1 /* ebt_nflog
2 *
3 * Authors:
4 * Peter Warasin <peter@endian.com>
5 *
6 * February, 2008
7 *
8 * Based on:
9 * ebt_ulog.c, (C) 2004, Bart De Schuymer <bdschuym@pandora.be>
10 * libxt_NFLOG.c
11 *
12 * Adapted to libxtables for ebtables-compat in 2015 by
13 * Arturo Borrero Gonzalez <arturo@debian.org>
14 */
15
16 #include <stdio.h>
17 #include <stdlib.h>
18 #include <string.h>
19 #include <xtables.h>
20 #include "iptables/nft.h"
21 #include "iptables/nft-bridge.h"
22 #include <linux/netfilter_bridge/ebt_nflog.h>
23
24 enum {
25 O_GROUP = 0,
26 O_PREFIX,
27 O_RANGE,
28 O_THRESHOLD,
29 O_NFLOG,
30 };
31
32 static const struct xt_option_entry brnflog_opts[] = {
33 { .name = "nflog-group", .id = O_GROUP, .type = XTTYPE_UINT16,
34 .flags = XTOPT_PUT, XTOPT_POINTER(struct ebt_nflog_info, group) },
35 { .name = "nflog-prefix", .id = O_PREFIX, .type = XTTYPE_STRING,
36 .flags = XTOPT_PUT, XTOPT_POINTER(struct ebt_nflog_info, prefix) },
37 { .name = "nflog-range", .id = O_RANGE, .type = XTTYPE_UINT32,
38 .flags = XTOPT_PUT, XTOPT_POINTER(struct ebt_nflog_info, len) },
39 { .name = "nflog-threshold", .id = O_THRESHOLD, .type = XTTYPE_UINT16,
40 .flags = XTOPT_PUT, XTOPT_POINTER(struct ebt_nflog_info, threshold) },
41 { .name = "nflog", .id = O_NFLOG, .type = XTTYPE_NONE },
42 XTOPT_TABLEEND,
43 };
44
brnflog_help(void)45 static void brnflog_help(void)
46 {
47 printf("nflog options:\n"
48 "--nflog : use the default nflog parameters\n"
49 "--nflog-prefix prefix : Prefix string for log message\n"
50 "--nflog-group group : NETLINK group used for logging\n"
51 "--nflog-range range : Number of byte to copy\n"
52 "--nflog-threshold : Message threshold of"
53 "in-kernel queue\n");
54 }
55
brnflog_init(struct xt_entry_target * t)56 static void brnflog_init(struct xt_entry_target *t)
57 {
58 struct ebt_nflog_info *info = (struct ebt_nflog_info *)t->data;
59
60 info->prefix[0] = '\0';
61 info->group = EBT_NFLOG_DEFAULT_GROUP;
62 info->threshold = EBT_NFLOG_DEFAULT_THRESHOLD;
63 }
64
65 static void
brnflog_print(const void * ip,const struct xt_entry_target * target,int numeric)66 brnflog_print(const void *ip, const struct xt_entry_target *target,
67 int numeric)
68 {
69 struct ebt_nflog_info *info = (struct ebt_nflog_info *)target->data;
70
71 if (info->prefix[0] != '\0')
72 printf("--nflog-prefix \"%s\" ", info->prefix);
73 if (info->group)
74 printf("--nflog-group %d ", info->group);
75 if (info->len)
76 printf("--nflog-range %d ", info->len);
77 if (info->threshold != EBT_NFLOG_DEFAULT_THRESHOLD)
78 printf("--nflog-threshold %d ", info->threshold);
79 }
80
brnflog_xlate(struct xt_xlate * xl,const struct xt_xlate_tg_params * params)81 static int brnflog_xlate(struct xt_xlate *xl,
82 const struct xt_xlate_tg_params *params)
83 {
84 const struct ebt_nflog_info *info = (void *)params->target->data;
85
86 xt_xlate_add(xl, "log ");
87 if (info->prefix[0] != '\0')
88 xt_xlate_add(xl, "prefix \"%s\" ", info->prefix);
89
90 xt_xlate_add(xl, "group %u ", info->group);
91
92 if (info->len)
93 xt_xlate_add(xl, "snaplen %u ", info->len);
94 if (info->threshold != EBT_NFLOG_DEFAULT_THRESHOLD)
95 xt_xlate_add(xl, "queue-threshold %u ", info->threshold);
96
97 return 1;
98 }
99
100 static struct xtables_target brnflog_watcher = {
101 .name = "nflog",
102 .revision = 0,
103 .ext_flags = XTABLES_EXT_WATCHER,
104 .version = XTABLES_VERSION,
105 .family = NFPROTO_BRIDGE,
106 .size = XT_ALIGN(sizeof(struct ebt_nflog_info)),
107 .userspacesize = XT_ALIGN(sizeof(struct ebt_nflog_info)),
108 .init = brnflog_init,
109 .help = brnflog_help,
110 .x6_parse = xtables_option_parse,
111 .print = brnflog_print,
112 .xlate = brnflog_xlate,
113 .x6_options = brnflog_opts,
114 };
115
_init(void)116 void _init(void)
117 {
118 xtables_register_target(&brnflog_watcher);
119 }
120