From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> This patch cleans up the current key assignation by introducing a set of functions ukey_* to set the key value as Eric Leblond and we discussed during the latest Netfilter Workshop. This patch is based on an idea from Holger Eitzenberger. Signed-off-by: Eric Leblond <eric@xxxxxx> --- filter/raw2packet/ulogd_raw2packet_BASE.c | 217 ++++++++++------------------ filter/raw2packet/ulogd_raw2packet_LOCAL.c | 7 +- filter/ulogd_filter_HWHDR.c | 76 +++++----- filter/ulogd_filter_IFINDEX.c | 30 +++-- filter/ulogd_filter_IP2BIN.c | 9 +- filter/ulogd_filter_IP2STR.c | 15 +- filter/ulogd_filter_MARK.c | 4 +- filter/ulogd_filter_PRINTFLOW.c | 3 +- filter/ulogd_filter_PRINTPKT.c | 3 +- filter/ulogd_filter_PWSNIFF.c | 27 ++-- include/ulogd/ulogd.h | 60 ++++++++- input/flow/ulogd_inpflow_NFCT.c | 159 +++++++-------------- input/packet/ulogd_inppkt_NFLOG.c | 101 +++++--------- input/packet/ulogd_inppkt_ULOG.c | 45 ++---- output/pcap/ulogd_output_PCAP.c | 11 +- output/ulogd_output_NACCT.c | 34 +++--- util/printflow.c | 52 ++++---- util/printpkt.c | 146 ++++++++++--------- 18 files changed, 448 insertions(+), 551 deletions(-) diff --git a/filter/raw2packet/ulogd_raw2packet_BASE.c b/filter/raw2packet/ulogd_raw2packet_BASE.c index e61d904..c38c696 100644 --- a/filter/raw2packet/ulogd_raw2packet_BASE.c +++ b/filter/raw2packet/ulogd_raw2packet_BASE.c @@ -521,43 +521,25 @@ static int _interp_tcp(struct ulogd_pluginstance *pi, struct tcphdr *tcph, if (len < sizeof(struct tcphdr)) return ULOGD_IRET_OK; - ret[KEY_TCP_SPORT].u.value.ui16 = ntohs(tcph->source); - ret[KEY_TCP_SPORT].flags |= ULOGD_RETF_VALID; - ret[KEY_TCP_DPORT].u.value.ui16 = ntohs(tcph->dest); - ret[KEY_TCP_DPORT].flags |= ULOGD_RETF_VALID; - ret[KEY_TCP_SEQ].u.value.ui32 = ntohl(tcph->seq); - ret[KEY_TCP_SEQ].flags |= ULOGD_RETF_VALID; - ret[KEY_TCP_ACKSEQ].u.value.ui32 = ntohl(tcph->ack_seq); - ret[KEY_TCP_ACKSEQ].flags |= ULOGD_RETF_VALID; - ret[KEY_TCP_OFFSET].u.value.ui8 = ntohs(tcph->doff); - ret[KEY_TCP_OFFSET].flags |= ULOGD_RETF_VALID; - ret[KEY_TCP_RESERVED].u.value.ui8 = ntohs(tcph->res1); - ret[KEY_TCP_RESERVED].flags |= ULOGD_RETF_VALID; - ret[KEY_TCP_WINDOW].u.value.ui16 = ntohs(tcph->window); - ret[KEY_TCP_WINDOW].flags |= ULOGD_RETF_VALID; - - ret[KEY_TCP_URG].u.value.b = tcph->urg; - ret[KEY_TCP_URG].flags |= ULOGD_RETF_VALID; - if (tcph->urg) { - ret[KEY_TCP_URGP].u.value.ui16 = ntohs(tcph->urg_ptr); - ret[KEY_TCP_URGP].flags |= ULOGD_RETF_VALID; - } - ret[KEY_TCP_ACK].u.value.b = tcph->ack; - ret[KEY_TCP_ACK].flags |= ULOGD_RETF_VALID; - ret[KEY_TCP_PSH].u.value.b = tcph->psh; - ret[KEY_TCP_PSH].flags |= ULOGD_RETF_VALID; - ret[KEY_TCP_RST].u.value.b = tcph->rst; - ret[KEY_TCP_RST].flags |= ULOGD_RETF_VALID; - ret[KEY_TCP_SYN].u.value.b = tcph->syn; - ret[KEY_TCP_SYN].flags |= ULOGD_RETF_VALID; - ret[KEY_TCP_FIN].u.value.b = tcph->fin; - ret[KEY_TCP_FIN].flags |= ULOGD_RETF_VALID; - ret[KEY_TCP_RES1].u.value.b = tcph->res1; - ret[KEY_TCP_RES1].flags |= ULOGD_RETF_VALID; - ret[KEY_TCP_RES2].u.value.b = tcph->res2; - ret[KEY_TCP_RES2].flags |= ULOGD_RETF_VALID; - ret[KEY_TCP_CSUM].u.value.ui16 = ntohs(tcph->check); - ret[KEY_TCP_CSUM].u.value.ui16 = ULOGD_RETF_VALID; + okey_set_u16(&ret[KEY_TCP_SPORT], ntohs(tcph->source)); + okey_set_u16(&ret[KEY_TCP_DPORT], ntohs(tcph->dest)); + okey_set_u32(&ret[KEY_TCP_SEQ], ntohl(tcph->seq)); + okey_set_u32(&ret[KEY_TCP_ACKSEQ], ntohl(tcph->ack_seq)); + okey_set_u8(&ret[KEY_TCP_OFFSET], ntohs(tcph->doff)); + okey_set_u8(&ret[KEY_TCP_RESERVED], ntohs(tcph->res1)); + okey_set_u16(&ret[KEY_TCP_WINDOW], ntohs(tcph->window)); + + okey_set_b(&ret[KEY_TCP_URG], tcph->urg); + if (tcph->urg) + okey_set_u16(&ret[KEY_TCP_URGP], ntohs(tcph->urg_ptr)); + okey_set_b(&ret[KEY_TCP_ACK], tcph->ack); + okey_set_b(&ret[KEY_TCP_PSH], tcph->psh); + okey_set_b(&ret[KEY_TCP_RST], tcph->rst); + okey_set_b(&ret[KEY_TCP_SYN], tcph->syn); + okey_set_b(&ret[KEY_TCP_FIN], tcph->fin); + okey_set_b(&ret[KEY_TCP_RES1], tcph->res1); + okey_set_b(&ret[KEY_TCP_RES2], tcph->res2); + okey_set_u16(&ret[KEY_TCP_CSUM], ntohs(tcph->check)); return ULOGD_IRET_OK; } @@ -575,14 +557,10 @@ static int _interp_udp(struct ulogd_pluginstance *pi, struct udphdr *udph, if (len < sizeof(struct udphdr)) return ULOGD_IRET_OK; - ret[KEY_UDP_SPORT].u.value.ui16 = ntohs(udph->source); - ret[KEY_UDP_SPORT].flags |= ULOGD_RETF_VALID; - ret[KEY_UDP_DPORT].u.value.ui16 = ntohs(udph->dest); - ret[KEY_UDP_DPORT].flags |= ULOGD_RETF_VALID; - ret[KEY_UDP_LEN].u.value.ui16 = ntohs(udph->len); - ret[KEY_UDP_LEN].flags |= ULOGD_RETF_VALID; - ret[KEY_UDP_CSUM].u.value.ui16 = ntohs(udph->check); - ret[KEY_UDP_CSUM].flags |= ULOGD_RETF_VALID; + okey_set_u16(&ret[KEY_UDP_SPORT], ntohs(udph->source)); + okey_set_u16(&ret[KEY_UDP_DPORT], ntohs(udph->dest)); + okey_set_u16(&ret[KEY_UDP_LEN], ntohs(udph->len)); + okey_set_u16(&ret[KEY_UDP_CSUM], ntohs(udph->check)); return ULOGD_IRET_OK; } @@ -599,33 +577,28 @@ static int _interp_icmp(struct ulogd_pluginstance *pi, struct icmphdr *icmph, if (len < sizeof(struct icmphdr)) return ULOGD_IRET_OK; - ret[KEY_ICMP_TYPE].u.value.ui8 = icmph->type; - ret[KEY_ICMP_TYPE].flags |= ULOGD_RETF_VALID; - ret[KEY_ICMP_CODE].u.value.ui8 = icmph->code; - ret[KEY_ICMP_CODE].flags |= ULOGD_RETF_VALID; + okey_set_u8(&ret[KEY_ICMP_TYPE], icmph->type); + okey_set_u8(&ret[KEY_ICMP_CODE], icmph->code); switch (icmph->type) { case ICMP_ECHO: case ICMP_ECHOREPLY: - ret[KEY_ICMP_ECHOID].u.value.ui16 = ntohs(icmph->un.echo.id); - ret[KEY_ICMP_ECHOID].flags |= ULOGD_RETF_VALID; - ret[KEY_ICMP_ECHOSEQ].u.value.ui16 = ntohs(icmph->un.echo.sequence); - ret[KEY_ICMP_ECHOSEQ].flags |= ULOGD_RETF_VALID; + okey_set_u16(&ret[KEY_ICMP_ECHOID], ntohs(icmph->un.echo.id)); + okey_set_u16(&ret[KEY_ICMP_ECHOSEQ], + ntohs(icmph->un.echo.sequence)); break; case ICMP_REDIRECT: case ICMP_PARAMETERPROB: - ret[KEY_ICMP_GATEWAY].u.value.ui32 = ntohl(icmph->un.gateway); - ret[KEY_ICMP_GATEWAY].flags |= ULOGD_RETF_VALID; + okey_set_u32(&ret[KEY_ICMP_GATEWAY], ntohl(icmph->un.gateway)); break; case ICMP_DEST_UNREACH: if (icmph->code == ICMP_FRAG_NEEDED) { - ret[KEY_ICMP_FRAGMTU].u.value.ui16 = ntohs(icmph->un.frag.mtu); - ret[KEY_ICMP_FRAGMTU].flags |= ULOGD_RETF_VALID; + okey_set_u16(&ret[KEY_ICMP_FRAGMTU], + ntohs(icmph->un.frag.mtu)); } break; } - ret[KEY_ICMP_CSUM].u.value.ui16 = icmph->checksum; - ret[KEY_ICMP_CSUM].flags |= ULOGD_RETF_VALID; + okey_set_u16(&ret[KEY_ICMP_CSUM], icmph->checksum); return ULOGD_IRET_OK; } @@ -642,22 +615,18 @@ static int _interp_icmpv6(struct ulogd_pluginstance *pi, struct icmp6_hdr *icmph if (len < sizeof(struct icmp6_hdr)) return ULOGD_IRET_OK; - ret[KEY_ICMPV6_TYPE].u.value.ui8 = icmph->icmp6_type; - ret[KEY_ICMPV6_TYPE].flags |= ULOGD_RETF_VALID; - ret[KEY_ICMPV6_CODE].u.value.ui8 = icmph->icmp6_code; - ret[KEY_ICMPV6_CODE].flags |= ULOGD_RETF_VALID; + okey_set_u8(&ret[KEY_ICMPV6_TYPE], icmph->icmp6_type); + okey_set_u8(&ret[KEY_ICMPV6_CODE], icmph->icmp6_code); switch (icmph->icmp6_type) { case ICMP6_ECHO_REQUEST: case ICMP6_ECHO_REPLY: - ret[KEY_ICMPV6_ECHOID].u.value.ui16 = ntohs(icmph->icmp6_id); - ret[KEY_ICMPV6_ECHOID].flags |= ULOGD_RETF_VALID; - ret[KEY_ICMPV6_ECHOSEQ].u.value.ui16 = ntohs(icmph->icmp6_seq); - ret[KEY_ICMPV6_ECHOSEQ].flags |= ULOGD_RETF_VALID; + okey_set_u16(&ret[KEY_ICMPV6_ECHOID], ntohs(icmph->icmp6_id)); + okey_set_u16(&ret[KEY_ICMPV6_ECHOSEQ], + ntohs(icmph->icmp6_seq)); break; } - ret[KEY_ICMPV6_CSUM].u.value.ui16 = icmph->icmp6_cksum; - ret[KEY_ICMPV6_CSUM].flags |= ULOGD_RETF_VALID; + okey_set_u16(&ret[KEY_ICMPV6_CSUM], icmph->icmp6_cksum); return ULOGD_IRET_OK; } @@ -691,33 +660,23 @@ static int _interp_iphdr(struct ulogd_pluginstance *pi, u_int32_t len) { struct ulogd_key *ret = pi->output.keys; struct iphdr *iph = - GET_VALUE(pi->input.keys, INKEY_RAW_PCKT).ptr; + ikey_get_ptr(&pi->input.keys[INKEY_RAW_PCKT]); void *nexthdr = (u_int32_t *)iph + iph->ihl; if (len < sizeof(struct iphdr) || len <= (u_int32_t)(iph->ihl * 4)) return ULOGD_IRET_OK; len -= iph->ihl * 4; - ret[KEY_IP_SADDR].u.value.ui32 = iph->saddr; - ret[KEY_IP_SADDR].flags |= ULOGD_RETF_VALID; - ret[KEY_IP_DADDR].u.value.ui32 = iph->daddr; - ret[KEY_IP_DADDR].flags |= ULOGD_RETF_VALID; - ret[KEY_IP_PROTOCOL].u.value.ui8 = iph->protocol; - ret[KEY_IP_PROTOCOL].flags |= ULOGD_RETF_VALID; - ret[KEY_IP_TOS].u.value.ui8 = iph->tos; - ret[KEY_IP_TOS].flags |= ULOGD_RETF_VALID; - ret[KEY_IP_TTL].u.value.ui8 = iph->ttl; - ret[KEY_IP_TTL].flags |= ULOGD_RETF_VALID; - ret[KEY_IP_TOTLEN].u.value.ui16 = ntohs(iph->tot_len); - ret[KEY_IP_TOTLEN].flags |= ULOGD_RETF_VALID; - ret[KEY_IP_IHL].u.value.ui8 = iph->ihl; - ret[KEY_IP_IHL].flags |= ULOGD_RETF_VALID; - ret[KEY_IP_CSUM].u.value.ui16 = ntohs(iph->check); - ret[KEY_IP_CSUM].flags |= ULOGD_RETF_VALID; - ret[KEY_IP_ID].u.value.ui16 = ntohs(iph->id); - ret[KEY_IP_ID].flags |= ULOGD_RETF_VALID; - ret[KEY_IP_FRAGOFF].u.value.ui16 = ntohs(iph->frag_off); - ret[KEY_IP_FRAGOFF].flags |= ULOGD_RETF_VALID; + okey_set_u32(&ret[KEY_IP_SADDR], iph->saddr); + okey_set_u32(&ret[KEY_IP_DADDR], iph->daddr); + okey_set_u8(&ret[KEY_IP_PROTOCOL], iph->protocol); + okey_set_u8(&ret[KEY_IP_TOS], iph->tos); + okey_set_u8(&ret[KEY_IP_TTL], iph->ttl); + okey_set_u16(&ret[KEY_IP_TOTLEN], ntohs(iph->tot_len)); + okey_set_u8(&ret[KEY_IP_IHL], iph->ihl); + okey_set_u16(&ret[KEY_IP_CSUM], ntohs(iph->check)); + okey_set_u16(&ret[KEY_IP_ID], ntohs(iph->id)); + okey_set_u16(&ret[KEY_IP_FRAGOFF], ntohs(iph->frag_off)); switch (iph->protocol) { case IPPROTO_TCP: @@ -760,8 +719,7 @@ static int ip6_ext_hdr(u_int8_t nexthdr) static int _interp_ipv6hdr(struct ulogd_pluginstance *pi, u_int32_t len) { struct ulogd_key *ret = pi->output.keys; - struct ip6_hdr *ipv6h = - GET_VALUE(pi->input.keys, INKEY_RAW_PCKT).ptr; + struct ip6_hdr *ipv6h = ikey_get_ptr(&pi->input.keys[INKEY_RAW_PCKT]); unsigned int ptr, hdrlen = 0; u_int8_t curhdr; int fragment = 0; @@ -769,20 +727,14 @@ static int _interp_ipv6hdr(struct ulogd_pluginstance *pi, u_int32_t len) if (len < sizeof(struct ip6_hdr)) return ULOGD_IRET_OK; - memcpy(ret[KEY_IP_SADDR].u.value.ui128, &ipv6h->ip6_src, - sizeof(ipv6h->ip6_src)); - ret[KEY_IP_SADDR].flags |= ULOGD_RETF_VALID; - memcpy(ret[KEY_IP_DADDR].u.value.ui128, &ipv6h->ip6_dst, - sizeof(ipv6h->ip6_dst)); - ret[KEY_IP_DADDR].flags |= ULOGD_RETF_VALID; - ret[KEY_IP6_PAYLOAD_LEN].u.value.ui16 = ntohs(ipv6h->ip6_plen); - ret[KEY_IP6_PAYLOAD_LEN].flags |= ULOGD_RETF_VALID; - ret[KEY_IP6_PRIORITY].u.value.ui8 = ntohl(ipv6h->ip6_flow & 0x0ff00000) >> 20; - ret[KEY_IP6_PRIORITY].flags |= ULOGD_RETF_VALID; - ret[KEY_IP6_FLOWLABEL].u.value.ui32 = ntohl(ipv6h->ip6_flow & 0x000fffff); - ret[KEY_IP6_FLOWLABEL].flags |= ULOGD_RETF_VALID; - ret[KEY_IP6_HOPLIMIT].u.value.ui8 = ipv6h->ip6_hlim; - ret[KEY_IP6_HOPLIMIT].flags |= ULOGD_RETF_VALID; + okey_set_u128(&ret[KEY_IP_SADDR], &ipv6h->ip6_src); + okey_set_u128(&ret[KEY_IP_DADDR], &ipv6h->ip6_dst); + okey_set_u16(&ret[KEY_IP6_PAYLOAD_LEN], ntohs(ipv6h->ip6_plen)); + okey_set_u8(&ret[KEY_IP6_PRIORITY], + ntohl(ipv6h->ip6_flow & 0x0ff00000) >> 20); + okey_set_u32(&ret[KEY_IP6_FLOWLABEL], + ntohl(ipv6h->ip6_flow & 0x000fffff)); + okey_set_u8(&ret[KEY_IP6_HOPLIMIT], ipv6h->ip6_hlim); curhdr = ipv6h->ip6_nxt; ptr = sizeof(struct ip6_hdr); @@ -803,10 +755,10 @@ static int _interp_ipv6hdr(struct ulogd_pluginstance *pi, u_int32_t len) return ULOGD_IRET_OK; len -= hdrlen; - ret[KEY_IP6_FRAG_OFF].u.value.ui16 = ntohs(fh->ip6f_offlg & IP6F_OFF_MASK); - ret[KEY_IP6_FRAG_OFF].flags |= ULOGD_RETF_VALID; - ret[KEY_IP6_FRAG_ID].u.value.ui32 = ntohl(fh->ip6f_ident); - ret[KEY_IP6_FRAG_ID].flags |= ULOGD_RETF_VALID; + okey_set_u16(&ret[KEY_IP6_FRAG_OFF], + ntohs(fh->ip6f_offlg & IP6F_OFF_MASK)); + okey_set_u32(&ret[KEY_IP6_FRAG_ID], + ntohl(fh->ip6f_ident)); if (ntohs(fh->ip6f_offlg & IP6F_OFF_MASK)) fragment = 1; @@ -857,8 +809,7 @@ static int _interp_ipv6hdr(struct ulogd_pluginstance *pi, u_int32_t len) goto out; - ret[KEY_IP_PROTOCOL].u.value.ui8 = curhdr; - ret[KEY_IP_PROTOCOL].flags |= ULOGD_RETF_VALID; + okey_set_u8(&ret[KEY_IP_PROTOCOL], curhdr); switch (curhdr) { case IPPROTO_TCP: @@ -873,8 +824,7 @@ static int _interp_ipv6hdr(struct ulogd_pluginstance *pi, u_int32_t len) } out: - ret[KEY_IP6_NEXTHDR].u.value.ui8 = curhdr; - ret[KEY_IP6_NEXTHDR].flags |= ULOGD_RETF_VALID; + okey_set_u8(&ret[KEY_IP6_NEXTHDR], curhdr); return ULOGD_IRET_OK; } @@ -885,31 +835,19 @@ static int _interp_arp(struct ulogd_pluginstance *pi, u_int32_t len) { struct ulogd_key *ret = pi->output.keys; const struct ether_arp *arph = - GET_VALUE(pi->input.keys, INKEY_RAW_PCKT).ptr; + ikey_get_ptr(&pi->input.keys[INKEY_RAW_PCKT]); if (len < sizeof(struct ether_arp)) return ULOGD_IRET_OK; - ret[KEY_ARP_HTYPE].u.value.ui16 = ntohs(arph->arp_hrd); - SET_VALID(ret[KEY_ARP_HTYPE]); - ret[KEY_ARP_PTYPE].u.value.ui16 = ntohs(arph->arp_pro); - SET_VALID(ret[KEY_ARP_PTYPE]); - ret[KEY_ARP_OPCODE].u.value.ui16 = ntohs(arph->arp_op); - SET_VALID(ret[KEY_ARP_OPCODE]); - - ret[KEY_ARP_SHA].u.value.ptr = &arph->arp_sha; - SET_VALID(ret[KEY_ARP_SHA]); - - memcpy(&ret[KEY_ARP_SPA].u.value.ui32, &arph->arp_spa, - sizeof(u_int32_t)); - SET_VALID(ret[KEY_ARP_SPA]); - - ret[KEY_ARP_THA].u.value.ptr = &arph->arp_tha; - SET_VALID(ret[KEY_ARP_THA]); + okey_set_u16(&ret[KEY_ARP_HTYPE], ntohs(arph->arp_hrd)); + okey_set_u16(&ret[KEY_ARP_PTYPE], ntohs(arph->arp_pro)); + okey_set_u16(&ret[KEY_ARP_OPCODE], ntohs(arph->arp_op)); - memcpy(&ret[KEY_ARP_TPA].u.value.ui32, &arph->arp_tpa, - sizeof(u_int32_t)); - SET_VALID(ret[KEY_ARP_TPA]); + okey_set_ptr(&ret[KEY_ARP_SHA], &arph->arp_sha); + okey_set_ptr(&ret[KEY_ARP_SPA], &arph->arp_spa), + okey_set_ptr(&ret[KEY_ARP_THA], &arph->arp_tha); + okey_set_ptr(&ret[KEY_ARP_TPA], &arph->arp_tpa); return ULOGD_IRET_OK; } @@ -921,7 +859,7 @@ static int _interp_arp(struct ulogd_pluginstance *pi, u_int32_t len) static int _interp_bridge(struct ulogd_pluginstance *pi, u_int32_t len) { const u_int16_t proto = - GET_VALUE(pi->input.keys, INKEY_OOB_PROTOCOL).ui16; + ikey_get_u16(&pi->input.keys[INKEY_OOB_PROTOCOL]); switch (proto) { case ETH_P_IP: @@ -942,13 +880,12 @@ static int _interp_bridge(struct ulogd_pluginstance *pi, u_int32_t len) static int _interp_pkt(struct ulogd_pluginstance *pi) { - u_int32_t len = GET_VALUE(pi->input.keys, INKEY_RAW_PCKTLEN).ui32; - u_int8_t family = GET_VALUE(pi->input.keys, INKEY_OOB_FAMILY).ui8; + u_int32_t len = ikey_get_u32(&pi->input.keys[INKEY_RAW_PCKTLEN]); + u_int8_t family = ikey_get_u8(&pi->input.keys[INKEY_OOB_FAMILY]); struct ulogd_key *ret = pi->output.keys; - ret[KEY_OOB_PROTOCOL].u.value.ui16 = - GET_VALUE(pi->input.keys, INKEY_OOB_PROTOCOL).ui16; - SET_VALID(ret[KEY_OOB_PROTOCOL]); + okey_set_u16(&ret[KEY_OOB_PROTOCOL], + ikey_get_u16(&pi->input.keys[INKEY_OOB_PROTOCOL])); switch (family) { case AF_INET: diff --git a/filter/raw2packet/ulogd_raw2packet_LOCAL.c b/filter/raw2packet/ulogd_raw2packet_LOCAL.c index bf400d7..fdfc7c8 100644 --- a/filter/raw2packet/ulogd_raw2packet_LOCAL.c +++ b/filter/raw2packet/ulogd_raw2packet_LOCAL.c @@ -51,11 +51,8 @@ static ulog_iret_t *_interp_local(ulog_interpreter_t *ip, gettimeofday(&tv, NULL); /* put date */ - ret[0].value.ui32 = (unsigned long) tv.tv_sec; - ret[0].flags |= ULOGD_RETF_VALID; - - ret[1].value.ptr = hostname; - ret[1].flags |= ULOGD_RETF_VALID; + okey_set_ui32(&ret[0], (unsigned long) tv.tv_sec); + okey_set_ptr(&ret[1], hostname); return ret; } diff --git a/filter/ulogd_filter_HWHDR.c b/filter/ulogd_filter_HWHDR.c index 8df4f00..33e8316 100644 --- a/filter/ulogd_filter_HWHDR.c +++ b/filter/ulogd_filter_HWHDR.c @@ -3,6 +3,7 @@ * ulogd interpreter plugin for HWMAC * * (C) 2008 by Eric Leblond <eric@xxxxxx> + * (C) 2008 by Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> * * Based on ulogd_filter_IFINDEX.c Harald Welte <laforge@xxxxxxxxxxxx> * @@ -128,32 +129,41 @@ static int parse_mac2str(struct ulogd_key *ret, unsigned char *mac, buf_cur += sprintf(buf_cur, "%02x%c", mac[i], i == len - 1 ? 0 : ':'); - ret[okey].u.value.ptr = mac_str; - ret[okey].flags |= ULOGD_RETF_VALID; + okey_set_ptr(&ret[okey], mac_str); return ULOGD_IRET_OK; } +static void *hwhdr_get_saddr(struct ulogd_key *inp) +{ + return ikey_get_ptr(&inp[KEY_RAW_MAC]) + ETH_ALEN; +} + +static void *hwhdr_get_daddr(struct ulogd_key *inp) +{ + return ikey_get_ptr(&inp[KEY_RAW_MAC]); +} + +static u_int16_t hwhdr_get_len(struct ulogd_key *inp) +{ + void *len = ikey_get_ptr(&inp[KEY_RAW_MAC]) + 2 * ETH_ALEN; + return ntohs(*(u_int16_t *) len); +} static int parse_ethernet(struct ulogd_key *ret, struct ulogd_key *inp) { int fret; if (!pp_is_valid(inp, KEY_RAW_MAC_SADDR)) { - fret = parse_mac2str(ret, - GET_VALUE(inp, KEY_RAW_MAC).ptr - + ETH_ALEN, + fret = parse_mac2str(ret, hwhdr_get_saddr(inp), KEY_MAC_SADDR, ETH_ALEN); if (fret != ULOGD_IRET_OK) return fret; } - fret = parse_mac2str(ret, GET_VALUE(inp, KEY_RAW_MAC).ptr, + fret = parse_mac2str(ret, hwhdr_get_daddr(inp), KEY_MAC_DADDR, ETH_ALEN); if (fret != ULOGD_IRET_OK) return fret; - ret[KEY_MAC_PROTOCOL].u.value.ui16 = - ntohs(*(u_int16_t *) (GET_VALUE(inp, KEY_RAW_MAC).ptr - + 2 * ETH_ALEN)); - ret[KEY_MAC_PROTOCOL].flags |= ULOGD_RETF_VALID; + okey_set_u16(&ret[KEY_MAC_PROTOCOL], hwhdr_get_len(inp)); return ULOGD_IRET_OK; } @@ -164,46 +174,41 @@ static int interp_mac2str(struct ulogd_pluginstance *pi) struct ulogd_key *inp = pi->input.keys; u_int16_t type = 0; - if (pp_is_valid(inp, KEY_OOB_PROTOCOL)) { - ret[KEY_MAC_PROTOCOL].u.value.ui16 = - GET_VALUE(inp, KEY_OOB_PROTOCOL).ui16; - ret[KEY_MAC_PROTOCOL].flags |= ULOGD_RETF_VALID; - } + if (pp_is_valid(inp, KEY_OOB_PROTOCOL)) + okey_set_u16(&ret[KEY_MAC_PROTOCOL], + ikey_get_u16(&inp[KEY_OOB_PROTOCOL])); if (pp_is_valid(inp, KEY_RAW_MAC_SADDR)) { int fret; fret = parse_mac2str(ret, - GET_VALUE(inp, KEY_RAW_MAC_SADDR).ptr, + ikey_get_ptr(&inp[KEY_RAW_MAC_SADDR]), KEY_MAC_SADDR, - GET_VALUE(inp, KEY_RAW_MAC_ADDRLEN).ui16); + ikey_get_u16(&inp[KEY_RAW_MAC_ADDRLEN])); if (fret != ULOGD_IRET_OK) return fret; } if (pp_is_valid(inp, KEY_RAW_MAC)) { - if (GET_VALUE(inp, KEY_RAW_MAC_ADDRLEN).ui16 == ETH_ALEN) { - ret[KEY_MAC_TYPE].u.value.ui16 = ARPHRD_ETHER; - ret[KEY_MAC_TYPE].flags |= ULOGD_RETF_VALID; - } else { - ret[KEY_MAC_TYPE].u.value.ui16 = ARPHRD_VOID; - ret[KEY_MAC_TYPE].flags |= ULOGD_RETF_VALID; - } + if (ikey_get_u16(&inp[KEY_RAW_MAC_ADDRLEN]) == ETH_ALEN) + okey_set_u16(&ret[KEY_MAC_TYPE], ARPHRD_ETHER); + else + okey_set_u16(&ret[KEY_MAC_TYPE], ARPHRD_VOID); + return ULOGD_IRET_OK; } if (pp_is_valid(inp, KEY_RAW_TYPE)) { /* NFLOG with Linux >= 2.6.27 case */ - ret[KEY_MAC_TYPE].u.value.ui16 = type = - GET_VALUE(inp, KEY_RAW_TYPE).ui16; - ret[KEY_MAC_TYPE].flags |= ULOGD_RETF_VALID; + type = ikey_get_u16(&inp[KEY_RAW_TYPE]); + okey_set_u16(&ret[KEY_MAC_TYPE], type); } else { /* ULOG case, treat ethernet encapsulation */ - if (GET_VALUE(inp, KEY_RAW_MACLEN).ui16 == ETH_HLEN) { - ret[KEY_MAC_TYPE].u.value.ui16 = type = ARPHRD_ETHER; - ret[KEY_MAC_TYPE].flags |= ULOGD_RETF_VALID; + if (ikey_get_u16(&inp[KEY_RAW_MACLEN]) == ETH_HLEN) { + type = ARPHRD_ETHER; + okey_set_u16(&ret[KEY_MAC_TYPE], type); } else { - ret[KEY_MAC_TYPE].u.value.ui16 = type = ARPHRD_VOID; - ret[KEY_MAC_TYPE].flags |= ULOGD_RETF_VALID; + type = ARPHRD_VOID; + okey_set_u16(&ret[KEY_MAC_TYPE], type); } } @@ -213,10 +218,9 @@ static int interp_mac2str(struct ulogd_pluginstance *pi) default: /* convert raw header to string */ return parse_mac2str(ret, - GET_VALUE(inp, KEY_RAW_MAC).ptr, - KEY_MAC_ADDR, - GET_VALUE(inp, - KEY_RAW_MACLEN).ui16); + ikey_get_ptr(&inp[KEY_RAW_MAC]), + KEY_MAC_ADDR, + ikey_get_u16(&inp[KEY_RAW_MACLEN])); } return ULOGD_IRET_OK; } diff --git a/filter/ulogd_filter_IFINDEX.c b/filter/ulogd_filter_IFINDEX.c index f7571bd..f56ee0b 100644 --- a/filter/ulogd_filter_IFINDEX.c +++ b/filter/ulogd_filter_IFINDEX.c @@ -3,6 +3,7 @@ * ulogd interpreter plugin for ifindex to ifname conversion * * (C) 2005 by Harald Welte <laforge@xxxxxxxxxxxx> + * (C) 2008 by Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License version 2 @@ -61,20 +62,25 @@ static int interp_ifindex(struct ulogd_pluginstance *pi) { struct ulogd_key *ret = pi->output.keys; struct ulogd_key *inp = pi->input.keys; + void *ptr; - ret[0].u.value.ptr = calloc(IFNAMSIZ, sizeof(char)); - nlif_index2name(nlif_inst, inp[0].u.source->u.value.ui32, - ret[0].u.value.ptr); - if (((char *)ret[0].u.value.ptr)[0] == '*') - ((char *)(ret[0].u.value.ptr))[0] = 0; - ret[0].flags |= ULOGD_RETF_VALID; - - ret[1].u.value.ptr = calloc(IFNAMSIZ, sizeof(char)); - nlif_index2name(nlif_inst, inp[1].u.source->u.value.ui32, - ret[1].u.value.ptr); - if (((char *)ret[1].u.value.ptr)[0] == '*') - ((char *)(ret[1].u.value.ptr))[0] = 0; - ret[1].flags |= ULOGD_RETF_VALID; + ptr = calloc(IFNAMSIZ, sizeof(char)); + if (!ptr) + return ULOGD_IRET_ERR; + + nlif_index2name(nlif_inst, ikey_get_u32(&inp[0]), ptr); + if (((char *)ptr)[0] == '*') + ((char *)(ptr))[0] = 0; + okey_set_ptr(&ret[0], ptr); + + ptr = calloc(IFNAMSIZ, sizeof(char)); + if (!ptr) + return ULOGD_IRET_ERR; + + nlif_index2name(nlif_inst, ikey_get_u32(&inp[1]), ptr); + if (((char *)ptr)[0] == '*') + ((char *)(ptr))[0] = 0; + okey_set_ptr(&ret[1], ptr); return ULOGD_IRET_OK; } diff --git a/filter/ulogd_filter_IP2BIN.c b/filter/ulogd_filter_IP2BIN.c index 2d9fc16..1d2865e 100644 --- a/filter/ulogd_filter_IP2BIN.c +++ b/filter/ulogd_filter_IP2BIN.c @@ -137,12 +137,12 @@ static char *ip2bin(struct ulogd_key* inp, int index, char family) switch (family) { case AF_INET6: - addr = (struct in6_addr *) GET_VALUE(inp, index).ui128; + addr = (struct in6_addr *)ikey_get_u128(&inp[index]); break; case AF_INET: /* Convert IPv4 to IPv4 in IPv6 */ addr = &ip4_addr; - uint32_to_ipv6(GET_VALUE(inp, index).ui32, addr); + uint32_to_ipv6(ikey_get_u32(&inp[index]), addr); break; default: /* TODO handle error */ @@ -176,13 +176,12 @@ static int interp_ip2bin(struct ulogd_pluginstance *pi) struct ulogd_key *ret = pi->output.keys; struct ulogd_key *inp = pi->input.keys; int i; - int oob_family = GET_VALUE(inp, KEY_OOB_FAMILY).ui8; + int oob_family = ikey_get_u8(&inp[KEY_OOB_FAMILY]); /* Iter on all addr fields */ for(i = START_KEY; i < MAX_KEY; i++) { if (pp_is_valid(inp, i)) { - ret[i-1].u.value.ptr = ip2bin(inp, i, oob_family); - ret[i-1].flags |= ULOGD_RETF_VALID; + okey_set_ptr(&ret[i-1], ip2bin(inp, i, oob_family)); } } diff --git a/filter/ulogd_filter_IP2STR.c b/filter/ulogd_filter_IP2STR.c index a1c1e87..df94c72 100644 --- a/filter/ulogd_filter_IP2STR.c +++ b/filter/ulogd_filter_IP2STR.c @@ -145,7 +145,7 @@ static struct ulogd_key ip2str_keys[] = { static char *ip2str(struct ulogd_key *inp, int index) { char tmp[IPADDR_LENGTH]; - char family = GET_VALUE(inp, KEY_OOB_FAMILY).ui8; + char family = ikey_get_u8(&inp[KEY_OOB_FAMILY]); char convfamily = family; if (family == AF_BRIDGE) { @@ -154,7 +154,7 @@ static char *ip2str(struct ulogd_key *inp, int index) "No protocol inside AF_BRIDGE packet\n"); return NULL; } - switch (GET_VALUE(inp, KEY_OOB_PROTOCOL).ui16) { + switch (ikey_get_u16(&inp[KEY_OOB_PROTOCOL])) { case ETH_P_IPV6: convfamily = AF_INET6; break; @@ -172,15 +172,15 @@ static char *ip2str(struct ulogd_key *inp, int index) } switch (convfamily) { + u_int32_t ip; case AF_INET6: inet_ntop(AF_INET6, - GET_VALUE(inp, index).ui128, + ikey_get_u128(&inp[index]), tmp, sizeof(tmp)); break; case AF_INET: - inet_ntop(AF_INET, - &GET_VALUE(inp, index).ui32, - tmp, sizeof(tmp)); + ip = ikey_get_u32(&inp[index]); + inet_ntop(AF_INET, &ip, tmp, sizeof(tmp)); break; default: /* TODO error handling */ @@ -199,8 +199,7 @@ static int interp_ip2str(struct ulogd_pluginstance *pi) /* Iter on all addr fields */ for (i = START_KEY; i <= MAX_KEY; i++) { if (pp_is_valid(inp, i)) { - ret[i-START_KEY].u.value.ptr = ip2str(inp, i); - ret[i-START_KEY].flags |= ULOGD_RETF_VALID; + okey_set_ptr(&ret[i-START_KEY], ip2str(inp, i)); } } diff --git a/filter/ulogd_filter_MARK.c b/filter/ulogd_filter_MARK.c index 98f5dae..1a7c2fd 100644 --- a/filter/ulogd_filter_MARK.c +++ b/filter/ulogd_filter_MARK.c @@ -72,14 +72,14 @@ static int interp_mark(struct ulogd_pluginstance *pi) { struct ulogd_key *inp = pi->input.keys; if (pp_is_valid(inp, KEY_CT_MARK)) { - if ((GET_VALUE(inp, KEY_CT_MARK).ui32 & + if ((ikey_get_u32(&inp[KEY_CT_MARK]) & pi->config_kset->ces[MARK_MASK].u.value) != (u_int32_t) pi->config_kset->ces[MARK_MARK].u.value ) { return ULOGD_IRET_STOP; } } else if (pp_is_valid(inp, KEY_OOB_MARK)) { - if ((GET_VALUE(inp, KEY_OOB_MARK).ui32 & + if ((ikey_get_u32(&inp[KEY_OOB_MARK]) & pi->config_kset->ces[MARK_MASK].u.value) != (u_int32_t) pi->config_kset->ces[MARK_MARK].u.value ) { diff --git a/filter/ulogd_filter_PRINTFLOW.c b/filter/ulogd_filter_PRINTFLOW.c index b78c37b..1de1ba6 100644 --- a/filter/ulogd_filter_PRINTFLOW.c +++ b/filter/ulogd_filter_PRINTFLOW.c @@ -37,8 +37,7 @@ static int printflow_interp(struct ulogd_pluginstance *upi) static char buf[4096]; printflow_print(inp, buf); - ret[0].u.value.ptr = buf; - ret[0].flags |= ULOGD_RETF_VALID; + okey_set_ptr(&ret[0], buf); return ULOGD_IRET_OK; } diff --git a/filter/ulogd_filter_PRINTPKT.c b/filter/ulogd_filter_PRINTPKT.c index 62a3cf7..3313194 100644 --- a/filter/ulogd_filter_PRINTPKT.c +++ b/filter/ulogd_filter_PRINTPKT.c @@ -37,8 +37,7 @@ static int printpkt_interp(struct ulogd_pluginstance *upi) static char buf[4096]; printpkt_print(inp, buf); - ret[0].u.value.ptr = buf; - ret[0].flags |= ULOGD_RETF_VALID; + okey_set_ptr(&ret[0], buf); return ULOGD_IRET_OK; } diff --git a/filter/ulogd_filter_PWSNIFF.c b/filter/ulogd_filter_PWSNIFF.c index 3cbafb6..a6cbf94 100644 --- a/filter/ulogd_filter_PWSNIFF.c +++ b/filter/ulogd_filter_PWSNIFF.c @@ -116,25 +116,22 @@ static int interp_pwsniff(struct ulogd_pluginstance *pi) } if (len) { - ret[0].u.value.ptr = (char *) malloc(len+1); - ret[0].flags |= ULOGD_RETF_VALID; - if (!ret[0].u.value.ptr) { - ulogd_log(ULOGD_ERROR, "OOM (size=%u)\n", len); + char *ptr; + ptr = (char *) malloc(len+1); + if (!ptr) return ULOGD_IRET_ERR; - } - strncpy((char *) ret[0].u.value.ptr, (char *)begp, len); - *((char *)ret[0].u.value.ptr + len) = '\0'; + strncpy(ptr, (char *)begp, len); + ptr[len] = '\0'; + okey_set_ptr(&ret[0], ptr); } if (pw_len) { - ret[1].u.value.ptr = (char *) malloc(pw_len+1); - ret[1].flags |= ULOGD_RETF_VALID; - if (!ret[1].u.value.ptr){ - ulogd_log(ULOGD_ERROR, "OOM (size=%u)\n", pw_len); + char *ptr; + ptr = (char *) malloc(pw_len+1); + if (!ptr) return ULOGD_IRET_ERR; - } - strncpy((char *)ret[1].u.value.ptr, (char *)pw_begp, pw_len); - *((char *)ret[1].u.value.ptr + pw_len) = '\0'; - + strncpy(ptr, (char *)pw_begp, pw_len); + ptr[pw_len] = '\0'; + okey_set_ptr(&ret[1], ptr); } return ULOGD_IRET_OK; } diff --git a/include/ulogd/ulogd.h b/include/ulogd/ulogd.h index 776111a..3f6d784 100644 --- a/include/ulogd/ulogd.h +++ b/include/ulogd/ulogd.h @@ -18,6 +18,7 @@ #include <stdio.h> #include <signal.h> /* need this because of extension-sighandler */ #include <sys/types.h> +#include <string.h> #define ARRAY_SIZE(x) (sizeof(x) / sizeof((x)[0])) @@ -126,6 +127,64 @@ struct ulogd_keyset { unsigned int type; }; +static inline void okey_set_b(struct ulogd_key *key, u_int8_t value) +{ + key->u.value.b = value; + key->flags |= ULOGD_RETF_VALID; +} + +static inline void okey_set_u8(struct ulogd_key *key, u_int8_t value) +{ + key->u.value.ui8 = value; + key->flags |= ULOGD_RETF_VALID; +} + +static inline void okey_set_u16(struct ulogd_key *key, u_int16_t value) +{ + key->u.value.ui16 = value; + key->flags |= ULOGD_RETF_VALID; +} + +static inline void okey_set_u32(struct ulogd_key *key, u_int32_t value) +{ + key->u.value.ui32 = value; + key->flags |= ULOGD_RETF_VALID; +} + +static inline void okey_set_u128(struct ulogd_key *key, const void *value) +{ + memcpy(key->u.value.ui128, value, 16); + key->flags |= ULOGD_RETF_VALID; +} + +static inline void okey_set_ptr(struct ulogd_key *key, void *value) +{ + key->u.value.ptr = value; + key->flags |= ULOGD_RETF_VALID; +} + +static inline u_int8_t ikey_get_u8(struct ulogd_key *key) +{ + return key->u.source->u.value.ui8; +} + +static inline u_int16_t ikey_get_u16(struct ulogd_key *key) +{ + return key->u.source->u.value.ui16; +} + +static inline u_int32_t ikey_get_u32(struct ulogd_key *key) +{ + return key->u.source->u.value.ui32; +} + +#define ikey_get_u128 ikey_get_ptr + +static inline void *ikey_get_ptr(struct ulogd_key *key) +{ + return key->u.source->u.value.ptr; +} + struct ulogd_pluginstance_stack; struct ulogd_pluginstance; struct ulogd_plugin { @@ -221,7 +280,6 @@ void __ulogd_log(int level, char *file, int line, const char *message, ...); #define IS_NEEDED(x) (x.flags & ULOGD_RETF_NEEDED) #define SET_NEEDED(x) (x.flags |= ULOGD_RETF_NEEDED) -#define GET_VALUE(res, x) (res[x].u.source->u.value) #define GET_FLAGS(res, x) (res[x].u.source->flags) #define pp_is_valid(res, x) \ (res[x].u.source && (GET_FLAGS(res, x) & ULOGD_RETF_VALID)) diff --git a/input/flow/ulogd_inpflow_NFCT.c b/input/flow/ulogd_inpflow_NFCT.c index 58bb0e2..a33ec35 100644 --- a/input/flow/ulogd_inpflow_NFCT.c +++ b/input/flow/ulogd_inpflow_NFCT.c @@ -443,67 +443,39 @@ static int propagate_ct(struct ulogd_pluginstance *upi, { struct ulogd_key *ret = upi->output.keys; - ret[NFCT_CT_EVENT].u.value.ui32 = type; - ret[NFCT_CT_EVENT].flags |= ULOGD_RETF_VALID; - - ret[NFCT_OOB_FAMILY].u.value.ui8 = nfct_get_attr_u8(ct, ATTR_L3PROTO); - ret[NFCT_OOB_FAMILY].flags |= ULOGD_RETF_VALID; - /* FIXME */ - ret[NFCT_OOB_PROTOCOL].u.value.ui8 = 0; - ret[NFCT_OOB_PROTOCOL].flags |= ULOGD_RETF_VALID; + okey_set_u32(&ret[NFCT_CT_EVENT], type); + okey_set_u8(&ret[NFCT_OOB_FAMILY], nfct_get_attr_u8(ct, ATTR_L3PROTO)); + okey_set_u8(&ret[NFCT_OOB_PROTOCOL], 0); /* FIXME */ switch (nfct_get_attr_u8(ct, ATTR_L3PROTO)) { case AF_INET: - ret[NFCT_ORIG_IP_SADDR].u.value.ui32 = - nfct_get_attr_u32(ct, ATTR_ORIG_IPV4_SRC); - ret[NFCT_ORIG_IP_SADDR].flags |= ULOGD_RETF_VALID; - - ret[NFCT_ORIG_IP_DADDR].u.value.ui32 = - nfct_get_attr_u32(ct, ATTR_ORIG_IPV4_DST); - ret[NFCT_ORIG_IP_DADDR].flags |= ULOGD_RETF_VALID; - - ret[NFCT_REPLY_IP_SADDR].u.value.ui32 = - nfct_get_attr_u32(ct, ATTR_REPL_IPV4_SRC); - ret[NFCT_REPLY_IP_SADDR].flags |= ULOGD_RETF_VALID; - - ret[NFCT_REPLY_IP_DADDR].u.value.ui32 = - nfct_get_attr_u32(ct, ATTR_REPL_IPV4_DST); - ret[NFCT_REPLY_IP_DADDR].flags |= ULOGD_RETF_VALID; - + okey_set_u32(&ret[NFCT_ORIG_IP_SADDR], + nfct_get_attr_u32(ct, ATTR_ORIG_IPV4_SRC)); + okey_set_u32(&ret[NFCT_ORIG_IP_DADDR], + nfct_get_attr_u32(ct, ATTR_ORIG_IPV4_DST)); + okey_set_u32(&ret[NFCT_REPLY_IP_SADDR], + nfct_get_attr_u32(ct, ATTR_REPL_IPV4_SRC)); + okey_set_u32(&ret[NFCT_REPLY_IP_DADDR], + nfct_get_attr_u32(ct, ATTR_REPL_IPV4_DST)); break; case AF_INET6: - memcpy(ret[NFCT_ORIG_IP_SADDR].u.value.ui128, - nfct_get_attr(ct, ATTR_ORIG_IPV6_SRC), - sizeof(int32_t) * 4); - ret[NFCT_ORIG_IP_SADDR].flags |= ULOGD_RETF_VALID; - - memcpy(ret[NFCT_ORIG_IP_DADDR].u.value.ui128, - nfct_get_attr(ct, ATTR_ORIG_IPV6_DST), - sizeof(int32_t) * 4); - ret[NFCT_ORIG_IP_DADDR].flags |= ULOGD_RETF_VALID; - - memcpy(ret[NFCT_REPLY_IP_SADDR].u.value.ui128, - nfct_get_attr(ct, ATTR_REPL_IPV6_SRC), - sizeof(int32_t) * 4); - ret[NFCT_REPLY_IP_SADDR].flags |= ULOGD_RETF_VALID; - - memcpy(ret[NFCT_REPLY_IP_DADDR].u.value.ui128, - nfct_get_attr(ct, ATTR_REPL_IPV6_DST), - sizeof(int32_t) * 4); - ret[NFCT_REPLY_IP_DADDR].flags |= ULOGD_RETF_VALID; - + okey_set_u128(&ret[NFCT_ORIG_IP_SADDR], + nfct_get_attr(ct, ATTR_ORIG_IPV6_SRC)); + okey_set_u128(&ret[NFCT_ORIG_IP_DADDR], + nfct_get_attr(ct, ATTR_ORIG_IPV6_DST)); + okey_set_u128(&ret[NFCT_REPLY_IP_SADDR], + nfct_get_attr(ct, ATTR_REPL_IPV6_SRC)); + okey_set_u128(&ret[NFCT_REPLY_IP_DADDR], + nfct_get_attr(ct, ATTR_REPL_IPV6_DST)); break; default: ulogd_log(ULOGD_NOTICE, "Unknown protocol family (%d)\n", nfct_get_attr_u8(ct, ATTR_L3PROTO)); } - ret[NFCT_ORIG_IP_PROTOCOL].u.value.ui8 = - nfct_get_attr_u8(ct, ATTR_ORIG_L4PROTO); - ret[NFCT_ORIG_IP_PROTOCOL].flags |= ULOGD_RETF_VALID; - - ret[NFCT_REPLY_IP_PROTOCOL].u.value.ui8 = - nfct_get_attr_u8(ct, ATTR_REPL_L4PROTO); - ret[NFCT_REPLY_IP_PROTOCOL].flags |= ULOGD_RETF_VALID; + okey_set_u8(&ret[NFCT_ORIG_IP_PROTOCOL], + nfct_get_attr_u8(ct, ATTR_ORIG_L4PROTO)); + okey_set_u8(&ret[NFCT_REPLY_IP_PROTOCOL], + nfct_get_attr_u8(ct, ATTR_REPL_L4PROTO)); switch (nfct_get_attr_u8(ct, ATTR_ORIG_L4PROTO)) { case IPPROTO_TCP: @@ -511,22 +483,16 @@ static int propagate_ct(struct ulogd_pluginstance *upi, case IPPROTO_UDPLITE: case IPPROTO_SCTP: case IPPROTO_DCCP: - ret[NFCT_ORIG_L4_SPORT].u.value.ui16 = - htons(nfct_get_attr_u16(ct, ATTR_ORIG_PORT_SRC)); - ret[NFCT_ORIG_L4_SPORT].flags |= ULOGD_RETF_VALID; - - ret[NFCT_ORIG_L4_DPORT].u.value.ui16 = - htons(nfct_get_attr_u16(ct, ATTR_ORIG_PORT_DST)); - ret[NFCT_ORIG_L4_DPORT].flags |= ULOGD_RETF_VALID; + okey_set_u16(&ret[NFCT_ORIG_L4_SPORT], + htons(nfct_get_attr_u16(ct, ATTR_ORIG_PORT_SRC))); + okey_set_u16(&ret[NFCT_ORIG_L4_DPORT], + htons(nfct_get_attr_u16(ct, ATTR_ORIG_PORT_DST))); break; case IPPROTO_ICMP: - ret[NFCT_ICMP_CODE].u.value.ui8 = - nfct_get_attr_u8(ct, ATTR_ICMP_CODE); - ret[NFCT_ICMP_CODE].flags |= ULOGD_RETF_VALID; - - ret[NFCT_ICMP_TYPE].u.value.ui8 = - nfct_get_attr_u8(ct, ATTR_ICMP_TYPE); - ret[NFCT_ICMP_TYPE].flags |= ULOGD_RETF_VALID; + okey_set_u16(&ret[NFCT_ICMP_CODE], + nfct_get_attr_u8(ct, ATTR_ICMP_CODE)); + okey_set_u16(&ret[NFCT_ICMP_TYPE], + nfct_get_attr_u8(ct, ATTR_ICMP_TYPE)); break; } @@ -536,55 +502,36 @@ static int propagate_ct(struct ulogd_pluginstance *upi, case IPPROTO_UDPLITE: case IPPROTO_SCTP: case IPPROTO_DCCP: - ret[NFCT_REPLY_L4_SPORT].u.value.ui16 = - htons(nfct_get_attr_u16(ct, ATTR_REPL_PORT_SRC)); - ret[NFCT_REPLY_L4_SPORT].flags |= ULOGD_RETF_VALID; - - ret[NFCT_REPLY_L4_DPORT].u.value.ui16 = - htons(nfct_get_attr_u16(ct, ATTR_REPL_PORT_DST)); - ret[NFCT_REPLY_L4_DPORT].flags |= ULOGD_RETF_VALID; + okey_set_u16(&ret[NFCT_REPLY_L4_SPORT], + htons(nfct_get_attr_u16(ct, ATTR_REPL_PORT_SRC))); + okey_set_u16(&ret[NFCT_REPLY_L4_DPORT], + htons(nfct_get_attr_u16(ct, ATTR_REPL_PORT_DST))); } - ret[NFCT_ORIG_RAW_PKTLEN].u.value.ui32 = - nfct_get_attr_u32(ct, ATTR_ORIG_COUNTER_BYTES); - ret[NFCT_ORIG_RAW_PKTLEN].flags |= ULOGD_RETF_VALID; - - ret[NFCT_ORIG_RAW_PKTCOUNT].u.value.ui32 = - nfct_get_attr_u32(ct, ATTR_ORIG_COUNTER_PACKETS); - ret[NFCT_ORIG_RAW_PKTCOUNT].flags |= ULOGD_RETF_VALID; - - ret[NFCT_REPLY_RAW_PKTLEN].u.value.ui32 = - nfct_get_attr_u32(ct, ATTR_REPL_COUNTER_BYTES);; - ret[NFCT_REPLY_RAW_PKTLEN].flags |= ULOGD_RETF_VALID; + okey_set_u32(&ret[NFCT_ORIG_RAW_PKTLEN], + nfct_get_attr_u32(ct, ATTR_ORIG_COUNTER_BYTES)); + okey_set_u32(&ret[NFCT_ORIG_RAW_PKTCOUNT], + nfct_get_attr_u32(ct, ATTR_ORIG_COUNTER_PACKETS)); + okey_set_u32(&ret[NFCT_REPLY_RAW_PKTLEN], + nfct_get_attr_u32(ct, ATTR_REPL_COUNTER_BYTES)); + okey_set_u32(&ret[NFCT_REPLY_RAW_PKTCOUNT], + nfct_get_attr_u32(ct, ATTR_REPL_COUNTER_PACKETS)); - ret[NFCT_REPLY_RAW_PKTCOUNT].u.value.ui32 = - nfct_get_attr_u32(ct, ATTR_REPL_COUNTER_PACKETS); - ret[NFCT_REPLY_RAW_PKTCOUNT].flags |= ULOGD_RETF_VALID; - - ret[NFCT_CT_MARK].u.value.ui32 = nfct_get_attr_u32(ct, ATTR_MARK); - ret[NFCT_CT_MARK].flags |= ULOGD_RETF_VALID; - - ret[NFCT_CT_ID].u.value.ui32 = nfct_get_attr_u32(ct, ATTR_ID); - ret[NFCT_CT_ID].flags |= ULOGD_RETF_VALID; + okey_set_u32(&ret[NFCT_CT_MARK], nfct_get_attr_u32(ct, ATTR_MARK)); + okey_set_u32(&ret[NFCT_CT_ID], nfct_get_attr_u32(ct, ATTR_ID)); if (ts) { if (ts->time[START].tv_sec) { - ret[NFCT_FLOW_START_SEC].u.value.ui32 = - ts->time[START].tv_sec; - ret[NFCT_FLOW_START_SEC].flags |= ULOGD_RETF_VALID; - - ret[NFCT_FLOW_START_USEC].u.value.ui32 = - ts->time[START].tv_usec; - ret[NFCT_FLOW_START_USEC].flags |= ULOGD_RETF_VALID; + okey_set_u32(&ret[NFCT_FLOW_START_SEC], + ts->time[START].tv_sec); + okey_set_u32(&ret[NFCT_FLOW_START_USEC], + ts->time[START].tv_usec); } if (ts->time[STOP].tv_sec) { - ret[NFCT_FLOW_END_SEC].u.value.ui32 = - ts->time[STOP].tv_sec; - ret[NFCT_FLOW_END_SEC].flags |= ULOGD_RETF_VALID; - - ret[NFCT_FLOW_END_USEC].u.value.ui32 = - ts->time[STOP].tv_usec; - ret[NFCT_FLOW_END_USEC].flags |= ULOGD_RETF_VALID; + okey_set_u32(&ret[NFCT_FLOW_END_SEC], + ts->time[STOP].tv_sec); + okey_set_u32(&ret[NFCT_FLOW_END_USEC], + ts->time[STOP].tv_usec); } } diff --git a/input/packet/ulogd_inppkt_NFLOG.c b/input/packet/ulogd_inppkt_NFLOG.c index 39f915a..5d25eec 100644 --- a/input/packet/ulogd_inppkt_NFLOG.c +++ b/input/packet/ulogd_inppkt_NFLOG.c @@ -310,59 +310,43 @@ interp_packet(struct ulogd_pluginstance *upi, struct nflog_data *ldata) u_int32_t uid; u_int32_t gid; - ret[NFLOG_KEY_OOB_FAMILY].u.value.ui8 = af_ce(upi->config_kset).u.value; - ret[NFLOG_KEY_OOB_FAMILY].flags |= ULOGD_RETF_VALID; - - ret[NFLOG_KEY_RAW_LABEL].u.value.ui8 = - label_ce(upi->config_kset).u.value; - ret[NFLOG_KEY_RAW_LABEL].flags |= ULOGD_RETF_VALID; + okey_set_u8(&ret[NFLOG_KEY_OOB_FAMILY], + af_ce(upi->config_kset).u.value); + okey_set_u8(&ret[NFLOG_KEY_RAW_LABEL], + label_ce(upi->config_kset).u.value); if (ph) { /* FIXME */ - ret[NFLOG_KEY_OOB_HOOK].u.value.ui8 = ph->hook; - ret[NFLOG_KEY_OOB_HOOK].flags |= ULOGD_RETF_VALID; - ret[NFLOG_KEY_OOB_PROTOCOL].u.value.ui16 = - ntohs(ph->hw_protocol); - ret[NFLOG_KEY_OOB_PROTOCOL].flags |= ULOGD_RETF_VALID; + okey_set_u8(&ret[NFLOG_KEY_OOB_HOOK], ph->hook); + okey_set_u16(&ret[NFLOG_KEY_OOB_PROTOCOL], + ntohs(ph->hw_protocol)); } if (nflog_get_msg_packet_hwhdrlen(ldata)) { - ret[NFLOG_KEY_RAW_MAC].u.value.ptr = - nflog_get_msg_packet_hwhdr(ldata); - ret[NFLOG_KEY_RAW_MAC].flags |= ULOGD_RETF_VALID; - ret[NFLOG_KEY_RAW_MAC_LEN].u.value.ui16 = - nflog_get_msg_packet_hwhdrlen(ldata); - ret[NFLOG_KEY_RAW_MAC_LEN].flags |= ULOGD_RETF_VALID; - ret[NFLOG_KEY_RAW_TYPE].u.value.ui16 = - nflog_get_hwtype(ldata); - ret[NFLOG_KEY_RAW_TYPE].flags |= ULOGD_RETF_VALID; + okey_set_ptr(&ret[NFLOG_KEY_RAW_MAC], + nflog_get_msg_packet_hwhdr(ldata)); + okey_set_u16(&ret[NFLOG_KEY_RAW_MAC_LEN], + nflog_get_msg_packet_hwhdrlen(ldata)); + okey_set_u16(&ret[NFLOG_KEY_RAW_TYPE], nflog_get_hwtype(ldata)); } if (hw) { - ret[NFLOG_KEY_RAW_MAC_SADDR].u.value.ptr = hw->hw_addr; - ret[NFLOG_KEY_RAW_MAC_SADDR].flags |= ULOGD_RETF_VALID; - ret[NFLOG_KEY_RAW_MAC_ADDRLEN].u.value.ui16 = - ntohs(hw->hw_addrlen); - ret[NFLOG_KEY_RAW_MAC_ADDRLEN].flags |= ULOGD_RETF_VALID; + okey_set_ptr(&ret[NFLOG_KEY_RAW_MAC_SADDR], hw->hw_addr); + okey_set_u16(&ret[NFLOG_KEY_RAW_MAC_ADDRLEN], + ntohs(hw->hw_addrlen)); } if (payload_len >= 0) { /* include pointer to raw packet */ - ret[NFLOG_KEY_RAW_PCKT].u.value.ptr = payload; - ret[NFLOG_KEY_RAW_PCKT].flags |= ULOGD_RETF_VALID; - - ret[NFLOG_KEY_RAW_PCKTLEN].u.value.ui32 = payload_len; - ret[NFLOG_KEY_RAW_PCKTLEN].flags |= ULOGD_RETF_VALID; + okey_set_ptr(&ret[NFLOG_KEY_RAW_PCKT], payload); + okey_set_u32(&ret[NFLOG_KEY_RAW_PCKTLEN], payload_len); } /* number of packets */ - ret[NFLOG_KEY_RAW_PCKTCOUNT].u.value.ui32 = 1; - ret[NFLOG_KEY_RAW_PCKTCOUNT].flags |= ULOGD_RETF_VALID; + okey_set_u32(&ret[NFLOG_KEY_RAW_PCKTCOUNT], 1); - if (prefix) { - ret[NFLOG_KEY_OOB_PREFIX].u.value.ptr = prefix; - ret[NFLOG_KEY_OOB_PREFIX].flags |= ULOGD_RETF_VALID; - } + if (prefix) + okey_set_ptr(&ret[NFLOG_KEY_OOB_PREFIX], prefix); /* god knows why timestamp_usec contains crap if timestamp_sec * == 0 if (pkt->timestamp_sec || pkt->timestamp_usec) { */ @@ -370,41 +354,26 @@ interp_packet(struct ulogd_pluginstance *upi, struct nflog_data *ldata) gettimeofday(&ts, NULL); /* FIXME: convert endianness */ - ret[NFLOG_KEY_OOB_TIME_SEC].u.value.ui32 = ts.tv_sec & 0xffffffff; - ret[NFLOG_KEY_OOB_TIME_SEC].flags |= ULOGD_RETF_VALID; - ret[NFLOG_KEY_OOB_TIME_USEC].u.value.ui32 = ts.tv_usec & 0xffffffff; - ret[NFLOG_KEY_OOB_TIME_USEC].flags |= ULOGD_RETF_VALID; + okey_set_u32(&ret[NFLOG_KEY_OOB_TIME_SEC], ts.tv_sec & 0xffffffff); + okey_set_u32(&ret[NFLOG_KEY_OOB_TIME_USEC], ts.tv_usec & 0xffffffff); - ret[NFLOG_KEY_OOB_MARK].u.value.ui32 = mark; - ret[NFLOG_KEY_OOB_MARK].flags |= ULOGD_RETF_VALID; + okey_set_u32(&ret[NFLOG_KEY_OOB_MARK], mark); - if (indev > 0) { - ret[NFLOG_KEY_OOB_IFINDEX_IN].u.value.ui32 = indev; - ret[NFLOG_KEY_OOB_IFINDEX_IN].flags |= ULOGD_RETF_VALID; - } + if (indev > 0) + okey_set_u32(&ret[NFLOG_KEY_OOB_IFINDEX_IN], indev); - if (outdev > 0) { - ret[NFLOG_KEY_OOB_IFINDEX_OUT].u.value.ui32 = outdev; - ret[NFLOG_KEY_OOB_IFINDEX_OUT].flags |= ULOGD_RETF_VALID; - } + if (outdev > 0) + okey_set_u32(&ret[NFLOG_KEY_OOB_IFINDEX_OUT], outdev); - if (nflog_get_uid(ldata, &uid) == 0) { - ret[NFLOG_KEY_OOB_UID].u.value.ui32 = uid; - ret[NFLOG_KEY_OOB_UID].flags |= ULOGD_RETF_VALID; - } - if (nflog_get_gid(ldata, &gid) == 0) { - ret[NFLOG_KEY_OOB_GID].u.value.ui32 = gid; - ret[NFLOG_KEY_OOB_GID].flags |= ULOGD_RETF_VALID; - } + if (nflog_get_uid(ldata, &uid) == 0) + okey_set_u32(&ret[NFLOG_KEY_OOB_UID], uid); + if (nflog_get_gid(ldata, &gid) == 0) + okey_set_u32(&ret[NFLOG_KEY_OOB_GID], gid); + if (nflog_get_seq(ldata, &seq) == 0) + okey_set_u32(&ret[NFLOG_KEY_OOB_SEQ_LOCAL], seq); + if (nflog_get_seq_global(ldata, &seq) == 0) + okey_set_u32(&ret[NFLOG_KEY_OOB_SEQ_GLOBAL], seq); - if (nflog_get_seq(ldata, &seq) == 0) { - ret[NFLOG_KEY_OOB_SEQ_LOCAL].u.value.ui32 = seq; - ret[NFLOG_KEY_OOB_SEQ_LOCAL].flags |= ULOGD_RETF_VALID; - } - if (nflog_get_seq_global(ldata, &seq) == 0) { - ret[NFLOG_KEY_OOB_SEQ_GLOBAL].u.value.ui32 = seq; - ret[NFLOG_KEY_OOB_SEQ_GLOBAL].flags |= ULOGD_RETF_VALID; - } ulogd_propagate_results(upi); return 0; } diff --git a/input/packet/ulogd_inppkt_ULOG.c b/input/packet/ulogd_inppkt_ULOG.c index 3fdb42e..00975de 100644 --- a/input/packet/ulogd_inppkt_ULOG.c +++ b/input/packet/ulogd_inppkt_ULOG.c @@ -190,54 +190,39 @@ static int interp_packet(struct ulogd_pluginstance *ip, ulog_packet_msg_t *pkt) struct ulogd_key *ret = ip->output.keys; if (pkt->mac_len) { - ret[ULOG_KEY_RAW_MAC].u.value.ptr = pkt->mac; - ret[ULOG_KEY_RAW_MAC].flags |= ULOGD_RETF_VALID; - ret[ULOG_KEY_RAW_MAC_LEN].u.value.ui16 = pkt->mac_len; - ret[ULOG_KEY_RAW_MAC_LEN].flags |= ULOGD_RETF_VALID; + okey_set_ptr(&ret[ULOG_KEY_RAW_MAC], pkt->mac); + okey_set_u16(&ret[ULOG_KEY_RAW_MAC_LEN], pkt->mac_len); } - ret[ULOG_KEY_RAW_LABEL].u.value.ui8 = ip->config_kset->ces[3].u.value; - ret[ULOG_KEY_RAW_LABEL].flags |= ULOGD_RETF_VALID; + okey_set_u8(&ret[ULOG_KEY_RAW_LABEL], ip->config_kset->ces[3].u.value); /* include pointer to raw ipv4 packet */ - ret[ULOG_KEY_RAW_PCKT].u.value.ptr = pkt->payload; - ret[ULOG_KEY_RAW_PCKT].flags |= ULOGD_RETF_VALID; - ret[ULOG_KEY_RAW_PCKTLEN].u.value.ui32 = pkt->data_len; - ret[ULOG_KEY_RAW_PCKTLEN].flags |= ULOGD_RETF_VALID; - ret[ULOG_KEY_RAW_PCKTCOUNT].u.value.ui32 = 1; - ret[ULOG_KEY_RAW_PCKTCOUNT].flags |= ULOGD_RETF_VALID; + okey_set_ptr(&ret[ULOG_KEY_RAW_PCKT], pkt->payload); + okey_set_u32(&ret[ULOG_KEY_RAW_PCKTLEN], pkt->data_len); + okey_set_u32(&ret[ULOG_KEY_RAW_PCKTCOUNT], 1); - ret[ULOG_KEY_OOB_PREFIX].u.value.ptr = pkt->prefix; - ret[ULOG_KEY_OOB_PREFIX].flags |= ULOGD_RETF_VALID; + okey_set_ptr(&ret[ULOG_KEY_OOB_PREFIX], pkt->prefix); /* god knows why timestamp_usec contains crap if timestamp_sec == 0 * if (pkt->timestamp_sec || pkt->timestamp_usec) { */ if (pkt->timestamp_sec) { - ret[ULOG_KEY_OOB_TIME_SEC].u.value.ui32 = pkt->timestamp_sec; - ret[ULOG_KEY_OOB_TIME_SEC].flags |= ULOGD_RETF_VALID; - ret[ULOG_KEY_OOB_TIME_USEC].u.value.ui32 = pkt->timestamp_usec; - ret[ULOG_KEY_OOB_TIME_USEC].flags |= ULOGD_RETF_VALID; + okey_set_u32(&ret[ULOG_KEY_OOB_TIME_SEC], pkt->timestamp_sec); + okey_set_u32(&ret[ULOG_KEY_OOB_TIME_USEC], pkt->timestamp_usec); } else { ret[ULOG_KEY_OOB_TIME_SEC].flags &= ~ULOGD_RETF_VALID; ret[ULOG_KEY_OOB_TIME_USEC].flags &= ~ULOGD_RETF_VALID; } - ret[ULOG_KEY_OOB_MARK].u.value.ui32 = pkt->mark; - ret[ULOG_KEY_OOB_MARK].flags |= ULOGD_RETF_VALID; - ret[ULOG_KEY_OOB_IN].u.value.ptr = pkt->indev_name; - ret[ULOG_KEY_OOB_IN].flags |= ULOGD_RETF_VALID; - ret[ULOG_KEY_OOB_OUT].u.value.ptr = pkt->outdev_name; - ret[ULOG_KEY_OOB_OUT].flags |= ULOGD_RETF_VALID; + okey_set_u32(&ret[ULOG_KEY_OOB_MARK], pkt->mark); + okey_set_ptr(&ret[ULOG_KEY_OOB_IN], pkt->indev_name); + okey_set_ptr(&ret[ULOG_KEY_OOB_OUT], pkt->outdev_name); - ret[ULOG_KEY_OOB_HOOK].u.value.ui8 = pkt->hook; - ret[ULOG_KEY_OOB_HOOK].flags |= ULOGD_RETF_VALID; + okey_set_u8(&ret[ULOG_KEY_OOB_HOOK], pkt->hook); /* ULOG is IPv4 only */ - ret[ULOG_KEY_OOB_FAMILY].u.value.ui8 = AF_INET; - ret[ULOG_KEY_OOB_FAMILY].flags |= ULOGD_RETF_VALID; + okey_set_u8(&ret[ULOG_KEY_OOB_FAMILY], AF_INET); /* Undef in ULOG but necessary */ - ret[ULOG_KEY_OOB_PROTOCOL].u.value.ui16 = 0; - ret[ULOG_KEY_OOB_PROTOCOL].flags |= ULOGD_RETF_VALID; + okey_set_u16(&ret[ULOG_KEY_OOB_PROTOCOL], 0); ulogd_propagate_results(ip); return 0; diff --git a/output/pcap/ulogd_output_PCAP.c b/output/pcap/ulogd_output_PCAP.c index ce4393c..09120a1 100644 --- a/output/pcap/ulogd_output_PCAP.c +++ b/output/pcap/ulogd_output_PCAP.c @@ -126,7 +126,6 @@ static struct ulogd_key pcap_keys[INTR_IDS] = { { .name = "oob.time.usec" }, }; -#define GET_VALUE(res, x) (res[x].u.source->u.value) #define GET_FLAGS(res, x) (res[x].u.source->flags) static int interp_pcap(struct ulogd_pluginstance *upi) @@ -135,13 +134,13 @@ static int interp_pcap(struct ulogd_pluginstance *upi) struct ulogd_key *res = upi->input.keys; struct pcap_sf_pkthdr pchdr; - pchdr.caplen = GET_VALUE(res, 2).ui32; - pchdr.len = GET_VALUE(res, 2).ui32; + pchdr.caplen = ikey_get_u32(&res[2]); + pchdr.len = ikey_get_u32(&res[2]); if (GET_FLAGS(res, 3) & ULOGD_RETF_VALID && GET_FLAGS(res, 4) & ULOGD_RETF_VALID) { - pchdr.ts.tv_sec = GET_VALUE(res, 3).ui32; - pchdr.ts.tv_usec = GET_VALUE(res, 4).ui32; + pchdr.ts.tv_sec = ikey_get_u32(&res[3]); + pchdr.ts.tv_usec = ikey_get_u32(&res[4]); } else { /* use current system time */ struct timeval tv; @@ -156,7 +155,7 @@ static int interp_pcap(struct ulogd_pluginstance *upi) strerror(errno)); return ULOGD_IRET_ERR; } - if (fwrite(GET_VALUE(res, 0).ptr, pchdr.caplen, 1, pi->of) != 1) { + if (fwrite(ikey_get_ptr(&res[0]), pchdr.caplen, 1, pi->of) != 1) { ulogd_log(ULOGD_ERROR, "Error during write: %s\n", strerror(errno)); return ULOGD_IRET_ERR; diff --git a/output/ulogd_output_NACCT.c b/output/ulogd_output_NACCT.c index 0ab2be4..f5296e8 100644 --- a/output/ulogd_output_NACCT.c +++ b/output/ulogd_output_NACCT.c @@ -125,28 +125,28 @@ nacct_interp(struct ulogd_pluginstance *pi) /* try to be as close to nacct as possible. Instead of nacct's 'timestamp' value use 'flow.end.sec' */ - if (GET_VALUE(inp, KEY_IP_PROTO).ui8 == IPPROTO_ICMP) { + if (ikey_get_u8(&inp[KEY_IP_PROTO]) == IPPROTO_ICMP) { snprintf(buf, sizeof(buf), "%u\t%u\t%s\t%u\t%s\t%u\t%u\t%u", - GET_VALUE(inp, KEY_FLOW_END).ui32, - GET_VALUE(inp, KEY_IP_PROTO).ui8, - (char *) GET_VALUE(inp, KEY_IP_SADDR).ptr, - GET_VALUE(inp, KEY_ICMP_TYPE).ui8, - (char *) GET_VALUE(inp, KEY_IP_DADDR).ptr, - GET_VALUE(inp, KEY_ICMP_CODE).ui8, - GET_VALUE(inp, KEY_RAW_PKTCNT).ui32, - GET_VALUE(inp, KEY_RAW_PKTLEN).ui32); + ikey_get_u32(&inp[KEY_FLOW_END]), + ikey_get_u8(&inp[KEY_IP_PROTO]), + (char *) ikey_get_ptr(&inp[KEY_IP_SADDR]), + ikey_get_u8(&inp[KEY_ICMP_TYPE]), + (char *) ikey_get_ptr(&inp[KEY_IP_DADDR]), + ikey_get_u8(&inp[KEY_ICMP_CODE]), + ikey_get_u32(&inp[KEY_RAW_PKTCNT]), + ikey_get_u32(&inp[KEY_RAW_PKTLEN])); } else { snprintf(buf, sizeof(buf), "%u\t%u\t%s\t%u\t%s\t%u\t%u\t%u", - GET_VALUE(inp, KEY_FLOW_END).ui32, - GET_VALUE(inp, KEY_IP_PROTO).ui8, - (char *) GET_VALUE(inp, KEY_IP_SADDR).ptr, - GET_VALUE(inp, KEY_L4_SPORT).ui16, - (char *) GET_VALUE(inp, KEY_IP_DADDR).ptr, - GET_VALUE(inp, KEY_L4_DPORT).ui16, - GET_VALUE(inp, KEY_RAW_PKTCNT).ui32, - GET_VALUE(inp, KEY_RAW_PKTLEN).ui32); + ikey_get_u32(&inp[KEY_FLOW_END]), + ikey_get_u8(&inp[KEY_IP_PROTO]), + (char *) ikey_get_ptr(&inp[KEY_IP_SADDR]), + ikey_get_u16(&inp[KEY_L4_SPORT]), + (char *) ikey_get_ptr(&inp[KEY_IP_DADDR]), + ikey_get_u16(&inp[KEY_L4_DPORT]), + ikey_get_u32(&inp[KEY_RAW_PKTCNT]), + ikey_get_u32(&inp[KEY_RAW_PKTLEN])); } fprintf(priv->of, "%s\n", buf); diff --git a/util/printflow.c b/util/printflow.c index bb3c2c4..7743a6a 100644 --- a/util/printflow.c +++ b/util/printflow.c @@ -139,14 +139,14 @@ int printflow_keys_num = sizeof(printflow_keys)/sizeof(*printflow_keys); #define pp_print(buf_cur, label, res, x, type) \ if (pp_is_valid(res, x)) \ - buf_cur += sprintf(buf_cur, label"=%u ", GET_VALUE(res, x).type); + buf_cur += sprintf(buf_cur, label"=%u ", ikey_get_##type(&res[x])); int printflow_print(struct ulogd_key *res, char *buf) { char *buf_cur = buf; if (pp_is_valid(res, PRINTFLOW_EVENT_TYPE)) { - switch (GET_VALUE(res, PRINTFLOW_EVENT_TYPE).ui32) { + switch (ikey_get_u32(&res[PRINTFLOW_EVENT_TYPE])) { case 1: buf_cur += sprintf(buf_cur, "[NEW] "); break; @@ -164,33 +164,33 @@ int printflow_print(struct ulogd_key *res, char *buf) if (pp_is_valid(res, PRINTFLOW_ORIG_IP_SADDR)) buf_cur += sprintf(buf_cur, "SRC=%s ", - (char *) GET_VALUE(res, PRINTFLOW_ORIG_IP_SADDR).ptr); + (char *) ikey_get_ptr(&res[PRINTFLOW_ORIG_IP_SADDR])); if (pp_is_valid(res, PRINTFLOW_ORIG_IP_DADDR)) buf_cur += sprintf(buf_cur, "DST=%s ", - (char *) GET_VALUE(res, PRINTFLOW_ORIG_IP_DADDR).ptr); + (char *) ikey_get_ptr(&res[PRINTFLOW_ORIG_IP_DADDR])); if (!pp_is_valid(res, PRINTFLOW_ORIG_IP_PROTOCOL)) goto orig_out; - switch (GET_VALUE(res, PRINTFLOW_ORIG_IP_PROTOCOL).ui8) { + switch (ikey_get_u8(&res[PRINTFLOW_ORIG_IP_PROTOCOL])) { case IPPROTO_TCP: buf_cur += sprintf(buf_cur, "PROTO=TCP "); - pp_print(buf_cur, "SPT", res, PRINTFLOW_ORIG_L4_SPORT, ui16); - pp_print(buf_cur, "DPT", res, PRINTFLOW_ORIG_L4_DPORT, ui16); + pp_print(buf_cur, "SPT", res, PRINTFLOW_ORIG_L4_SPORT, u16); + pp_print(buf_cur, "DPT", res, PRINTFLOW_ORIG_L4_DPORT, u16); break; case IPPROTO_UDP: buf_cur += sprintf(buf_cur, "PROTO=UDP "); - pp_print(buf_cur, "SPT", res, PRINTFLOW_ORIG_L4_SPORT, ui16); - pp_print(buf_cur, "DPT", res, PRINTFLOW_ORIG_L4_DPORT, ui16); + pp_print(buf_cur, "SPT", res, PRINTFLOW_ORIG_L4_SPORT, u16); + pp_print(buf_cur, "DPT", res, PRINTFLOW_ORIG_L4_DPORT, u16); break; case IPPROTO_ICMP: buf_cur += sprintf(buf_cur, "PROTO=ICMP "); - pp_print(buf_cur, "TYPE", res, PRINTFLOW_ICMP_CODE, ui8); - pp_print(buf_cur, "CODE", res, PRINTFLOW_ICMP_TYPE, ui8); + pp_print(buf_cur, "TYPE", res, PRINTFLOW_ICMP_CODE, u8); + pp_print(buf_cur, "CODE", res, PRINTFLOW_ICMP_TYPE, u8); break; case IPPROTO_ESP: @@ -202,46 +202,46 @@ int printflow_print(struct ulogd_key *res, char *buf) break; default: - pp_print(buf_cur, "PROTO", res, PRINTFLOW_ORIG_IP_PROTOCOL, ui8); + pp_print(buf_cur, "PROTO", res, PRINTFLOW_ORIG_IP_PROTOCOL, u8); break; } orig_out: - pp_print(buf_cur, "PKTS", res, PRINTFLOW_ORIG_RAW_PKTCOUNT, ui32); - pp_print(buf_cur, "BYTES", res, PRINTFLOW_ORIG_RAW_PKTLEN, ui32); + pp_print(buf_cur, "PKTS", res, PRINTFLOW_ORIG_RAW_PKTCOUNT, u32); + pp_print(buf_cur, "BYTES", res, PRINTFLOW_ORIG_RAW_PKTLEN, u32); buf_cur += sprintf(buf_cur, ", REPLY: "); if (pp_is_valid(res, PRINTFLOW_REPLY_IP_SADDR)) buf_cur += sprintf(buf_cur, "SRC=%s ", - (char *) GET_VALUE(res,PRINTFLOW_REPLY_IP_SADDR).ptr); + (char *) ikey_get_ptr(&res[PRINTFLOW_REPLY_IP_SADDR])); if (pp_is_valid(res, PRINTFLOW_REPLY_IP_DADDR)) buf_cur += sprintf(buf_cur, "DST=%s ", - (char *) GET_VALUE(res,PRINTFLOW_REPLY_IP_DADDR).ptr); + (char *) ikey_get_ptr(&res[PRINTFLOW_REPLY_IP_DADDR])); if (!pp_is_valid(res, PRINTFLOW_REPLY_IP_PROTOCOL)) goto reply_out; - switch (GET_VALUE(res, PRINTFLOW_REPLY_IP_PROTOCOL).ui8) { + switch (ikey_get_u8(&res[PRINTFLOW_REPLY_IP_PROTOCOL])) { case IPPROTO_TCP: buf_cur += sprintf(buf_cur, "PROTO=TCP "); - pp_print(buf_cur, "SPT", res, PRINTFLOW_REPLY_L4_SPORT, ui16); - pp_print(buf_cur, "DPT", res, PRINTFLOW_REPLY_L4_DPORT, ui16); + pp_print(buf_cur, "SPT", res, PRINTFLOW_REPLY_L4_SPORT, u16); + pp_print(buf_cur, "DPT", res, PRINTFLOW_REPLY_L4_DPORT, u16); break; case IPPROTO_UDP: buf_cur += sprintf(buf_cur, "PROTO=UDP "); - pp_print(buf_cur, "SPT", res, PRINTFLOW_REPLY_L4_SPORT, ui16); - pp_print(buf_cur, "DPT", res, PRINTFLOW_REPLY_L4_DPORT, ui16); + pp_print(buf_cur, "SPT", res, PRINTFLOW_REPLY_L4_SPORT, u16); + pp_print(buf_cur, "DPT", res, PRINTFLOW_REPLY_L4_DPORT, u16); break; case IPPROTO_ICMP: buf_cur += sprintf(buf_cur, "PROTO=ICMP "); - pp_print(buf_cur, "TYPE", res, PRINTFLOW_ICMP_CODE, ui8); - pp_print(buf_cur, "CODE", res, PRINTFLOW_ICMP_TYPE, ui8); + pp_print(buf_cur, "TYPE", res, PRINTFLOW_ICMP_CODE, u8); + pp_print(buf_cur, "CODE", res, PRINTFLOW_ICMP_TYPE, u8); break; case IPPROTO_ESP: @@ -253,13 +253,13 @@ orig_out: break; default: - pp_print(buf_cur, "PROTO", res, PRINTFLOW_REPLY_IP_PROTOCOL, ui8); + pp_print(buf_cur, "PROTO", res, PRINTFLOW_REPLY_IP_PROTOCOL, u8); break; } reply_out: - pp_print(buf_cur, "PKTS", res, PRINTFLOW_REPLY_RAW_PKTCOUNT, ui32); - pp_print(buf_cur, "BYTES", res, PRINTFLOW_REPLY_RAW_PKTLEN, ui32); + pp_print(buf_cur, "PKTS", res, PRINTFLOW_REPLY_RAW_PKTCOUNT, u32); + pp_print(buf_cur, "BYTES", res, PRINTFLOW_REPLY_RAW_PKTLEN, u32); strcat(buf_cur, "\n"); return 0; diff --git a/util/printpkt.c b/util/printpkt.c index 29c2ea4..2292377 100644 --- a/util/printpkt.c +++ b/util/printpkt.c @@ -119,38 +119,38 @@ static int printpkt_proto(struct ulogd_key *res, char *buf, int protocol) } buf_cur += sprintf(buf_cur, "SPT=%u DPT=%u ", - GET_VALUE(res, KEY_TCP_SPORT).ui16, - GET_VALUE(res, KEY_TCP_DPORT).ui16); + ikey_get_u16(&res[KEY_TCP_SPORT]), + ikey_get_u16(&res[KEY_TCP_DPORT])); /* FIXME: config */ - buf_cur += sprintf(buf_cur, "SEQ=%u ACK=%u ", - GET_VALUE(res, KEY_TCP_SEQ).ui32, - GET_VALUE(res, KEY_TCP_ACKSEQ).ui32); + buf_cur += sprintf(buf_cur, "SEQ=%u ACK=%u ", + ikey_get_u32(&res[KEY_TCP_SEQ]), + ikey_get_u32(&res[KEY_TCP_ACKSEQ])); buf_cur += sprintf(buf_cur, "WINDOW=%u ", - GET_VALUE(res, KEY_TCP_WINDOW).ui16); + ikey_get_u16(&res[KEY_TCP_WINDOW])); // buf_cur += sprintf(buf_cur, "RES=0x%02x ", - if (GET_VALUE(res, KEY_TCP_URG).b) + if (ikey_get_u8(&res[KEY_TCP_URG])) buf_cur += sprintf(buf_cur, "URG "); - if (GET_VALUE(res, KEY_TCP_ACK).b) + if (ikey_get_u8(&res[KEY_TCP_ACK])) buf_cur += sprintf(buf_cur, "ACK "); - if (GET_VALUE(res, KEY_TCP_PSH).b) + if (ikey_get_u8(&res[KEY_TCP_PSH])) buf_cur += sprintf(buf_cur, "PSH "); - if (GET_VALUE(res, KEY_TCP_RST).b) + if (ikey_get_u8(&res[KEY_TCP_RST])) buf_cur += sprintf(buf_cur, "RST "); - if (GET_VALUE(res, KEY_TCP_SYN).b) + if (ikey_get_u8(&res[KEY_TCP_SYN])) buf_cur += sprintf(buf_cur, "SYN "); - if (GET_VALUE(res, KEY_TCP_FIN).b) + if (ikey_get_u8(&res[KEY_TCP_FIN])) buf_cur += sprintf(buf_cur, "FIN "); buf_cur += sprintf(buf_cur, "URGP=%u ", - GET_VALUE(res, KEY_TCP_URGP).ui16); + ikey_get_u16(&res[KEY_TCP_URGP])); break; @@ -163,14 +163,14 @@ static int printpkt_proto(struct ulogd_key *res, char *buf, int protocol) } buf_cur += sprintf(buf_cur, "SPT=%u DPT=%u LEN=%u ", - GET_VALUE(res, KEY_UDP_SPORT).ui16, - GET_VALUE(res, KEY_UDP_DPORT).ui16, - GET_VALUE(res, KEY_UDP_LEN).ui16); + ikey_get_u16(&res[KEY_UDP_SPORT]), + ikey_get_u16(&res[KEY_UDP_DPORT]), + ikey_get_u16(&res[KEY_UDP_LEN])); break; case IPPROTO_ESP: case IPPROTO_AH: buf_cur += sprintf(buf_cur, "PROTO=%s ", - GET_VALUE(res, KEY_IP_PROTOCOL).ui8 == IPPROTO_ESP ? "ESP" : "AH"); + ikey_get_u8(&res[KEY_IP_PROTOCOL]) == IPPROTO_ESP ? "ESP" : "AH"); if (!pp_is_valid(res, KEY_AHESP_SPI)) { buf_cur += sprintf(buf_cur, "INCOMPLETE"); @@ -178,7 +178,7 @@ static int printpkt_proto(struct ulogd_key *res, char *buf, int protocol) } buf_cur += sprintf(buf_cur, "SPI=0x%x ", - GET_VALUE(res, KEY_AHESP_SPI).ui32); + ikey_get_u32(&res[KEY_AHESP_SPI])); break; } @@ -189,43 +189,44 @@ static int printpkt_ipv4(struct ulogd_key *res, char *buf) { char *buf_cur = buf; char tmp[INET_ADDRSTRLEN]; + u_int32_t paddr; if (pp_is_valid(res, KEY_IP_SADDR)) buf_cur += sprintf(buf_cur, "SRC=%s ", - (char *) GET_VALUE(res, KEY_IP_SADDR).ptr); + (char *) ikey_get_ptr(&res[KEY_IP_SADDR])); if (pp_is_valid(res, KEY_IP_DADDR)) buf_cur += sprintf(buf_cur, "DST=%s ", - (char *) GET_VALUE(res, KEY_IP_DADDR).ptr); + (char *) ikey_get_ptr(&res[KEY_IP_DADDR])); /* FIXME: add pp_is_valid calls to remainder of file */ buf_cur += sprintf(buf_cur,"LEN=%u TOS=%02X PREC=0x%02X TTL=%u ID=%u ", - GET_VALUE(res, KEY_IP_TOTLEN).ui16, - GET_VALUE(res, KEY_IP_TOS).ui8 & IPTOS_TOS_MASK, - GET_VALUE(res, KEY_IP_TOS).ui8 & IPTOS_PREC_MASK, - GET_VALUE(res, KEY_IP_TTL).ui8, - GET_VALUE(res, KEY_IP_ID).ui16); + ikey_get_u16(&res[KEY_IP_TOTLEN]), + ikey_get_u8(&res[KEY_IP_TOS]) & IPTOS_TOS_MASK, + ikey_get_u8(&res[KEY_IP_TOS]) & IPTOS_PREC_MASK, + ikey_get_u8(&res[KEY_IP_TTL]), + ikey_get_u16(&res[KEY_IP_ID])); - if (GET_VALUE(res, KEY_IP_FRAGOFF).ui16 & IP_RF) + if (ikey_get_u16(&res[KEY_IP_FRAGOFF]) & IP_RF) buf_cur += sprintf(buf_cur, "CE "); - if (GET_VALUE(res, KEY_IP_FRAGOFF).ui16 & IP_DF) + if (ikey_get_u16(&res[KEY_IP_FRAGOFF]) & IP_DF) buf_cur += sprintf(buf_cur, "DF "); - if (GET_VALUE(res, KEY_IP_FRAGOFF).ui16 & IP_MF) + if (ikey_get_u16(&res[KEY_IP_FRAGOFF]) & IP_MF) buf_cur += sprintf(buf_cur, "MF "); - if (GET_VALUE(res, KEY_IP_FRAGOFF).ui16 & IP_OFFMASK) + if (ikey_get_u16(&res[KEY_IP_FRAGOFF]) & IP_OFFMASK) buf_cur += sprintf(buf_cur, "FRAG:%u ", - GET_VALUE(res, KEY_IP_FRAGOFF).ui16 & IP_OFFMASK); + ikey_get_u16(&res[KEY_IP_FRAGOFF]) & IP_OFFMASK); - switch (GET_VALUE(res, KEY_IP_PROTOCOL).ui8) { + switch (ikey_get_u8(&res[KEY_IP_PROTOCOL])) { case IPPROTO_TCP: case IPPROTO_UDP: case IPPROTO_ESP: case IPPROTO_AH: buf_cur += printpkt_proto(res, buf_cur, - GET_VALUE(res, KEY_IP_PROTOCOL).ui8); + ikey_get_u8(&res[KEY_IP_PROTOCOL])); break; case IPPROTO_ICMP: @@ -237,36 +238,37 @@ static int printpkt_ipv4(struct ulogd_key *res, char *buf) } buf_cur += sprintf(buf_cur, "TYPE=%u CODE=%u ", - GET_VALUE(res, KEY_ICMP_TYPE).ui8, - GET_VALUE(res, KEY_ICMP_CODE).ui8); + ikey_get_u8(&res[KEY_ICMP_TYPE]), + ikey_get_u8(&res[KEY_ICMP_CODE])); - switch (GET_VALUE(res, KEY_ICMP_TYPE).ui8) { + switch (ikey_get_u8(&res[KEY_ICMP_CODE])) { case ICMP_ECHO: case ICMP_ECHOREPLY: buf_cur += sprintf(buf_cur, "ID=%u SEQ=%u ", - GET_VALUE(res, KEY_ICMP_ECHOID).ui16, - GET_VALUE(res, KEY_ICMP_ECHOSEQ).ui16); + ikey_get_u16(&res[KEY_ICMP_ECHOID]), + ikey_get_u16(&res[KEY_ICMP_ECHOSEQ])); break; case ICMP_PARAMETERPROB: buf_cur += sprintf(buf_cur, "PARAMETER=%u ", - GET_VALUE(res, KEY_ICMP_GATEWAY).ui32 >> 24); + ikey_get_u32(&res[KEY_ICMP_GATEWAY]) >> 24); break; case ICMP_REDIRECT: + paddr = ikey_get_u32(&res[KEY_ICMP_GATEWAY]), buf_cur += sprintf(buf_cur, "GATEWAY=%s ", inet_ntop(AF_INET, - &GET_VALUE(res, KEY_ICMP_GATEWAY).ui32, + &paddr, tmp, sizeof(tmp))); break; case ICMP_DEST_UNREACH: - if (GET_VALUE(res, KEY_ICMP_CODE).ui8 == ICMP_FRAG_NEEDED) + if (ikey_get_u8(&res[KEY_ICMP_CODE]) == ICMP_FRAG_NEEDED) buf_cur += sprintf(buf_cur, "MTU=%u ", - GET_VALUE(res, KEY_ICMP_FRAGMTU).ui16); + ikey_get_u16(&res[KEY_ICMP_FRAGMTU])); break; } break; default: buf_cur += sprintf(buf_cur, "PROTO=%u ", - GET_VALUE(res, KEY_IP_PROTOCOL).ui8); + ikey_get_u8(&res[KEY_IP_PROTOCOL])); } return buf_cur - buf; @@ -278,41 +280,41 @@ static int printpkt_ipv6(struct ulogd_key *res, char *buf) if (pp_is_valid(res, KEY_IP_SADDR)) buf_cur += sprintf(buf_cur, "SRC=%s ", - (char *) GET_VALUE(res, KEY_IP_SADDR).ptr); + (char *) ikey_get_ptr(&res[KEY_IP_SADDR])); if (pp_is_valid(res, KEY_IP_DADDR)) buf_cur += sprintf(buf_cur, "DST=%s ", - (char *) GET_VALUE(res, KEY_IP_DADDR).ptr); + (char *) ikey_get_ptr(&res[KEY_IP_DADDR])); if (pp_is_valid(res, KEY_IP6_PAYLOAD_LEN)) buf_cur += sprintf(buf_cur, "LEN=%Zu ", - GET_VALUE(res, KEY_IP6_PAYLOAD_LEN).ui16 + + ikey_get_u16(&res[KEY_IP6_PAYLOAD_LEN]) + sizeof(struct ip6_hdr)); if (pp_is_valid(res, KEY_IP6_PRIORITY)) buf_cur += sprintf(buf_cur, "TC=%u ", - GET_VALUE(res, KEY_IP6_PRIORITY).ui8); + ikey_get_u8(&res[KEY_IP6_PRIORITY])); if (pp_is_valid(res, KEY_IP6_HOPLIMIT)) buf_cur += sprintf(buf_cur, "HOPLIMIT=%u ", - GET_VALUE(res, KEY_IP6_HOPLIMIT).ui8); + ikey_get_u8(&res[KEY_IP6_HOPLIMIT])); if (pp_is_valid(res, KEY_IP6_FLOWLABEL)) buf_cur += sprintf(buf_cur, "FLOWLBL=%u ", - GET_VALUE(res, KEY_IP6_FLOWLABEL).ui32); + ikey_get_u32(&res[KEY_IP6_FLOWLABEL])); if (pp_is_valid(res, KEY_IP6_FRAG_OFF) && pp_is_valid(res, KEY_IP6_FRAG_ID)) buf_cur += sprintf(buf_cur, "FRAG: %u ID: %08x ", - GET_VALUE(res, KEY_IP6_FRAG_OFF).ui16, - GET_VALUE(res, KEY_IP6_FRAG_ID).ui32); + ikey_get_u16(&res[KEY_IP6_FRAG_OFF]), + ikey_get_u32(&res[KEY_IP6_FRAG_ID])); - switch (GET_VALUE(res, KEY_IP6_NEXTHDR).ui8) { + switch (ikey_get_u8(&res[KEY_IP6_NEXTHDR])) { case IPPROTO_TCP: case IPPROTO_UDP: case IPPROTO_ESP: case IPPROTO_AH: buf_cur += printpkt_proto(res, buf_cur, - GET_VALUE(res, KEY_IP6_NEXTHDR).ui8); + ikey_get_u8(&res[KEY_IP6_NEXTHDR])); break; case IPPROTO_ICMPV6: buf_cur += sprintf(buf_cur, "PROTO=ICMPv6 "); @@ -329,15 +331,15 @@ static int printpkt_ipv6(struct ulogd_key *res, char *buf) } buf_cur += sprintf(buf_cur, "TYPE=%u CODE=%u ", - GET_VALUE(res, KEY_ICMPV6_TYPE).ui8, - GET_VALUE(res, KEY_ICMPV6_CODE).ui8); + ikey_get_u8(&res[KEY_ICMPV6_TYPE]), + ikey_get_u8(&res[KEY_ICMPV6_CODE])); - switch (GET_VALUE(res, KEY_ICMPV6_TYPE).ui8) { + switch (ikey_get_u8(&res[KEY_ICMPV6_TYPE])) { case ICMP6_ECHO_REQUEST: case ICMP6_ECHO_REPLY: buf_cur += sprintf(buf_cur, "ID=%u SEQ=%u ", - GET_VALUE(res, KEY_ICMPV6_ECHOID).ui16, - GET_VALUE(res, KEY_ICMPV6_ECHOSEQ).ui16); + ikey_get_u16(&res[KEY_ICMPV6_ECHOID]), + ikey_get_u16(&res[KEY_ICMPV6_ECHOSEQ])); break; } break; @@ -354,16 +356,16 @@ int printpkt_arp(struct ulogd_key *res, char *buf) if (pp_is_valid(res, KEY_ARP_SPA)) buf_cur += sprintf(buf_cur, "SRC=%s ", - (char *) GET_VALUE(res, KEY_ARP_SPA).ptr); + (char *) ikey_get_ptr(&res[KEY_ARP_SPA])); if (pp_is_valid(res, KEY_ARP_TPA)) buf_cur += sprintf(buf_cur, "DST=%s ", - (char *) GET_VALUE(res, KEY_ARP_TPA).ptr); + (char *) ikey_get_ptr(&res[KEY_ARP_TPA])); buf_cur += sprintf(buf_cur, "PROTO=ARP "); if (pp_is_valid(res, KEY_ARP_OPCODE)) { - code = GET_VALUE(res, KEY_ARP_OPCODE).ui16; + code = ikey_get_u16(&res[KEY_ARP_OPCODE]); switch (code) { case ARPOP_REQUEST: buf_cur += sprintf(buf_cur, "REQUEST "); @@ -379,7 +381,7 @@ int printpkt_arp(struct ulogd_key *res, char *buf) } if (pp_is_valid(res, KEY_ARP_SHA) && (code == ARPOP_REPLY)) { - mac = GET_VALUE(res, KEY_ARP_SHA).ptr; + mac = ikey_get_ptr(&res[KEY_ARP_SHA]); buf_cur += sprintf(buf_cur, "REPLY_MAC=" "%02x:%02x:%02x:%02x:%02x:%02x ", mac[0], mac[1], mac[2], @@ -395,7 +397,7 @@ int printpkt_bridge(struct ulogd_key *res, char *buf) { char *buf_cur = buf; - switch (GET_VALUE(res, KEY_OOB_PROTOCOL).ui16) { + switch (ikey_get_u16(&res[KEY_OOB_PROTOCOL])) { case ETH_P_IP: buf_cur += printpkt_ipv4(res, buf_cur); break; @@ -407,7 +409,7 @@ int printpkt_bridge(struct ulogd_key *res, char *buf) break; default: buf_cur += sprintf(buf_cur, "PROTO=%u ", - GET_VALUE(res, KEY_OOB_PROTOCOL).ui16); + ikey_get_u16(&res[KEY_OOB_PROTOCOL])); } return buf_cur - buf; @@ -419,17 +421,17 @@ int printpkt_print(struct ulogd_key *res, char *buf) if (pp_is_valid(res, KEY_OOB_PREFIX)) buf_cur += sprintf(buf_cur, "%s ", - (char *) GET_VALUE(res, KEY_OOB_PREFIX).ptr); + (char *) ikey_get_ptr(&res[KEY_OOB_PREFIX])); if (pp_is_valid(res, KEY_OOB_IN) && pp_is_valid(res, KEY_OOB_OUT)) buf_cur += sprintf(buf_cur, "IN=%s OUT=%s ", - (char *) GET_VALUE(res, KEY_OOB_IN).ptr, - (char *) GET_VALUE(res, KEY_OOB_OUT).ptr); + (char *) ikey_get_ptr(&res[KEY_OOB_IN]), + (char *) ikey_get_ptr(&res[KEY_OOB_OUT])); /* FIXME: configurable */ if (pp_is_valid(res, KEY_RAW_MAC)) { - unsigned char *mac = (unsigned char *) GET_VALUE(res, KEY_RAW_MAC).ptr; - int i, len = GET_VALUE(res, KEY_RAW_MACLEN).ui16; + unsigned char *mac = (unsigned char *) ikey_get_ptr(&res[KEY_RAW_MAC]); + int i, len = ikey_get_u16(&res[KEY_RAW_MACLEN]); buf_cur += sprintf(buf_cur, "MAC="); for (i = 0; i < len; i++) @@ -438,7 +440,7 @@ int printpkt_print(struct ulogd_key *res, char *buf) } else buf_cur += sprintf(buf_cur, "MAC= "); - switch (GET_VALUE(res, KEY_OOB_FAMILY).ui8) { + switch (ikey_get_u8(&res[KEY_OOB_FAMILY])) { case AF_INET: buf_cur += printpkt_ipv4(res, buf_cur); break; @@ -452,13 +454,13 @@ int printpkt_print(struct ulogd_key *res, char *buf) if (pp_is_valid(res, KEY_OOB_UID)) buf_cur += sprintf(buf_cur, "UID=%u ", - GET_VALUE(res, KEY_OOB_UID).ui32); + ikey_get_u32(&res[KEY_OOB_UID])); if (pp_is_valid(res, KEY_OOB_GID)) buf_cur += sprintf(buf_cur, "GID=%u ", - GET_VALUE(res, KEY_OOB_GID).ui32); + ikey_get_u32(&res[KEY_OOB_GID])); if (pp_is_valid(res, KEY_OOB_MARK)) buf_cur += sprintf(buf_cur, "MARK=%x ", - GET_VALUE(res, KEY_OOB_MARK).ui32); + ikey_get_u32(&res[KEY_OOB_MARK])); strcat(buf_cur, "\n"); -- 1.5.6.3 -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html