Gitiles
Code Review Sign In
review.blissroms.org / platform_external_ebtables / a64fd6ce403fee3d45ff41fcce4ffd44459d7a5a / . / extensions / ebt_nflog.c
blob: 259bdb292cea6ae13db43247ef652ced955fcd24 [file] [log] [blame]
Bart De Schuymer03e60002008-03-17 22:10:49 +0000[diff] [blame]1/* ebt_nflog
2 *
3 * Authors:
4 * Peter Warasin <peter@endian.com>
5 *
6 * February, 2008
7 *
8 * Based on:
9 * ebt_ulog.c, (C) 2004, Bart De Schuymer <bdschuym@pandora.be>
10 * libxt_NFLOG.c
11 */
12
13#include <stdio.h>
14#include <stdlib.h>
15#include <string.h>
16#include <getopt.h>
17#include "../include/ebtables_u.h"
18#include <linux/netfilter_bridge/ebt_nflog.h>
19
20enum {
21 NFLOG_GROUP = 0x1,
22 NFLOG_PREFIX = 0x2,
23 NFLOG_RANGE = 0x4,
24 NFLOG_THRESHOLD = 0x8,
25 NFLOG_NFLOG = 0x16,
26};
27
28static struct option nflog_opts[] = {
29 {"nflog-group", required_argument, NULL, NFLOG_GROUP},
30 {"nflog-prefix", required_argument, NULL, NFLOG_PREFIX},
31 {"nflog-range", required_argument, NULL, NFLOG_RANGE},
32 {"nflog-threshold", required_argument, NULL, NFLOG_THRESHOLD},
33 {"nflog", no_argument, NULL, NFLOG_NFLOG},
34 {.name = NULL}
35};
36
37static void nflog_help()
38{
39 printf("nflog options:\n"
40 "--nflog : use the default nflog parameters\n"
41 "--nflog-prefix prefix : Prefix string for log message\n"
42 "--nflog-group group : NETLINK group used for logging\n"
43 "--nflog-range range : Number of byte to copy\n"
44 "--nflog-threshold : Message threshold of"
45 "in-kernel queue\n");
46}
47
Bart De Schuymer3ba0f0a2009-02-12 20:19:57 +0000[diff] [blame]48static void init(struct ebt_entry_watcher *watcher)
Bart De Schuymer03e60002008-03-17 22:10:49 +0000[diff] [blame]49{
50 struct ebt_nflog_info *info = (struct ebt_nflog_info *)watcher->data;
51
52 info->prefix[0] = '\0';
53 info->group = EBT_NFLOG_DEFAULT_GROUP;
54 info->threshold = EBT_NFLOG_DEFAULT_THRESHOLD;
55}
56
57static int nflog_parse(int c, char **argv, int argc,
58 const struct ebt_u_entry *entry, unsigned int *flags,
59 struct ebt_entry_watcher **watcher)
60{
61 struct ebt_nflog_info *info;
62 unsigned int i;
63 char *end;
64
65 info = (struct ebt_nflog_info *)(*watcher)->data;
66 switch (c) {
67 case NFLOG_PREFIX:
68 if (ebt_check_inverse2(optarg))
69 goto inverse_invalid;
70 ebt_check_option2(flags, NFLOG_PREFIX);
71 if (strlen(optarg) > EBT_NFLOG_PREFIX_SIZE - 1)
72 ebt_print_error("Prefix too long for nflog-prefix");
73 strcpy(info->prefix, optarg);
74 break;
75
76 case NFLOG_GROUP:
77 if (ebt_check_inverse2(optarg))
78 goto inverse_invalid;
79 ebt_check_option2(flags, NFLOG_GROUP);
80 i = strtoul(optarg, &end, 10);
81 if (*end != '\0')
82 ebt_print_error2("--nflog-group must be a number!");
83 if (i < 0)
84 ebt_print_error2("--nflog-group can not be negative");
85 info->group = i;
86 break;
87
88 case NFLOG_RANGE:
89 if (ebt_check_inverse2(optarg))
90 goto inverse_invalid;
91 ebt_check_option2(flags, NFLOG_RANGE);
92 i = strtoul(optarg, &end, 10);
93 if (*end != '\0')
94 ebt_print_error2("--nflog-range must be a number!");
95 if (i < 0)
96 ebt_print_error2("--nflog-range can not be negative");
97 info->len = i;
98 break;
99
100 case NFLOG_THRESHOLD:
101 if (ebt_check_inverse2(optarg))
102 goto inverse_invalid;
103 ebt_check_option2(flags, NFLOG_THRESHOLD);
104 i = strtoul(optarg, &end, 10);
105 if (*end != '\0')
106 ebt_print_error2("--nflog-threshold must be a number!");
107 if (i < 0)
108 ebt_print_error2
109 ("--nflog-threshold can not be negative");
110 info->threshold = i;
111 break;
112 case NFLOG_NFLOG:
113 if (ebt_check_inverse(optarg))
114 goto inverse_invalid;
115 ebt_check_option2(flags, NFLOG_NFLOG);
116 break;
117
118 default:
119 return 0;
120 }
121 return 1;
122
123 inverse_invalid:
124 ebt_print_error("The use of '!' makes no sense for the nflog watcher");
125 return 1;
126}
127
128static void nflog_final_check(const struct ebt_u_entry *entry,
129 const struct ebt_entry_watcher *watcher,
130 const char *name, unsigned int hookmask,
131 unsigned int time)
132{
133}
134
135static void nflog_print(const struct ebt_u_entry *entry,
136 const struct ebt_entry_watcher *watcher)
137{
138 struct ebt_nflog_info *info = (struct ebt_nflog_info *)watcher->data;
139
140 if (info->prefix[0] != '\0')
141 printf("--nflog-prefix \"%s\"", info->prefix);
142 if (info->group)
143 printf("--nflog-group %d ", info->group);
144 if (info->len)
145 printf("--nflog-range %d", info->len);
146 if (info->threshold != EBT_NFLOG_DEFAULT_THRESHOLD)
147 printf(" --nflog-threshold %d ", info->threshold);
148}
149
150static int nflog_compare(const struct ebt_entry_watcher *w1,
151 const struct ebt_entry_watcher *w2)
152{
153 struct ebt_nflog_info *info1 = (struct ebt_nflog_info *)w1->data;
154 struct ebt_nflog_info *info2 = (struct ebt_nflog_info *)w2->data;
155
156 if (info1->group != info2->group ||
157 info1->len != info2->len ||
158 info1->threshold != info2->threshold ||
159 strcmp(info1->prefix, info2->prefix))
160 return 0;
161 return 1;
162}
163
164static struct ebt_u_watcher nflog_watcher = {
165 .name = "nflog",
166 .size = sizeof(struct ebt_nflog_info),
167 .help = nflog_help,
Bart De Schuymer3ba0f0a2009-02-12 20:19:57 +0000[diff] [blame]168 .init = init,
Bart De Schuymer03e60002008-03-17 22:10:49 +0000[diff] [blame]169 .parse = nflog_parse,
170 .final_check = nflog_final_check,
171 .print = nflog_print,
172 .compare = nflog_compare,
173 .extra_ops = nflog_opts,
174};
175
176void _init(void)
177{
178 ebt_register_watcher(&nflog_watcher);
179}