diff options
Diffstat (limited to 'output')
-rw-r--r-- | output/ipfix/ulogd_output_IPFIX.c | 3 | ||||
-rw-r--r-- | output/pcap/ulogd_output_PCAP.c | 50 | ||||
-rw-r--r-- | output/sqlite3/ulogd_output_SQLITE3.c | 20 | ||||
-rw-r--r-- | output/ulogd_output_GPRINT.c | 36 | ||||
-rw-r--r-- | output/ulogd_output_JSON.c | 11 | ||||
-rw-r--r-- | output/ulogd_output_OPRINT.c | 89 |
6 files changed, 119 insertions, 90 deletions
diff --git a/output/ipfix/ulogd_output_IPFIX.c b/output/ipfix/ulogd_output_IPFIX.c index 4863d00..1c0f730 100644 --- a/output/ipfix/ulogd_output_IPFIX.c +++ b/output/ipfix/ulogd_output_IPFIX.c @@ -426,6 +426,9 @@ static int ipfix_interp(struct ulogd_pluginstance *pi) if (!(GET_FLAGS(pi->input.keys, InIpSaddr) & ULOGD_RETF_VALID)) return ULOGD_IRET_OK; + if (GET_LENGTH(pi->input.keys, InIpSaddr) != sizeof(data->saddr)) + return ULOGD_IRET_OK; + oid = oid_ce(pi->config_kset).u.value; mtu = mtu_ce(pi->config_kset).u.value; send_template = send_template_ce(pi->config_kset).u.string; diff --git a/output/pcap/ulogd_output_PCAP.c b/output/pcap/ulogd_output_PCAP.c index e7798f2..19ce47f 100644 --- a/output/pcap/ulogd_output_PCAP.c +++ b/output/pcap/ulogd_output_PCAP.c @@ -220,33 +220,26 @@ static int append_create_outfile(struct ulogd_pluginstance *upi) { struct pcap_instance *pi = (struct pcap_instance *) &upi->private; char *filename = upi->config_kset->ces[0].u.string; - struct stat st_dummy; - int exist = 0; - - if (stat(filename, &st_dummy) == 0 && st_dummy.st_size > 0) - exist = 1; - - if (!exist) { - pi->of = fopen(filename, "w"); - if (!pi->of) { - ulogd_log(ULOGD_ERROR, "can't open pcap file %s: %s\n", - filename, - strerror(errno)); - return -EPERM; - } - if (!write_pcap_header(pi)) { - ulogd_log(ULOGD_ERROR, "can't write pcap header: %s\n", - strerror(errno)); - return -ENOSPC; - } - } else { - pi->of = fopen(filename, "a"); - if (!pi->of) { - ulogd_log(ULOGD_ERROR, "can't open pcap file %s: %s\n", - filename, - strerror(errno)); - return -EPERM; - } + struct stat st_of; + FILE *of; + + of = fopen(filename, "a"); + if (!of) { + ulogd_log(ULOGD_ERROR, "can't open pcap file %s: %s\n", + filename, + strerror(errno)); + return -EPERM; + } + + if (pi->of) + fclose(pi->of); + pi->of = of; + + if (fstat(fileno(pi->of), &st_of) == 0 && st_of.st_size == 0 && + !write_pcap_header(pi)) { + ulogd_log(ULOGD_ERROR, "can't write pcap header: %s\n", + strerror(errno)); + return -ENOSPC; } return 0; @@ -254,12 +247,9 @@ static int append_create_outfile(struct ulogd_pluginstance *upi) static void signal_pcap(struct ulogd_pluginstance *upi, int signal) { - struct pcap_instance *pi = (struct pcap_instance *) &upi->private; - switch (signal) { case SIGHUP: ulogd_log(ULOGD_NOTICE, "reopening capture file\n"); - fclose(pi->of); append_create_outfile(upi); break; default: diff --git a/output/sqlite3/ulogd_output_SQLITE3.c b/output/sqlite3/ulogd_output_SQLITE3.c index 0a9ad67..6aeb7a3 100644 --- a/output/sqlite3/ulogd_output_SQLITE3.c +++ b/output/sqlite3/ulogd_output_SQLITE3.c @@ -33,6 +33,7 @@ #include <stdlib.h> #include <string.h> #include <arpa/inet.h> +#include <netinet/in.h> #include <ulogd/ulogd.h> #include <ulogd/conffile.h> #include <sqlite3.h> @@ -145,6 +146,10 @@ sqlite3_interp(struct ulogd_pluginstance *pi) } switch (f->key->type) { + case ULOGD_RET_BOOL: + ret = sqlite3_bind_int(priv->p_stmt, i, k_ret->u.value.b); + break; + case ULOGD_RET_INT8: ret = sqlite3_bind_int(priv->p_stmt, i, k_ret->u.value.i8); break; @@ -158,7 +163,7 @@ sqlite3_interp(struct ulogd_pluginstance *pi) break; case ULOGD_RET_INT64: - ret = sqlite3_bind_int(priv->p_stmt, i, k_ret->u.value.i64); + ret = sqlite3_bind_int64(priv->p_stmt, i, k_ret->u.value.i64); break; case ULOGD_RET_UINT8: @@ -174,17 +179,20 @@ sqlite3_interp(struct ulogd_pluginstance *pi) break; case ULOGD_RET_IPADDR: - case ULOGD_RET_UINT64: - ret = sqlite3_bind_int64(priv->p_stmt, i, k_ret->u.value.ui64); + if (k_ret->len == sizeof(struct in_addr)) + ret = sqlite3_bind_int(priv->p_stmt, i, + k_ret->u.value.ui32); + else + ret = sqlite3_bind_null(priv->p_stmt, i); break; - case ULOGD_RET_BOOL: - ret = sqlite3_bind_int(priv->p_stmt, i, k_ret->u.value.b); + case ULOGD_RET_UINT64: + ret = sqlite3_bind_int64(priv->p_stmt, i, k_ret->u.value.ui64); break; case ULOGD_RET_STRING: ret = sqlite3_bind_text(priv->p_stmt, i, k_ret->u.value.ptr, - strlen(k_ret->u.value.ptr), SQLITE_STATIC); + strlen(k_ret->u.value.ptr), SQLITE_STATIC); break; default: diff --git a/output/ulogd_output_GPRINT.c b/output/ulogd_output_GPRINT.c index aedd08e..37829fa 100644 --- a/output/ulogd_output_GPRINT.c +++ b/output/ulogd_output_GPRINT.c @@ -27,6 +27,8 @@ #include <time.h> #include <errno.h> #include <inttypes.h> +#include <arpa/inet.h> +#include <netinet/in.h> #include <ulogd/ulogd.h> #include <ulogd/conffile.h> @@ -69,12 +71,6 @@ static struct config_keyset gprint_kset = { }, }; -#define NIPQUAD(addr) \ - ((unsigned char *)&addr)[0], \ - ((unsigned char *)&addr)[1], \ - ((unsigned char *)&addr)[2], \ - ((unsigned char *)&addr)[3] - static int gprint_interp(struct ulogd_pluginstance *upi) { struct gprint_priv *opi = (struct gprint_priv *) &upi->private; @@ -127,13 +123,15 @@ static int gprint_interp(struct ulogd_pluginstance *upi) case ULOGD_RET_INT8: case ULOGD_RET_INT16: case ULOGD_RET_INT32: + case ULOGD_RET_INT64: ret = snprintf(buf+size, rem, "%s=", key->name); if (ret < 0) break; rem -= ret; size += ret; - ret = snprintf(buf+size, rem, "%d,", key->u.value.i32); + ret = snprintf(buf+size, rem, "%" PRId64 ",", + key->u.value.i64); if (ret < 0) break; rem -= ret; @@ -156,20 +154,36 @@ static int gprint_interp(struct ulogd_pluginstance *upi) rem -= ret; size += ret; break; - case ULOGD_RET_IPADDR: + case ULOGD_RET_IPADDR: { + struct in6_addr ipv6addr; + struct in_addr ipv4addr; + int family; + void *addr; + ret = snprintf(buf+size, rem, "%s=", key->name); if (ret < 0) break; rem -= ret; size += ret; - ret = snprintf(buf+size, rem, "%u.%u.%u.%u,", - NIPQUAD(key->u.value.ui32)); - if (ret < 0) + if (key->len == sizeof(ipv6addr)) { + memcpy(ipv6addr.s6_addr, key->u.value.ui128, + sizeof(ipv6addr.s6_addr)); + addr = &ipv6addr; + family = AF_INET6; + } else { + ipv4addr.s_addr = key->u.value.ui32; + addr = &ipv4addr; + family = AF_INET; + } + if (!inet_ntop(family, addr, buf + size, rem)) break; + ret = strlen(buf + size); + rem -= ret; size += ret; break; + } default: /* don't know how to interpret this key. */ break; diff --git a/output/ulogd_output_JSON.c b/output/ulogd_output_JSON.c index bbc3dba..f80d0e2 100644 --- a/output/ulogd_output_JSON.c +++ b/output/ulogd_output_JSON.c @@ -276,8 +276,8 @@ static int json_interp_file(struct ulogd_pluginstance *upi, char *buf) static int json_interp(struct ulogd_pluginstance *upi) { struct json_priv *opi = (struct json_priv *) &upi->private; + char *dvc, *buf, *tmp; unsigned int i; - char *buf, *tmp; size_t buflen; json_t *msg; @@ -335,10 +335,8 @@ static int json_interp(struct ulogd_pluginstance *upi) json_object_set_new(msg, "timestamp", json_string(timestr)); } - if (upi->config_kset->ces[JSON_CONF_DEVICE].u.string) { - char *dvc = upi->config_kset->ces[JSON_CONF_DEVICE].u.string; - json_object_set_new(msg, "dvc", json_string(dvc)); - } + dvc = upi->config_kset->ces[JSON_CONF_DEVICE].u.string; + json_object_set_new(msg, "dvc", json_string(dvc)); for (i = 0; i < upi->input.num_keys; i++) { struct ulogd_key *key = upi->input.keys[i].u.source; @@ -366,6 +364,9 @@ static int json_interp(struct ulogd_pluginstance *upi) case ULOGD_RET_INT32: json_object_set_new(msg, field_name, json_integer(key->u.value.i32)); break; + case ULOGD_RET_INT64: + json_object_set_new(msg, field_name, json_integer(key->u.value.i64)); + break; case ULOGD_RET_UINT8: if ((upi->config_kset->ces[JSON_CONF_BOOLEAN_LABEL].u.value != 0) && (!strcmp(key->name, "raw.label"))) { diff --git a/output/ulogd_output_OPRINT.c b/output/ulogd_output_OPRINT.c index 6fde445..13934ff 100644 --- a/output/ulogd_output_OPRINT.c +++ b/output/ulogd_output_OPRINT.c @@ -24,6 +24,8 @@ #include <string.h> #include <errno.h> #include <inttypes.h> +#include <arpa/inet.h> +#include <netinet/in.h> #include <ulogd/ulogd.h> #include <ulogd/conffile.h> @@ -31,18 +33,6 @@ #define ULOGD_OPRINT_DEFAULT "/var/log/ulogd_oprint.log" #endif -#define NIPQUAD(addr) \ - ((unsigned char *)&addr)[0], \ - ((unsigned char *)&addr)[1], \ - ((unsigned char *)&addr)[2], \ - ((unsigned char *)&addr)[3] - -#define HIPQUAD(addr) \ - ((unsigned char *)&addr)[3], \ - ((unsigned char *)&addr)[2], \ - ((unsigned char *)&addr)[1], \ - ((unsigned char *)&addr)[0] - struct oprint_priv { FILE *of; }; @@ -59,38 +49,61 @@ static int oprint_interp(struct ulogd_pluginstance *upi) if (!ret) ulogd_log(ULOGD_NOTICE, "no result for %s ?!?\n", upi->input.keys[i].name); - + if (!IS_VALID(*ret)) continue; fprintf(opi->of,"%s=", ret->name); switch (ret->type) { - case ULOGD_RET_STRING: - fprintf(opi->of, "%s\n", - (char *) ret->u.value.ptr); - break; - case ULOGD_RET_BOOL: - case ULOGD_RET_INT8: - case ULOGD_RET_INT16: - case ULOGD_RET_INT32: - fprintf(opi->of, "%d\n", ret->u.value.i32); - break; - case ULOGD_RET_UINT8: - case ULOGD_RET_UINT16: - case ULOGD_RET_UINT32: - fprintf(opi->of, "%u\n", ret->u.value.ui32); + case ULOGD_RET_STRING: + fprintf(opi->of, "%s\n", (char *) ret->u.value.ptr); + break; + case ULOGD_RET_BOOL: + case ULOGD_RET_INT8: + case ULOGD_RET_INT16: + case ULOGD_RET_INT32: + fprintf(opi->of, "%d\n", ret->u.value.i32); + break; + case ULOGD_RET_INT64: + fprintf(opi->of, "%" PRId64 "\n", ret->u.value.i64); + break; + case ULOGD_RET_UINT8: + case ULOGD_RET_UINT16: + case ULOGD_RET_UINT32: + fprintf(opi->of, "%u\n", ret->u.value.ui32); + break; + case ULOGD_RET_UINT64: + fprintf(opi->of, "%" PRIu64 "\n", ret->u.value.ui64); + break; + case ULOGD_RET_IPADDR: { + char addrbuf[INET6_ADDRSTRLEN + 1] = ""; + struct in6_addr ipv6addr; + struct in_addr ipv4addr; + int family; + void *addr; + + if (ret->len == sizeof(ipv6addr)) { + memcpy(ipv6addr.s6_addr, ret->u.value.ui128, + sizeof(ipv6addr.s6_addr)); + addr = &ipv6addr; + family = AF_INET6; + } else { + ipv4addr.s_addr = ret->u.value.ui32; + addr = &ipv4addr; + family = AF_INET; + } + if (!inet_ntop(family, addr, addrbuf, sizeof(addrbuf))) break; - case ULOGD_RET_UINT64: - fprintf(opi->of, "%" PRIu64 "\n", ret->u.value.ui64); - break; - case ULOGD_RET_IPADDR: - fprintf(opi->of, "%u.%u.%u.%u\n", - HIPQUAD(ret->u.value.ui32)); - break; - case ULOGD_RET_NONE: - fprintf(opi->of, "<none>\n"); - break; - default: fprintf(opi->of, "default\n"); + + fprintf(opi->of, "%s\n", addrbuf); + break; + } + case ULOGD_RET_NONE: + fprintf(opi->of, "<none>\n"); + break; + default: + fprintf(opi->of, "default\n"); + break; } } if (upi->config_kset->ces[1].u.value != 0) |