1 #include <stdbool.h> 2 #include <stdlib.h> 3 #include <stdio.h> 4 #include <string.h> 5 #include <getopt.h> 6 #include <xtables.h> 7 8 #include <linux/netfilter/x_tables.h> 9 #include <linux/netfilter/xt_NFLOG.h> 10 11 enum { 12 O_GROUP = 0, 13 O_PREFIX, 14 O_RANGE, 15 O_THRESHOLD, 16 }; 17 18 #define s struct xt_nflog_info 19 static const struct xt_option_entry NFLOG_opts[] = { 20 {.name = "nflog-group", .id = O_GROUP, .type = XTTYPE_UINT16, 21 .flags = XTOPT_PUT, XTOPT_POINTER(s, group)}, 22 {.name = "nflog-prefix", .id = O_PREFIX, .type = XTTYPE_STRING, 23 .min = 1, .flags = XTOPT_PUT, XTOPT_POINTER(s, prefix)}, 24 {.name = "nflog-range", .id = O_RANGE, .type = XTTYPE_UINT32, 25 .flags = XTOPT_PUT, XTOPT_POINTER(s, len)}, 26 {.name = "nflog-threshold", .id = O_THRESHOLD, .type = XTTYPE_UINT16, 27 .flags = XTOPT_PUT, XTOPT_POINTER(s, threshold)}, 28 XTOPT_TABLEEND, 29 }; 30 #undef s 31 32 static void NFLOG_help(void) 33 { 34 printf("NFLOG target options:\n" 35 " --nflog-group NUM NETLINK group used for logging\n" 36 " --nflog-range NUM Number of byte to copy\n" 37 " --nflog-threshold NUM Message threshold of in-kernel queue\n" 38 " --nflog-prefix STRING Prefix string for log messages\n"); 39 } 40 41 static void NFLOG_init(struct xt_entry_target *t) 42 { 43 struct xt_nflog_info *info = (struct xt_nflog_info *)t->data; 44 45 info->threshold = XT_NFLOG_DEFAULT_THRESHOLD; 46 } 47 48 static void NFLOG_parse(struct xt_option_call *cb) 49 { 50 xtables_option_parse(cb); 51 switch (cb->entry->id) { 52 case O_PREFIX: 53 if (strchr(cb->arg, '\n') != NULL) 54 xtables_error(PARAMETER_PROBLEM, 55 "Newlines not allowed in --log-prefix"); 56 break; 57 } 58 } 59 60 static void nflog_print(const struct xt_nflog_info *info, char *prefix) 61 { 62 if (info->prefix[0] != '\0') { 63 printf(" %snflog-prefix ", prefix); 64 xtables_save_string(info->prefix); 65 } 66 if (info->group) 67 printf(" %snflog-group %u", prefix, info->group); 68 if (info->len) 69 printf(" %snflog-range %u", prefix, info->len); 70 if (info->threshold != XT_NFLOG_DEFAULT_THRESHOLD) 71 printf(" %snflog-threshold %u", prefix, info->threshold); 72 } 73 74 static void NFLOG_print(const void *ip, const struct xt_entry_target *target, 75 int numeric) 76 { 77 const struct xt_nflog_info *info = (struct xt_nflog_info *)target->data; 78 79 nflog_print(info, ""); 80 } 81 82 static void NFLOG_save(const void *ip, const struct xt_entry_target *target) 83 { 84 const struct xt_nflog_info *info = (struct xt_nflog_info *)target->data; 85 86 nflog_print(info, "--"); 87 } 88 89 static struct xtables_target nflog_target = { 90 .family = NFPROTO_UNSPEC, 91 .name = "NFLOG", 92 .version = XTABLES_VERSION, 93 .size = XT_ALIGN(sizeof(struct xt_nflog_info)), 94 .userspacesize = XT_ALIGN(sizeof(struct xt_nflog_info)), 95 .help = NFLOG_help, 96 .init = NFLOG_init, 97 .x6_parse = NFLOG_parse, 98 .print = NFLOG_print, 99 .save = NFLOG_save, 100 .x6_options = NFLOG_opts, 101 }; 102 103 void _init(void) 104 { 105 xtables_register_target(&nflog_target); 106 } 107
