Blame - extensions/ebt_nflog.c - platform_external_ebtables

blob: 0cd10e05f1c336206834a9d54cbe2373c24718d1 [file] [log] [blame]

Bart De Schuymer	03e6000	2008-03-17 22:10:49 +0000	[diff] [blame]	1	/* ebt_nflog
				2	*
				3	* Authors:
				4	* Peter Warasin <peter@endian.com>
				5	*
				6	* February, 2008
				7	*
				8	* Based on:
				9	* ebt_ulog.c, (C) 2004, Bart De Schuymer <bdschuym@pandora.be>
				10	* libxt_NFLOG.c
				11	*/
				12
				13	#include <stdio.h>
				14	#include <stdlib.h>
				15	#include <string.h>
				16	#include <getopt.h>
				17	#include "../include/ebtables_u.h"
				18	#include <linux/netfilter_bridge/ebt_nflog.h>
				19
				20	enum {
				21	NFLOG_GROUP = 0x1,
				22	NFLOG_PREFIX = 0x2,
				23	NFLOG_RANGE = 0x4,
				24	NFLOG_THRESHOLD = 0x8,
				25	NFLOG_NFLOG = 0x16,
				26	};
				27
				28	static struct option nflog_opts[] = {
				29	{"nflog-group", required_argument, NULL, NFLOG_GROUP},
				30	{"nflog-prefix", required_argument, NULL, NFLOG_PREFIX},
				31	{"nflog-range", required_argument, NULL, NFLOG_RANGE},
				32	{"nflog-threshold", required_argument, NULL, NFLOG_THRESHOLD},
				33	{"nflog", no_argument, NULL, NFLOG_NFLOG},
				34	{.name = NULL}
				35	};
				36
				37	static void nflog_help()
				38	{
				39	printf("nflog options:\n"
				40	"--nflog : use the default nflog parameters\n"
				41	"--nflog-prefix prefix : Prefix string for log message\n"
				42	"--nflog-group group : NETLINK group used for logging\n"
				43	"--nflog-range range : Number of byte to copy\n"
				44	"--nflog-threshold : Message threshold of"
				45	"in-kernel queue\n");
				46	}
				47
Bart De Schuymer	3ba0f0a	2009-02-12 20:19:57 +0000	[diff] [blame]	48	static void init(struct ebt_entry_watcher *watcher)
Bart De Schuymer	03e6000	2008-03-17 22:10:49 +0000	[diff] [blame]	49	{
				50	struct ebt_nflog_info info = (struct ebt_nflog_info )watcher->data;
				51
				52	info->prefix[0] = '\0';
				53	info->group = EBT_NFLOG_DEFAULT_GROUP;
				54	info->threshold = EBT_NFLOG_DEFAULT_THRESHOLD;
				55	}
				56
				57	static int nflog_parse(int c, char **argv, int argc,
				58	const struct ebt_u_entry entry, unsigned int flags,
				59	struct ebt_entry_watcher **watcher)
				60	{
				61	struct ebt_nflog_info *info;
				62	unsigned int i;
				63	char *end;
				64
				65	info = (struct ebt_nflog_info )(watcher)->data;
				66	switch (c) {
				67	case NFLOG_PREFIX:
				68	if (ebt_check_inverse2(optarg))
				69	goto inverse_invalid;
				70	ebt_check_option2(flags, NFLOG_PREFIX);
				71	if (strlen(optarg) > EBT_NFLOG_PREFIX_SIZE - 1)
				72	ebt_print_error("Prefix too long for nflog-prefix");
				73	strcpy(info->prefix, optarg);
				74	break;
				75
				76	case NFLOG_GROUP:
				77	if (ebt_check_inverse2(optarg))
				78	goto inverse_invalid;
				79	ebt_check_option2(flags, NFLOG_GROUP);
				80	i = strtoul(optarg, &end, 10);
				81	if (*end != '\0')
				82	ebt_print_error2("--nflog-group must be a number!");
Bart De Schuymer	03e6000	2008-03-17 22:10:49 +0000	[diff] [blame]	83	info->group = i;
				84	break;
				85
				86	case NFLOG_RANGE:
				87	if (ebt_check_inverse2(optarg))
				88	goto inverse_invalid;
				89	ebt_check_option2(flags, NFLOG_RANGE);
				90	i = strtoul(optarg, &end, 10);
				91	if (*end != '\0')
				92	ebt_print_error2("--nflog-range must be a number!");
Bart De Schuymer	03e6000	2008-03-17 22:10:49 +0000	[diff] [blame]	93	info->len = i;
				94	break;
				95
				96	case NFLOG_THRESHOLD:
				97	if (ebt_check_inverse2(optarg))
				98	goto inverse_invalid;
				99	ebt_check_option2(flags, NFLOG_THRESHOLD);
				100	i = strtoul(optarg, &end, 10);
				101	if (*end != '\0')
				102	ebt_print_error2("--nflog-threshold must be a number!");
Bart De Schuymer	03e6000	2008-03-17 22:10:49 +0000	[diff] [blame]	103	info->threshold = i;
				104	break;
				105	case NFLOG_NFLOG:
				106	if (ebt_check_inverse(optarg))
				107	goto inverse_invalid;
				108	ebt_check_option2(flags, NFLOG_NFLOG);
				109	break;
				110
				111	default:
				112	return 0;
				113	}
				114	return 1;
				115
				116	inverse_invalid:
				117	ebt_print_error("The use of '!' makes no sense for the nflog watcher");
				118	return 1;
				119	}
				120
				121	static void nflog_final_check(const struct ebt_u_entry *entry,
				122	const struct ebt_entry_watcher *watcher,
				123	const char *name, unsigned int hookmask,
				124	unsigned int time)
				125	{
				126	}
				127
				128	static void nflog_print(const struct ebt_u_entry *entry,
				129	const struct ebt_entry_watcher *watcher)
				130	{
				131	struct ebt_nflog_info info = (struct ebt_nflog_info )watcher->data;
				132
				133	if (info->prefix[0] != '\0')
				134	printf("--nflog-prefix \"%s\"", info->prefix);
				135	if (info->group)
				136	printf("--nflog-group %d ", info->group);
				137	if (info->len)
				138	printf("--nflog-range %d", info->len);
				139	if (info->threshold != EBT_NFLOG_DEFAULT_THRESHOLD)
				140	printf(" --nflog-threshold %d ", info->threshold);
				141	}
				142
				143	static int nflog_compare(const struct ebt_entry_watcher *w1,
				144	const struct ebt_entry_watcher *w2)
				145	{
				146	struct ebt_nflog_info info1 = (struct ebt_nflog_info )w1->data;
				147	struct ebt_nflog_info info2 = (struct ebt_nflog_info )w2->data;
				148
				149	if (info1->group != info2->group \|\|
				150	info1->len != info2->len \|\|
				151	info1->threshold != info2->threshold \|\|
				152	strcmp(info1->prefix, info2->prefix))
				153	return 0;
				154	return 1;
				155	}
				156
				157	static struct ebt_u_watcher nflog_watcher = {
				158	.name = "nflog",
				159	.size = sizeof(struct ebt_nflog_info),
				160	.help = nflog_help,
Bart De Schuymer	3ba0f0a	2009-02-12 20:19:57 +0000	[diff] [blame]	161	.init = init,
Bart De Schuymer	03e6000	2008-03-17 22:10:49 +0000	[diff] [blame]	162	.parse = nflog_parse,
				163	.final_check = nflog_final_check,
				164	.print = nflog_print,
				165	.compare = nflog_compare,
				166	.extra_ops = nflog_opts,
				167	};
				168
				169	void _init(void)
				170	{
				171	ebt_register_watcher(&nflog_watcher);
				172	}