Gitiles
Code Review Sign In
gerrit-public.fairphone.software / fp2-dev / platform / external / iptables / 3efb6ead2e51fe1eca55bcb2b06afb4dc4b8cb7c / . / extensions / libipt_ULOG.c
blob: 5de8ee0e01069b6151969f7665ec884d4de8978b [file] [log] [blame]
Harald Welte015dffb2000-07-31 23:38:14 +0000[diff] [blame]1/* Shared library add-on to iptables to add ULOG support.
2 *
Harald Welted3beea32001-01-31 07:30:19 +0000[diff] [blame]3 * (C) 2000 by Harald Welte <laforge@gnumonks.org>
4 *
5 * multipart netlink support based on ideas by Sebastian Zander
6 * <zander@fokus.gmd.de>
Harald Welte015dffb2000-07-31 23:38:14 +0000[diff] [blame]7 *
8 * This software is released under the terms of GNU GPL
9 *
Harald Welted3beea32001-01-31 07:30:19 +0000[diff] [blame]10 * libipt_ULOG.c,v 1.7 2001/01/30 11:55:02 laforge Exp
Harald Welte015dffb2000-07-31 23:38:14 +0000[diff] [blame]11 */
Harald Weltec5bdb402000-07-31 14:24:57 +0000[diff] [blame]12#include <stdio.h>
13#include <netdb.h>
14#include <string.h>
15#include <stdlib.h>
16#include <syslog.h>
17#include <getopt.h>
18#include <iptables.h>
19#include <linux/netfilter_ipv4/ip_tables.h>
20#include <linux/netfilter_ipv4/ipt_ULOG.h>
21
22#define ULOG_DEFAULT_NLGROUP 1
Harald Welted3beea32001-01-31 07:30:19 +0000[diff] [blame]23#define ULOG_DEFAULT_QTHRESHOLD 1
Harald Weltec5bdb402000-07-31 14:24:57 +0000[diff] [blame]24
25
26void print_groups(unsigned int gmask)
27{
28 int b;
29 unsigned int test;
30
Harald Welte015dffb2000-07-31 23:38:14 +0000[diff] [blame]31 for (b = 31; b >= 0; b--) {
Harald Weltec5bdb402000-07-31 14:24:57 +0000[diff] [blame]32 test = (1 << b);
33 if (gmask & test)
34 printf("%d ", b + 1);
35 }
36}
37
38/* Function which prints out usage message. */
39static void help(void)
40{
Harald Welte015dffb2000-07-31 23:38:14 +0000[diff] [blame]41 printf("ULOG v%s options:\n"
Marc Boucher44540942000-09-12 01:39:41 +0000[diff] [blame]42 " --ulog-nlgroup nlgroup NETLINK group used for logging\n"
Harald Welte015dffb2000-07-31 23:38:14 +0000[diff] [blame]43 " --ulog-cprange size Bytes of each packet to be passed\n"
Harald Welted3beea32001-01-31 07:30:19 +0000[diff] [blame]44 " --ulog-qthreshold Threshold of in-kernel queue\n"
Harald Welte015dffb2000-07-31 23:38:14 +0000[diff] [blame]45 " --ulog-prefix prefix Prefix log messages with this prefix.\n\n",
46 NETFILTER_VERSION);
Harald Weltec5bdb402000-07-31 14:24:57 +0000[diff] [blame]47}
48
49static struct option opts[] = {
Harald Welte015dffb2000-07-31 23:38:14 +0000[diff] [blame]50 {"ulog-nlgroup", 1, 0, '!'},
51 {"ulog-prefix", 1, 0, '#'},
52 {"ulog-cprange", 1, 0, 'A'},
Harald Welted3beea32001-01-31 07:30:19 +0000[diff] [blame]53 {"ulog-qthreshold", 1, 0, 'B'},
Harald Welte015dffb2000-07-31 23:38:14 +0000[diff] [blame]54 {0}
Harald Weltec5bdb402000-07-31 14:24:57 +0000[diff] [blame]55};
56
57/* Initialize the target. */
58static void init(struct ipt_entry_target *t, unsigned int *nfcache)
59{
Harald Welte015dffb2000-07-31 23:38:14 +0000[diff] [blame]60 struct ipt_ulog_info *loginfo = (struct ipt_ulog_info *) t->data;
Harald Weltec5bdb402000-07-31 14:24:57 +0000[diff] [blame]61
62 loginfo->nl_group = ULOG_DEFAULT_NLGROUP;
Harald Welted3beea32001-01-31 07:30:19 +0000[diff] [blame]63 loginfo->qthreshold = ULOG_DEFAULT_QTHRESHOLD;
Harald Weltec5bdb402000-07-31 14:24:57 +0000[diff] [blame]64
65 /* Can't cache this */
66 *nfcache |= NFC_UNKNOWN;
67}
68
69#define IPT_LOG_OPT_NLGROUP 0x01
70#define IPT_LOG_OPT_PREFIX 0x02
Harald Welte015dffb2000-07-31 23:38:14 +0000[diff] [blame]71#define IPT_LOG_OPT_CPRANGE 0x04
Harald Welted3beea32001-01-31 07:30:19 +0000[diff] [blame]72#define IPT_LOG_OPT_QTHRESHOLD 0x08
Harald Weltec5bdb402000-07-31 14:24:57 +0000[diff] [blame]73
74/* Function which parses command options; returns true if it
75 ate an option */
76static int parse(int c, char **argv, int invert, unsigned int *flags,
Harald Welte015dffb2000-07-31 23:38:14 +0000[diff] [blame]77 const struct ipt_entry *entry,
78 struct ipt_entry_target **target)
Harald Weltec5bdb402000-07-31 14:24:57 +0000[diff] [blame]79{
Harald Welte015dffb2000-07-31 23:38:14 +0000[diff] [blame]80 struct ipt_ulog_info *loginfo =
81 (struct ipt_ulog_info *) (*target)->data;
Harald Weltec5bdb402000-07-31 14:24:57 +0000[diff] [blame]82 int group_d;
83
84 switch (c) {
85 case '!':
86 if (*flags & IPT_LOG_OPT_NLGROUP)
87 exit_error(PARAMETER_PROBLEM,
88 "Can't specify --ulog-nlgroup twice");
89
90 if (check_inverse(optarg, &invert))
91 exit_error(PARAMETER_PROBLEM,
92 "Unexpected `!' after --ulog-nlgroup");
93 group_d = atoi(optarg);
94 if (group_d > 32 || group_d < 1)
95 exit_error(PARAMETER_PROBLEM,
Harald Welte015dffb2000-07-31 23:38:14 +0000[diff] [blame]96 "--ulog-nlgroup has to be between 1 and 32");
Harald Weltec5bdb402000-07-31 14:24:57 +0000[diff] [blame]97
Harald Welte015dffb2000-07-31 23:38:14 +0000[diff] [blame]98 loginfo->nl_group = (1 << (group_d - 1));
Harald Weltec5bdb402000-07-31 14:24:57 +0000[diff] [blame]99
100 *flags |= IPT_LOG_OPT_NLGROUP;
101 break;
102
103 case '#':
104 if (*flags & IPT_LOG_OPT_PREFIX)
105 exit_error(PARAMETER_PROBLEM,
106 "Can't specify --ulog-prefix twice");
107
108 if (check_inverse(optarg, &invert))
109 exit_error(PARAMETER_PROBLEM,
110 "Unexpected `!' after --ulog-prefix");
111
112 if (strlen(optarg) > sizeof(loginfo->prefix) - 1)
113 exit_error(PARAMETER_PROBLEM,
114 "Maximum prefix length %u for --ulog-prefix",
115 sizeof(loginfo->prefix) - 1);
116
117 strcpy(loginfo->prefix, optarg);
118 *flags |= IPT_LOG_OPT_PREFIX;
119 break;
Harald Welte015dffb2000-07-31 23:38:14 +0000[diff] [blame]120 case 'A':
121 if (*flags & IPT_LOG_OPT_CPRANGE)
122 exit_error(PARAMETER_PROBLEM,
123 "Can't specify --ulog-cprange twice");
124 if (atoi(optarg) < 0)
125 exit_error(PARAMETER_PROBLEM,
126 "Negative copy range?");
127 loginfo->copy_range = atoi(optarg);
128 *flags |= IPT_LOG_OPT_CPRANGE;
129 break;
Harald Welted3beea32001-01-31 07:30:19 +0000[diff] [blame]130 case 'B':
131 if (*flags & IPT_LOG_OPT_QTHRESHOLD)
132 exit_error(PARAMETER_PROBLEM,
133 "Can't specify --ulog-qthreshold twice");
134 if (atoi(optarg) < 1)
135 exit_error(PARAMETER_PROBLEM,
136 "Negative or zero queue threshold ?");
137 if (atoi(optarg) > ULOG_MAX_QLEN)
138 exit_error(PARAMETER_PROBLEM,
139 "Maximum queue length exceeded");
140 loginfo->qthreshold = atoi(optarg);
141 *flags |= IPT_LOG_OPT_QTHRESHOLD;
142 break;
Harald Weltec5bdb402000-07-31 14:24:57 +0000[diff] [blame]143 }
144 return 1;
145}
146
147/* Final check; nothing. */
148static void final_check(unsigned int flags)
149{
150}
151
152/* Saves the union ipt_targinfo in parsable form to stdout. */
Harald Welte015dffb2000-07-31 23:38:14 +0000[diff] [blame]153static void save(const struct ipt_ip *ip,
154 const struct ipt_entry_target *target)
Harald Weltec5bdb402000-07-31 14:24:57 +0000[diff] [blame]155{
Harald Welte015dffb2000-07-31 23:38:14 +0000[diff] [blame]156 const struct ipt_ulog_info *loginfo
157 = (const struct ipt_ulog_info *) target->data;
Harald Weltec5bdb402000-07-31 14:24:57 +0000[diff] [blame]158
Harald Welte015dffb2000-07-31 23:38:14 +0000[diff] [blame]159 if (strcmp(loginfo->prefix, "") != 0)
Harald Welted3beea32001-01-31 07:30:19 +0000[diff] [blame]160 printf("--ulog-prefix %s ", loginfo->prefix);
Harald Weltec5bdb402000-07-31 14:24:57 +0000[diff] [blame]161
Harald Welte015dffb2000-07-31 23:38:14 +0000[diff] [blame]162 if (loginfo->nl_group != ULOG_DEFAULT_NLGROUP) {
163 printf("--ulog-nlgroup ");
Harald Weltec5bdb402000-07-31 14:24:57 +0000[diff] [blame]164 print_groups(loginfo->nl_group);
Harald Welte67f23b22000-11-05 17:53:06 +0000[diff] [blame]165 printf("\n");
Harald Weltec5bdb402000-07-31 14:24:57 +0000[diff] [blame]166 }
Harald Welte015dffb2000-07-31 23:38:14 +0000[diff] [blame]167 if (loginfo->copy_range)
Harald Welted3beea32001-01-31 07:30:19 +0000[diff] [blame]168 printf("--ulog-cprange %d ", loginfo->copy_range);
169
170 if (loginfo->qthreshold != ULOG_DEFAULT_QTHRESHOLD)
171 printf("--ulog-qthreshold %d ", loginfo->qthreshold);
Harald Weltec5bdb402000-07-31 14:24:57 +0000[diff] [blame]172}
173
174/* Prints out the targinfo. */
175static void
176print(const struct ipt_ip *ip,
Harald Welte015dffb2000-07-31 23:38:14 +0000[diff] [blame]177 const struct ipt_entry_target *target, int numeric)
Harald Weltec5bdb402000-07-31 14:24:57 +0000[diff] [blame]178{
179 const struct ipt_ulog_info *loginfo
Harald Welte015dffb2000-07-31 23:38:14 +0000[diff] [blame]180 = (const struct ipt_ulog_info *) target->data;
Harald Weltec5bdb402000-07-31 14:24:57 +0000[diff] [blame]181
182 printf("ULOG ");
Harald Welte015dffb2000-07-31 23:38:14 +0000[diff] [blame]183 printf("copy_range %d nlgroup ", loginfo->copy_range);
Harald Weltec5bdb402000-07-31 14:24:57 +0000[diff] [blame]184 print_groups(loginfo->nl_group);
185 if (strcmp(loginfo->prefix, "") != 0)
186 printf("prefix `%s' ", loginfo->prefix);
Harald Welted3beea32001-01-31 07:30:19 +0000[diff] [blame]187 printf("queue_threshold %d ", loginfo->qthreshold);
Harald Weltec5bdb402000-07-31 14:24:57 +0000[diff] [blame]188}
189
Harald Welte3efb6ea2001-08-06 18:50:21 +0000[diff] [blame^]190static
Harald Welte015dffb2000-07-31 23:38:14 +0000[diff] [blame]191struct iptables_target ulog = { NULL,
192 "ULOG",
193 NETFILTER_VERSION,
194 IPT_ALIGN(sizeof(struct ipt_ulog_info)),
195 IPT_ALIGN(sizeof(struct ipt_ulog_info)),
196 &help,
197 &init,
198 &parse,
199 &final_check,
200 &print,
201 &save,
202 opts
Harald Weltec5bdb402000-07-31 14:24:57 +0000[diff] [blame]203};
204
205void _init(void)
206{
207 register_target(&ulog);
208}