[netfilter-cvslog] r7348 - in branches/ulog/ulogd2: filter/raw2packet input/packet

[pablo at netfilter.org]

Author: pablo at netfilter.org
Date: 2008-02-09 18:23:16 +0100 (Sat, 09 Feb 2008)
New Revision: 7348

Modified:
   branches/ulog/ulogd2/filter/raw2packet/ulogd_raw2packet_BASE.c
   branches/ulog/ulogd2/input/packet/ulogd_inppkt_NFLOG.c
   branches/ulog/ulogd2/input/packet/ulogd_inppkt_ULOG.c
Log:
From: Eric Leblond <eric at inl.fr>:

When using NFLOG or ULOG, obb.family (protocol IPv4 or IPv6) has
to be setup manually in ulogd.conf configuration file. This is
used by the BASE filter to properly parse the packet. This
patch suppress oob.family as output keys of NFLOG and ULOG and let
the BASE filter determine the family of the packet by itself (by
parsing the raw header).

A good side effect is to be able to log in IPv6 and IPv4 in the
same group. Before that, two loggers have to be setup separatly.


Modified: branches/ulog/ulogd2/filter/raw2packet/ulogd_raw2packet_BASE.c
===================================================================
--- branches/ulog/ulogd2/filter/raw2packet/ulogd_raw2packet_BASE.c	2008-02-07 06:47:11 UTC (rev 7347)
+++ branches/ulog/ulogd2/filter/raw2packet/ulogd_raw2packet_BASE.c	2008-02-09 17:23:16 UTC (rev 7348)
@@ -44,6 +44,7 @@
 #include <ulogd/ipfix_protocol.h>
 
 enum output_keys {
+	KEY_OOB_FAMILY,
 	KEY_IP_SADDR,
 	KEY_IP_DADDR,
 	KEY_IP_PROTOCOL,
@@ -98,6 +99,11 @@
 };
 
 static struct ulogd_key iphdr_rets[] = {
+	[KEY_OOB_FAMILY] = {
+		.type = ULOGD_RET_UINT8,
+		.flags = ULOGD_RETF_NONE, 
+		.name = "oob.family",
+	},
 	[KEY_IP_SADDR] = { 
 		.type = ULOGD_RET_IPADDR,
 		.flags = ULOGD_RETF_NONE, 
@@ -819,15 +825,27 @@
 
 static int _interp_pkt(struct ulogd_pluginstance *pi)
 {
+	struct ulogd_key *ret = pi->output.keys;
+	struct iphdr *iph = pi->input.keys[0].u.source->u.value.ptr;
 	u_int32_t len = pi->input.keys[1].u.source->u.value.ui32;
 	u_int8_t family = pi->input.keys[2].u.source->u.value.ui8;
 
-	switch (family) {
-	case AF_INET:
-		return _interp_iphdr(pi, len);
-	case AF_INET6:
-		return _interp_ipv6hdr(pi, len);
+	switch (iph->version) {
+		case 4:
+			ret[KEY_OOB_FAMILY].u.value.ui8 = AF_INET;
+			ret[KEY_OOB_FAMILY].flags |= ULOGD_RETF_VALID;
+
+			return _interp_iphdr(pi, len);
+		case 6:
+			ret[KEY_OOB_FAMILY].u.value.ui8 = AF_INET6;
+			ret[KEY_OOB_FAMILY].flags |= ULOGD_RETF_VALID;
+
+			return _interp_ipv6hdr(pi, len);
+		default:
+			/* unknown protocol */
+			return 0;
 	}
+
 	return 0;
 }
 
@@ -847,10 +865,6 @@
 			.vendor = IPFIX_VENDOR_NETFILTER, 
 			.field_id = IPFIX_NF_rawpacket_length,
 		},
-	},
-	{
-		.type = ULOGD_RET_UINT8,
-		.name = "oob.family",
 	}
 };
 

Modified: branches/ulog/ulogd2/input/packet/ulogd_inppkt_NFLOG.c
===================================================================
--- branches/ulog/ulogd2/input/packet/ulogd_inppkt_NFLOG.c	2008-02-07 06:47:11 UTC (rev 7347)
+++ branches/ulog/ulogd2/input/packet/ulogd_inppkt_NFLOG.c	2008-02-09 17:23:16 UTC (rev 7348)
@@ -55,12 +55,6 @@
 			.u.value = NFLOG_RMEM_DEFAULT,
 		},
 		{
-			.key 	 = "addressfamily",
-			.type	 = CONFIG_TYPE_INT,
-			.options = CONFIG_OPT_NONE,
-			.u.value = AF_INET,
-		},
-		{
 			.key	 = "unbind",
 			.type	 = CONFIG_TYPE_INT,
 			.options = CONFIG_OPT_NONE,
@@ -104,7 +98,6 @@
 	NFLOG_KEY_RAW_MAC_LEN,
 	NFLOG_KEY_OOB_SEQ_LOCAL,
 	NFLOG_KEY_OOB_SEQ_GLOBAL,
-	NFLOG_KEY_OOB_FAMILY,
 	NFLOG_KEY_OOB_PROTOCOL,
 };
 
@@ -231,11 +224,6 @@
 		},
 	},
 	{
-		.type = ULOGD_RET_UINT8,
-		.flags = ULOGD_RETF_NONE,
-		.name = "oob.family",
-	},
-	{
 		.type = ULOGD_RET_UINT16,
 		.flags = ULOGD_RETF_NONE,
 		.name = "oob.protocol",
@@ -258,9 +246,6 @@
 	u_int32_t outdev = nflog_get_outdev(ldata);
 	u_int32_t seq;
 
-	ret[NFLOG_KEY_OOB_FAMILY].u.value.ui8 = af_ce(upi->config_kset).u.value;
-	ret[NFLOG_KEY_OOB_FAMILY].flags |= ULOGD_RETF_VALID;
-
 	if (ph) {
 		/* FIXME */
 		ret[NFLOG_KEY_OOB_HOOK].u.value.ui8 = ph->hook;

Modified: branches/ulog/ulogd2/input/packet/ulogd_inppkt_ULOG.c
===================================================================
--- branches/ulog/ulogd2/input/packet/ulogd_inppkt_ULOG.c	2008-02-07 06:47:11 UTC (rev 7347)
+++ branches/ulog/ulogd2/input/packet/ulogd_inppkt_ULOG.c	2008-02-09 17:23:16 UTC (rev 7348)
@@ -68,7 +68,6 @@
 	ULOG_KEY_OOB_IN,
 	ULOG_KEY_OOB_OUT,
 	ULOG_KEY_RAW_MAC_LEN,
-	ULOG_KEY_OOB_FAMILY,
 	ULOG_KEY_OOB_PROTOCOL,
 };
 
@@ -148,11 +147,6 @@
 		.name = "raw.mac_len", 
 	},
 	{
-		.type = ULOGD_RET_UINT8,
-		.flags = ULOGD_RETF_NONE,
-		.name = "oob.family",
-	},
-	{
 		.type = ULOGD_RET_UINT16,
 		.flags = ULOGD_RETF_NONE,
 		.name = "oob.protocol",
@@ -201,9 +195,6 @@
 	ret[ULOG_KEY_OOB_OUT].u.value.ptr = pkt->outdev_name;
 	ret[ULOG_KEY_OOB_OUT].flags |= ULOGD_RETF_VALID;
 
-	/* ULOG is IPv4 only */
-	ret[ULOG_KEY_OOB_FAMILY].u.value.ui8 = AF_INET;
-	ret[ULOG_KEY_OOB_FAMILY].flags |= ULOGD_RETF_VALID;
 	/* Undef in ULOG but necessary */
 	ret[ULOG_KEY_OOB_PROTOCOL].u.value.ui16 = 0;
 	ret[ULOG_KEY_OOB_PROTOCOL].flags |= ULOGD_RETF_VALID;