st 18. 8. 2021 o 9:23 Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> napísal(a):
> You need this kernel patch to add this information to nfnetlink_queue,
> compile-tested only.
Hey Pablo,
patch is working like a charm. Thank you! Now I see timestamps and
packets/bytes counters in JSON output correctly.
At the end I will post customized input plugin for everyone.
The last thing I want to ask is what's correct way to get
attrs[NFULA_CT]
from
struct nfulnl_msg_packet_hdr *ph = nflog_get_msg_packet_hdr(ldata);
Now I use the following code which is working but throwing random
errors "something went wrong (Numerical result out of range)" I'm
mixing struct nfulnl_msg_packet_hdr with const struct nlmsghdr *nlh
struct nfulnl_msg_packet_hdr *ph = nflog_get_msg_packet_hdr(ldata);
struct nlattr *attrs[NFULA_MAX + 1] = { NULL };
int retb;
retb = nflog_nlmsg_parse(ph, attrs);
if (retb != MNL_CB_OK) {
printf("something went wrong");
printf(" (%s)\n", strerror(errno));
return retb;
}
