[Bug 1505] New: No support for PHYSDEV within NFLOG stack

bugzilla-daemon at netfilter.org bugzilla-daemon at netfilter.org
Wed Mar 3 16:52:24 CET 2021 

https://bugzilla.netfilter.org/show_bug.cgi?id=1505

            Bug ID: 1505
           Summary: No support for PHYSDEV within NFLOG stack
           Product: ulogd
           Version: 2.0.0beta1
          Hardware: x86_64
                OS: Ubuntu
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: ulogd
          Assignee: netfilter-buglog at lists.netfilter.org
          Reporter: aidan.walton at gmail.com

Hi,
I have tried to inspect the various elements involved in the NFLOG target when
defined inside iptables. Specifically I am trying to understand what happens to
information about the physdev selected during the route process. When the older
nflog_ipv4 module is used and messages from iptables TRACE target are viewed
via dmesg. The input and output types PHYSIN and PHYSOUT can be seen:
as exmaple:
IN=int_br0 OUT= PHYSIN=int_eth0.

However when using the nfnetfilter_log module and ulogd this information is not
parsed. I can only see IN/OUT and not PHYSIN/PHYSOUT

Looking at the libnetfilter_log code, I see functions such as:

uint32_t nflog_get_physindev(struct nflog_data *nfad)

This would appear to suggest that this data is handled by the kernel module.

However in the ulogd plugin ulogd_inppkt_NFLOG, I can not find any reference to
this object or any object of a similar name.

The outputs from ulogd never contain any references to physdev.

Either I misunderstand the usage or the data is not actually coming from the
kernel module, or the plugins do not support it.

Either way, if I want to trace traffic with iptables and see the data about
physdev-in or physdev-out I am forced to swap back to the nflog_ipv4 module,
inspect dmesg and then drop back into nfnetfilter_log for ongoing logging.

Hmmmm, any suggestions?

-- 
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20210303/42d87ba4/attachment.html>

More information about the netfilter-buglog mailing list