j = 0; j < ip->key_num; j++) {
+ if (IS_VALID(ip->result[j])) {
+ ip->result[j].cur_next = allret;
+ allret = &ip->result[j];
+ }
+ }
+ }
+ }
+ propagate_results(allret);
+ clean_results(ulogd_interpreters->result);
+}
+
+/* plugin loader to dlopen() a plugins */
+static int load_plugin(char *file)
+{
+ if (!dlopen(file, RTLD_NOW)) {
+ ulogd_log(ULOGD_ERROR, "load_plugins: '%s': %s\n", file,
+ dlerror());
+ return 1;
+ }
+ return 0;
+}
+
+/* open the logfile */
+static int logfile_open(const char *name)
+{
+ if (!strcmp(name, "syslog")) {
+ openlog("ulogd", LOG_PID, LOG_DAEMON);
+ logfile = &syslog_dummy;
+ } else if (!strcmp(name,"stdout"))
+ logfile = stdout;
+ else {
+ logfile = fopen(name, "a");
+ if (!logfile) {
+ fprintf(stderr, "ERROR: can't open logfile %s: %s\n",
+ name, strerror(errno));
+ exit(2);
+ }
+ }
+ ulogd_log(ULOGD_INFO, "ulogd Version %s starting\n", ULOGD_VERSION);
+ return 0;
+}
+
+/* wrapper to handle conffile error codes */
+static int parse_conffile(const char *section, config_entry_t *ce)
+{
+ int err;
+
+ err = config_parse_file(section, ce);
+
+ switch(err) {
+ case 0:
+ return 0;
+ break;
+ case -ERROPEN:
+ ulogd_log(ULOGD_ERROR,
+ "unable to open configfile: %s\n",
+ ulogd_configfile);
+ break;
+ case -ERRMAND:
+ ulogd_log(ULOGD_ERROR,
+ "mandatory option \"%s\" not found\n",
+ config_errce->key);
+ break;
+ case -ERRMULT:
+ ulogd_log(ULOGD_ERROR,
+ "option \"%s\" occurred more than once\n",
+ config_errce->key);
+ break;
+ case -ERRUNKN:
+ ulogd_log(ULOGD_ERROR,
+ "unknown config key \"%s\"\n",
+ config_errce->key);
+ break;
+ case -ERRSECTION:
+ ulogd_log(ULOGD_ERROR,
+ "section \"%s\" not found\n", section);
+ break;
+ }
+ return 1;
+
+}
+
+/* configuration directives of the main program */
+static config_entry_t logf_ce = { NULL, "logfile", CONFIG_TYPE_STRING,
+ CONFIG_OPT_NONE, 0,
+ { string: ULOGD_LOGFILE_DEFAULT } };
+
+static config_entry_t bufsiz_ce = { &logf_ce, "bufsize", CONFIG_TYPE_INT,
+ CONFIG_OPT_NONE, 0,
+ { value: ULOGD_BUFSIZE_DEFAULT } };
+
+static config_entry_t plugin_ce = { &bufsiz_ce, "plugin", CONFIG_TYPE_CALLBACK,
+ CONFIG_OPT_MULTI, 0,
+ { parser: &load_plugin } };
+
+static config_entry_t nlgroup_ce = { &plugin_ce, "nlgroup", CONFIG_TYPE_INT,
+ CONFIG_OPT_NONE, 0,
+ { value: ULOGD_NLGROUP_DEFAULT } };
+
+static config_entry_t loglevel_ce = { &nlgroup_ce, "loglevel", CONFIG_TYPE_INT,
+ CONFIG_OPT_NONE, 0,
+ { value: ULOGD_NOTICE } };
+static config_entry_t rmem_ce = { &loglevel_ce, "rmem", CONFIG_TYPE_INT,
+ CONFIG_OPT_NONE, 0,
+ { value: ULOGD_RMEM_DEFAULT } };
+
+/* log message to the logfile */
+void __ulogd_log(int level, char *file, int line, const char *format, ...)
+{
+ char *timestr;
+ va_list ap;
+ time_t tm;
+ FILE *outfd;
+
+ /* log only messages which have level at least as high as loglevel */
+ if (level < loglevel_ce.u.value)
+ return;
+
+ if (logfile == &syslog_dummy) {
+ /* FIXME: this omit's the 'file' string */
+ va_start(ap, format);
+ vsyslog(ulogd2syslog_level(level), format, ap);
+ va_end(ap);
+ } else {
+ if (logfile)
+ outfd = logfile;
+ else
+ outfd = stderr;
+
+ va_start(ap, format);
+
+ tm = time(NULL);
+ timestr = ctime(&tm);
+ timestr[strlen(timestr)-1] = '\0';
+ fprintf(outfd, "%s <%1.1d> %s:%d ", timestr, level, file, line);
+
+ vfprintf(outfd, format, ap);
+ va_end(ap);
+
+ /* flush glibc's buffer */
+ fflush(outfd);
+ }
+}
+
+static void sigterm_handler(int signal)
+{
+ ulog_output_t *p;
+
+ ulogd_log(ULOGD_NOTICE, "sigterm received, exiting\n");
+
+ ipulog_destroy_handle(libulog_h);
+ free(libulog_buf);
+
+ for (p = ulogd_outputs; p; p = p->next) {
+ if (p->fini)
+ (*p->fini)();
+ }
+
+ if (logfile != stdout && logfile != &syslog_dummy)
+ fclose(logfile);
+
+ exit(0);
+}
+
+static void sighup_handler(int signal)
+{
+ ulog_output_t *p;
+
+ if (logfile != stdout && logfile != &syslog_dummy) {
+ fclose(logfile);
+ logfile = fopen(logf_ce.u.string, "a");
+ if (!logfile)
+ sigterm_handler(signal);
+ }
+
+ ulogd_log(ULOGD_NOTICE, "sighup received, calling plugin handlers\n");
+
+ for (p = ulogd_outputs; p; p = p->next) {
+ if (p->signal)
+ (*p->signal)(SIGHUP);
+ }
+}
+
+static void print_usage(void)
+{
+ /* FIXME */
+ printf("ulogd Version %s\n", ULOGD_VERSION);
+ printf("Copyright (C) 2000-2005 Harald Welte "
+ "\n");
+ printf("This is free software with ABSOLUTELY NO WARRANTY.\n\n");
+ printf("Parameters:\n");
+ printf("\t-h --help\tThis help page\n");
+ printf("\t-V --version\tPrint version information\n");
+ printf("\t-d --daemon\tDaemonize (fork into background)\n");
+ printf("\t-c --configfile\tUse alternative Configfile\n");
+ printf("\t-u --uid\tChange UID/GID\n");
+}
+
+static struct option opts[] = {
+ { "version", 0, NULL, 'V' },
+ { "daemon", 0, NULL, 'd' },
+ { "help", 0, NULL, 'h' },
+ { "configfile", 1, NULL, 'c'},
+ { "uid", 1, NULL, 'u' },
+ { 0 }
+};
+
+int main(int argc, char* argv[])
+{
+ int len;
+ int argch;
+ int daemonize = 0;
+ int change_uid = 0;
+ char *user = NULL;
+ struct passwd *pw;
+ uid_t uid = 0;
+ gid_t gid = 0;
+ ulog_packet_msg_t *upkt;
+ ulog_output_t *p;
+
+
+ while ((argch = getopt_long(argc, argv, "c:dh::Vu:", opts, NULL)) != -1) {
+ switch (argch) {
+ default:
+ case '?':
+ if (isprint(optopt))
+ fprintf(stderr, "Unknown option `-%c'.\n", optopt);
+ else
+ fprintf(stderr, "Unknown option character `\\x%x'.\n", optopt);
+
+ print_usage();
+ exit(1);
+ break;
+ case 'h':
+ print_usage();
+ exit(0);
+ break;
+ case 'd':
+ daemonize = 1;
+ break;
+ case 'V':
+ printf("ulogd Version %s\n", ULOGD_VERSION);
+ printf("Copyright (C) 2000-2005 Harald Welte "
+ "\n");
+ exit(0);
+ break;
+ case 'c':
+ ulogd_configfile = optarg;
+ break;
+ case 'u':
+ change_uid = 1;
+ user = strdup(optarg);
+ pw = getpwnam(user);
+ if (!pw) {
+ printf("Unknown user %s.\n", user);
+ free(user);
+ exit(1);
+ }
+ uid = pw->pw_uid;
+ gid = pw->pw_gid;
+ break;
+ }
+ }
+
+ if (config_register_file(ulogd_configfile)) {
+ ulogd_log(ULOGD_FATAL, "error registering configfile \"%s\"\n",
+ ulogd_configfile);
+ exit(1);
+ }
+
+ /* parse config file */
+ if (parse_conffile("global", &rmem_ce)) {
+ ulogd_log(ULOGD_FATAL, "parse_conffile\n");
+ exit(1);
+ }
+
+ /* allocate a receive buffer */
+ libulog_buf = (unsigned char *) malloc(bufsiz_ce.u.value);
+
+ if (!libulog_buf) {
+ ulogd_log(ULOGD_FATAL, "unable to allocate receive buffer"
+ "of %d bytes\n", bufsiz_ce.u.value);
+ ipulog_perror(NULL);
+ exit(1);
+ }
+
+ /* create ipulog handle */
+ libulog_h = ipulog_create_handle(ipulog_group2gmask(nlgroup_ce.u.value),
+ rmem_ce.u.value);
+
+ if (!libulog_h) {
+ /* if some error occurrs, print it to stderr */
+ ulogd_log(ULOGD_FATAL, "unable to create ipulogd handle\n");
+ ipulog_perror(NULL);
+ exit(1);
+ }
+
+
+ if (change_uid) {
+ ulogd_log(ULOGD_NOTICE, "Changing UID / GID\n");
+ if (setgid(gid)) {
+ ulogd_log(ULOGD_FATAL, "can't set GID\n");
+ ipulog_perror(NULL);
+ exit(1);
+ }
+ if (setegid(gid)) {
+ ulogd_log(ULOGD_FATAL, "can't sett effective GID\n");
+ ipulog_perror(NULL);
+ exit(1);
+ }
+ if (initgroups(user, gid)) {
+ ulogd_log(ULOGD_FATAL, "can't set user secondary GID\n");
+ ipulog_perror(NULL);
+ exit(1);
+ }
+ if (setuid(uid)) {
+ ulogd_log(ULOGD_FATAL, "can't set UID\n");
+ ipulog_perror(NULL);
+ exit(1);
+ }
+ if (seteuid(uid)) {
+ ulogd_log(ULOGD_FATAL, "can't set effective UID\n");
+ ipulog_perror(NULL);
+ exit(1);
+ }
+ }
+
+ logfile_open(logf_ce.u.string);
+
+ for (p = ulogd_outputs; p; p = p->next) {
+ if (p->init)
+ (*p->init)();
+ }
+
+#ifdef DEBUG
+ /* dump key and interpreter hash */
+ interh_dump();
+ keyh_dump();
+#endif
+ if (daemonize){
+ if (fork()) {
+ exit(0);
+ }
+ if (logfile != stdout)
+ fclose(stdout);
+ fclose(stderr);
+ fclose(stdin);
+ setsid();
+ }
+
+ /* send SIGINT to the term handler, since they hit CTRL-C */
+ signal(SIGINT, &sigterm_handler);
+ signal(SIGHUP, &sighup_handler);
+ signal(SIGTERM, &sigterm_handler);
+
+ ulogd_log(ULOGD_INFO,
+ "initialization finished, entering main loop\n");
+
+ /* endless loop receiving packets and handling them over to
+ * handle_packet */
+ while ((len = ipulog_read(libulog_h, libulog_buf,
+ bufsiz_ce.u.value, 1))) {
+
+ if (len <= 0) {
+ /* this is not supposed to happen */
+ ulogd_log(ULOGD_ERROR, "ipulog_read == %d! "
+ "ipulog_errno == %d, errno = %d\n",
+ len, ipulog_errno, errno);
+ } else {
+ while ((upkt = ipulog_get_packet(libulog_h,
+ libulog_buf, len))) {
+ DEBUGP("==> packet received\n");
+ handle_packet(upkt);
+ }
+ }
+ }
+
+ /* hackish, but result is the same */
+ sigterm_handler(SIGTERM);
+ return(0);
+}
diff --git a/ulogd.conf.in b/ulogd.conf.in
new file mode 100644
index 0000000..e0c873a
--- /dev/null
+++ b/ulogd.conf.in
@@ -0,0 +1,82 @@
+# Example configuration for ulogd
+# $Id$
+#
+
+[global]
+######################################################################
+# GLOBAL OPTIONS
+######################################################################
+
+# netlink multicast group (the same as the iptables --ulog-nlgroup param)
+nlgroup=1
+
+# logfile for status messages
+logfile="/var/log/ulogd.log"
+
+# loglevel: debug(1), info(3), notice(5), error(7) or fatal(8)
+loglevel=5
+
+# socket receive buffer size (should be at least the size of the
+# in-kernel buffer (ipt_ULOG.o 'nlbufsiz' parameter)
+rmem=131071
+
+# libipulog/ulogd receive buffer size, should be > rmem
+bufsize=150000
+
+######################################################################
+# PLUGIN OPTIONS
+######################################################################
+
+# We have to configure and load all the plugins we want to use
+
+# general rules:
+# 1. load the plugins _first_ from the global section
+# 2. options for each plugin in seperate section below
+
+
+#
+# ulogd_BASE.so - interpreter plugin for basic IPv4 header fields
+# you will always need this
+plugin="@libdir@/ulogd_BASE.so"
+
+
+# output plugins.
+plugin="@libdir@/ulogd_LOGEMU.so"
+#plugin="@libdir@/ulogd_OPRINT.so"
+#plugin="@libdir@/ulogd_MYSQL.so"
+#plugin="@libdir@/ulogd_PGSQL.so"
+#plugin="@libdir@/ulogd_SQLITE3.so"
+#plugin="@libdir@/ulogd_PCAP.so"
+
+
+[LOGEMU]
+file="/var/log/ulogd.syslogemu"
+sync=1
+
+[OPRINT]
+file="/var/log/ulogd.pktlog"
+
+[MYSQL]
+table="ulog"
+pass="changeme"
+user="laforge"
+db="ulogd"
+host="localhost"
+
+[PGSQL]
+table="ulog"
+schema="public"
+pass="changeme"
+user="postgres"
+db="ulogd"
+host="localhost"
+
+[SQLITE3]
+table="ulog"
+db="/var/log/ulogd.sqlite3db"
+buffer=200
+
+[PCAP]
+file="/var/log/ulogd.pcap"
+sync=1
+
diff --git a/ulogd.init b/ulogd.init
new file mode 100755
index 0000000..b678652
--- /dev/null
+++ b/ulogd.init
@@ -0,0 +1,61 @@
+#!/bin/sh
+#
+# chkconfig: 345 81 19
+# description: ulogd is the userspace logging daemon for netfilter/iptables
+#
+
+
+. /etc/rc.d/init.d/functions
+
+
+function start()
+{
+ printf "Starting %s: " "ulogd"
+ daemon /usr/sbin/ulogd -d
+ echo
+ touch /var/lock/subsys/ulogd
+}
+
+
+function stop()
+{
+ printf "Stopping %s: " "ulogd"
+ killproc ulogd
+ echo
+ rm -f /var/lock/subsys/ulogd
+}
+
+
+function reload()
+{
+ pid=`pidof ulogd`
+ if [ "x$pid" != "x" ]; then
+ kill -HUP $pid 2>/dev/null
+ fi
+ touch /var/lock/subsys/ulogd
+}
+
+
+case "$1" in
+ start)
+ start
+ ;;
+ stop)
+ stop
+ ;;
+ restart)
+ stop
+ start
+ ;;
+ reload)
+ reload
+ ;;
+ status)
+ status ulogd
+ ;;
+ *)
+ printf "Usage: %s {start|stop|status|restart|reload}\n" "ulogd"
+ exit 1
+esac
+
+exit 0
diff --git a/ulogd.logrotate b/ulogd.logrotate
new file mode 100644
index 0000000..b3fb6d1
--- /dev/null
+++ b/ulogd.logrotate
@@ -0,0 +1,7 @@
+/var/log/ulogd.log /var/log/ulogd.syslogemu /var/log/ulogd.pktlog /var/log/ulogd.pcap {
+ missingok
+ sharedscripts
+ postrotate
+ /bin/killall -HUP ulogd 2> /dev/null || true
+ endscript
+}
diff --git a/ulogd.spec b/ulogd.spec
new file mode 100644
index 0000000..8afc4c4
--- /dev/null
+++ b/ulogd.spec
@@ -0,0 +1,143 @@
+Summary: ulogd - The userspace logging daemon for netfilter
+Name: ulogd
+Version: 1.22
+Release: 1gm
+License: GPL
+Group: Network
+Source: ftp://ftp.netfilter.org/pub/ulogd/%{name}-%{version}.tar.gz
+BuildRoot: %{_tmppath}/%{name}-%{version}-root
+Packager: Harald Welte
+BuildRequires: MySQL-devel postgresql-devel libpcap-devel libsqlite3-devel
+#BuildRequires: mysql-devel
+
+%package mysql
+Summary: MySQL output plugin for ulogd
+Group: Network
+
+%package pgsql
+Summary: PostgreSQL output plugin for ulogd
+Group: Network
+
+%package sqlite
+Summary: SQLITE3 output plugin for ulogd
+Group: Network
+
+%package pcap
+Summary: PCAP output plugin for ulogd
+Group: Network
+
+
+%description
+ulogd is an universal logging daemon for the ULOG target of netfilter, the
+Linux 2.4 firewalling subsystem. ulogd is able to log packets in variuos
+formats to different targets (text files, databases, etc..). It has an
+easy-to-use plugin interface to add new protocols and new output targets.
+
+%description mysql
+ulogd-mysql is a MySQL output plugin for ulogd. It enables logging of
+firewall information into a MySQL database.
+
+%description pgsql
+ulogd-mysql is a PostgreSQL output plugin for ulogd. It enables logging of
+firewall information into a PostgreSQL database.
+
+%description sqlite3
+ulogd-sqlite3 is a SQLITE3 output plugin for ulogd. It enables logging of
+firewall information into a SQLITE3 database.
+
+%description pcap
+ulogd-pcap is a output plugin for ulogd that saves packet logs as PCAP file.
+PCAP is a standard format that can be later analyzed by a lot of tools such as
+tcpdump and ethereal.
+
+%prep
+%setup
+
+%build
+%configure --with-mysql=/usr/lib/mysql --with-pgsql=/usr/lib/postgresql --with-sqlite3
+make
+
+%install
+rm -rf %{buildroot}
+mkdir -p %{buildroot}/%{_sysconfdir}
+mkdir -p %{buildroot}/%{_libdir}/ulogd
+mkdir -p %{buildroot}/%{_sbindir}/sbin
+mkdir -p %{buildroot}/%{_mandir}/man8
+make DESTDIR=%{buildroot} install
+
+mkdir -p %{buildroot}/%{_sysconfdir}/rc.d/init.d
+install ulogd.init %{buildroot}/%{_sysconfdir}/rc.d/init.d/ulogd
+install ulogd.8 %{buildroot}/%{_mandir}/man8/ulogd.8
+
+%clean
+rm -rf %{buildroot}
+
+%files
+%defattr(0644,root,root,0755)
+%attr(0755,root,root) %{_sbindir}/ulogd
+%{_sysconfdir}/ulogd.conf
+%{_sysconfdir}/rc.d/init.d/ulogd
+%{_mandir}/man8/*
+%dir %{_libdir}/ulogd
+%{_libdir}/ulogd/ulogd_BASE.so
+%{_libdir}/ulogd/ulogd_LOCAL.so
+%{_libdir}/ulogd/ulogd_LOGEMU.so
+%{_libdir}/ulogd/ulogd_OPRINT.so
+%{_libdir}/ulogd/ulogd_PWSNIFF.so
+%{_libdir}/ulogd/ulogd_SYSLOG.so
+%doc COPYING AUTHORS README
+%doc doc/ulogd.txt doc/ulogd.a4.ps doc/ulogd.html
+
+%files mysql
+%defattr(0644,root,root,0755)
+%{_libdir}/ulogd/ulogd_MYSQL.so
+
+%files pgsql
+%defattr(0644,root,root,0755)
+%{_libdir}/ulogd/ulogd_PGSQL.so
+
+%files sqlite3
+%defattr(0644,root,root,0755)
+%{_libdir}/ulogd/ulogd_SQLITE3.so
+
+%files pcap
+%defattr(0644,root,root,0755)
+%{_libdir}/ulogd/ulogd_PCAP.so
+
+%changelog
+* Wed Feb 16 2005 Harald Welte
++ ulogd-1.21-1gm
+- updated to 1.21 release
+- separate sqlite3 and pcap sub-pacakges
+
+* Sat Feb 12 2005 Harald Welte
++ ulogd-1.20-1gm
+- updated to 1.20 release
+- add ulogd.8 manpage
+
+* Sat Aug 25 2003 Harald Welte
++ ulogd-1.00-1gm
+- updated to 1.01 release
+- add ulogd.8 manpage
+
+* Wed Mar 05 2003 Harald Welte
++ ulogd-1.00-1gm
+- updated to 1.00 release
+
+* Mon Sep 24 2001 Harald Welte
++ ulogd-0.97-1cl
+- updatd to 0.97 release (to fix endless-one-packet-loop bug)
+
+* Sun Jun 17 2001 Harald Welte
++ ulogd-0.96-2cl
+- updated to 0.96 final release
+- use ulogd.init from within source tgz
+
+* Sun May 20 2001 Harald Welte
++ ulogd-0.96-1cl
+- Initial conectiva package
+- cleaned up SPEC file
+- created mysql subpackage
+
+* Sun Nov 19 2000 Harald Welte
+- Initial RPM package for ulogd-0.9.
diff --git a/ulogd/AUTHORS b/ulogd/AUTHORS
deleted file mode 100644
index dcc5998..0000000
--- a/ulogd/AUTHORS
+++ /dev/null
@@ -1 +0,0 @@
-Harald Welte
diff --git a/ulogd/COPYING b/ulogd/COPYING
deleted file mode 100644
index eeb586b..0000000
--- a/ulogd/COPYING
+++ /dev/null
@@ -1,340 +0,0 @@
- GNU GENERAL PUBLIC LICENSE
- Version 2, June 1991
-
- Copyright (C) 1989, 1991 Free Software Foundation, Inc.
- 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
- Everyone is permitted to copy and distribute verbatim copies
- of this license document, but changing it is not allowed.
-
- Preamble
-
- The licenses for most software are designed to take away your
-freedom to share and change it. By contrast, the GNU General Public
-License is intended to guarantee your freedom to share and change free
-software--to make sure the software is free for all its users. This
-General Public License applies to most of the Free Software
-Foundation's software and to any other program whose authors commit to
-using it. (Some other Free Software Foundation software is covered by
-the GNU Library General Public License instead.) You can apply it to
-your programs, too.
-
- When we speak of free software, we are referring to freedom, not
-price. Our General Public Licenses are designed to make sure that you
-have the freedom to distribute copies of free software (and charge for
-this service if you wish), that you receive source code or can get it
-if you want it, that you can change the software or use pieces of it
-in new free programs; and that you know you can do these things.
-
- To protect your rights, we need to make restrictions that forbid
-anyone to deny you these rights or to ask you to surrender the rights.
-These restrictions translate to certain responsibilities for you if you
-distribute copies of the software, or if you modify it.
-
- For example, if you distribute copies of such a program, whether
-gratis or for a fee, you must give the recipients all the rights that
-you have. You must make sure that they, too, receive or can get the
-source code. And you must show them these terms so they know their
-rights.
-
- We protect your rights with two steps: (1) copyright the software, and
-(2) offer you this license which gives you legal permission to copy,
-distribute and/or modify the software.
-
- Also, for each author's protection and ours, we want to make certain
-that everyone understands that there is no warranty for this free
-software. If the software is modified by someone else and passed on, we
-want its recipients to know that what they have is not the original, so
-that any problems introduced by others will not reflect on the original
-authors' reputations.
-
- Finally, any free program is threatened constantly by software
-patents. We wish to avoid the danger that redistributors of a free
-program will individually obtain patent licenses, in effect making the
-program proprietary. To prevent this, we have made it clear that any
-patent must be licensed for everyone's free use or not licensed at all.
-
- The precise terms and conditions for copying, distribution and
-modification follow.
-
- GNU GENERAL PUBLIC LICENSE
- TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
-
- 0. This License applies to any program or other work which contains
-a notice placed by the copyright holder saying it may be distributed
-under the terms of this General Public License. The "Program", below,
-refers to any such program or work, and a "work based on the Program"
-means either the Program or any derivative work under copyright law:
-that is to say, a work containing the Program or a portion of it,
-either verbatim or with modifications and/or translated into another
-language. (Hereinafter, translation is included without limitation in
-the term "modification".) Each licensee is addressed as "you".
-
-Activities other than copying, distribution and modification are not
-covered by this License; they are outside its scope. The act of
-running the Program is not restricted, and the output from the Program
-is covered only if its contents constitute a work based on the
-Program (independent of having been made by running the Program).
-Whether that is true depends on what the Program does.
-
- 1. You may copy and distribute verbatim copies of the Program's
-source code as you receive it, in any medium, provided that you
-conspicuously and appropriately publish on each copy an appropriate
-copyright notice and disclaimer of warranty; keep intact all the
-notices that refer to this License and to the absence of any warranty;
-and give any other recipients of the Program a copy of this License
-along with the Program.
-
-You may charge a fee for the physical act of transferring a copy, and
-you may at your option offer warranty protection in exchange for a fee.
-
- 2. You may modify your copy or copies of the Program or any portion
-of it, thus forming a work based on the Program, and copy and
-distribute such modifications or work under the terms of Section 1
-above, provided that you also meet all of these conditions:
-
- a) You must cause the modified files to carry prominent notices
- stating that you changed the files and the date of any change.
-
- b) You must cause any work that you distribute or publish, that in
- whole or in part contains or is derived from the Program or any
- part thereof, to be licensed as a whole at no charge to all third
- parties under the terms of this License.
-
- c) If the modified program normally reads commands interactively
- when run, you must cause it, when started running for such
- interactive use in the most ordinary way, to print or display an
- announcement including an appropriate copyright notice and a
- notice that there is no warranty (or else, saying that you provide
- a warranty) and that users may redistribute the program under
- these conditions, and telling the user how to view a copy of this
- License. (Exception: if the Program itself is interactive but
- does not normally print such an announcement, your work based on
- the Program is not required to print an announcement.)
-
-These requirements apply to the modified work as a whole. If
-identifiable sections of that work are not derived from the Program,
-and can be reasonably considered independent and separate works in
-themselves, then this License, and its terms, do not apply to those
-sections when you distribute them as separate works. But when you
-distribute the same sections as part of a whole which is a work based
-on the Program, the distribution of the whole must be on the terms of
-this License, whose permissions for other licensees extend to the
-entire whole, and thus to each and every part regardless of who wrote it.
-
-Thus, it is not the intent of this section to claim rights or contest
-your rights to work written entirely by you; rather, the intent is to
-exercise the right to control the distribution of derivative or
-collective works based on the Program.
-
-In addition, mere aggregation of another work not based on the Program
-with the Program (or with a work based on the Program) on a volume of
-a storage or distribution medium does not bring the other work under
-the scope of this License.
-
- 3. You may copy and distribute the Program (or a work based on it,
-under Section 2) in object code or executable form under the terms of
-Sections 1 and 2 above provided that you also do one of the following:
-
- a) Accompany it with the complete corresponding machine-readable
- source code, which must be distributed under the terms of Sections
- 1 and 2 above on a medium customarily used for software interchange; or,
-
- b) Accompany it with a written offer, valid for at least three
- years, to give any third party, for a charge no more than your
- cost of physically performing source distribution, a complete
- machine-readable copy of the corresponding source code, to be
- distributed under the terms of Sections 1 and 2 above on a medium
- customarily used for software interchange; or,
-
- c) Accompany it with the information you received as to the offer
- to distribute corresponding source code. (This alternative is
- allowed only for noncommercial distribution and only if you
- received the program in object code or executable form with such
- an offer, in accord with Subsection b above.)
-
-The source code for a work means the preferred form of the work for
-making modifications to it. For an executable work, complete source
-code means all the source code for all modules it contains, plus any
-associated interface definition files, plus the scripts used to
-control compilation and installation of the executable. However, as a
-special exception, the source code distributed need not include
-anything that is normally distributed (in either source or binary
-form) with the major components (compiler, kernel, and so on) of the
-operating system on which the executable runs, unless that component
-itself accompanies the executable.
-
-If distribution of executable or object code is made by offering
-access to copy from a designated place, then offering equivalent
-access to copy the source code from the same place counts as
-distribution of the source code, even though third parties are not
-compelled to copy the source along with the object code.
-
- 4. You may not copy, modify, sublicense, or distribute the Program
-except as expressly provided under this License. Any attempt
-otherwise to copy, modify, sublicense or distribute the Program is
-void, and will automatically terminate your rights under this License.
-However, parties who have received copies, or rights, from you under
-this License will not have their licenses terminated so long as such
-parties remain in full compliance.
-
- 5. You are not required to accept this License, since you have not
-signed it. However, nothing else grants you permission to modify or
-distribute the Program or its derivative works. These actions are
-prohibited by law if you do not accept this License. Therefore, by
-modifying or distributing the Program (or any work based on the
-Program), you indicate your acceptance of this License to do so, and
-all its terms and conditions for copying, distributing or modifying
-the Program or works based on it.
-
- 6. Each time you redistribute the Program (or any work based on the
-Program), the recipient automatically receives a license from the
-original licensor to copy, distribute or modify the Program subject to
-these terms and conditions. You may not impose any further
-restrictions on the recipients' exercise of the rights granted herein.
-You are not responsible for enforcing compliance by third parties to
-this License.
-
- 7. If, as a consequence of a court judgment or allegation of patent
-infringement or for any other reason (not limited to patent issues),
-conditions are imposed on you (whether by court order, agreement or
-otherwise) that contradict the conditions of this License, they do not
-excuse you from the conditions of this License. If you cannot
-distribute so as to satisfy simultaneously your obligations under this
-License and any other pertinent obligations, then as a consequence you
-may not distribute the Program at all. For example, if a patent
-license would not permit royalty-free redistribution of the Program by
-all those who receive copies directly or indirectly through you, then
-the only way you could satisfy both it and this License would be to
-refrain entirely from distribution of the Program.
-
-If any portion of this section is held invalid or unenforceable under
-any particular circumstance, the balance of the section is intended to
-apply and the section as a whole is intended to apply in other
-circumstances.
-
-It is not the purpose of this section to induce you to infringe any
-patents or other property right claims or to contest validity of any
-such claims; this section has the sole purpose of protecting the
-integrity of the free software distribution system, which is
-implemented by public license practices. Many people have made
-generous contributions to the wide range of software distributed
-through that system in reliance on consistent application of that
-system; it is up to the author/donor to decide if he or she is willing
-to distribute software through any other system and a licensee cannot
-impose that choice.
-
-This section is intended to make thoroughly clear what is believed to
-be a consequence of the rest of this License.
-
- 8. If the distribution and/or use of the Program is restricted in
-certain countries either by patents or by copyrighted interfaces, the
-original copyright holder who places the Program under this License
-may add an explicit geographical distribution limitation excluding
-those countries, so that distribution is permitted only in or among
-countries not thus excluded. In such case, this License incorporates
-the limitation as if written in the body of this License.
-
- 9. The Free Software Foundation may publish revised and/or new versions
-of the General Public License from time to time. Such new versions will
-be similar in spirit to the present version, but may differ in detail to
-address new problems or concerns.
-
-Each version is given a distinguishing version number. If the Program
-specifies a version number of this License which applies to it and "any
-later version", you have the option of following the terms and conditions
-either of that version or of any later version published by the Free
-Software Foundation. If the Program does not specify a version number of
-this License, you may choose any version ever published by the Free Software
-Foundation.
-
- 10. If you wish to incorporate parts of the Program into other free
-programs whose distribution conditions are different, write to the author
-to ask for permission. For software which is copyrighted by the Free
-Software Foundation, write to the Free Software Foundation; we sometimes
-make exceptions for this. Our decision will be guided by the two goals
-of preserving the free status of all derivatives of our free software and
-of promoting the sharing and reuse of software generally.
-
- NO WARRANTY
-
- 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
-FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN
-OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
-PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
-OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
-MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS
-TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE
-PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
-REPAIR OR CORRECTION.
-
- 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
-WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
-REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
-INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
-OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
-TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
-YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
-PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
-POSSIBILITY OF SUCH DAMAGES.
-
- END OF TERMS AND CONDITIONS
-
- How to Apply These Terms to Your New Programs
-
- If you develop a new program, and you want it to be of the greatest
-possible use to the public, the best way to achieve this is to make it
-free software which everyone can redistribute and change under these terms.
-
- To do so, attach the following notices to the program. It is safest
-to attach them to the start of each source file to most effectively
-convey the exclusion of warranty; and each file should have at least
-the "copyright" line and a pointer to where the full notice is found.
-
-
- Copyright (C) 19yy
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
-
-
-Also add information on how to contact you by electronic and paper mail.
-
-If the program is interactive, make it output a short notice like this
-when it starts in an interactive mode:
-
- Gnomovision version 69, Copyright (C) 19yy name of author
- Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
- This is free software, and you are welcome to redistribute it
- under certain conditions; type `show c' for details.
-
-The hypothetical commands `show w' and `show c' should show the appropriate
-parts of the General Public License. Of course, the commands you use may
-be called something other than `show w' and `show c'; they could even be
-mouse-clicks or menu items--whatever suits your program.
-
-You should also get your employer (if you work as a programmer) or your
-school, if any, to sign a "copyright disclaimer" for the program, if
-necessary. Here is a sample; alter the names:
-
- Yoyodyne, Inc., hereby disclaims all copyright interest in the program
- `Gnomovision' (which makes passes at compilers) written by James Hacker.
-
- , 1 April 1989
- Ty Coon, President of Vice
-
-This General Public License does not permit incorporating your program into
-proprietary programs. If your program is a subroutine library, you may
-consider it more useful to permit linking proprietary applications with the
-library. If this is what you want to do, use the GNU Library General
-Public License instead of this License.
diff --git a/ulogd/Changes b/ulogd/Changes
deleted file mode 100644
index 95bc457..0000000
--- a/ulogd/Changes
+++ /dev/null
@@ -1,129 +0,0 @@
-Version 1.24 (2006-01-25)
-- Fix memory leak in postgresql plugin
-- Fix printing of "PROTO=XX" for XX != (TCP,UDP,ICMP,ESP)
-- Fix parsing of syslog log level
-- Add support for 'mysql_config' and 'pg_config' programs
-- Add support for 'lib64' to sqlite3 autoconf macros
-- Fix some gcc-4 warnings
-- Add reconnect support to mysql plugin
-- Fix pcap header on some architectures
-- Fix off-by-one-column error in sqlite3 plugin
-
-Version 1.23 (2005-04-18)
-- Add supprt for ulogd logging in syslog (the daemon log, not packet log)
-
-Version 1.22 (2005-03-07)
-- Fix postgresql endless loop (Jani Averbach)
-- Add postgrsql schema support (Bob Hockney)
-
-Version 1.21 (2005-02-16)
-- Fix compilation on certain gcc versions (Roberto Nibali)
-- Fix --log-ip-as-string for mysql, pgsql and sqlite3 (Jani Averbach)
-
-Version 1.20 (2005-02-12)
-- Add SQLITE3 Plugin
-- Add 'port' option (for tcp port number) to mysql and postgresql plugins
-- Cosmetic changes (c99 initializers, coding style)
-
-Version 1.10 (2003-Oct-xx)
-- Change format of configuration file. Now every plugin has it's own section
- in the config file, making the whole parsing procedure easier - and
- eliminating multiple loading of .so plugins. (Magnus Boden)
-- Make the config file format completely syntax compatible with .ini style files
-- Add a new 'SYSLOG' plugin for real syslogging
-
-Version 1.02 (2003-Oct-08)
-- fix printout of time information in ulogd_LOGEMU.c
-
-Version 1.01 (2003-Aug-23)
-- use $(LD) macro in order to provide cross-compiling/linking support
-- add 'rmem' configuration key to set the netlink socket rmem buffsize
-- don't use kernel header files for IP/TCP header definitions
-- various cosmetic cleanup to compile with -Wall
-- fix usage of libmysqlclient: call mysql_init() before mysql_real_connect
-- don't have LOGEMU read the system time, ulogd_LOCAL.so does this already
-
-Version 1.00 (2003-Mar-06)
-- update documentation to reflect recent additions
-- renamed LOCALTIME plugin to LOCAL plugin, since it now also returns
- the hostname
-- cleanup #include statements
-- tcp.window is a 16bit value
-- always return tcp flags, even if they are not set [to not cause NULL entries
- in the database table
-- cosmetic fixes to acommodate most compiler warnings
-- moved location of conffile.h and ulog.h
-- big update to ulogd_PGSQL.c
-- more verbose error reporting when unable to load plugin
-- print usage information
-- add '--configfile' directive to allow multiple instances with multiple
- configfiles
-
-Version 0.98
-- Fix MAC address printing if there is none (by Andrej Ota)
-- Add PostgreSQL support by Jakab Laszlo
-- Add Version Number (-V) commandline option
-- Make MYBUFSIZ a runtime config directive (Bogdan Dobrota)
-- Fix daemonize function (call setsid() and close stdin)
-- Add ulogd_PCAP output plugin (to use ethereal/tcpdump/... on the logs)
-- Update documentation to reflect kernel inclusion of ipt_ULOG module
-- Add ulogd_LOCALTIME 'interpreter' for providing the timestamp at the
- time of logging (Florent Aide)
-- Fix ulogd_LOGEMU 'PROTO=' printing in case of unknown l4 protocol
-- Add support for non-forking mode and logging to stderr (Alessandro Bono)
-
-Version 0.97
-- added error handling after ipulog_read() to prevent endless loops
-
-Version 0.96
-- support for old mysql versions (Alexander Janssen)
-- support for dotted-quad IP addresses in MySQL (Alexander Janssen)
-- added support for synchronous write to LOGEMU (Michael Stolovitzsky)
-- autoconf now checks for mysql .so libraries instead of static .a
-- autoconf now includes /usr/src/linux/include, because most distros
- now have a glibc-provided /usr/include/linux :(
-- removed ./configure from CVS tree as it may cause inconsistencies
-- better commented example configuration file
-- Makefiles now know DESTDIR (for RPM packaging)
-- documentation now built at release-time, not compile time
-- support for logfile-rotating, using new SIGHUP handler
-
-Version 0.95
-- libipulog problems of 0.94 fixed
-- 1.0 now really soon
-
-Version 0.94
-- fixed stupid build problem because of missing libipulog
- (i'll never try to be intelligent again ;))
-
-Version 0.93
-- fixes logfile bug: wrong filename and line numbers printed
-- fixes config file parsing, new generic get_word() in conffile.c
-- fixes bug in ulogd_LOGEMU.c on big-endian systems
-- fixes segfault when packet received but no interpreters registered
- (reported by Drori Ghiora)
-- sigterm handler installed for clean shutdown
-- logfile now fflush()ed after each line printed
-- ulogd_LOGEMU now prints date and hostname, just as syslog does
-
-Version 0.92
-- fixes libipulog loop-bug (reported by Drori Ghiora)
-
-Version 0.91
-- changes for new kernel ULOG. Includes support for multilink netlink
- messages.
-
-Version 0.9
-- configuration file routines
-- plugins are able to register new configfile keys
-- new MYSQL output plugin
-- new syslog compatibility output plugin
-
-Version 0.3
-
-- new PWSNIFF interpreter plugin
-- verbose error reporting
-
-Version 0.2
-
-- real daemon, we are forking now
diff --git a/ulogd/Makefile.in b/ulogd/Makefile.in
deleted file mode 100644
index 0f1845c..0000000
--- a/ulogd/Makefile.in
+++ /dev/null
@@ -1,85 +0,0 @@
-RELEASE_DIR:=/tmp
-
-include @top_srcdir@/Rules.make
-CFLAGS+=-I@top_srcdir@/libipulog/include -I@top_srcdir@/include
-
-SUBDIRS=conffile libipulog extensions doc
-
-ifeq (x@MYSQLINCLUDES@,x)
-else
-SUBDIRS+=mysql
-endif
-
-ifeq (x@PGSQLINCLUDES@,x)
-else
-SUBDIRS+=pgsql
-endif
-
-ifeq (x@HAVE_PCAP_H@,x)
-else
-SUBDIRS+=pcap
-endif
-
-
-ULOGD_VERSION=1.23
-OLD_ULOGD_VERSION=1.22
-
-ifeq (x@SQLITE3INCLUDES@,x)
-else
-SUBDIRS+=sqlite3
-endif
-
-# Normally You should not need to change anything below
-
-all: recurse ulogd
-
-.PHONY: distclean
-distclean: clean
- @for d in $(SUBDIRS); do if ! make -C $$d $@; then exit 1; fi; done
- rm -f Makefile config.cache config.log config.status Rules.make
-
-.PHONY: docbuild
-docbuild:
- make -C doc distrib
-
-.PHONY: distrib
-distrib: docbuild distclean delrelease $(RELEASE_DIR)/ulogd-$(ULOGD_VERSION).tar.bz2 diff
-
-.PHONY: delrelease
-delrelease:
- rm -f $(RELEASE_DIR)/ulogd-$(ULOGD_VERSION).tar.bz2
-
-$(RELEASE_DIR)/ulogd-$(ULOGD_VERSION).tar.bz2:
- cd .. && ln -sf ulogd ulogd-$(ULOGD_VERSION) && tar cvf - --exclude CVS --exclude .svn ulogd-$(ULOGD_VERSION)/. | bzip2 -9 > $@ && rm ulogd-$(ULOGD_VERSION)
-
-.PHONY: diff
-diff: $(RELEASE_DIR)/ulogd-$(ULOGD_VERSION).tar.bz2
- @mkdir /tmp/diffdir
- @cd /tmp/diffdir && tar -x --bzip2 -f $(RELEASE_DIR)/ulogd-$(ULOGD_VERSION).tar.bz2
- @set -e; cd /tmp/diffdir; tar -x --bzip2 -f $(RELEASE_DIR)/ulogd-$(OLD_ULOGD_VERSION).tar.bz2; echo Creating patch-ulogd-$(OLD_ULOGD_VERSION)-$(ULOGD_VERSION).bz2; diff -urN ulogd-$(OLD_ULOGD_VERSION) ulogd-$(ULOGD_VERSION) | bzip2 -9 > $(RELEASE_DIR)/patch-ulogd-$(OLD_ULOGD_VERSION)-$(ULOGD_VERSION).bz2
-
-recurse:
- @for d in $(SUBDIRS); do if ! make -C $$d; then exit 1; fi; done
-
-ulogd: ulogd.c $(LIBIPULOG) include/ulogd/ulogd.h conffile/conffile.o $(LIBIPULOG)/libipulog.a ulogd.conf
- $(CC) $(CFLAGS) $(LDFLAGS) -rdynamic $< conffile/conffile.o $(LIBIPULOG)/libipulog.a -o $@ $(LIBS)
-
-edit = sed -e 's,@libdir\@,$(ULOGD_LIB_PATH),g'
-
-ulogd.conf: ulogd.conf.in
- $(edit) ulogd.conf.in > ulogd.conf
-
-clean:
-# rm -f ulogd *.o extensions/*.o extensions/*.so conffile/*.o
- rm -f ulogd ulogd.o ulogd.conf
- @for d in $(SUBDIRS); do if ! make -C $$d $@; then exit 1; fi; done
-
-install: all
- @for d in $(SUBDIRS); do if ! make -C $$d $@; then exit 1; fi; done
- @[ -d $(DESTDIR)$(BINDIR) ] || mkdir -p $(DESTDIR)$(BINDIR)
- @INSTALL@ -D -m 755 ulogd $(DESTDIR)$(BINDIR)/ulogd
- @[ -d $(DESTDIR)$(ETCDIR) ] || mkdir -p $(DESTDIR)$(ETCDIR)
- @[ -f $(DESTDIR)$(ETCDIR)/ulogd.conf ] || @INSTALL@ -D -m 600 ulogd.conf $(DESTDIR)$(ETCDIR)/ulogd.conf
-
-doc:
- $(MAKE) -C $@
diff --git a/ulogd/README b/ulogd/README
deleted file mode 100644
index 3510007..0000000
--- a/ulogd/README
+++ /dev/null
@@ -1,97 +0,0 @@
-Userspace logging facility for iptables / linux 2.4
-$Id: README,v 1.7 2002/04/16 12:44:41 laforge Exp $
-
-Project Homepage: http://www.gnumonks.org/projects/ulogd
-Mailinglist: http://lists.gnumonks.org/mailman/listinfo/ulogd/
-
-This is just a short README, pleaes see the more extensive documentation
-in the doc/ subdirectory.
-
-===> IDEA
-
-This packages is intended for passing packets from the kernel to userspace
-to do some logging there. It should work like that:
-
-- Register a target called ULOG with iptables
-- if the target is hit:
- - send the packet out using netlink multicast facility
- - return NF_CONTINUE immediately
-
-New with ipt_ULOG 0.8 we can accumulate packets in userspace and send
-them in small batches (1-50) to userspace. This reduces the amount of
-expensive context switches.
-
-More than one logging daemon may listen to the netlink multicast address.
-
-===> CONTENTS
-
-= Ulog library (libipulog.a)
-Just a little library like libipq.a which provides a convenient way to
-write userspace logging daemons. The functions provided are described
-in the source code, a small demo program (ulog_test) is also included.
-
-= ulogd daemon (ulogd)
-A sophisticated logging daemon which uses libipulog. The daemon provides
-an easy to use plugin interface to write additional packet interpreters and
-output targets. Example plugins (interpreter: ip, tcp, icmp output: simple
-logging to a file) are included.
-
-= documentation (doc)
-A quite verbose documentation of this package and it's configuration exists,
-please actually make use of it and read it :)
-
-===> USAGE
-
-The kernel part of the userspace logging facility (ipt_ULOG.o) is included
-in kernels >= 2.4.18-pre8. If you are running older kernel versions, you MUST
-install the ulog-patch from netfilter patch-o-matic FIRST !!
-
-Please go to the netfilter homepage (http://www.netfilter.org/)
-and download the latest iptables package. There is a system called
-patch-o-matic, which manages recent netfilter development, which has
-not been included in the stock kernel yet.
-
-Just apply the ulog-patch from patch-o-matic (there is some documentation
-included in the iptables package how to use patch-o-matic).
-
-Next you have to enable the kernel config option CONFIG_IP_NF_TARGET_ULOG in
-the netfilter subsection of the network options.
-
-Then recompile the kernel or just recompile the netfilter modules using 'make
-modules SUBDIRS=net/ipv4/netfilter'. Next step is installing the module using
-'make modules_install'
-
-It is also a good idea to recompile and re-install the iptables package,
-if you don't already have libipt_ULOG.so in /usr/local/lib/iptables or
-/usr/lib/iptables
-
-Now You are ready to go. You may now insert logging rules to every chain.
-To see the full syntax, type 'iptables -j ULOG -h'
-
-===> EXAMPLES
-
-At first a simple example, which passes every outgoing packet to the
-userspace logging, using netlink multicast group 3.
-
-iptables -A OUTPUT -j ULOG --ulog-nlgroup 3
-
-A more advanced one, passing all incoming tcp packets with destination
-port 80 to the userspace logging daemon listening on netlink multicast
-group 32. All packets get tagged with the ulog prefix "inp"
-
-iptables -A INPUT -j ULOG -p tcp --dport 80 --ulog-nlgroup 32 --ulog-prefix inp
-
-Since version 0.2, I added another parameter (--ulog-cprange).
-Using this parameter You are able to specify how much octets of the
-packet should be copied from the kernel to userspace.
-Setting --ulog-cprange to 0 does always copy the whole packet. Default is 0
-
-===> COPYRIGHT + CREDITS
-
-The code is (C) 2000-2003 by Harald Welte
-
-Thanks also to the valuable Contributions of Daniel Stone, Alexander
-Janssen and Michael Stolovitzsky.
-
-Credits to Rusty Russel, James Morris, Marc Boucher and all the other
-netfilter hackers.
diff --git a/ulogd/Rules.make.in b/ulogd/Rules.make.in
deleted file mode 100644
index 4a161a4..0000000
--- a/ulogd/Rules.make.in
+++ /dev/null
@@ -1,50 +0,0 @@
-#
-
-prefix=@prefix@
-exec_prefix=@exec_prefix@
-ETCDIR=@sysconfdir@
-BINDIR=@sbindir@
-
-ULOGD_CONFIGFILE=@sysconfdir@/ulogd.conf
-
-ULOGD_LIB_PATH=@libdir@/ulogd
-
-# Path of libipulog (from iptables)
-LIBIPULOG=@top_srcdir@/libipulog
-INCIPULOG=-I@top_srcdir@/libipulog/include
-INCCONFFILE=-I@top_srcdir@/conffile
-
-CC=@CC@
-LD=@LD@
-INSTALL=@INSTALL@
-
-CFLAGS=@CFLAGS@ @CPPFLAGS@ -Wall
-CFLAGS+=-DULOGD_CONFIGFILE=\"$(ULOGD_CONFIGFILE)\"
-CFLAGS+=@KERNEL64_USERSPACE32@
-# doesn't work for subdirs
-CFLAGS+=$(INCIPULOG)
-#CFLAGS+=-I/lib/modules/`uname -r`/build/include
-CFLAGS+=@DEFS@
-#CFLAGS+=-g -DDEBUG -DDEBUG_MYSQL -DDEBUG_PGSQL
-
-LIBS=@LIBS@
-
-
-# Names of the plugins to be compiled
-ULOGD_SL:=BASE OPRINT PWSNIFF LOGEMU LOCAL SYSLOG
-
-# mysql output support
-#ULOGD_SL+=MYSQL
-MYSQL_CFLAGS=@MYSQLINCLUDES@ @EXTRA_MYSQL_DEF@
-MYSQL_LDFLAGS=$(LDFLAGS) @MYSQL_LIB@
-
-# postgreSQL output support
-#ULOGD_SL+=PGSQL
-PGSQL_CFLAGS=@PGSQLINCLUDES@ @EXTRA_PGSQL_DEF@
-PGSQL_LDFLAGS=$(LDFLAGS) @PGSQL_LIB@
-
-# mysql output support
-#ULOGD_SL+=SQLITE3
-SQLITE3_CFLAGS=@SQLITE3INCLUDES@ @EXTRA_SQLITE3_DEF@
-SQLITE3_LDFLAGS=$(LDFLAGS) @SQLITE3_LIB@
-
diff --git a/ulogd/TODO b/ulogd/TODO
deleted file mode 100644
index 3ab6194..0000000
--- a/ulogd/TODO
+++ /dev/null
@@ -1,37 +0,0 @@
-libipulog:
-X handle multi-part nlmsgs
-- Error checking at netlink socket
-- forward port my timeout enabled read-function from libipq to libipulog
-- man pages
-
-kernel:
-X queue the logging in the kernel and send multiple packets in one
- multipart nlmsg
-X add timer to flush queue in user-defineable time intervals
-- IPv6 ULOG target
-
-ulogd:
-X MYSQL output plugin
-X syslog compatibility output plugin
-- autoconf-detection of ipt_ULOG.h
-X _fini() support for plugin destructors (needed for clean shutdown and
- SIGHUP configfile reload
-X commandline option for "to fork or not to fork"
-X various command line options (we don't even have --version)
-- add support for capabilities to run as non-root
-X big endian fixes
-X man pages
-- IPv6 support (core and extensions)
-X pcap output plugin (to use ethereal/tcpdump/... for the logs)
-- enable user to specify directory where to look for kernel include files
-- support for static linking
-- make core maintain a list of keyid's that all the output plugins are
- interested. The interpreters would be called with their respective
- section of that list, and only compute those values that are actually
- used by any of the running output plugins
-- issues with ulogd_BASE and partially copied packets (--ulog-cprange)
-- problem wrt. ulogd_BASE and fragments
-- implement extension SIGHUP handlers (including config re-parse)
-
-conffile:
-- rewrite parser. This stuff is a real mess. Anybody interested?
diff --git a/ulogd/aclocal.m4 b/ulogd/aclocal.m4
deleted file mode 100644
index 368464b..0000000
--- a/ulogd/aclocal.m4
+++ /dev/null
@@ -1,130 +0,0 @@
-dnl aclocal.m4 generated automatically by aclocal 1.4
-
-dnl Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc.
-dnl This file is free software; the Free Software Foundation
-dnl gives unlimited permission to copy and/or distribute it,
-dnl with or without modifications, as long as this notice is preserved.
-
-dnl This program is distributed in the hope that it will be useful,
-dnl but WITHOUT ANY WARRANTY, to the extent permitted by law; without
-dnl even the implied warranty of MERCHANTABILITY or FITNESS FOR A
-dnl PARTICULAR PURPOSE.
-
-dnl aclocal.m4 generated automatically by aclocal 1.4
-
-dnl Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc.
-dnl This file is free software; the Free Software Foundation
-dnl gives unlimited permission to copy and/or distribute it,
-dnl with or without modifications, as long as this notice is preserved.
-
-dnl This program is distributed in the hope that it will be useful,
-dnl but WITHOUT ANY WARRANTY, to the extent permitted by law; without
-dnl even the implied warranty of MERCHANTABILITY or FITNESS FOR A
-dnl PARTICULAR PURPOSE.
-
-# Do all the work for Automake. This macro actually does too much --
-# some checks are only needed if your package does certain things.
-# But this isn't really a big deal.
-
-# serial 1
-
-dnl Usage:
-dnl AM_INIT_AUTOMAKE(package,version, [no-define])
-
-AC_DEFUN(AM_INIT_AUTOMAKE,
-[AC_REQUIRE([AC_PROG_INSTALL])
-PACKAGE=[$1]
-AC_SUBST(PACKAGE)
-VERSION=[$2]
-AC_SUBST(VERSION)
-dnl test to see if srcdir already configured
-if test "`cd $srcdir && pwd`" != "`pwd`" && test -f $srcdir/config.status; then
- AC_MSG_ERROR([source directory already configured; run "make distclean" there first])
-fi
-ifelse([$3],,
-AC_DEFINE_UNQUOTED(PACKAGE, "$PACKAGE", [Name of package])
-AC_DEFINE_UNQUOTED(VERSION, "$VERSION", [Version number of package]))
-AC_REQUIRE([AM_SANITY_CHECK])
-AC_REQUIRE([AC_ARG_PROGRAM])
-dnl FIXME This is truly gross.
-missing_dir=`cd $ac_aux_dir && pwd`
-AM_MISSING_PROG(ACLOCAL, aclocal, $missing_dir)
-AM_MISSING_PROG(AUTOCONF, autoconf, $missing_dir)
-AM_MISSING_PROG(AUTOMAKE, automake, $missing_dir)
-AM_MISSING_PROG(AUTOHEADER, autoheader, $missing_dir)
-AM_MISSING_PROG(MAKEINFO, makeinfo, $missing_dir)
-AC_REQUIRE([AC_PROG_MAKE_SET])])
-
-#
-# Check to make sure that the build environment is sane.
-#
-
-AC_DEFUN(AM_SANITY_CHECK,
-[AC_MSG_CHECKING([whether build environment is sane])
-# Just in case
-sleep 1
-echo timestamp > conftestfile
-# Do `set' in a subshell so we don't clobber the current shell's
-# arguments. Must try -L first in case configure is actually a
-# symlink; some systems play weird games with the mod time of symlinks
-# (eg FreeBSD returns the mod time of the symlink's containing
-# directory).
-if (
- set X `ls -Lt $srcdir/configure conftestfile 2> /dev/null`
- if test "[$]*" = "X"; then
- # -L didn't work.
- set X `ls -t $srcdir/configure conftestfile`
- fi
- if test "[$]*" != "X $srcdir/configure conftestfile" \
- && test "[$]*" != "X conftestfile $srcdir/configure"; then
-
- # If neither matched, then we have a broken ls. This can happen
- # if, for instance, CONFIG_SHELL is bash and it inherits a
- # broken ls alias from the environment. This has actually
- # happened. Such a system could not be considered "sane".
- AC_MSG_ERROR([ls -t appears to fail. Make sure there is not a broken
-alias in your environment])
- fi
-
- test "[$]2" = conftestfile
- )
-then
- # Ok.
- :
-else
- AC_MSG_ERROR([newly created file is older than distributed files!
-Check your system clock])
-fi
-rm -f conftest*
-AC_MSG_RESULT(yes)])
-
-dnl AM_MISSING_PROG(NAME, PROGRAM, DIRECTORY)
-dnl The program must properly implement --version.
-AC_DEFUN(AM_MISSING_PROG,
-[AC_MSG_CHECKING(for working $2)
-# Run test in a subshell; some versions of sh will print an error if
-# an executable is not found, even if stderr is redirected.
-# Redirect stdin to placate older versions of autoconf. Sigh.
-if ($2 --version) < /dev/null > /dev/null 2>&1; then
- $1=$2
- AC_MSG_RESULT(found)
-else
- $1="$3/missing $2"
- AC_MSG_RESULT(missing)
-fi
-AC_SUBST($1)])
-
-
-# Define a conditional.
-
-AC_DEFUN(AM_CONDITIONAL,
-[AC_SUBST($1_TRUE)
-AC_SUBST($1_FALSE)
-if $2; then
- $1_TRUE=
- $1_FALSE='#'
-else
- $1_TRUE='#'
- $1_FALSE=
-fi])
-
diff --git a/ulogd/cftest/cftest.c b/ulogd/cftest/cftest.c
deleted file mode 100644
index b99882b..0000000
--- a/ulogd/cftest/cftest.c
+++ /dev/null
@@ -1,30 +0,0 @@
-#include
-#include
-#include "conffile.h"
-
-int bla(char *args)
-{
- printf("bla called: %s\n", args);
- return 0;
-}
-int main()
-{
- config_entry_t e,f;
- memset(&e, 0, sizeof(config_entry_t));
- strcpy(e.key, "zeile");
- e.u.parser = bla;
- e.type = CONFIG_TYPE_CALLBACK;
- config_register_key(&e);
-
- strcpy(f.key, "spalte");
- f.type = CONFIG_TYPE_STRING;
- f.options |= CONFIG_OPT_MANDATORY;
- f.u.str.string = (char *) malloc(100);
- f.u.str.maxlen = 99;
- config_register_key(&f);
-
- config_parse_file("test.txt");
- printf("SPALTE: %s\n", f.u.str.string);
-
- exit(0);
-}
diff --git a/ulogd/cftest/test.txt b/ulogd/cftest/test.txt
deleted file mode 100644
index 3c0b663..0000000
--- a/ulogd/cftest/test.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-zeile zeile1
-spalte 0815
-asdfasf
diff --git a/ulogd/conffile/Makefile.in b/ulogd/conffile/Makefile.in
deleted file mode 100644
index 907e6a7..0000000
--- a/ulogd/conffile/Makefile.in
+++ /dev/null
@@ -1,21 +0,0 @@
-#
-
-include @top_srcdir@/Rules.make
-CFLAGS+=-I@top_srcdir@/include/ulogd
-
-# Normally You should not need to change anything below
-
-all: conffile.o
-
-distrib:
-
-conffile.o: conffile.c
- $(CC) $(CFLAGS) -c $< -o $@
-
-clean:
- rm -f conffile.o
-
-distclean:
- rm -f Makefile
-
-install: all
diff --git a/ulogd/conffile/conffile.c b/ulogd/conffile/conffile.c
deleted file mode 100644
index d26c5ff..0000000
--- a/ulogd/conffile/conffile.c
+++ /dev/null
@@ -1,241 +0,0 @@
-/* config file parser functions
- *
- * (C) 2000 by Harald Welte
- *
- * $Id: conffile.c,v 1.4 2001/09/01 11:51:53 laforge Exp $
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 2
- * as published by the Free Software Foundation
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
- */
-
-#include
-#include