1 /* 2 * Copyright (C) 2017 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 #ifndef NFLOG_LISTENER_H 18 #define NFLOG_LISTENER_H 19 20 #include <netdutils/Netfilter.h> 21 22 #include "netdutils/NetlinkListener.h" 23 #include "netdutils/StatusOr.h" 24 25 namespace android { 26 namespace net { 27 28 class NFLogListenerInterface { 29 public: 30 using DispatchFn = 31 std::function<void(const nlmsghdr& nlmsg, const nfgenmsg& nfmsg, 32 const netdutils::Slice msg)>; 33 34 virtual ~NFLogListenerInterface() = default; 35 36 // Similar to NetlinkListener::subscribe() but performs an additional 37 // level of deserialization and dispatch. 38 // 39 // Threadsafe. 40 // All dispatch functions invoked on a single service thread. 41 // subscribe() and join() must not be called from the stack of fn(). 42 virtual netdutils::Status subscribe(uint16_t nfLogGroup, const DispatchFn& fn) = 0; 43 44 // Overloaded version of subscribe which allows to specify a copyRange for obtaining packet 45 // payloads. 46 virtual netdutils::Status subscribe( 47 uint16_t nfLogGroup, uint32_t copyRange, const DispatchFn& fn) = 0; 48 49 // Halt delivery of messages from a nfLogGroup previously subscribed to above. 50 // 51 // Threadsafe. 52 virtual netdutils::Status unsubscribe(uint16_t nfLogGroup) = 0; 53 }; 54 55 // NFLogListener manages a single netlink socket with specialized 56 // settings required for processing of NFLOG messages. 57 // 58 // NFLogListener currently assumes that it is ok to drop messages 59 // generated by the kernel when under heavy load. This makes the 60 // class most suitable for advisory tasks and statistics. 61 class NFLogListener : public NFLogListenerInterface { 62 public: 63 using DispatchFn = NFLogListenerInterface::DispatchFn; 64 65 // Do not invoke this constructor directly outside of tests. Use 66 // makeNFLogListener() instead. 67 NFLogListener(std::shared_ptr<netdutils::NetlinkListenerInterface> listener); 68 69 ~NFLogListener() override; 70 71 netdutils::Status subscribe(uint16_t nfLogGroup, const DispatchFn& fn) override; 72 73 netdutils::Status subscribe( 74 uint16_t nfLogGroup, uint32_t copyRange, const DispatchFn& fn) override; 75 76 netdutils::Status unsubscribe(uint16_t nfLogGroup) override; 77 78 private: 79 std::shared_ptr<netdutils::NetlinkListenerInterface> mListener; 80 std::mutex mMutex; 81 std::map<uint16_t, DispatchFn> mDispatchMap; // guarded by mMutex 82 }; 83 84 // Allocate and return a new NFLogListener. On success, the returned 85 // listener is ready to use with a running service thread. 86 netdutils::StatusOr<std::unique_ptr<NFLogListener>> makeNFLogListener(); 87 88 } // namespace net 89 } // namespace android 90 91 #endif /* NFLOG_LISTENER_H */ 92