[lnf-log RFC PATCH v2 1/2] introduce new functions independent from libnfnetlink

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The libnetfilter_log.c file contains the old API, its use is
discouraged since it depends on libnfnetlink.

The idea is to provide a set of helper functions that we can use in
conjunction with libmnl, similar to what we have in
libnetfilter_queue/nlmsg.c

Signed-off-by: Ken-ichirou MATSUZAWA <chamas@xxxxxxxxxxxxx>
---
 Make_global.am                              |   2 +-
 configure.ac                                |   1 +
 include/libnetfilter_log/libnetfilter_log.h |  12 +++
 src/Makefile.am                             |   4 +-
 src/libnetfilter_log.c                      |  52 ++++++++++
 src/nlmsg.c                                 | 149 ++++++++++++++++++++++++++++
 6 files changed, 217 insertions(+), 3 deletions(-)
 create mode 100644 src/nlmsg.c

diff --git a/Make_global.am b/Make_global.am
index a4e9bd9..9bc8ea1 100644
--- a/Make_global.am
+++ b/Make_global.am
@@ -1,2 +1,2 @@
-AM_CPPFLAGS = -I${top_srcdir}/include ${LIBNFNETLINK_CFLAGS}
+AM_CPPFLAGS = -I${top_srcdir}/include ${LIBNFNETLINK_CFLAGS} ${LIBMNL_CFLAGS}
 AM_CFLAGS = -Wall
diff --git a/configure.ac b/configure.ac
index cdcbc90..ead9399 100644
--- a/configure.ac
+++ b/configure.ac
@@ -30,6 +30,7 @@ AM_CONDITIONAL([BUILD_IPULOG], [test "x$with_ipulog" != xno])
 
 dnl Dependencies
 PKG_CHECK_MODULES([LIBNFNETLINK], [libnfnetlink >= 0.0.41])
+PKG_CHECK_MODULES([LIBMNL], [libmnl >= 1.0.3])
 
 dnl Output the makefile
 AC_CONFIG_FILES([Makefile src/Makefile include/Makefile
diff --git a/include/libnetfilter_log/libnetfilter_log.h b/include/libnetfilter_log/libnetfilter_log.h
index 7812877..c662b63 100644
--- a/include/libnetfilter_log/libnetfilter_log.h
+++ b/include/libnetfilter_log/libnetfilter_log.h
@@ -11,6 +11,7 @@
 
 #include <stdint.h>
 #include <sys/types.h>
+#include <linux/netlink.h>
 #include <libnetfilter_log/linux_nfnetlink_log.h>
 
 struct nflog_handle;
@@ -82,4 +83,15 @@ enum {
 
 extern int nflog_snprintf_xml(char *buf, size_t len, struct nflog_data *tb, int flags);
 
+#define NFLOG_DATA_SIZE (sizeof(struct nfattr **) + sizeof(struct nlattr *) * (NFULA_MAX + 1))
+extern struct nflog_data *nflog_data_alloc(void);
+extern struct nflog_data *nflog_data_init(void *data);
+extern void nflog_data_free(struct nflog_data *nfad);
+extern struct nlmsghdr *
+nfnl_nlmsg_put_header(char *buf, uint8_t type, uint8_t family, uint16_t qnum);
+extern int nfnl_attr_put_cfg_mode(struct nlmsghdr *nlh, struct nfulnl_msg_config_mode *mode);
+extern int nfnl_attr_put_cfg_cmd(struct nlmsghdr *nlh, struct nfulnl_msg_config_cmd *cmd);
+extern int nflog_nlmsg_parse_attrs(const struct nlmsghdr *nlh, struct nlattr **attr);
+extern int nflog_nlmsg_parse(const struct nlmsghdr *nlh, struct nflog_data *nfad);
+
 #endif	/* __LIBNETFILTER_LOG_H */
diff --git a/src/Makefile.am b/src/Makefile.am
index 33933a4..aa56152 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -26,8 +26,8 @@ lib_LTLIBRARIES = libnetfilter_log.la
 
 libnetfilter_log_la_LDFLAGS = -Wc,-nostartfiles -lnfnetlink	\
 			      -version-info $(LIBVERSION)
-libnetfilter_log_la_SOURCES = libnetfilter_log.c 
-libnetfilter_log_la_LIBADD  = ${LIBNFNETLINK_LIBS}
+libnetfilter_log_la_SOURCES = libnetfilter_log.c nlmsg.c
+libnetfilter_log_la_LIBADD  = ${LIBNFNETLINK_LIBS} ${LIBMNL_LIBS}
 
 if BUILD_IPULOG
 lib_LTLIBRARIES += libnetfilter_log_libipulog.la
diff --git a/src/libnetfilter_log.c b/src/libnetfilter_log.c
index e92576b..8f037ae 100644
--- a/src/libnetfilter_log.c
+++ b/src/libnetfilter_log.c
@@ -26,6 +26,7 @@
 #include <errno.h>
 #include <netinet/in.h>
 #include <sys/socket.h>
+#include <linux/netlink.h>
 
 #include <libnetfilter_log/linux_nfnetlink_log.h>
 
@@ -1067,5 +1068,56 @@ int nflog_snprintf_xml(char *buf, size_t rem, struct nflog_data *tb, int flags)
 }
 
 /**
+ * nflog_data_init - initialize the preallocated nflog data
+ *
+ * this function requires NFLOG_DATA_SIZE allocated memory area and returns a
+ * pointer to a initialized nflog_data.
+ */
+struct nflog_data *nflog_data_init(void *data)
+{
+	struct nflog_data *nfad = data;
+
+	memset(data, 0, NFLOG_DATA_SIZE);
+	nfad->nfa = data + sizeof(struct nfattr **);
+	return nfad;
+}
+
+/**
+ * nflog_data_alloc - allocate a new nflog data
+ *
+ * In case of success, this function returns a valid pointer to a memory blob,
+ * otherwise NULL is returned and errno is set appropiately.
+ */
+struct nflog_data *nflog_data_alloc(void)
+{
+	void *data = malloc(NFLOG_DATA_SIZE);
+
+	if (data == NULL)
+		return NULL;
+	return nflog_data_init(data);
+}
+
+/**
+ * nflog_data_free - release a nflog data
+ * \param nfad pointer to the nflog data
+ */
+void nflog_data_free(struct nflog_data *nfad)
+{
+	free(nfad);
+}
+
+/**
+ * nflog_nlmsg_parse - set packet attributes from netlink message
+ * \param nlh netlink message that you want to read.
+ * \param attr pointer to the nflog_data which is allocate by nflog_data_alloc
+ *
+ * This function returns MNL_CB_ERROR if any error occurs, or MNL_CB_OK on
+ * success.
+ */
+int nflog_nlmsg_parse(const struct nlmsghdr *nlh, struct nflog_data *nfad)
+{
+	return nflog_nlmsg_parse_attrs(nlh, (struct nlattr **)&nfad->nfa[-1]);
+}
+/**
  * @}
  */
diff --git a/src/nlmsg.c b/src/nlmsg.c
new file mode 100644
index 0000000..269fb9d
--- /dev/null
+++ b/src/nlmsg.c
@@ -0,0 +1,149 @@
+/*
+ * (C) 2015 by Ken-ichirou MATSUZAWA <chamas@xxxxxxxxxxxxx>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published
+ * by the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ */
+#include <arpa/inet.h>
+#include <linux/netfilter/nfnetlink_log.h>
+#include <libmnl/libmnl.h>
+
+/**
+ * \defgroup nlmsg Netlink message helper functions
+ * @{
+ */
+
+/**
+ * nfnl_nlmsg_put_header - reserve and prepare room for nflog Netlink header
+ * \param buf memory already allocated to store the Netlink header
+ * \param type message type one of the enum nfulnl_msg_types
+ * \param family protocol family to be an object of
+ * \param qnum queue number to be an object of
+ *
+ * This function creates Netlink header in the memory buffer passed
+ * as parameter that will send to nfnetlink log . This function
+ * returns a pointer to the Netlink header structure.
+ */
+struct nlmsghdr *
+nfnl_nlmsg_put_header(char *buf, uint8_t type, uint8_t family, uint16_t qnum)
+{
+	struct nlmsghdr *nlh = mnl_nlmsg_put_header(buf);
+	struct nfgenmsg *nfg;
+
+	nlh->nlmsg_type	= (NFNL_SUBSYS_ULOG << 8) | type;
+	nlh->nlmsg_flags = NLM_F_REQUEST;
+
+	nfg = mnl_nlmsg_put_extra_header(nlh, sizeof(*nfg));
+	nfg->nfgen_family = family;
+	nfg->version = NFNETLINK_V0;
+	nfg->res_id = htons(qnum);
+
+	return nlh;
+}
+
+/**
+ * nfnl_attr_put_cfg_mode - add an mode attribute to nflog netlink message
+ * \param nlh pointer to the netlink message
+ * \param mode pointer to the mode that will be stored by the new attribute
+ *
+ * this function returns -1 and errno is explicitly set. On success, this
+ * function returns 1.
+ */
+int nfnl_attr_put_cfg_mode(struct nlmsghdr *nlh, struct nfulnl_msg_config_mode *mode)
+{
+	mnl_attr_put(nlh, NFULA_CFG_MODE, sizeof(*mode), mode);
+	/* it may returns -1 in future */
+	return 1;
+}
+
+/**
+ * nfnl_attr_put_cfg_cmd - add an cmd attribute to nflog netlink message
+ * \param nlh pointer to the netlink message
+ * \param cmd pointer to the cmd that will be stored by the new attribute
+ *
+ * this function returns -1 and errno is explicitly set. On success, this
+ * function returns 1.
+ */
+int nfnl_attr_put_cfg_cmd(struct nlmsghdr *nlh, struct nfulnl_msg_config_cmd *cmd)
+{
+	mnl_attr_put(nlh, NFULA_CFG_CMD, sizeof(*cmd), cmd);
+	/* it may returns -1 in future */
+	return 1;
+}
+
+static int nflog_pkt_parse_attr_cb(const struct nlattr *attr, void *data)
+{
+	const struct nlattr **tb = data;
+	int type = mnl_attr_get_type(attr);
+
+	/* skip unsupported attribute in user-space */
+	if (mnl_attr_type_valid(attr, NFULA_MAX) < 0)
+		return MNL_CB_OK;
+
+	switch(type) {
+	case NFULA_HWTYPE:		/* hardware type */
+	case NFULA_HWLEN:		/* hardware header length */
+		if (mnl_attr_validate(attr, MNL_TYPE_U16) < 0)
+			return MNL_CB_ERROR;
+		break;
+	case NFULA_MARK:		/* __u32 nfmark */
+	case NFULA_IFINDEX_INDEV:	/* __u32 ifindex */
+	case NFULA_IFINDEX_OUTDEV:	/* __u32 ifindex */
+	case NFULA_IFINDEX_PHYSINDEV:	/* __u32 ifindex */
+	case NFULA_IFINDEX_PHYSOUTDEV:	/* __u32 ifindex */
+	case NFULA_UID:			/* user id of socket */
+	case NFULA_SEQ:			/* instance-local sequence number */
+	case NFULA_SEQ_GLOBAL:		/* global sequence number */
+	case NFULA_GID:			/* group id of socket */
+		if (mnl_attr_validate(attr, MNL_TYPE_U32) < 0)
+			return MNL_CB_ERROR;
+		break;
+	case NFULA_PACKET_HDR:
+		if (mnl_attr_validate2(attr, MNL_TYPE_UNSPEC,
+		    sizeof(struct nfulnl_msg_packet_hdr)) < 0) {
+			return MNL_CB_ERROR;
+		}
+		break;
+	case NFULA_TIMESTAMP:		/* nfulnl_msg_packet_timestamp */
+		if (mnl_attr_validate2(attr, MNL_TYPE_UNSPEC,
+		    sizeof(struct nfulnl_msg_packet_timestamp)) < 0) {
+			return MNL_CB_ERROR;
+		}
+		break;
+	case NFULA_HWADDR:		/* nfulnl_msg_packet_hw */
+		if (mnl_attr_validate2(attr, MNL_TYPE_UNSPEC,
+		    sizeof(struct nfulnl_msg_packet_hw)) < 0) {
+			return MNL_CB_ERROR;
+		}
+		break;
+	case NFULA_PREFIX:		/* string prefix */
+		if (mnl_attr_validate(attr, MNL_TYPE_NUL_STRING) < 0)
+			return MNL_CB_ERROR;
+		break;
+	case NFULA_HWHEADER:		/* hardware header */
+	case NFULA_PAYLOAD:		/* opaque data payload */
+		break;
+	}
+	tb[type] = attr;
+	return MNL_CB_OK;
+}
+
+/**
+ * nflog_nlmsg_parse_attrs - set nlattrs from netlink message
+ * \param nlh netlink message that you want to read.
+ * \param attr pointer to the array of nlattr which size is NFULA_MAX + 1
+ *
+ * This function returns MNL_CB_ERROR if any error occurs, or MNL_CB_OK on
+ * success.
+ */
+int nflog_nlmsg_parse_attrs(const struct nlmsghdr *nlh, struct nlattr **attr)
+{
+	return mnl_attr_parse(nlh, sizeof(struct nfgenmsg),
+			      nflog_pkt_parse_attr_cb, attr);
+}
+
+/**
+ * @}
+ */
-- 
2.1.4

--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Index of Archives]     [Netfitler Users]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux