1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
|
/*
* WallFire -- a comprehensive firewall administration tool.
*
* Copyright (C) 2001 Herv Eychenne <rv@wallfire.org>
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*
*/
using namespace std;
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <stdio.h> // for printf // remove this RV@@6
#include "realtime.h"
#include "defs.h"
#ifdef ENABLE_NFULOG
extern "C" {
#include <libipulog.h>
}
#define MYBUFSIZ 2048
extern int wflogs_realtime_fd;
// we shouldn't have to do this... ulog should export it, or at least fd RV@@9
struct ipulog_handle {
int fd;
u_int8_t blocking;
struct sockaddr_nl local;
struct sockaddr_nl peer;
struct nlmsghdr* last_nlhdr;
};
// make this a private member of the class RV@@9
static struct ipulog_handle* h;
void
wf_inmodule_netfilter_realtime_init() {
/* create ipulog handle */
// h = ipulog_create_handle(ipulog_group2gmask(atoi(argv[2])), MYBUFSIZ);
// h = ipulog_create_handle(ipulog_group2gmask(1)); // RV@@9 not 1
h = ipulog_create_handle(-1U, MYBUFSIZ); /* every group */
if (h == NULL) {
ipulog_perror(NULL); /* if some error occurs, print it to stderr */
exit(1); // RV@@9 really exit here?
}
wflogs_realtime_fd = h->fd;
}
void
wf_inmodule_netfilter_realtime_fini() {
ipulog_destroy_handle(h);
}
/* prints some logging about a single packet */
// remove this function RV@@9
void handle_packet(ulog_packet_msg_t *pkt)
{
unsigned char *p;
int i;
printf("Hook=%u Mark=%lu len=%d ",
pkt->hook, pkt->mark, pkt->data_len);
if (strlen(pkt->prefix))
printf("Prefix=%s ", pkt->prefix);
if (pkt->mac_len)
{
printf("mac=");
p = pkt->mac;
for (i = 0; i < pkt->mac_len; i++, p++)
printf("%02x%c", *p, i==pkt->mac_len-1 ? ' ':':');
}
printf("\n");
}
#endif /* ENABLE_NFULOG */
void
wf_inmodule_netfilter_realtime_read() {
#ifdef ENABLE_NFULOG
unsigned char* buf = (unsigned char*)malloc(MYBUFSIZ); /* allocate a receive buffer */
int len = ipulog_read(h, buf, MYBUFSIZ, 1);
if (len <= 0) {
ipulog_perror("ulog_test: short read"); // better error message RV@@9
exit(1); // RV@@9 really exit here?
}
printf("%d bytes received\n", len);
ulog_packet_msg_t *upkt;
while ((upkt = ipulog_get_packet(h, buf, len))) {
handle_packet(upkt);
}
#endif /* ENABLE_NFULOG */
}
|
