Commit 0597f268 authored by Harald Welte's avatar Harald Welte Committed by David S. Miller
Browse files

[NETFILTER]: Add new "nfnetlink_log" userspace packet logging facility



This is a generic (layer3 independent) version of what ipt_ULOG is already
doing for IPv4 today.  ipt_ULOG, ebt_ulog and finally also ip[6]t_LOG will
be deprecated by this mechanism in the long term.
Signed-off-by: default avatarHarald Welte <laforge@netfilter.org>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent 608c8e4f
#ifndef _NFNETLINK_LOG_H
#define _NFNETLINK_LOG_H
/* This file describes the netlink messages (i.e. 'protocol packets'),
* and not any kind of function definitions. It is shared between kernel and
* userspace. Don't put kernel specific stuff in here */
#include <linux/netfilter/nfnetlink.h>
enum nfulnl_msg_types {
NFULNL_MSG_PACKET, /* packet from kernel to userspace */
NFULNL_MSG_CONFIG, /* connect to a particular queue */
NFULNL_MSG_MAX
};
struct nfulnl_msg_packet_hdr {
u_int16_t hw_protocol; /* hw protocol (network order) */
u_int8_t hook; /* netfilter hook */
u_int8_t _pad;
} __attribute__ ((packed));
struct nfulnl_msg_packet_hw {
u_int16_t hw_addrlen;
u_int16_t _pad;
u_int8_t hw_addr[8];
} __attribute__ ((packed));
struct nfulnl_msg_packet_timestamp {
u_int64_t sec;
u_int64_t usec;
} __attribute__ ((packed));
#define NFULNL_PREFIXLEN 30 /* just like old log target */
enum nfulnl_attr_type {
NFULA_UNSPEC,
NFULA_PACKET_HDR,
NFULA_MARK, /* u_int32_t nfmark */
NFULA_TIMESTAMP, /* nfulnl_msg_packet_timestamp */
NFULA_IFINDEX_INDEV, /* u_int32_t ifindex */
NFULA_IFINDEX_OUTDEV, /* u_int32_t ifindex */
NFULA_HWADDR, /* nfulnl_msg_packet_hw */
NFULA_PAYLOAD, /* opaque data payload */
NFULA_PREFIX, /* string prefix */
NFULA_UID, /* user id of socket */
__NFULA_MAX
};
#define NFULA_MAX (__NFULA_MAX - 1)
enum nfulnl_msg_config_cmds {
NFULNL_CFG_CMD_NONE,
NFULNL_CFG_CMD_BIND,
NFULNL_CFG_CMD_UNBIND,
NFULNL_CFG_CMD_PF_BIND,
NFULNL_CFG_CMD_PF_UNBIND,
};
struct nfulnl_msg_config_cmd {
u_int8_t command; /* nfulnl_msg_config_cmds */
} __attribute__ ((packed));
struct nfulnl_msg_config_mode {
u_int32_t copy_range;
u_int8_t copy_mode;
u_int8_t _pad;
} __attribute__ ((packed));
enum nfulnl_attr_config {
NFULA_CFG_UNSPEC,
NFULA_CFG_CMD, /* nfulnl_msg_config_cmd */
NFULA_CFG_MODE, /* nfulnl_msg_config_mode */
NFULA_CFG_NLBUFSIZ, /* u_int32_t buffer size */
NFULA_CFG_TIMEOUT, /* u_int32_t in 1/100 s */
NFULA_CFG_QTHRESH, /* u_int32_t */
__NFULA_CFG_MAX
};
#define NFULA_CFG_MAX (__NFULA_CFG_MAX -1)
#define NFULNL_COPY_NONE 0x00
#define NFULNL_COPY_META 0x01
#define NFULNL_COPY_PACKET 0x02
#endif /* _NFNETLINK_LOG_H */
......@@ -11,3 +11,14 @@ config NETFILTER_NETLINK_QUEUE
If this option isenabled, the kernel will include support
for queueing packets via NFNETLINK.
config NETFILTER_NETLINK_LOG
tristate "Netfilter LOG over NFNETLINK interface"
depends on NETFILTER_NETLINK
help
If this option is enabled, the kernel will include support
for logging packets via NFNETLINK.
This obsoletes the existing ipt_ULOG and ebg_ulog mechanisms,
and is also scheduled to replace the old syslog-based ipt_LOG
and ip6t_LOG modules.
obj-$(CONFIG_NETFILTER_NETLINK) += nfnetlink.o
obj-$(CONFIG_NETFILTER_NETLINK_QUEUE) += nfnetlink_queue.o
obj-$(CONFIG_NETFILTER_NETLINK_LOG) += nfnetlink_log.o
This diff is collapsed.
......@@ -1041,6 +1041,7 @@ cleanup:
nf_unregister_queue_handlers(nfqnl_enqueue_packet);
unregister_netdevice_notifier(&nfqnl_dev_notifier);
#ifdef CONFIG_PROC_FS
remove_proc_entry("nfnetlink_queue", proc_net_netfilter);
cleanup_subsys:
#endif
nfnetlink_subsys_unregister(&nfqnl_subsys);
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment