tcp conntrack logging
Jozsef Kadlecsik
kadlec at blackhole.kfki.hu
Fri May 20 08:45:47 CEST 2005
On Fri, 13 May 2005 thomasmkling at arcor.de wrote:
> I want to write an extended logging of TCP-Connections: iptables -A INPUT -j LOGTCP
>
> LOGTCP should just be a copy of ipt_LOG.c:
>
> /* --------copy------------
> static void dump_packet(const struct ipt_log_info *info, const struct sk_buff *skb, unsigned int iphoff)
> {
> ...
> case IPPROTO_TCP: {
> struct tcphdr _tcph, *th;
>
> /* Max length: 10 "PROTO=TCP " */
> printk("PROTO=TCP ");
> ...
> [*]
> ...
> break;
> --------copy------------ /*
>
> And here [*] I want to call some functions from tcp_conntrack:
> printk("tcp_in_window, sender->td_end, sender->td_maxend, sender->maxwin, receiver->td_end, receiver->td_maxend, receiver->td_maxwin);
>
> The problem: I just don't know how to access these values from there. I
> looked through several other modules that use ip_conntrack, but didn't
> find the idea to get started.
That requires several steps with the usual cautions and checks: the nfct
field of skbuff stores the pointer to the ip_conntrack structure. In
ip_conntrack, the proto field carries the protocol-specific data, which
have got a tcp field and you are there.
Why would you need such internal data logged?
Best regards,
Jozsef
-
E-mail : kadlec at blackhole.kfki.hu, kadlec at sunserv.kfki.hu
PGP key : http://www.kfki.hu/~kadlec/pgp_public_key.txt
Address : KFKI Research Institute for Particle and Nuclear Physics
H-1525 Budapest 114, POB. 49, Hungary
More information about the netfilter-devel
mailing list