1 /* SPDX-License-Identifier: LGPL-2.1-only */
2 /*
3 * lib/netfilter/log_msg.c Netfilter Log Message
4 *
5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Lesser General Public
7 * License as published by the Free Software Foundation version 2.1
8 * of the License.
9 *
10 * Copyright (c) 2003-2008 Thomas Graf <tgraf@suug.ch>
11 * Copyright (c) 2007 Philip Craig <philipc@snapgear.com>
12 * Copyright (c) 2007 Secure Computing Corporation
13 * Copyright (c) 2008 Patrick McHardy <kaber@trash.net>
14 */
15
16 /**
17 * @ingroup nfnl
18 * @defgroup log Log
19 * @brief
20 * @{
21 */
22
23 #include <sys/types.h>
24 #include <linux/netfilter/nfnetlink_log.h>
25
26 #include <netlink-private/netlink.h>
27 #include <netlink/attr.h>
28 #include <netlink/netfilter/nfnl.h>
29 #include <netlink/netfilter/log_msg.h>
30 #include <netlink-private/utils.h>
31
32 static struct nla_policy log_msg_policy[NFULA_MAX+1] = {
33 [NFULA_PACKET_HDR] = {
34 .minlen = sizeof(struct nfulnl_msg_packet_hdr)
35 },
36 [NFULA_MARK] = { .type = NLA_U32 },
37 [NFULA_TIMESTAMP] = {
38 .minlen = sizeof(struct nfulnl_msg_packet_timestamp)
39 },
40 [NFULA_IFINDEX_INDEV] = { .type = NLA_U32 },
41 [NFULA_IFINDEX_OUTDEV] = { .type = NLA_U32 },
42 [NFULA_IFINDEX_PHYSINDEV] = { .type = NLA_U32 },
43 [NFULA_IFINDEX_PHYSOUTDEV] = { .type = NLA_U32 },
44 [NFULA_HWADDR] = {
45 .minlen = sizeof(struct nfulnl_msg_packet_hw)
46 },
47 //[NFULA_PAYLOAD]
48 [NFULA_PREFIX] = { .type = NLA_STRING, },
49 [NFULA_UID] = { .type = NLA_U32 },
50 [NFULA_GID] = { .type = NLA_U32 },
51 [NFULA_SEQ] = { .type = NLA_U32 },
52 [NFULA_SEQ_GLOBAL] = { .type = NLA_U32 },
53 };
54
nfnlmsg_log_msg_parse(struct nlmsghdr * nlh,struct nfnl_log_msg ** result)55 int nfnlmsg_log_msg_parse(struct nlmsghdr *nlh, struct nfnl_log_msg **result)
56 {
57 struct nfnl_log_msg *msg;
58 struct nlattr *tb[NFULA_MAX+1];
59 struct nlattr *attr;
60 int err;
61
62 msg = nfnl_log_msg_alloc();
63 if (!msg)
64 return -NLE_NOMEM;
65
66 msg->ce_msgtype = nlh->nlmsg_type;
67
68 err = nlmsg_parse(nlh, sizeof(struct nfgenmsg), tb, NFULA_MAX,
69 log_msg_policy);
70 if (err < 0)
71 goto errout;
72
73 nfnl_log_msg_set_family(msg, nfnlmsg_family(nlh));
74
75 attr = tb[NFULA_PACKET_HDR];
76 if (attr) {
77 struct nfulnl_msg_packet_hdr *hdr = nla_data(attr);
78
79 if (hdr->hw_protocol)
80 nfnl_log_msg_set_hwproto(msg, hdr->hw_protocol);
81 nfnl_log_msg_set_hook(msg, hdr->hook);
82 }
83
84 attr = tb[NFULA_MARK];
85 if (attr)
86 nfnl_log_msg_set_mark(msg, ntohl(nla_get_u32(attr)));
87
88 attr = tb[NFULA_TIMESTAMP];
89 if (attr) {
90 struct nfulnl_msg_packet_timestamp *timestamp = nla_data(attr);
91 struct timeval tv;
92
93 tv.tv_sec = ntohll(timestamp->sec);
94 tv.tv_usec = ntohll(timestamp->usec);
95 nfnl_log_msg_set_timestamp(msg, &tv);
96 }
97
98 attr = tb[NFULA_IFINDEX_INDEV];
99 if (attr)
100 nfnl_log_msg_set_indev(msg, ntohl(nla_get_u32(attr)));
101
102 attr = tb[NFULA_IFINDEX_OUTDEV];
103 if (attr)
104 nfnl_log_msg_set_outdev(msg, ntohl(nla_get_u32(attr)));
105
106 attr = tb[NFULA_IFINDEX_PHYSINDEV];
107 if (attr)
108 nfnl_log_msg_set_physindev(msg, ntohl(nla_get_u32(attr)));
109
110 attr = tb[NFULA_IFINDEX_PHYSOUTDEV];
111 if (attr)
112 nfnl_log_msg_set_physoutdev(msg, ntohl(nla_get_u32(attr)));
113
114 attr = tb[NFULA_HWADDR];
115 if (attr) {
116 struct nfulnl_msg_packet_hw *hw = nla_data(attr);
117
118 nfnl_log_msg_set_hwaddr(msg, hw->hw_addr, ntohs(hw->hw_addrlen));
119 }
120
121 attr = tb[NFULA_PAYLOAD];
122 if (attr) {
123 err = nfnl_log_msg_set_payload(msg, nla_data(attr), nla_len(attr));
124 if (err < 0)
125 goto errout;
126 }
127
128 attr = tb[NFULA_PREFIX];
129 if (attr) {
130 err = nfnl_log_msg_set_prefix(msg, nla_data(attr));
131 if (err < 0)
132 goto errout;
133 }
134
135 attr = tb[NFULA_UID];
136 if (attr)
137 nfnl_log_msg_set_uid(msg, ntohl(nla_get_u32(attr)));
138
139 attr = tb[NFULA_GID];
140 if (attr)
141 nfnl_log_msg_set_gid(msg, ntohl(nla_get_u32(attr)));
142
143 attr = tb[NFULA_SEQ];
144 if (attr)
145 nfnl_log_msg_set_seq(msg, ntohl(nla_get_u32(attr)));
146
147 attr = tb[NFULA_SEQ_GLOBAL];
148 if (attr)
149 nfnl_log_msg_set_seq_global(msg, ntohl(nla_get_u32(attr)));
150
151 *result = msg;
152 return 0;
153
154 errout:
155 nfnl_log_msg_put(msg);
156 return err;
157 }
158
log_msg_parser(struct nl_cache_ops * ops,struct sockaddr_nl * who,struct nlmsghdr * nlh,struct nl_parser_param * pp)159 static int log_msg_parser(struct nl_cache_ops *ops, struct sockaddr_nl *who,
160 struct nlmsghdr *nlh, struct nl_parser_param *pp)
161 {
162 struct nfnl_log_msg *msg;
163 int err;
164
165 if ((err = nfnlmsg_log_msg_parse(nlh, &msg)) < 0)
166 return err;
167
168 err = pp->pp_cb((struct nl_object *) msg, pp);
169 nfnl_log_msg_put(msg);
170 return err;
171 }
172
173 /** @} */
174
175 #define NFNLMSG_LOG_TYPE(type) NFNLMSG_TYPE(NFNL_SUBSYS_ULOG, (type))
176 static struct nl_cache_ops nfnl_log_msg_ops = {
177 .co_name = "netfilter/log_msg",
178 .co_hdrsize = NFNL_HDRLEN,
179 .co_msgtypes = {
180 { NFNLMSG_LOG_TYPE(NFULNL_MSG_PACKET), NL_ACT_NEW, "new" },
181 END_OF_MSGTYPES_LIST,
182 },
183 .co_protocol = NETLINK_NETFILTER,
184 .co_msg_parser = log_msg_parser,
185 .co_obj_ops = &log_msg_obj_ops,
186 };
187
log_msg_init(void)188 static void __init log_msg_init(void)
189 {
190 nl_cache_mngt_register(&nfnl_log_msg_ops);
191 }
192
log_msg_exit(void)193 static void __exit log_msg_exit(void)
194 {
195 nl_cache_mngt_unregister(&nfnl_log_msg_ops);
196 }
197
198 /** @} */
199