[netfilter-cvslog] r7330 - in branches/ulog/ulogd2: . filter/raw2packet include/ulogd util
pablo at netfilter.org
pablo at netfilter.org
Sun Feb 3 12:59:47 CET 2008
Author: pablo at netfilter.org
Date: 2008-02-03 12:59:47 +0100 (Sun, 03 Feb 2008)
New Revision: 7330
Modified:
branches/ulog/ulogd2/filter/raw2packet/ulogd_raw2packet_BASE.c
branches/ulog/ulogd2/include/ulogd/printpkt.h
branches/ulog/ulogd2/ulogd.conf.in
branches/ulog/ulogd2/util/printpkt.c
Log:
From: Eric leblond <eric at inl.fr>
- This patch suppress key relative to IPv6 address because IPv4 and IPv6 can be stored in the same key.
- Add missing IP2STR line to ulogd.conf.in
Modified: branches/ulog/ulogd2/filter/raw2packet/ulogd_raw2packet_BASE.c
===================================================================
--- branches/ulog/ulogd2/filter/raw2packet/ulogd_raw2packet_BASE.c 2008-02-03 11:57:24 UTC (rev 7329)
+++ branches/ulog/ulogd2/filter/raw2packet/ulogd_raw2packet_BASE.c 2008-02-03 11:59:47 UTC (rev 7330)
@@ -54,8 +54,6 @@
KEY_IP_CSUM,
KEY_IP_ID,
KEY_IP_FRAGOFF,
- KEY_IP6_SADDR,
- KEY_IP6_DADDR,
KEY_IP6_PAYLOAD_LEN,
KEY_IP6_PRIORITY,
KEY_IP6_FLOWLABEL,
@@ -186,24 +184,6 @@
.field_id = IPFIX_fragmentOffsetIPv4,
},
},
- [KEY_IP6_SADDR] = {
- .type = ULOGD_RET_RAW,
- .flags = ULOGD_RETF_NONE,
- .name = "ip6.saddr",
- .ipfix = {
- .vendor = IPFIX_VENDOR_IETF,
- .field_id = IPFIX_sourceIPv6Address,
- },
- },
- [KEY_IP6_DADDR] = {
- .type = ULOGD_RET_RAW,
- .flags = ULOGD_RETF_NONE,
- .name = "ip6.daddr",
- .ipfix = {
- .vendor = IPFIX_VENDOR_IETF,
- .field_id = IPFIX_destinationIPv6Address,
- },
- },
[KEY_IP6_PAYLOAD_LEN] = {
.type = ULOGD_RET_UINT16,
.flags = ULOGD_RETF_NONE,
@@ -730,10 +710,10 @@
if (len < sizeof(struct ip6_hdr))
return 0;
- ret[KEY_IP6_SADDR].u.value.ptr = &ipv6h->ip6_src;
- ret[KEY_IP6_SADDR].flags |= ULOGD_RETF_VALID;
- ret[KEY_IP6_DADDR].u.value.ptr = &ipv6h->ip6_dst;
- ret[KEY_IP6_DADDR].flags |= ULOGD_RETF_VALID;
+ ret[KEY_IP_SADDR].u.value.ptr = &ipv6h->ip6_src;
+ ret[KEY_IP_SADDR].flags |= ULOGD_RETF_VALID;
+ ret[KEY_IP_DADDR].u.value.ptr = &ipv6h->ip6_dst;
+ ret[KEY_IP_DADDR].flags |= ULOGD_RETF_VALID;
ret[KEY_IP6_PAYLOAD_LEN].u.value.ui16 = ntohs(ipv6h->ip6_plen);
ret[KEY_IP6_PAYLOAD_LEN].flags |= ULOGD_RETF_VALID;
ret[KEY_IP6_PRIORITY].u.value.ui8 = ntohl(ipv6h->ip6_flow & 0x0ff00000) >> 20;
Modified: branches/ulog/ulogd2/include/ulogd/printpkt.h
===================================================================
--- branches/ulog/ulogd2/include/ulogd/printpkt.h 2008-02-03 11:57:24 UTC (rev 7329)
+++ branches/ulog/ulogd2/include/ulogd/printpkt.h 2008-02-03 11:59:47 UTC (rev 7330)
@@ -17,8 +17,6 @@
KEY_IP_ID,
KEY_IP_FRAGOFF,
KEY_IP_PROTOCOL,
- KEY_IP6_SADDR,
- KEY_IP6_DADDR,
KEY_IP6_PAYLOAD_LEN,
KEY_IP6_PRIORITY,
KEY_IP6_HOPLIMIT,
Modified: branches/ulog/ulogd2/ulogd.conf.in
===================================================================
--- branches/ulog/ulogd2/ulogd.conf.in 2008-02-03 11:57:24 UTC (rev 7329)
+++ branches/ulog/ulogd2/ulogd.conf.in 2008-02-03 11:59:47 UTC (rev 7330)
@@ -35,6 +35,7 @@
plugin="@libdir@/ulogd/ulogd_inppkt_NFLOG.so"
plugin="@libdir@/ulogd/ulogd_inpflow_NFCT.so"
plugin="@libdir@/ulogd/ulogd_filter_IFINDEX.so"
+plugin="@libdir@/ulogd/ulogd_filter_IP2STR.so"
plugin="@libdir@/ulogd/ulogd_filter_PRINTPKT.so"
plugin="@libdir@/ulogd/ulogd_filter_PRINTFLOW.so"
plugin="@libdir@/ulogd/ulogd_output_LOGEMU.so"
@@ -42,8 +43,11 @@
plugin="@libdir@/ulogd/ulogd_raw2packet_BASE.so"
# this is a stack for packet-based logging via LOGEMU
-#stack=log1:NFLOG,base1:BASE,ifi1:IFINDEX,print1:PRINTPKT,emu1:LOGEMU
+#stack=log1:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
+# this is a stack for IPv6 packet-based logging via LOGEMU
+#stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
+
# this is a stack for ULOG packet-based logging via LOGEMU
#stack=ulog1:ULOG,base1:BASE,print1:PRINTPKT,emu1:LOGEMU
@@ -59,6 +63,10 @@
# netlink multicast group (the same as the iptables --ulog-nlgroup param)
group=0
+[log2]
+group=1
+addressfamily=10
+
[ulog1]
nlgroup=1
Modified: branches/ulog/ulogd2/util/printpkt.c
===================================================================
--- branches/ulog/ulogd2/util/printpkt.c 2008-02-03 11:57:24 UTC (rev 7329)
+++ branches/ulog/ulogd2/util/printpkt.c 2008-02-03 11:59:47 UTC (rev 7330)
@@ -45,16 +45,14 @@
[KEY_OOB_OUT] = { .name = "oob.out", },
[KEY_RAW_MAC] = { .name = "raw.mac", },
[KEY_RAW_MACLEN] = { .name = "raw.mac_len", },
- [KEY_IP_SADDR] = { .name = "ip.saddr", },
- [KEY_IP_DADDR] = { .name = "ip.daddr", },
+ [KEY_IP_SADDR] = { .name = "ip.saddr.str", },
+ [KEY_IP_DADDR] = { .name = "ip.daddr.str", },
[KEY_IP_TOTLEN] = { .name = "ip.totlen", },
[KEY_IP_TOS] = { .name = "ip.tos", },
[KEY_IP_TTL] = { .name = "ip.ttl", },
[KEY_IP_ID] = { .name = "ip.id", },
[KEY_IP_FRAGOFF] = { .name = "ip.fragoff", },
[KEY_IP_PROTOCOL] = { .name = "ip.protocol", },
- [KEY_IP6_SADDR] = { .name = "ip6.saddr", },
- [KEY_IP6_DADDR] = { .name = "ip6.daddr", },
[KEY_IP6_PAYLOAD_LEN] = { .name = "ip6.payload_len" },
[KEY_IP6_PRIORITY] = { .name = "ip6.priority" },
[KEY_IP6_HOPLIMIT] = { .name = "ip6.hoplimit" },
@@ -182,15 +180,11 @@
if (pp_is_valid(res, KEY_IP_SADDR))
buf_cur += sprintf(buf_cur, "SRC=%s ",
- inet_ntop(AF_INET,
- &GET_VALUE(res, KEY_IP_SADDR).ui32,
- tmp, sizeof(tmp)));
+ GET_VALUE(res, KEY_IP_SADDR).ptr);
if (pp_is_valid(res, KEY_IP_DADDR))
buf_cur += sprintf(buf_cur, "DST=%s ",
- inet_ntop(AF_INET,
- &GET_VALUE(res, KEY_IP_DADDR).ui32,
- tmp, sizeof(tmp)));
+ GET_VALUE(res, KEY_IP_DADDR).ptr);
/* FIXME: add pp_is_valid calls to remainder of file */
buf_cur += sprintf(buf_cur,"LEN=%u TOS=%02X PREC=0x%02X TTL=%u ID=%u ",
@@ -271,17 +265,13 @@
char *buf_cur = buf;
char tmp[INET6_ADDRSTRLEN];
- if (pp_is_valid(res, KEY_IP6_SADDR))
+ if (pp_is_valid(res, KEY_IP_SADDR))
buf_cur += sprintf(buf_cur, "SRC=%s ",
- inet_ntop(AF_INET6,
- GET_VALUE(res, KEY_IP6_SADDR).ptr,
- tmp, sizeof(tmp)));
+ GET_VALUE(res, KEY_IP_SADDR).ptr);
- if (pp_is_valid(res, KEY_IP6_DADDR))
+ if (pp_is_valid(res, KEY_IP_DADDR))
buf_cur += sprintf(buf_cur, "DST=%s ",
- inet_ntop(AF_INET6,
- GET_VALUE(res, KEY_IP6_DADDR).ptr,
- tmp, sizeof(tmp)));
+ GET_VALUE(res, KEY_IP_DADDR).ptr);
if (pp_is_valid(res, KEY_IP6_PAYLOAD_LEN))
buf_cur += sprintf(buf_cur, "LEN=%Zu ",
More information about the netfilter-cvslog
mailing list