Thanks for the help! Dave On Tue, Jul 29, 2008 at 3:11 AM, Eric Leblond <eric@xxxxxx> wrote: > Hello, > > On Monday, 2008 July 28 at 11:33:24 -0400, David Boulding wrote: >> I've never heard of NFLOG or ULOG, is there any documentation under >> netfilter on how to use it? How would I get the data that I want (to >> sniff) using NFLOG/ULOG? > > For ULOG, you can have a look at ulogd or ulogd2 code. > http://git.netfilter.org/cgi-bin/gitweb.cgi?p=ulogd2.git;a=blob;f=input/packet/ulogd_inppkt_ULOG.c;h=c00d9bf8a965be7f961738892e19191efcf8f691;hb=0b789ea9bf810497845456e9b83bff8c5ae5ca23 > By the way, as ulogd2 uses a plugin mechanism, you may be able to build > what you want by coding an ulogd2 plugin. It can provide you a way to > code something independant from low level (NFLOG or ULOG can be used as > input without changing your plugin). > > A mini doc about ulogd2 hacking is available here: > http://home.regit.org/?page_id=90 > > For NFLOG, you need to use latest git for kernel and libnetfilter_log. > > The following functions are available: > > - nflog_get_hwtype: to fetch hardware type (and thus give the parser to > use) > - nflog_get_msg_packet_hwhdrlen: to get hardware header len > - nflog_get_msg_packet_hwhdr: get hardware datas > > BR, > -- > Eric Leblond > INL: http://www.inl.fr/ > NuFW: http://www.nufw.org/ > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.6 (GNU/Linux) > > iD8DBQFIjsKinxA7CdMWjzIRAofmAJ9mi4P5SRkPugu8wADwtmB2LlHmigCfWjNn > E77TPzKV3LStdfYgpFCobVA= > =ruvK > -----END PGP SIGNATURE----- > > -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
