Home | History | Annotate | Download | only in src 
      1 /*
      2  * src/nf-ct-list.c     List Conntrack Entries
      3  *
      4  *	This library is free software; you can redistribute it and/or
      5  *	modify it under the terms of the GNU Lesser General Public
      6  *	License as published by the Free Software Foundation version 2.1
      7  *	of the License.
      8  *
      9  * Copyright (c) 2003-2009 Thomas Graf <tgraf (at) suug.ch>
     10  * Copyright (c) 2007 Philip Craig <philipc (at) snapgear.com>
     11  * Copyright (c) 2007 Secure Computing Corporation
     12  */
     13 
     14 #include <netlink/cli/utils.h>
     15 #include <netlink/cli/ct.h>
     16 
     17 static void print_usage(void)
     18 {
     19 	printf(
     20 	"Usage: nf-ct-list [OPTION]... [CONNTRACK ENTRY]\n"
     21 	"\n"
     22 	"Options\n"
     23 	" -f, --format=TYPE     Output format { brief | details | stats }\n"
     24 	" -h, --help            Show this help\n"
     25 	" -v, --version         Show versioning information\n"
     26 	"\n"
     27 	"Conntrack Selection\n"
     28 	" -i, --id=NUM            Identifier\n"
     29 	" -p, --proto=PROTOCOL    Protocol\n"
     30 	"     --tcp-state=STATE   TCP connection state\n"
     31 	"     --orig-src=ADDR     Original source address\n"
     32 	"     --orig-sport=PORT   Original source port\n"
     33 	"     --orig-dst=ADDR     Original destination address\n"
     34 	"     --orig-dport=PORT   Original destination port\n"
     35 	"     --reply-src=ADDR    Reply source address\n"
     36 	"     --reply-sport=PORT  Reply source port\n"
     37 	"     --reply-dst=ADDR    Reply destination address\n"
     38 	"     --reply-dport=PORT  Reply destination port\n"
     39 	" -F, --family=FAMILY     Address family\n"
     40 	"     --mark=NUM          Mark value\n"
     41 	"     --timeout=NUM       Timeout value\n"
     42 	"     --refcnt=NUM        Use counter value\n"
     43 	"     --flags             Flags\n"
     44 	);
     45 	exit(0);
     46 }
     47 
     48 int main(int argc, char *argv[])
     49 {
     50 	struct nl_sock *sock;
     51 	struct nl_cache *ct_cache;
     52 	struct nfnl_ct *ct;
     53 	struct nl_dump_params params = {
     54 		.dp_type = NL_DUMP_LINE,
     55 		.dp_fd = stdout,
     56 	};
     57 
     58  	ct = nl_cli_ct_alloc();
     59 
     60 	for (;;) {
     61 		int c, optidx = 0;
     62 		enum {
     63 			ARG_MARK = 257,
     64 			ARG_TCP_STATE = 258,
     65 			ARG_ORIG_SRC,
     66 			ARG_ORIG_SPORT,
     67 			ARG_ORIG_DST,
     68 			ARG_ORIG_DPORT,
     69 			ARG_REPLY_SRC,
     70 			ARG_REPLY_SPORT,
     71 			ARG_REPLY_DST,
     72 			ARG_REPLY_DPORT,
     73 			ARG_TIMEOUT,
     74 			ARG_REFCNT,
     75 			ARG_FLAGS,
     76 		};
     77 		static struct option long_opts[] = {
     78 			{ "format", 1, 0, 'f' },
     79 			{ "help", 0, 0, 'h' },
     80 			{ "version", 0, 0, 'v' },
     81 			{ "id", 1, 0, 'i' },
     82 			{ "proto", 1, 0, 'p' },
     83 			{ "tcp-state", 1, 0, ARG_TCP_STATE },
     84 			{ "orig-src", 1, 0, ARG_ORIG_SRC },
     85 			{ "orig-sport", 1, 0, ARG_ORIG_SPORT },
     86 			{ "orig-dst", 1, 0, ARG_ORIG_DST },
     87 			{ "orig-dport", 1, 0, ARG_ORIG_DPORT },
     88 			{ "reply-src", 1, 0, ARG_REPLY_SRC },
     89 			{ "reply-sport", 1, 0, ARG_REPLY_SPORT },
     90 			{ "reply-dst", 1, 0, ARG_REPLY_DST },
     91 			{ "reply-dport", 1, 0, ARG_REPLY_DPORT },
     92 			{ "family", 1, 0, 'F' },
     93 			{ "mark", 1, 0, ARG_MARK },
     94 			{ "timeout", 1, 0, ARG_TIMEOUT },
     95 			{ "refcnt", 1, 0, ARG_REFCNT },
     96 			{ 0, 0, 0, 0 }
     97 		};
     98 
     99 		c = getopt_long(argc, argv, "46f:hvi:p:F:", long_opts, &optidx);
    100 		if (c == -1)
    101 			break;
    102 
    103 		switch (c) {
    104 		case '?': exit(NLE_INVAL);
    105 		case '4': nfnl_ct_set_family(ct, AF_INET); break;
    106 		case '6': nfnl_ct_set_family(ct, AF_INET6); break;
    107 		case 'f': params.dp_type = nl_cli_parse_dumptype(optarg); break;
    108 		case 'h': print_usage(); break;
    109 		case 'v': nl_cli_print_version(); break;
    110 		case 'i': nl_cli_ct_parse_id(ct, optarg); break;
    111 		case 'p': nl_cli_ct_parse_protocol(ct, optarg); break;
    112 		case ARG_TCP_STATE: nl_cli_ct_parse_tcp_state(ct, optarg); break;
    113 		case ARG_ORIG_SRC: nl_cli_ct_parse_src(ct, 0, optarg); break;
    114 		case ARG_ORIG_SPORT: nl_cli_ct_parse_src_port(ct, 0, optarg); break;
    115 		case ARG_ORIG_DST: nl_cli_ct_parse_dst(ct, 0, optarg); break;
    116 		case ARG_ORIG_DPORT: nl_cli_ct_parse_dst_port(ct, 0, optarg); break;
    117 		case ARG_REPLY_SRC: nl_cli_ct_parse_src(ct, 1, optarg); break;
    118 		case ARG_REPLY_SPORT: nl_cli_ct_parse_src_port(ct, 1, optarg); break;
    119 		case ARG_REPLY_DST: nl_cli_ct_parse_dst(ct, 1, optarg); break;
    120 		case ARG_REPLY_DPORT: nl_cli_ct_parse_dst_port(ct, 1, optarg); break;
    121 		case 'F': nl_cli_ct_parse_family(ct, optarg); break;
    122 		case ARG_MARK: nl_cli_ct_parse_mark(ct, optarg); break;
    123 		case ARG_TIMEOUT: nl_cli_ct_parse_timeout(ct, optarg); break;
    124 		case ARG_REFCNT: nl_cli_ct_parse_use(ct, optarg); break;
    125 		case ARG_FLAGS: nl_cli_ct_parse_status(ct, optarg); break;
    126 		}
    127  	}
    128 
    129 	sock = nl_cli_alloc_socket();
    130 	nl_cli_connect(sock, NETLINK_NETFILTER);
    131 	ct_cache = nl_cli_ct_alloc_cache(sock);
    132 
    133 	nl_cache_dump_filter(ct_cache, &params, OBJ_CAST(ct));
    134 
    135 	return 0;
    136 }
    137