* [ULOGD2 PATCH 0/18] Code cleaning, SCTP support, NFLOG logic fix
@ 2008-12-01 21:35 Eric Leblond
2008-12-01 21:35 ` [ULOGD2 PATCH 01/18] add ukey_* function for key assignation Eric Leblond
` (18 more replies)
0 siblings, 19 replies; 20+ messages in thread
From: Eric Leblond @ 2008-12-01 21:35 UTC (permalink / raw)
To: netfilter-devel; +Cc: pablo
Hi,
This patchset is made of four parts.
First part is Pablo's work that I have completed. It cleans up
the current key assignation by introducing a new set of functions:
* add ukey_* function for key assignation
Second part fixes a logic problem in NFLOG input plugin. System logging
(for instance invalid conntrack message) are done on group 0 queue for
all protocols. Thus a protocol dependant NFLOG plugin is stupid.
Furthermore, the nfnetlink message contains the protocol information. This
set of patch suppresses the addressfamily variable and modify NFLOG to
only bind as system logging if group is 0:
* Modify usage of nflog_bind_pf function.
* Get rid of addressfamily variable in NFLOG input plugin
* Document group 0 usage and suppress address_family
Third part adds support for SCTP in ulogd2. It contains a basic packet
parser and a support in all OUTPUT plugin:
* Add SCTP support to BASE plugin.
* SCTP support for PRINTPKT.
* Add SCTP support to MySQL and PGSQL output.
Last part is code cleaning. It fixes some memory leak fixes and cleaning
of ulogd exit code.F or example, fini function were defined for each module
but were never called:
* Treat nice function return.
* Fix stop function of NFCT plugin.
* Don't free pluginstance when leaving
* Fix minor memory leak in NFLOG plugin.
* Call pluginstance stop function when exiting
* Add SIGINT to list of terminal signal.
* Unload plugins when quitting.
* Introduce config_stop() function
* Free stacks when exiting.
* Fix memory leak in destructor_nfct().
* Add valgrind compilation option.
This patch is build upon Pierre's last patchset.
Patchset statistics:
doc/mysql-ulogd2.sql | 43 ++++-
doc/pgsql-ulogd2.sql | 41 ++++-
filter/raw2packet/ulogd_raw2packet_BASE.c | 270 +++++++++++++--------------
filter/raw2packet/ulogd_raw2packet_LOCAL.c | 7 +-
filter/ulogd_filter_HWHDR.c | 76 ++++----
filter/ulogd_filter_IFINDEX.c | 30 ++--
filter/ulogd_filter_IP2BIN.c | 9 +-
filter/ulogd_filter_IP2STR.c | 15 +-
filter/ulogd_filter_MARK.c | 4 +-
filter/ulogd_filter_PRINTFLOW.c | 3 +-
filter/ulogd_filter_PRINTPKT.c | 3 +-
filter/ulogd_filter_PWSNIFF.c | 27 ++--
include/ulogd/conffile.h | 3 +
include/ulogd/printpkt.h | 2 +
include/ulogd/ulogd.h | 68 +++++++-
input/flow/ulogd_inpflow_NFCT.c | 171 +++++++-----------
input/packet/ulogd_inppkt_NFLOG.c | 186 +++++++++-----------
input/packet/ulogd_inppkt_ULOG.c | 46 ++----
output/pcap/ulogd_output_PCAP.c | 11 +-
output/ulogd_output_NACCT.c | 34 ++--
src/conffile.c | 4 +
src/hash.c | 6 +-
src/ulogd.c | 76 ++++++++-
ulogd.conf.in | 37 ++--
util/printflow.c | 52 +++---
util/printpkt.c | 163 +++++++++--------
26 files changed, 768 insertions(+), 619 deletions(-)
BR,
--
Eric Leblond <eric@inl.fr>
^ permalink raw reply [flat|nested] 20+ messages in thread
* [ULOGD2 PATCH 01/18] add ukey_* function for key assignation
2008-12-01 21:35 [ULOGD2 PATCH 0/18] Code cleaning, SCTP support, NFLOG logic fix Eric Leblond
@ 2008-12-01 21:35 ` Eric Leblond
2008-12-01 21:36 ` [ULOGD2 PATCH 02/18] Modify usage of nflog_bind_pf function Eric Leblond
` (17 subsequent siblings)
18 siblings, 0 replies; 20+ messages in thread
From: Eric Leblond @ 2008-12-01 21:35 UTC (permalink / raw)
To: netfilter-devel; +Cc: pablo, Eric Leblond
From: Pablo Neira Ayuso <pablo@netfilter.org>
This patch cleans up the current key assignation by introducing a
set of functions ukey_* to set the key value as Eric Leblond and
we discussed during the latest Netfilter Workshop. This patch is
based on an idea from Holger Eitzenberger.
Signed-off-by: Eric Leblond <eric@inl.fr>
---
filter/raw2packet/ulogd_raw2packet_BASE.c | 217 ++++++++++------------------
filter/raw2packet/ulogd_raw2packet_LOCAL.c | 7 +-
filter/ulogd_filter_HWHDR.c | 76 +++++-----
filter/ulogd_filter_IFINDEX.c | 30 +++--
filter/ulogd_filter_IP2BIN.c | 9 +-
filter/ulogd_filter_IP2STR.c | 15 +-
filter/ulogd_filter_MARK.c | 4 +-
filter/ulogd_filter_PRINTFLOW.c | 3 +-
filter/ulogd_filter_PRINTPKT.c | 3 +-
filter/ulogd_filter_PWSNIFF.c | 27 ++--
include/ulogd/ulogd.h | 60 ++++++++-
input/flow/ulogd_inpflow_NFCT.c | 159 +++++++--------------
input/packet/ulogd_inppkt_NFLOG.c | 101 +++++---------
input/packet/ulogd_inppkt_ULOG.c | 45 ++----
output/pcap/ulogd_output_PCAP.c | 11 +-
output/ulogd_output_NACCT.c | 34 +++---
util/printflow.c | 52 ++++----
util/printpkt.c | 146 ++++++++++---------
18 files changed, 448 insertions(+), 551 deletions(-)
diff --git a/filter/raw2packet/ulogd_raw2packet_BASE.c b/filter/raw2packet/ulogd_raw2packet_BASE.c
index e61d904..c38c696 100644
--- a/filter/raw2packet/ulogd_raw2packet_BASE.c
+++ b/filter/raw2packet/ulogd_raw2packet_BASE.c
@@ -521,43 +521,25 @@ static int _interp_tcp(struct ulogd_pluginstance *pi, struct tcphdr *tcph,
if (len < sizeof(struct tcphdr))
return ULOGD_IRET_OK;
- ret[KEY_TCP_SPORT].u.value.ui16 = ntohs(tcph->source);
- ret[KEY_TCP_SPORT].flags |= ULOGD_RETF_VALID;
- ret[KEY_TCP_DPORT].u.value.ui16 = ntohs(tcph->dest);
- ret[KEY_TCP_DPORT].flags |= ULOGD_RETF_VALID;
- ret[KEY_TCP_SEQ].u.value.ui32 = ntohl(tcph->seq);
- ret[KEY_TCP_SEQ].flags |= ULOGD_RETF_VALID;
- ret[KEY_TCP_ACKSEQ].u.value.ui32 = ntohl(tcph->ack_seq);
- ret[KEY_TCP_ACKSEQ].flags |= ULOGD_RETF_VALID;
- ret[KEY_TCP_OFFSET].u.value.ui8 = ntohs(tcph->doff);
- ret[KEY_TCP_OFFSET].flags |= ULOGD_RETF_VALID;
- ret[KEY_TCP_RESERVED].u.value.ui8 = ntohs(tcph->res1);
- ret[KEY_TCP_RESERVED].flags |= ULOGD_RETF_VALID;
- ret[KEY_TCP_WINDOW].u.value.ui16 = ntohs(tcph->window);
- ret[KEY_TCP_WINDOW].flags |= ULOGD_RETF_VALID;
-
- ret[KEY_TCP_URG].u.value.b = tcph->urg;
- ret[KEY_TCP_URG].flags |= ULOGD_RETF_VALID;
- if (tcph->urg) {
- ret[KEY_TCP_URGP].u.value.ui16 = ntohs(tcph->urg_ptr);
- ret[KEY_TCP_URGP].flags |= ULOGD_RETF_VALID;
- }
- ret[KEY_TCP_ACK].u.value.b = tcph->ack;
- ret[KEY_TCP_ACK].flags |= ULOGD_RETF_VALID;
- ret[KEY_TCP_PSH].u.value.b = tcph->psh;
- ret[KEY_TCP_PSH].flags |= ULOGD_RETF_VALID;
- ret[KEY_TCP_RST].u.value.b = tcph->rst;
- ret[KEY_TCP_RST].flags |= ULOGD_RETF_VALID;
- ret[KEY_TCP_SYN].u.value.b = tcph->syn;
- ret[KEY_TCP_SYN].flags |= ULOGD_RETF_VALID;
- ret[KEY_TCP_FIN].u.value.b = tcph->fin;
- ret[KEY_TCP_FIN].flags |= ULOGD_RETF_VALID;
- ret[KEY_TCP_RES1].u.value.b = tcph->res1;
- ret[KEY_TCP_RES1].flags |= ULOGD_RETF_VALID;
- ret[KEY_TCP_RES2].u.value.b = tcph->res2;
- ret[KEY_TCP_RES2].flags |= ULOGD_RETF_VALID;
- ret[KEY_TCP_CSUM].u.value.ui16 = ntohs(tcph->check);
- ret[KEY_TCP_CSUM].u.value.ui16 = ULOGD_RETF_VALID;
+ okey_set_u16(&ret[KEY_TCP_SPORT], ntohs(tcph->source));
+ okey_set_u16(&ret[KEY_TCP_DPORT], ntohs(tcph->dest));
+ okey_set_u32(&ret[KEY_TCP_SEQ], ntohl(tcph->seq));
+ okey_set_u32(&ret[KEY_TCP_ACKSEQ], ntohl(tcph->ack_seq));
+ okey_set_u8(&ret[KEY_TCP_OFFSET], ntohs(tcph->doff));
+ okey_set_u8(&ret[KEY_TCP_RESERVED], ntohs(tcph->res1));
+ okey_set_u16(&ret[KEY_TCP_WINDOW], ntohs(tcph->window));
+
+ okey_set_b(&ret[KEY_TCP_URG], tcph->urg);
+ if (tcph->urg)
+ okey_set_u16(&ret[KEY_TCP_URGP], ntohs(tcph->urg_ptr));
+ okey_set_b(&ret[KEY_TCP_ACK], tcph->ack);
+ okey_set_b(&ret[KEY_TCP_PSH], tcph->psh);
+ okey_set_b(&ret[KEY_TCP_RST], tcph->rst);
+ okey_set_b(&ret[KEY_TCP_SYN], tcph->syn);
+ okey_set_b(&ret[KEY_TCP_FIN], tcph->fin);
+ okey_set_b(&ret[KEY_TCP_RES1], tcph->res1);
+ okey_set_b(&ret[KEY_TCP_RES2], tcph->res2);
+ okey_set_u16(&ret[KEY_TCP_CSUM], ntohs(tcph->check));
return ULOGD_IRET_OK;
}
@@ -575,14 +557,10 @@ static int _interp_udp(struct ulogd_pluginstance *pi, struct udphdr *udph,
if (len < sizeof(struct udphdr))
return ULOGD_IRET_OK;
- ret[KEY_UDP_SPORT].u.value.ui16 = ntohs(udph->source);
- ret[KEY_UDP_SPORT].flags |= ULOGD_RETF_VALID;
- ret[KEY_UDP_DPORT].u.value.ui16 = ntohs(udph->dest);
- ret[KEY_UDP_DPORT].flags |= ULOGD_RETF_VALID;
- ret[KEY_UDP_LEN].u.value.ui16 = ntohs(udph->len);
- ret[KEY_UDP_LEN].flags |= ULOGD_RETF_VALID;
- ret[KEY_UDP_CSUM].u.value.ui16 = ntohs(udph->check);
- ret[KEY_UDP_CSUM].flags |= ULOGD_RETF_VALID;
+ okey_set_u16(&ret[KEY_UDP_SPORT], ntohs(udph->source));
+ okey_set_u16(&ret[KEY_UDP_DPORT], ntohs(udph->dest));
+ okey_set_u16(&ret[KEY_UDP_LEN], ntohs(udph->len));
+ okey_set_u16(&ret[KEY_UDP_CSUM], ntohs(udph->check));
return ULOGD_IRET_OK;
}
@@ -599,33 +577,28 @@ static int _interp_icmp(struct ulogd_pluginstance *pi, struct icmphdr *icmph,
if (len < sizeof(struct icmphdr))
return ULOGD_IRET_OK;
- ret[KEY_ICMP_TYPE].u.value.ui8 = icmph->type;
- ret[KEY_ICMP_TYPE].flags |= ULOGD_RETF_VALID;
- ret[KEY_ICMP_CODE].u.value.ui8 = icmph->code;
- ret[KEY_ICMP_CODE].flags |= ULOGD_RETF_VALID;
+ okey_set_u8(&ret[KEY_ICMP_TYPE], icmph->type);
+ okey_set_u8(&ret[KEY_ICMP_CODE], icmph->code);
switch (icmph->type) {
case ICMP_ECHO:
case ICMP_ECHOREPLY:
- ret[KEY_ICMP_ECHOID].u.value.ui16 = ntohs(icmph->un.echo.id);
- ret[KEY_ICMP_ECHOID].flags |= ULOGD_RETF_VALID;
- ret[KEY_ICMP_ECHOSEQ].u.value.ui16 = ntohs(icmph->un.echo.sequence);
- ret[KEY_ICMP_ECHOSEQ].flags |= ULOGD_RETF_VALID;
+ okey_set_u16(&ret[KEY_ICMP_ECHOID], ntohs(icmph->un.echo.id));
+ okey_set_u16(&ret[KEY_ICMP_ECHOSEQ],
+ ntohs(icmph->un.echo.sequence));
break;
case ICMP_REDIRECT:
case ICMP_PARAMETERPROB:
- ret[KEY_ICMP_GATEWAY].u.value.ui32 = ntohl(icmph->un.gateway);
- ret[KEY_ICMP_GATEWAY].flags |= ULOGD_RETF_VALID;
+ okey_set_u32(&ret[KEY_ICMP_GATEWAY], ntohl(icmph->un.gateway));
break;
case ICMP_DEST_UNREACH:
if (icmph->code == ICMP_FRAG_NEEDED) {
- ret[KEY_ICMP_FRAGMTU].u.value.ui16 = ntohs(icmph->un.frag.mtu);
- ret[KEY_ICMP_FRAGMTU].flags |= ULOGD_RETF_VALID;
+ okey_set_u16(&ret[KEY_ICMP_FRAGMTU],
+ ntohs(icmph->un.frag.mtu));
}
break;
}
- ret[KEY_ICMP_CSUM].u.value.ui16 = icmph->checksum;
- ret[KEY_ICMP_CSUM].flags |= ULOGD_RETF_VALID;
+ okey_set_u16(&ret[KEY_ICMP_CSUM], icmph->checksum);
return ULOGD_IRET_OK;
}
@@ -642,22 +615,18 @@ static int _interp_icmpv6(struct ulogd_pluginstance *pi, struct icmp6_hdr *icmph
if (len < sizeof(struct icmp6_hdr))
return ULOGD_IRET_OK;
- ret[KEY_ICMPV6_TYPE].u.value.ui8 = icmph->icmp6_type;
- ret[KEY_ICMPV6_TYPE].flags |= ULOGD_RETF_VALID;
- ret[KEY_ICMPV6_CODE].u.value.ui8 = icmph->icmp6_code;
- ret[KEY_ICMPV6_CODE].flags |= ULOGD_RETF_VALID;
+ okey_set_u8(&ret[KEY_ICMPV6_TYPE], icmph->icmp6_type);
+ okey_set_u8(&ret[KEY_ICMPV6_CODE], icmph->icmp6_code);
switch (icmph->icmp6_type) {
case ICMP6_ECHO_REQUEST:
case ICMP6_ECHO_REPLY:
- ret[KEY_ICMPV6_ECHOID].u.value.ui16 = ntohs(icmph->icmp6_id);
- ret[KEY_ICMPV6_ECHOID].flags |= ULOGD_RETF_VALID;
- ret[KEY_ICMPV6_ECHOSEQ].u.value.ui16 = ntohs(icmph->icmp6_seq);
- ret[KEY_ICMPV6_ECHOSEQ].flags |= ULOGD_RETF_VALID;
+ okey_set_u16(&ret[KEY_ICMPV6_ECHOID], ntohs(icmph->icmp6_id));
+ okey_set_u16(&ret[KEY_ICMPV6_ECHOSEQ],
+ ntohs(icmph->icmp6_seq));
break;
}
- ret[KEY_ICMPV6_CSUM].u.value.ui16 = icmph->icmp6_cksum;
- ret[KEY_ICMPV6_CSUM].flags |= ULOGD_RETF_VALID;
+ okey_set_u16(&ret[KEY_ICMPV6_CSUM], icmph->icmp6_cksum);
return ULOGD_IRET_OK;
}
@@ -691,33 +660,23 @@ static int _interp_iphdr(struct ulogd_pluginstance *pi, u_int32_t len)
{
struct ulogd_key *ret = pi->output.keys;
struct iphdr *iph =
- GET_VALUE(pi->input.keys, INKEY_RAW_PCKT).ptr;
+ ikey_get_ptr(&pi->input.keys[INKEY_RAW_PCKT]);
void *nexthdr = (u_int32_t *)iph + iph->ihl;
if (len < sizeof(struct iphdr) || len <= (u_int32_t)(iph->ihl * 4))
return ULOGD_IRET_OK;
len -= iph->ihl * 4;
- ret[KEY_IP_SADDR].u.value.ui32 = iph->saddr;
- ret[KEY_IP_SADDR].flags |= ULOGD_RETF_VALID;
- ret[KEY_IP_DADDR].u.value.ui32 = iph->daddr;
- ret[KEY_IP_DADDR].flags |= ULOGD_RETF_VALID;
- ret[KEY_IP_PROTOCOL].u.value.ui8 = iph->protocol;
- ret[KEY_IP_PROTOCOL].flags |= ULOGD_RETF_VALID;
- ret[KEY_IP_TOS].u.value.ui8 = iph->tos;
- ret[KEY_IP_TOS].flags |= ULOGD_RETF_VALID;
- ret[KEY_IP_TTL].u.value.ui8 = iph->ttl;
- ret[KEY_IP_TTL].flags |= ULOGD_RETF_VALID;
- ret[KEY_IP_TOTLEN].u.value.ui16 = ntohs(iph->tot_len);
- ret[KEY_IP_TOTLEN].flags |= ULOGD_RETF_VALID;
- ret[KEY_IP_IHL].u.value.ui8 = iph->ihl;
- ret[KEY_IP_IHL].flags |= ULOGD_RETF_VALID;
- ret[KEY_IP_CSUM].u.value.ui16 = ntohs(iph->check);
- ret[KEY_IP_CSUM].flags |= ULOGD_RETF_VALID;
- ret[KEY_IP_ID].u.value.ui16 = ntohs(iph->id);
- ret[KEY_IP_ID].flags |= ULOGD_RETF_VALID;
- ret[KEY_IP_FRAGOFF].u.value.ui16 = ntohs(iph->frag_off);
- ret[KEY_IP_FRAGOFF].flags |= ULOGD_RETF_VALID;
+ okey_set_u32(&ret[KEY_IP_SADDR], iph->saddr);
+ okey_set_u32(&ret[KEY_IP_DADDR], iph->daddr);
+ okey_set_u8(&ret[KEY_IP_PROTOCOL], iph->protocol);
+ okey_set_u8(&ret[KEY_IP_TOS], iph->tos);
+ okey_set_u8(&ret[KEY_IP_TTL], iph->ttl);
+ okey_set_u16(&ret[KEY_IP_TOTLEN], ntohs(iph->tot_len));
+ okey_set_u8(&ret[KEY_IP_IHL], iph->ihl);
+ okey_set_u16(&ret[KEY_IP_CSUM], ntohs(iph->check));
+ okey_set_u16(&ret[KEY_IP_ID], ntohs(iph->id));
+ okey_set_u16(&ret[KEY_IP_FRAGOFF], ntohs(iph->frag_off));
switch (iph->protocol) {
case IPPROTO_TCP:
@@ -760,8 +719,7 @@ static int ip6_ext_hdr(u_int8_t nexthdr)
static int _interp_ipv6hdr(struct ulogd_pluginstance *pi, u_int32_t len)
{
struct ulogd_key *ret = pi->output.keys;
- struct ip6_hdr *ipv6h =
- GET_VALUE(pi->input.keys, INKEY_RAW_PCKT).ptr;
+ struct ip6_hdr *ipv6h = ikey_get_ptr(&pi->input.keys[INKEY_RAW_PCKT]);
unsigned int ptr, hdrlen = 0;
u_int8_t curhdr;
int fragment = 0;
@@ -769,20 +727,14 @@ static int _interp_ipv6hdr(struct ulogd_pluginstance *pi, u_int32_t len)
if (len < sizeof(struct ip6_hdr))
return ULOGD_IRET_OK;
- memcpy(ret[KEY_IP_SADDR].u.value.ui128, &ipv6h->ip6_src,
- sizeof(ipv6h->ip6_src));
- ret[KEY_IP_SADDR].flags |= ULOGD_RETF_VALID;
- memcpy(ret[KEY_IP_DADDR].u.value.ui128, &ipv6h->ip6_dst,
- sizeof(ipv6h->ip6_dst));
- ret[KEY_IP_DADDR].flags |= ULOGD_RETF_VALID;
- ret[KEY_IP6_PAYLOAD_LEN].u.value.ui16 = ntohs(ipv6h->ip6_plen);
- ret[KEY_IP6_PAYLOAD_LEN].flags |= ULOGD_RETF_VALID;
- ret[KEY_IP6_PRIORITY].u.value.ui8 = ntohl(ipv6h->ip6_flow & 0x0ff00000) >> 20;
- ret[KEY_IP6_PRIORITY].flags |= ULOGD_RETF_VALID;
- ret[KEY_IP6_FLOWLABEL].u.value.ui32 = ntohl(ipv6h->ip6_flow & 0x000fffff);
- ret[KEY_IP6_FLOWLABEL].flags |= ULOGD_RETF_VALID;
- ret[KEY_IP6_HOPLIMIT].u.value.ui8 = ipv6h->ip6_hlim;
- ret[KEY_IP6_HOPLIMIT].flags |= ULOGD_RETF_VALID;
+ okey_set_u128(&ret[KEY_IP_SADDR], &ipv6h->ip6_src);
+ okey_set_u128(&ret[KEY_IP_DADDR], &ipv6h->ip6_dst);
+ okey_set_u16(&ret[KEY_IP6_PAYLOAD_LEN], ntohs(ipv6h->ip6_plen));
+ okey_set_u8(&ret[KEY_IP6_PRIORITY],
+ ntohl(ipv6h->ip6_flow & 0x0ff00000) >> 20);
+ okey_set_u32(&ret[KEY_IP6_FLOWLABEL],
+ ntohl(ipv6h->ip6_flow & 0x000fffff));
+ okey_set_u8(&ret[KEY_IP6_HOPLIMIT], ipv6h->ip6_hlim);
curhdr = ipv6h->ip6_nxt;
ptr = sizeof(struct ip6_hdr);
@@ -803,10 +755,10 @@ static int _interp_ipv6hdr(struct ulogd_pluginstance *pi, u_int32_t len)
return ULOGD_IRET_OK;
len -= hdrlen;
- ret[KEY_IP6_FRAG_OFF].u.value.ui16 = ntohs(fh->ip6f_offlg & IP6F_OFF_MASK);
- ret[KEY_IP6_FRAG_OFF].flags |= ULOGD_RETF_VALID;
- ret[KEY_IP6_FRAG_ID].u.value.ui32 = ntohl(fh->ip6f_ident);
- ret[KEY_IP6_FRAG_ID].flags |= ULOGD_RETF_VALID;
+ okey_set_u16(&ret[KEY_IP6_FRAG_OFF],
+ ntohs(fh->ip6f_offlg & IP6F_OFF_MASK));
+ okey_set_u32(&ret[KEY_IP6_FRAG_ID],
+ ntohl(fh->ip6f_ident));
if (ntohs(fh->ip6f_offlg & IP6F_OFF_MASK))
fragment = 1;
@@ -857,8 +809,7 @@ static int _interp_ipv6hdr(struct ulogd_pluginstance *pi, u_int32_t len)
goto out;
- ret[KEY_IP_PROTOCOL].u.value.ui8 = curhdr;
- ret[KEY_IP_PROTOCOL].flags |= ULOGD_RETF_VALID;
+ okey_set_u8(&ret[KEY_IP_PROTOCOL], curhdr);
switch (curhdr) {
case IPPROTO_TCP:
@@ -873,8 +824,7 @@ static int _interp_ipv6hdr(struct ulogd_pluginstance *pi, u_int32_t len)
}
out:
- ret[KEY_IP6_NEXTHDR].u.value.ui8 = curhdr;
- ret[KEY_IP6_NEXTHDR].flags |= ULOGD_RETF_VALID;
+ okey_set_u8(&ret[KEY_IP6_NEXTHDR], curhdr);
return ULOGD_IRET_OK;
}
@@ -885,31 +835,19 @@ static int _interp_arp(struct ulogd_pluginstance *pi, u_int32_t len)
{
struct ulogd_key *ret = pi->output.keys;
const struct ether_arp *arph =
- GET_VALUE(pi->input.keys, INKEY_RAW_PCKT).ptr;
+ ikey_get_ptr(&pi->input.keys[INKEY_RAW_PCKT]);
if (len < sizeof(struct ether_arp))
return ULOGD_IRET_OK;
- ret[KEY_ARP_HTYPE].u.value.ui16 = ntohs(arph->arp_hrd);
- SET_VALID(ret[KEY_ARP_HTYPE]);
- ret[KEY_ARP_PTYPE].u.value.ui16 = ntohs(arph->arp_pro);
- SET_VALID(ret[KEY_ARP_PTYPE]);
- ret[KEY_ARP_OPCODE].u.value.ui16 = ntohs(arph->arp_op);
- SET_VALID(ret[KEY_ARP_OPCODE]);
-
- ret[KEY_ARP_SHA].u.value.ptr = &arph->arp_sha;
- SET_VALID(ret[KEY_ARP_SHA]);
-
- memcpy(&ret[KEY_ARP_SPA].u.value.ui32, &arph->arp_spa,
- sizeof(u_int32_t));
- SET_VALID(ret[KEY_ARP_SPA]);
-
- ret[KEY_ARP_THA].u.value.ptr = &arph->arp_tha;
- SET_VALID(ret[KEY_ARP_THA]);
+ okey_set_u16(&ret[KEY_ARP_HTYPE], ntohs(arph->arp_hrd));
+ okey_set_u16(&ret[KEY_ARP_PTYPE], ntohs(arph->arp_pro));
+ okey_set_u16(&ret[KEY_ARP_OPCODE], ntohs(arph->arp_op));
- memcpy(&ret[KEY_ARP_TPA].u.value.ui32, &arph->arp_tpa,
- sizeof(u_int32_t));
- SET_VALID(ret[KEY_ARP_TPA]);
+ okey_set_ptr(&ret[KEY_ARP_SHA], &arph->arp_sha);
+ okey_set_ptr(&ret[KEY_ARP_SPA], &arph->arp_spa),
+ okey_set_ptr(&ret[KEY_ARP_THA], &arph->arp_tha);
+ okey_set_ptr(&ret[KEY_ARP_TPA], &arph->arp_tpa);
return ULOGD_IRET_OK;
}
@@ -921,7 +859,7 @@ static int _interp_arp(struct ulogd_pluginstance *pi, u_int32_t len)
static int _interp_bridge(struct ulogd_pluginstance *pi, u_int32_t len)
{
const u_int16_t proto =
- GET_VALUE(pi->input.keys, INKEY_OOB_PROTOCOL).ui16;
+ ikey_get_u16(&pi->input.keys[INKEY_OOB_PROTOCOL]);
switch (proto) {
case ETH_P_IP:
@@ -942,13 +880,12 @@ static int _interp_bridge(struct ulogd_pluginstance *pi, u_int32_t len)
static int _interp_pkt(struct ulogd_pluginstance *pi)
{
- u_int32_t len = GET_VALUE(pi->input.keys, INKEY_RAW_PCKTLEN).ui32;
- u_int8_t family = GET_VALUE(pi->input.keys, INKEY_OOB_FAMILY).ui8;
+ u_int32_t len = ikey_get_u32(&pi->input.keys[INKEY_RAW_PCKTLEN]);
+ u_int8_t family = ikey_get_u8(&pi->input.keys[INKEY_OOB_FAMILY]);
struct ulogd_key *ret = pi->output.keys;
- ret[KEY_OOB_PROTOCOL].u.value.ui16 =
- GET_VALUE(pi->input.keys, INKEY_OOB_PROTOCOL).ui16;
- SET_VALID(ret[KEY_OOB_PROTOCOL]);
+ okey_set_u16(&ret[KEY_OOB_PROTOCOL],
+ ikey_get_u16(&pi->input.keys[INKEY_OOB_PROTOCOL]));
switch (family) {
case AF_INET:
diff --git a/filter/raw2packet/ulogd_raw2packet_LOCAL.c b/filter/raw2packet/ulogd_raw2packet_LOCAL.c
index bf400d7..fdfc7c8 100644
--- a/filter/raw2packet/ulogd_raw2packet_LOCAL.c
+++ b/filter/raw2packet/ulogd_raw2packet_LOCAL.c
@@ -51,11 +51,8 @@ static ulog_iret_t *_interp_local(ulog_interpreter_t *ip,
gettimeofday(&tv, NULL);
/* put date */
- ret[0].value.ui32 = (unsigned long) tv.tv_sec;
- ret[0].flags |= ULOGD_RETF_VALID;
-
- ret[1].value.ptr = hostname;
- ret[1].flags |= ULOGD_RETF_VALID;
+ okey_set_ui32(&ret[0], (unsigned long) tv.tv_sec);
+ okey_set_ptr(&ret[1], hostname);
return ret;
}
diff --git a/filter/ulogd_filter_HWHDR.c b/filter/ulogd_filter_HWHDR.c
index 8df4f00..33e8316 100644
--- a/filter/ulogd_filter_HWHDR.c
+++ b/filter/ulogd_filter_HWHDR.c
@@ -3,6 +3,7 @@
* ulogd interpreter plugin for HWMAC
*
* (C) 2008 by Eric Leblond <eric@inl.fr>
+ * (C) 2008 by Pablo Neira Ayuso <pablo@netfilter.org>
*
* Based on ulogd_filter_IFINDEX.c Harald Welte <laforge@gnumonks.org>
*
@@ -128,32 +129,41 @@ static int parse_mac2str(struct ulogd_key *ret, unsigned char *mac,
buf_cur += sprintf(buf_cur, "%02x%c", mac[i],
i == len - 1 ? 0 : ':');
- ret[okey].u.value.ptr = mac_str;
- ret[okey].flags |= ULOGD_RETF_VALID;
+ okey_set_ptr(&ret[okey], mac_str);
return ULOGD_IRET_OK;
}
+static void *hwhdr_get_saddr(struct ulogd_key *inp)
+{
+ return ikey_get_ptr(&inp[KEY_RAW_MAC]) + ETH_ALEN;
+}
+
+static void *hwhdr_get_daddr(struct ulogd_key *inp)
+{
+ return ikey_get_ptr(&inp[KEY_RAW_MAC]);
+}
+
+static u_int16_t hwhdr_get_len(struct ulogd_key *inp)
+{
+ void *len = ikey_get_ptr(&inp[KEY_RAW_MAC]) + 2 * ETH_ALEN;
+ return ntohs(*(u_int16_t *) len);
+}
static int parse_ethernet(struct ulogd_key *ret, struct ulogd_key *inp)
{
int fret;
if (!pp_is_valid(inp, KEY_RAW_MAC_SADDR)) {
- fret = parse_mac2str(ret,
- GET_VALUE(inp, KEY_RAW_MAC).ptr
- + ETH_ALEN,
+ fret = parse_mac2str(ret, hwhdr_get_saddr(inp),
KEY_MAC_SADDR, ETH_ALEN);
if (fret != ULOGD_IRET_OK)
return fret;
}
- fret = parse_mac2str(ret, GET_VALUE(inp, KEY_RAW_MAC).ptr,
+ fret = parse_mac2str(ret, hwhdr_get_daddr(inp),
KEY_MAC_DADDR, ETH_ALEN);
if (fret != ULOGD_IRET_OK)
return fret;
- ret[KEY_MAC_PROTOCOL].u.value.ui16 =
- ntohs(*(u_int16_t *) (GET_VALUE(inp, KEY_RAW_MAC).ptr
- + 2 * ETH_ALEN));
- ret[KEY_MAC_PROTOCOL].flags |= ULOGD_RETF_VALID;
+ okey_set_u16(&ret[KEY_MAC_PROTOCOL], hwhdr_get_len(inp));
return ULOGD_IRET_OK;
}
@@ -164,46 +174,41 @@ static int interp_mac2str(struct ulogd_pluginstance *pi)
struct ulogd_key *inp = pi->input.keys;
u_int16_t type = 0;
- if (pp_is_valid(inp, KEY_OOB_PROTOCOL)) {
- ret[KEY_MAC_PROTOCOL].u.value.ui16 =
- GET_VALUE(inp, KEY_OOB_PROTOCOL).ui16;
- ret[KEY_MAC_PROTOCOL].flags |= ULOGD_RETF_VALID;
- }
+ if (pp_is_valid(inp, KEY_OOB_PROTOCOL))
+ okey_set_u16(&ret[KEY_MAC_PROTOCOL],
+ ikey_get_u16(&inp[KEY_OOB_PROTOCOL]));
if (pp_is_valid(inp, KEY_RAW_MAC_SADDR)) {
int fret;
fret = parse_mac2str(ret,
- GET_VALUE(inp, KEY_RAW_MAC_SADDR).ptr,
+ ikey_get_ptr(&inp[KEY_RAW_MAC_SADDR]),
KEY_MAC_SADDR,
- GET_VALUE(inp, KEY_RAW_MAC_ADDRLEN).ui16);
+ ikey_get_u16(&inp[KEY_RAW_MAC_ADDRLEN]));
if (fret != ULOGD_IRET_OK)
return fret;
}
if (pp_is_valid(inp, KEY_RAW_MAC)) {
- if (GET_VALUE(inp, KEY_RAW_MAC_ADDRLEN).ui16 == ETH_ALEN) {
- ret[KEY_MAC_TYPE].u.value.ui16 = ARPHRD_ETHER;
- ret[KEY_MAC_TYPE].flags |= ULOGD_RETF_VALID;
- } else {
- ret[KEY_MAC_TYPE].u.value.ui16 = ARPHRD_VOID;
- ret[KEY_MAC_TYPE].flags |= ULOGD_RETF_VALID;
- }
+ if (ikey_get_u16(&inp[KEY_RAW_MAC_ADDRLEN]) == ETH_ALEN)
+ okey_set_u16(&ret[KEY_MAC_TYPE], ARPHRD_ETHER);
+ else
+ okey_set_u16(&ret[KEY_MAC_TYPE], ARPHRD_VOID);
+
return ULOGD_IRET_OK;
}
if (pp_is_valid(inp, KEY_RAW_TYPE)) {
/* NFLOG with Linux >= 2.6.27 case */
- ret[KEY_MAC_TYPE].u.value.ui16 = type =
- GET_VALUE(inp, KEY_RAW_TYPE).ui16;
- ret[KEY_MAC_TYPE].flags |= ULOGD_RETF_VALID;
+ type = ikey_get_u16(&inp[KEY_RAW_TYPE]);
+ okey_set_u16(&ret[KEY_MAC_TYPE], type);
} else {
/* ULOG case, treat ethernet encapsulation */
- if (GET_VALUE(inp, KEY_RAW_MACLEN).ui16 == ETH_HLEN) {
- ret[KEY_MAC_TYPE].u.value.ui16 = type = ARPHRD_ETHER;
- ret[KEY_MAC_TYPE].flags |= ULOGD_RETF_VALID;
+ if (ikey_get_u16(&inp[KEY_RAW_MACLEN]) == ETH_HLEN) {
+ type = ARPHRD_ETHER;
+ okey_set_u16(&ret[KEY_MAC_TYPE], type);
} else {
- ret[KEY_MAC_TYPE].u.value.ui16 = type = ARPHRD_VOID;
- ret[KEY_MAC_TYPE].flags |= ULOGD_RETF_VALID;
+ type = ARPHRD_VOID;
+ okey_set_u16(&ret[KEY_MAC_TYPE], type);
}
}
@@ -213,10 +218,9 @@ static int interp_mac2str(struct ulogd_pluginstance *pi)
default:
/* convert raw header to string */
return parse_mac2str(ret,
- GET_VALUE(inp, KEY_RAW_MAC).ptr,
- KEY_MAC_ADDR,
- GET_VALUE(inp,
- KEY_RAW_MACLEN).ui16);
+ ikey_get_ptr(&inp[KEY_RAW_MAC]),
+ KEY_MAC_ADDR,
+ ikey_get_u16(&inp[KEY_RAW_MACLEN]));
}
return ULOGD_IRET_OK;
}
diff --git a/filter/ulogd_filter_IFINDEX.c b/filter/ulogd_filter_IFINDEX.c
index f7571bd..f56ee0b 100644
--- a/filter/ulogd_filter_IFINDEX.c
+++ b/filter/ulogd_filter_IFINDEX.c
@@ -3,6 +3,7 @@
* ulogd interpreter plugin for ifindex to ifname conversion
*
* (C) 2005 by Harald Welte <laforge@gnumonks.org>
+ * (C) 2008 by Pablo Neira Ayuso <pablo@netfilter.org>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2
@@ -61,20 +62,25 @@ static int interp_ifindex(struct ulogd_pluginstance *pi)
{
struct ulogd_key *ret = pi->output.keys;
struct ulogd_key *inp = pi->input.keys;
+ void *ptr;
- ret[0].u.value.ptr = calloc(IFNAMSIZ, sizeof(char));
- nlif_index2name(nlif_inst, inp[0].u.source->u.value.ui32,
- ret[0].u.value.ptr);
- if (((char *)ret[0].u.value.ptr)[0] == '*')
- ((char *)(ret[0].u.value.ptr))[0] = 0;
- ret[0].flags |= ULOGD_RETF_VALID;
-
- ret[1].u.value.ptr = calloc(IFNAMSIZ, sizeof(char));
- nlif_index2name(nlif_inst, inp[1].u.source->u.value.ui32,
- ret[1].u.value.ptr);
- if (((char *)ret[1].u.value.ptr)[0] == '*')
- ((char *)(ret[1].u.value.ptr))[0] = 0;
- ret[1].flags |= ULOGD_RETF_VALID;
+ ptr = calloc(IFNAMSIZ, sizeof(char));
+ if (!ptr)
+ return ULOGD_IRET_ERR;
+
+ nlif_index2name(nlif_inst, ikey_get_u32(&inp[0]), ptr);
+ if (((char *)ptr)[0] == '*')
+ ((char *)(ptr))[0] = 0;
+ okey_set_ptr(&ret[0], ptr);
+
+ ptr = calloc(IFNAMSIZ, sizeof(char));
+ if (!ptr)
+ return ULOGD_IRET_ERR;
+
+ nlif_index2name(nlif_inst, ikey_get_u32(&inp[1]), ptr);
+ if (((char *)ptr)[0] == '*')
+ ((char *)(ptr))[0] = 0;
+ okey_set_ptr(&ret[1], ptr);
return ULOGD_IRET_OK;
}
diff --git a/filter/ulogd_filter_IP2BIN.c b/filter/ulogd_filter_IP2BIN.c
index 2d9fc16..1d2865e 100644
--- a/filter/ulogd_filter_IP2BIN.c
+++ b/filter/ulogd_filter_IP2BIN.c
@@ -137,12 +137,12 @@ static char *ip2bin(struct ulogd_key* inp, int index, char family)
switch (family) {
case AF_INET6:
- addr = (struct in6_addr *) GET_VALUE(inp, index).ui128;
+ addr = (struct in6_addr *)ikey_get_u128(&inp[index]);
break;
case AF_INET:
/* Convert IPv4 to IPv4 in IPv6 */
addr = &ip4_addr;
- uint32_to_ipv6(GET_VALUE(inp, index).ui32, addr);
+ uint32_to_ipv6(ikey_get_u32(&inp[index]), addr);
break;
default:
/* TODO handle error */
@@ -176,13 +176,12 @@ static int interp_ip2bin(struct ulogd_pluginstance *pi)
struct ulogd_key *ret = pi->output.keys;
struct ulogd_key *inp = pi->input.keys;
int i;
- int oob_family = GET_VALUE(inp, KEY_OOB_FAMILY).ui8;
+ int oob_family = ikey_get_u8(&inp[KEY_OOB_FAMILY]);
/* Iter on all addr fields */
for(i = START_KEY; i < MAX_KEY; i++) {
if (pp_is_valid(inp, i)) {
- ret[i-1].u.value.ptr = ip2bin(inp, i, oob_family);
- ret[i-1].flags |= ULOGD_RETF_VALID;
+ okey_set_ptr(&ret[i-1], ip2bin(inp, i, oob_family));
}
}
diff --git a/filter/ulogd_filter_IP2STR.c b/filter/ulogd_filter_IP2STR.c
index a1c1e87..df94c72 100644
--- a/filter/ulogd_filter_IP2STR.c
+++ b/filter/ulogd_filter_IP2STR.c
@@ -145,7 +145,7 @@ static struct ulogd_key ip2str_keys[] = {
static char *ip2str(struct ulogd_key *inp, int index)
{
char tmp[IPADDR_LENGTH];
- char family = GET_VALUE(inp, KEY_OOB_FAMILY).ui8;
+ char family = ikey_get_u8(&inp[KEY_OOB_FAMILY]);
char convfamily = family;
if (family == AF_BRIDGE) {
@@ -154,7 +154,7 @@ static char *ip2str(struct ulogd_key *inp, int index)
"No protocol inside AF_BRIDGE packet\n");
return NULL;
}
- switch (GET_VALUE(inp, KEY_OOB_PROTOCOL).ui16) {
+ switch (ikey_get_u16(&inp[KEY_OOB_PROTOCOL])) {
case ETH_P_IPV6:
convfamily = AF_INET6;
break;
@@ -172,15 +172,15 @@ static char *ip2str(struct ulogd_key *inp, int index)
}
switch (convfamily) {
+ u_int32_t ip;
case AF_INET6:
inet_ntop(AF_INET6,
- GET_VALUE(inp, index).ui128,
+ ikey_get_u128(&inp[index]),
tmp, sizeof(tmp));
break;
case AF_INET:
- inet_ntop(AF_INET,
- &GET_VALUE(inp, index).ui32,
- tmp, sizeof(tmp));
+ ip = ikey_get_u32(&inp[index]);
+ inet_ntop(AF_INET, &ip, tmp, sizeof(tmp));
break;
default:
/* TODO error handling */
@@ -199,8 +199,7 @@ static int interp_ip2str(struct ulogd_pluginstance *pi)
/* Iter on all addr fields */
for (i = START_KEY; i <= MAX_KEY; i++) {
if (pp_is_valid(inp, i)) {
- ret[i-START_KEY].u.value.ptr = ip2str(inp, i);
- ret[i-START_KEY].flags |= ULOGD_RETF_VALID;
+ okey_set_ptr(&ret[i-START_KEY], ip2str(inp, i));
}
}
diff --git a/filter/ulogd_filter_MARK.c b/filter/ulogd_filter_MARK.c
index 98f5dae..1a7c2fd 100644
--- a/filter/ulogd_filter_MARK.c
+++ b/filter/ulogd_filter_MARK.c
@@ -72,14 +72,14 @@ static int interp_mark(struct ulogd_pluginstance *pi)
{
struct ulogd_key *inp = pi->input.keys;
if (pp_is_valid(inp, KEY_CT_MARK)) {
- if ((GET_VALUE(inp, KEY_CT_MARK).ui32 &
+ if ((ikey_get_u32(&inp[KEY_CT_MARK]) &
pi->config_kset->ces[MARK_MASK].u.value) !=
(u_int32_t) pi->config_kset->ces[MARK_MARK].u.value
) {
return ULOGD_IRET_STOP;
}
} else if (pp_is_valid(inp, KEY_OOB_MARK)) {
- if ((GET_VALUE(inp, KEY_OOB_MARK).ui32 &
+ if ((ikey_get_u32(&inp[KEY_OOB_MARK]) &
pi->config_kset->ces[MARK_MASK].u.value) !=
(u_int32_t) pi->config_kset->ces[MARK_MARK].u.value
) {
diff --git a/filter/ulogd_filter_PRINTFLOW.c b/filter/ulogd_filter_PRINTFLOW.c
index b78c37b..1de1ba6 100644
--- a/filter/ulogd_filter_PRINTFLOW.c
+++ b/filter/ulogd_filter_PRINTFLOW.c
@@ -37,8 +37,7 @@ static int printflow_interp(struct ulogd_pluginstance *upi)
static char buf[4096];
printflow_print(inp, buf);
- ret[0].u.value.ptr = buf;
- ret[0].flags |= ULOGD_RETF_VALID;
+ okey_set_ptr(&ret[0], buf);
return ULOGD_IRET_OK;
}
diff --git a/filter/ulogd_filter_PRINTPKT.c b/filter/ulogd_filter_PRINTPKT.c
index 62a3cf7..3313194 100644
--- a/filter/ulogd_filter_PRINTPKT.c
+++ b/filter/ulogd_filter_PRINTPKT.c
@@ -37,8 +37,7 @@ static int printpkt_interp(struct ulogd_pluginstance *upi)
static char buf[4096];
printpkt_print(inp, buf);
- ret[0].u.value.ptr = buf;
- ret[0].flags |= ULOGD_RETF_VALID;
+ okey_set_ptr(&ret[0], buf);
return ULOGD_IRET_OK;
}
diff --git a/filter/ulogd_filter_PWSNIFF.c b/filter/ulogd_filter_PWSNIFF.c
index 3cbafb6..a6cbf94 100644
--- a/filter/ulogd_filter_PWSNIFF.c
+++ b/filter/ulogd_filter_PWSNIFF.c
@@ -116,25 +116,22 @@ static int interp_pwsniff(struct ulogd_pluginstance *pi)
}
if (len) {
- ret[0].u.value.ptr = (char *) malloc(len+1);
- ret[0].flags |= ULOGD_RETF_VALID;
- if (!ret[0].u.value.ptr) {
- ulogd_log(ULOGD_ERROR, "OOM (size=%u)\n", len);
+ char *ptr;
+ ptr = (char *) malloc(len+1);
+ if (!ptr)
return ULOGD_IRET_ERR;
- }
- strncpy((char *) ret[0].u.value.ptr, (char *)begp, len);
- *((char *)ret[0].u.value.ptr + len) = '\0';
+ strncpy(ptr, (char *)begp, len);
+ ptr[len] = '\0';
+ okey_set_ptr(&ret[0], ptr);
}
if (pw_len) {
- ret[1].u.value.ptr = (char *) malloc(pw_len+1);
- ret[1].flags |= ULOGD_RETF_VALID;
- if (!ret[1].u.value.ptr){
- ulogd_log(ULOGD_ERROR, "OOM (size=%u)\n", pw_len);
+ char *ptr;
+ ptr = (char *) malloc(pw_len+1);
+ if (!ptr)
return ULOGD_IRET_ERR;
- }
- strncpy((char *)ret[1].u.value.ptr, (char *)pw_begp, pw_len);
- *((char *)ret[1].u.value.ptr + pw_len) = '\0';
-
+ strncpy(ptr, (char *)pw_begp, pw_len);
+ ptr[pw_len] = '\0';
+ okey_set_ptr(&ret[1], ptr);
}
return ULOGD_IRET_OK;
}
diff --git a/include/ulogd/ulogd.h b/include/ulogd/ulogd.h
index 776111a..3f6d784 100644
--- a/include/ulogd/ulogd.h
+++ b/include/ulogd/ulogd.h
@@ -18,6 +18,7 @@
#include <stdio.h>
#include <signal.h> /* need this because of extension-sighandler */
#include <sys/types.h>
+#include <string.h>
#define ARRAY_SIZE(x) (sizeof(x) / sizeof((x)[0]))
@@ -126,6 +127,64 @@ struct ulogd_keyset {
unsigned int type;
};
+static inline void okey_set_b(struct ulogd_key *key, u_int8_t value)
+{
+ key->u.value.b = value;
+ key->flags |= ULOGD_RETF_VALID;
+}
+
+static inline void okey_set_u8(struct ulogd_key *key, u_int8_t value)
+{
+ key->u.value.ui8 = value;
+ key->flags |= ULOGD_RETF_VALID;
+}
+
+static inline void okey_set_u16(struct ulogd_key *key, u_int16_t value)
+{
+ key->u.value.ui16 = value;
+ key->flags |= ULOGD_RETF_VALID;
+}
+
+static inline void okey_set_u32(struct ulogd_key *key, u_int32_t value)
+{
+ key->u.value.ui32 = value;
+ key->flags |= ULOGD_RETF_VALID;
+}
+
+static inline void okey_set_u128(struct ulogd_key *key, const void *value)
+{
+ memcpy(key->u.value.ui128, value, 16);
+ key->flags |= ULOGD_RETF_VALID;
+}
+
+static inline void okey_set_ptr(struct ulogd_key *key, void *value)
+{
+ key->u.value.ptr = value;
+ key->flags |= ULOGD_RETF_VALID;
+}
+
+static inline u_int8_t ikey_get_u8(struct ulogd_key *key)
+{
+ return key->u.source->u.value.ui8;
+}
+
+static inline u_int16_t ikey_get_u16(struct ulogd_key *key)
+{
+ return key->u.source->u.value.ui16;
+}
+
+static inline u_int32_t ikey_get_u32(struct ulogd_key *key)
+{
+ return key->u.source->u.value.ui32;
+}
+
+#define ikey_get_u128 ikey_get_ptr
+
+static inline void *ikey_get_ptr(struct ulogd_key *key)
+{
+ return key->u.source->u.value.ptr;
+}
+
struct ulogd_pluginstance_stack;
struct ulogd_pluginstance;
struct ulogd_plugin {
@@ -221,7 +280,6 @@ void __ulogd_log(int level, char *file, int line, const char *message, ...);
#define IS_NEEDED(x) (x.flags & ULOGD_RETF_NEEDED)
#define SET_NEEDED(x) (x.flags |= ULOGD_RETF_NEEDED)
-#define GET_VALUE(res, x) (res[x].u.source->u.value)
#define GET_FLAGS(res, x) (res[x].u.source->flags)
#define pp_is_valid(res, x) \
(res[x].u.source && (GET_FLAGS(res, x) & ULOGD_RETF_VALID))
diff --git a/input/flow/ulogd_inpflow_NFCT.c b/input/flow/ulogd_inpflow_NFCT.c
index 58bb0e2..a33ec35 100644
--- a/input/flow/ulogd_inpflow_NFCT.c
+++ b/input/flow/ulogd_inpflow_NFCT.c
@@ -443,67 +443,39 @@ static int propagate_ct(struct ulogd_pluginstance *upi,
{
struct ulogd_key *ret = upi->output.keys;
- ret[NFCT_CT_EVENT].u.value.ui32 = type;
- ret[NFCT_CT_EVENT].flags |= ULOGD_RETF_VALID;
-
- ret[NFCT_OOB_FAMILY].u.value.ui8 = nfct_get_attr_u8(ct, ATTR_L3PROTO);
- ret[NFCT_OOB_FAMILY].flags |= ULOGD_RETF_VALID;
- /* FIXME */
- ret[NFCT_OOB_PROTOCOL].u.value.ui8 = 0;
- ret[NFCT_OOB_PROTOCOL].flags |= ULOGD_RETF_VALID;
+ okey_set_u32(&ret[NFCT_CT_EVENT], type);
+ okey_set_u8(&ret[NFCT_OOB_FAMILY], nfct_get_attr_u8(ct, ATTR_L3PROTO));
+ okey_set_u8(&ret[NFCT_OOB_PROTOCOL], 0); /* FIXME */
switch (nfct_get_attr_u8(ct, ATTR_L3PROTO)) {
case AF_INET:
- ret[NFCT_ORIG_IP_SADDR].u.value.ui32 =
- nfct_get_attr_u32(ct, ATTR_ORIG_IPV4_SRC);
- ret[NFCT_ORIG_IP_SADDR].flags |= ULOGD_RETF_VALID;
-
- ret[NFCT_ORIG_IP_DADDR].u.value.ui32 =
- nfct_get_attr_u32(ct, ATTR_ORIG_IPV4_DST);
- ret[NFCT_ORIG_IP_DADDR].flags |= ULOGD_RETF_VALID;
-
- ret[NFCT_REPLY_IP_SADDR].u.value.ui32 =
- nfct_get_attr_u32(ct, ATTR_REPL_IPV4_SRC);
- ret[NFCT_REPLY_IP_SADDR].flags |= ULOGD_RETF_VALID;
-
- ret[NFCT_REPLY_IP_DADDR].u.value.ui32 =
- nfct_get_attr_u32(ct, ATTR_REPL_IPV4_DST);
- ret[NFCT_REPLY_IP_DADDR].flags |= ULOGD_RETF_VALID;
-
+ okey_set_u32(&ret[NFCT_ORIG_IP_SADDR],
+ nfct_get_attr_u32(ct, ATTR_ORIG_IPV4_SRC));
+ okey_set_u32(&ret[NFCT_ORIG_IP_DADDR],
+ nfct_get_attr_u32(ct, ATTR_ORIG_IPV4_DST));
+ okey_set_u32(&ret[NFCT_REPLY_IP_SADDR],
+ nfct_get_attr_u32(ct, ATTR_REPL_IPV4_SRC));
+ okey_set_u32(&ret[NFCT_REPLY_IP_DADDR],
+ nfct_get_attr_u32(ct, ATTR_REPL_IPV4_DST));
break;
case AF_INET6:
- memcpy(ret[NFCT_ORIG_IP_SADDR].u.value.ui128,
- nfct_get_attr(ct, ATTR_ORIG_IPV6_SRC),
- sizeof(int32_t) * 4);
- ret[NFCT_ORIG_IP_SADDR].flags |= ULOGD_RETF_VALID;
-
- memcpy(ret[NFCT_ORIG_IP_DADDR].u.value.ui128,
- nfct_get_attr(ct, ATTR_ORIG_IPV6_DST),
- sizeof(int32_t) * 4);
- ret[NFCT_ORIG_IP_DADDR].flags |= ULOGD_RETF_VALID;
-
- memcpy(ret[NFCT_REPLY_IP_SADDR].u.value.ui128,
- nfct_get_attr(ct, ATTR_REPL_IPV6_SRC),
- sizeof(int32_t) * 4);
- ret[NFCT_REPLY_IP_SADDR].flags |= ULOGD_RETF_VALID;
-
- memcpy(ret[NFCT_REPLY_IP_DADDR].u.value.ui128,
- nfct_get_attr(ct, ATTR_REPL_IPV6_DST),
- sizeof(int32_t) * 4);
- ret[NFCT_REPLY_IP_DADDR].flags |= ULOGD_RETF_VALID;
-
+ okey_set_u128(&ret[NFCT_ORIG_IP_SADDR],
+ nfct_get_attr(ct, ATTR_ORIG_IPV6_SRC));
+ okey_set_u128(&ret[NFCT_ORIG_IP_DADDR],
+ nfct_get_attr(ct, ATTR_ORIG_IPV6_DST));
+ okey_set_u128(&ret[NFCT_REPLY_IP_SADDR],
+ nfct_get_attr(ct, ATTR_REPL_IPV6_SRC));
+ okey_set_u128(&ret[NFCT_REPLY_IP_DADDR],
+ nfct_get_attr(ct, ATTR_REPL_IPV6_DST));
break;
default:
ulogd_log(ULOGD_NOTICE, "Unknown protocol family (%d)\n",
nfct_get_attr_u8(ct, ATTR_L3PROTO));
}
- ret[NFCT_ORIG_IP_PROTOCOL].u.value.ui8 =
- nfct_get_attr_u8(ct, ATTR_ORIG_L4PROTO);
- ret[NFCT_ORIG_IP_PROTOCOL].flags |= ULOGD_RETF_VALID;
-
- ret[NFCT_REPLY_IP_PROTOCOL].u.value.ui8 =
- nfct_get_attr_u8(ct, ATTR_REPL_L4PROTO);
- ret[NFCT_REPLY_IP_PROTOCOL].flags |= ULOGD_RETF_VALID;
+ okey_set_u8(&ret[NFCT_ORIG_IP_PROTOCOL],
+ nfct_get_attr_u8(ct, ATTR_ORIG_L4PROTO));
+ okey_set_u8(&ret[NFCT_REPLY_IP_PROTOCOL],
+ nfct_get_attr_u8(ct, ATTR_REPL_L4PROTO));
switch (nfct_get_attr_u8(ct, ATTR_ORIG_L4PROTO)) {
case IPPROTO_TCP:
@@ -511,22 +483,16 @@ static int propagate_ct(struct ulogd_pluginstance *upi,
case IPPROTO_UDPLITE:
case IPPROTO_SCTP:
case IPPROTO_DCCP:
- ret[NFCT_ORIG_L4_SPORT].u.value.ui16 =
- htons(nfct_get_attr_u16(ct, ATTR_ORIG_PORT_SRC));
- ret[NFCT_ORIG_L4_SPORT].flags |= ULOGD_RETF_VALID;
-
- ret[NFCT_ORIG_L4_DPORT].u.value.ui16 =
- htons(nfct_get_attr_u16(ct, ATTR_ORIG_PORT_DST));
- ret[NFCT_ORIG_L4_DPORT].flags |= ULOGD_RETF_VALID;
+ okey_set_u16(&ret[NFCT_ORIG_L4_SPORT],
+ htons(nfct_get_attr_u16(ct, ATTR_ORIG_PORT_SRC)));
+ okey_set_u16(&ret[NFCT_ORIG_L4_DPORT],
+ htons(nfct_get_attr_u16(ct, ATTR_ORIG_PORT_DST)));
break;
case IPPROTO_ICMP:
- ret[NFCT_ICMP_CODE].u.value.ui8 =
- nfct_get_attr_u8(ct, ATTR_ICMP_CODE);
- ret[NFCT_ICMP_CODE].flags |= ULOGD_RETF_VALID;
-
- ret[NFCT_ICMP_TYPE].u.value.ui8 =
- nfct_get_attr_u8(ct, ATTR_ICMP_TYPE);
- ret[NFCT_ICMP_TYPE].flags |= ULOGD_RETF_VALID;
+ okey_set_u16(&ret[NFCT_ICMP_CODE],
+ nfct_get_attr_u8(ct, ATTR_ICMP_CODE));
+ okey_set_u16(&ret[NFCT_ICMP_TYPE],
+ nfct_get_attr_u8(ct, ATTR_ICMP_TYPE));
break;
}
@@ -536,55 +502,36 @@ static int propagate_ct(struct ulogd_pluginstance *upi,
case IPPROTO_UDPLITE:
case IPPROTO_SCTP:
case IPPROTO_DCCP:
- ret[NFCT_REPLY_L4_SPORT].u.value.ui16 =
- htons(nfct_get_attr_u16(ct, ATTR_REPL_PORT_SRC));
- ret[NFCT_REPLY_L4_SPORT].flags |= ULOGD_RETF_VALID;
-
- ret[NFCT_REPLY_L4_DPORT].u.value.ui16 =
- htons(nfct_get_attr_u16(ct, ATTR_REPL_PORT_DST));
- ret[NFCT_REPLY_L4_DPORT].flags |= ULOGD_RETF_VALID;
+ okey_set_u16(&ret[NFCT_REPLY_L4_SPORT],
+ htons(nfct_get_attr_u16(ct, ATTR_REPL_PORT_SRC)));
+ okey_set_u16(&ret[NFCT_REPLY_L4_DPORT],
+ htons(nfct_get_attr_u16(ct, ATTR_REPL_PORT_DST)));
}
- ret[NFCT_ORIG_RAW_PKTLEN].u.value.ui32 =
- nfct_get_attr_u32(ct, ATTR_ORIG_COUNTER_BYTES);
- ret[NFCT_ORIG_RAW_PKTLEN].flags |= ULOGD_RETF_VALID;
-
- ret[NFCT_ORIG_RAW_PKTCOUNT].u.value.ui32 =
- nfct_get_attr_u32(ct, ATTR_ORIG_COUNTER_PACKETS);
- ret[NFCT_ORIG_RAW_PKTCOUNT].flags |= ULOGD_RETF_VALID;
-
- ret[NFCT_REPLY_RAW_PKTLEN].u.value.ui32 =
- nfct_get_attr_u32(ct, ATTR_REPL_COUNTER_BYTES);;
- ret[NFCT_REPLY_RAW_PKTLEN].flags |= ULOGD_RETF_VALID;
+ okey_set_u32(&ret[NFCT_ORIG_RAW_PKTLEN],
+ nfct_get_attr_u32(ct, ATTR_ORIG_COUNTER_BYTES));
+ okey_set_u32(&ret[NFCT_ORIG_RAW_PKTCOUNT],
+ nfct_get_attr_u32(ct, ATTR_ORIG_COUNTER_PACKETS));
+ okey_set_u32(&ret[NFCT_REPLY_RAW_PKTLEN],
+ nfct_get_attr_u32(ct, ATTR_REPL_COUNTER_BYTES));
+ okey_set_u32(&ret[NFCT_REPLY_RAW_PKTCOUNT],
+ nfct_get_attr_u32(ct, ATTR_REPL_COUNTER_PACKETS));
- ret[NFCT_REPLY_RAW_PKTCOUNT].u.value.ui32 =
- nfct_get_attr_u32(ct, ATTR_REPL_COUNTER_PACKETS);
- ret[NFCT_REPLY_RAW_PKTCOUNT].flags |= ULOGD_RETF_VALID;
-
- ret[NFCT_CT_MARK].u.value.ui32 = nfct_get_attr_u32(ct, ATTR_MARK);
- ret[NFCT_CT_MARK].flags |= ULOGD_RETF_VALID;
-
- ret[NFCT_CT_ID].u.value.ui32 = nfct_get_attr_u32(ct, ATTR_ID);
- ret[NFCT_CT_ID].flags |= ULOGD_RETF_VALID;
+ okey_set_u32(&ret[NFCT_CT_MARK], nfct_get_attr_u32(ct, ATTR_MARK));
+ okey_set_u32(&ret[NFCT_CT_ID], nfct_get_attr_u32(ct, ATTR_ID));
if (ts) {
if (ts->time[START].tv_sec) {
- ret[NFCT_FLOW_START_SEC].u.value.ui32 =
- ts->time[START].tv_sec;
- ret[NFCT_FLOW_START_SEC].flags |= ULOGD_RETF_VALID;
-
- ret[NFCT_FLOW_START_USEC].u.value.ui32 =
- ts->time[START].tv_usec;
- ret[NFCT_FLOW_START_USEC].flags |= ULOGD_RETF_VALID;
+ okey_set_u32(&ret[NFCT_FLOW_START_SEC],
+ ts->time[START].tv_sec);
+ okey_set_u32(&ret[NFCT_FLOW_START_USEC],
+ ts->time[START].tv_usec);
}
if (ts->time[STOP].tv_sec) {
- ret[NFCT_FLOW_END_SEC].u.value.ui32 =
- ts->time[STOP].tv_sec;
- ret[NFCT_FLOW_END_SEC].flags |= ULOGD_RETF_VALID;
-
- ret[NFCT_FLOW_END_USEC].u.value.ui32 =
- ts->time[STOP].tv_usec;
- ret[NFCT_FLOW_END_USEC].flags |= ULOGD_RETF_VALID;
+ okey_set_u32(&ret[NFCT_FLOW_END_SEC],
+ ts->time[STOP].tv_sec);
+ okey_set_u32(&ret[NFCT_FLOW_END_USEC],
+ ts->time[STOP].tv_usec);
}
}
diff --git a/input/packet/ulogd_inppkt_NFLOG.c b/input/packet/ulogd_inppkt_NFLOG.c
index 39f915a..5d25eec 100644
--- a/input/packet/ulogd_inppkt_NFLOG.c
+++ b/input/packet/ulogd_inppkt_NFLOG.c
@@ -310,59 +310,43 @@ interp_packet(struct ulogd_pluginstance *upi, struct nflog_data *ldata)
u_int32_t uid;
u_int32_t gid;
- ret[NFLOG_KEY_OOB_FAMILY].u.value.ui8 = af_ce(upi->config_kset).u.value;
- ret[NFLOG_KEY_OOB_FAMILY].flags |= ULOGD_RETF_VALID;
-
- ret[NFLOG_KEY_RAW_LABEL].u.value.ui8 =
- label_ce(upi->config_kset).u.value;
- ret[NFLOG_KEY_RAW_LABEL].flags |= ULOGD_RETF_VALID;
+ okey_set_u8(&ret[NFLOG_KEY_OOB_FAMILY],
+ af_ce(upi->config_kset).u.value);
+ okey_set_u8(&ret[NFLOG_KEY_RAW_LABEL],
+ label_ce(upi->config_kset).u.value);
if (ph) {
/* FIXME */
- ret[NFLOG_KEY_OOB_HOOK].u.value.ui8 = ph->hook;
- ret[NFLOG_KEY_OOB_HOOK].flags |= ULOGD_RETF_VALID;
- ret[NFLOG_KEY_OOB_PROTOCOL].u.value.ui16 =
- ntohs(ph->hw_protocol);
- ret[NFLOG_KEY_OOB_PROTOCOL].flags |= ULOGD_RETF_VALID;
+ okey_set_u8(&ret[NFLOG_KEY_OOB_HOOK], ph->hook);
+ okey_set_u16(&ret[NFLOG_KEY_OOB_PROTOCOL],
+ ntohs(ph->hw_protocol));
}
if (nflog_get_msg_packet_hwhdrlen(ldata)) {
- ret[NFLOG_KEY_RAW_MAC].u.value.ptr =
- nflog_get_msg_packet_hwhdr(ldata);
- ret[NFLOG_KEY_RAW_MAC].flags |= ULOGD_RETF_VALID;
- ret[NFLOG_KEY_RAW_MAC_LEN].u.value.ui16 =
- nflog_get_msg_packet_hwhdrlen(ldata);
- ret[NFLOG_KEY_RAW_MAC_LEN].flags |= ULOGD_RETF_VALID;
- ret[NFLOG_KEY_RAW_TYPE].u.value.ui16 =
- nflog_get_hwtype(ldata);
- ret[NFLOG_KEY_RAW_TYPE].flags |= ULOGD_RETF_VALID;
+ okey_set_ptr(&ret[NFLOG_KEY_RAW_MAC],
+ nflog_get_msg_packet_hwhdr(ldata));
+ okey_set_u16(&ret[NFLOG_KEY_RAW_MAC_LEN],
+ nflog_get_msg_packet_hwhdrlen(ldata));
+ okey_set_u16(&ret[NFLOG_KEY_RAW_TYPE], nflog_get_hwtype(ldata));
}
if (hw) {
- ret[NFLOG_KEY_RAW_MAC_SADDR].u.value.ptr = hw->hw_addr;
- ret[NFLOG_KEY_RAW_MAC_SADDR].flags |= ULOGD_RETF_VALID;
- ret[NFLOG_KEY_RAW_MAC_ADDRLEN].u.value.ui16 =
- ntohs(hw->hw_addrlen);
- ret[NFLOG_KEY_RAW_MAC_ADDRLEN].flags |= ULOGD_RETF_VALID;
+ okey_set_ptr(&ret[NFLOG_KEY_RAW_MAC_SADDR], hw->hw_addr);
+ okey_set_u16(&ret[NFLOG_KEY_RAW_MAC_ADDRLEN],
+ ntohs(hw->hw_addrlen));
}
if (payload_len >= 0) {
/* include pointer to raw packet */
- ret[NFLOG_KEY_RAW_PCKT].u.value.ptr = payload;
- ret[NFLOG_KEY_RAW_PCKT].flags |= ULOGD_RETF_VALID;
-
- ret[NFLOG_KEY_RAW_PCKTLEN].u.value.ui32 = payload_len;
- ret[NFLOG_KEY_RAW_PCKTLEN].flags |= ULOGD_RETF_VALID;
+ okey_set_ptr(&ret[NFLOG_KEY_RAW_PCKT], payload);
+ okey_set_u32(&ret[NFLOG_KEY_RAW_PCKTLEN], payload_len);
}
/* number of packets */
- ret[NFLOG_KEY_RAW_PCKTCOUNT].u.value.ui32 = 1;
- ret[NFLOG_KEY_RAW_PCKTCOUNT].flags |= ULOGD_RETF_VALID;
+ okey_set_u32(&ret[NFLOG_KEY_RAW_PCKTCOUNT], 1);
- if (prefix) {
- ret[NFLOG_KEY_OOB_PREFIX].u.value.ptr = prefix;
- ret[NFLOG_KEY_OOB_PREFIX].flags |= ULOGD_RETF_VALID;
- }
+ if (prefix)
+ okey_set_ptr(&ret[NFLOG_KEY_OOB_PREFIX], prefix);
/* god knows why timestamp_usec contains crap if timestamp_sec
* == 0 if (pkt->timestamp_sec || pkt->timestamp_usec) { */
@@ -370,41 +354,26 @@ interp_packet(struct ulogd_pluginstance *upi, struct nflog_data *ldata)
gettimeofday(&ts, NULL);
/* FIXME: convert endianness */
- ret[NFLOG_KEY_OOB_TIME_SEC].u.value.ui32 = ts.tv_sec & 0xffffffff;
- ret[NFLOG_KEY_OOB_TIME_SEC].flags |= ULOGD_RETF_VALID;
- ret[NFLOG_KEY_OOB_TIME_USEC].u.value.ui32 = ts.tv_usec & 0xffffffff;
- ret[NFLOG_KEY_OOB_TIME_USEC].flags |= ULOGD_RETF_VALID;
+ okey_set_u32(&ret[NFLOG_KEY_OOB_TIME_SEC], ts.tv_sec & 0xffffffff);
+ okey_set_u32(&ret[NFLOG_KEY_OOB_TIME_USEC], ts.tv_usec & 0xffffffff);
- ret[NFLOG_KEY_OOB_MARK].u.value.ui32 = mark;
- ret[NFLOG_KEY_OOB_MARK].flags |= ULOGD_RETF_VALID;
+ okey_set_u32(&ret[NFLOG_KEY_OOB_MARK], mark);
- if (indev > 0) {
- ret[NFLOG_KEY_OOB_IFINDEX_IN].u.value.ui32 = indev;
- ret[NFLOG_KEY_OOB_IFINDEX_IN].flags |= ULOGD_RETF_VALID;
- }
+ if (indev > 0)
+ okey_set_u32(&ret[NFLOG_KEY_OOB_IFINDEX_IN], indev);
- if (outdev > 0) {
- ret[NFLOG_KEY_OOB_IFINDEX_OUT].u.value.ui32 = outdev;
- ret[NFLOG_KEY_OOB_IFINDEX_OUT].flags |= ULOGD_RETF_VALID;
- }
+ if (outdev > 0)
+ okey_set_u32(&ret[NFLOG_KEY_OOB_IFINDEX_OUT], outdev);
- if (nflog_get_uid(ldata, &uid) == 0) {
- ret[NFLOG_KEY_OOB_UID].u.value.ui32 = uid;
- ret[NFLOG_KEY_OOB_UID].flags |= ULOGD_RETF_VALID;
- }
- if (nflog_get_gid(ldata, &gid) == 0) {
- ret[NFLOG_KEY_OOB_GID].u.value.ui32 = gid;
- ret[NFLOG_KEY_OOB_GID].flags |= ULOGD_RETF_VALID;
- }
+ if (nflog_get_uid(ldata, &uid) == 0)
+ okey_set_u32(&ret[NFLOG_KEY_OOB_UID], uid);
+ if (nflog_get_gid(ldata, &gid) == 0)
+ okey_set_u32(&ret[NFLOG_KEY_OOB_GID], gid);
+ if (nflog_get_seq(ldata, &seq) == 0)
+ okey_set_u32(&ret[NFLOG_KEY_OOB_SEQ_LOCAL], seq);
+ if (nflog_get_seq_global(ldata, &seq) == 0)
+ okey_set_u32(&ret[NFLOG_KEY_OOB_SEQ_GLOBAL], seq);
- if (nflog_get_seq(ldata, &seq) == 0) {
- ret[NFLOG_KEY_OOB_SEQ_LOCAL].u.value.ui32 = seq;
- ret[NFLOG_KEY_OOB_SEQ_LOCAL].flags |= ULOGD_RETF_VALID;
- }
- if (nflog_get_seq_global(ldata, &seq) == 0) {
- ret[NFLOG_KEY_OOB_SEQ_GLOBAL].u.value.ui32 = seq;
- ret[NFLOG_KEY_OOB_SEQ_GLOBAL].flags |= ULOGD_RETF_VALID;
- }
ulogd_propagate_results(upi);
return 0;
}
diff --git a/input/packet/ulogd_inppkt_ULOG.c b/input/packet/ulogd_inppkt_ULOG.c
index 3fdb42e..00975de 100644
--- a/input/packet/ulogd_inppkt_ULOG.c
+++ b/input/packet/ulogd_inppkt_ULOG.c
@@ -190,54 +190,39 @@ static int interp_packet(struct ulogd_pluginstance *ip, ulog_packet_msg_t *pkt)
struct ulogd_key *ret = ip->output.keys;
if (pkt->mac_len) {
- ret[ULOG_KEY_RAW_MAC].u.value.ptr = pkt->mac;
- ret[ULOG_KEY_RAW_MAC].flags |= ULOGD_RETF_VALID;
- ret[ULOG_KEY_RAW_MAC_LEN].u.value.ui16 = pkt->mac_len;
- ret[ULOG_KEY_RAW_MAC_LEN].flags |= ULOGD_RETF_VALID;
+ okey_set_ptr(&ret[ULOG_KEY_RAW_MAC], pkt->mac);
+ okey_set_u16(&ret[ULOG_KEY_RAW_MAC_LEN], pkt->mac_len);
}
- ret[ULOG_KEY_RAW_LABEL].u.value.ui8 = ip->config_kset->ces[3].u.value;
- ret[ULOG_KEY_RAW_LABEL].flags |= ULOGD_RETF_VALID;
+ okey_set_u8(&ret[ULOG_KEY_RAW_LABEL], ip->config_kset->ces[3].u.value);
/* include pointer to raw ipv4 packet */
- ret[ULOG_KEY_RAW_PCKT].u.value.ptr = pkt->payload;
- ret[ULOG_KEY_RAW_PCKT].flags |= ULOGD_RETF_VALID;
- ret[ULOG_KEY_RAW_PCKTLEN].u.value.ui32 = pkt->data_len;
- ret[ULOG_KEY_RAW_PCKTLEN].flags |= ULOGD_RETF_VALID;
- ret[ULOG_KEY_RAW_PCKTCOUNT].u.value.ui32 = 1;
- ret[ULOG_KEY_RAW_PCKTCOUNT].flags |= ULOGD_RETF_VALID;
+ okey_set_ptr(&ret[ULOG_KEY_RAW_PCKT], pkt->payload);
+ okey_set_u32(&ret[ULOG_KEY_RAW_PCKTLEN], pkt->data_len);
+ okey_set_u32(&ret[ULOG_KEY_RAW_PCKTCOUNT], 1);
- ret[ULOG_KEY_OOB_PREFIX].u.value.ptr = pkt->prefix;
- ret[ULOG_KEY_OOB_PREFIX].flags |= ULOGD_RETF_VALID;
+ okey_set_ptr(&ret[ULOG_KEY_OOB_PREFIX], pkt->prefix);
/* god knows why timestamp_usec contains crap if timestamp_sec == 0
* if (pkt->timestamp_sec || pkt->timestamp_usec) { */
if (pkt->timestamp_sec) {
- ret[ULOG_KEY_OOB_TIME_SEC].u.value.ui32 = pkt->timestamp_sec;
- ret[ULOG_KEY_OOB_TIME_SEC].flags |= ULOGD_RETF_VALID;
- ret[ULOG_KEY_OOB_TIME_USEC].u.value.ui32 = pkt->timestamp_usec;
- ret[ULOG_KEY_OOB_TIME_USEC].flags |= ULOGD_RETF_VALID;
+ okey_set_u32(&ret[ULOG_KEY_OOB_TIME_SEC], pkt->timestamp_sec);
+ okey_set_u32(&ret[ULOG_KEY_OOB_TIME_USEC], pkt->timestamp_usec);
} else {
ret[ULOG_KEY_OOB_TIME_SEC].flags &= ~ULOGD_RETF_VALID;
ret[ULOG_KEY_OOB_TIME_USEC].flags &= ~ULOGD_RETF_VALID;
}
- ret[ULOG_KEY_OOB_MARK].u.value.ui32 = pkt->mark;
- ret[ULOG_KEY_OOB_MARK].flags |= ULOGD_RETF_VALID;
- ret[ULOG_KEY_OOB_IN].u.value.ptr = pkt->indev_name;
- ret[ULOG_KEY_OOB_IN].flags |= ULOGD_RETF_VALID;
- ret[ULOG_KEY_OOB_OUT].u.value.ptr = pkt->outdev_name;
- ret[ULOG_KEY_OOB_OUT].flags |= ULOGD_RETF_VALID;
+ okey_set_u32(&ret[ULOG_KEY_OOB_MARK], pkt->mark);
+ okey_set_ptr(&ret[ULOG_KEY_OOB_IN], pkt->indev_name);
+ okey_set_ptr(&ret[ULOG_KEY_OOB_OUT], pkt->outdev_name);
- ret[ULOG_KEY_OOB_HOOK].u.value.ui8 = pkt->hook;
- ret[ULOG_KEY_OOB_HOOK].flags |= ULOGD_RETF_VALID;
+ okey_set_u8(&ret[ULOG_KEY_OOB_HOOK], pkt->hook);
/* ULOG is IPv4 only */
- ret[ULOG_KEY_OOB_FAMILY].u.value.ui8 = AF_INET;
- ret[ULOG_KEY_OOB_FAMILY].flags |= ULOGD_RETF_VALID;
+ okey_set_u8(&ret[ULOG_KEY_OOB_FAMILY], AF_INET);
/* Undef in ULOG but necessary */
- ret[ULOG_KEY_OOB_PROTOCOL].u.value.ui16 = 0;
- ret[ULOG_KEY_OOB_PROTOCOL].flags |= ULOGD_RETF_VALID;
+ okey_set_u16(&ret[ULOG_KEY_OOB_PROTOCOL], 0);
ulogd_propagate_results(ip);
return 0;
diff --git a/output/pcap/ulogd_output_PCAP.c b/output/pcap/ulogd_output_PCAP.c
index ce4393c..09120a1 100644
--- a/output/pcap/ulogd_output_PCAP.c
+++ b/output/pcap/ulogd_output_PCAP.c
@@ -126,7 +126,6 @@ static struct ulogd_key pcap_keys[INTR_IDS] = {
{ .name = "oob.time.usec" },
};
-#define GET_VALUE(res, x) (res[x].u.source->u.value)
#define GET_FLAGS(res, x) (res[x].u.source->flags)
static int interp_pcap(struct ulogd_pluginstance *upi)
@@ -135,13 +134,13 @@ static int interp_pcap(struct ulogd_pluginstance *upi)
struct ulogd_key *res = upi->input.keys;
struct pcap_sf_pkthdr pchdr;
- pchdr.caplen = GET_VALUE(res, 2).ui32;
- pchdr.len = GET_VALUE(res, 2).ui32;
+ pchdr.caplen = ikey_get_u32(&res[2]);
+ pchdr.len = ikey_get_u32(&res[2]);
if (GET_FLAGS(res, 3) & ULOGD_RETF_VALID
&& GET_FLAGS(res, 4) & ULOGD_RETF_VALID) {
- pchdr.ts.tv_sec = GET_VALUE(res, 3).ui32;
- pchdr.ts.tv_usec = GET_VALUE(res, 4).ui32;
+ pchdr.ts.tv_sec = ikey_get_u32(&res[3]);
+ pchdr.ts.tv_usec = ikey_get_u32(&res[4]);
} else {
/* use current system time */
struct timeval tv;
@@ -156,7 +155,7 @@ static int interp_pcap(struct ulogd_pluginstance *upi)
strerror(errno));
return ULOGD_IRET_ERR;
}
- if (fwrite(GET_VALUE(res, 0).ptr, pchdr.caplen, 1, pi->of) != 1) {
+ if (fwrite(ikey_get_ptr(&res[0]), pchdr.caplen, 1, pi->of) != 1) {
ulogd_log(ULOGD_ERROR, "Error during write: %s\n",
strerror(errno));
return ULOGD_IRET_ERR;
diff --git a/output/ulogd_output_NACCT.c b/output/ulogd_output_NACCT.c
index 0ab2be4..f5296e8 100644
--- a/output/ulogd_output_NACCT.c
+++ b/output/ulogd_output_NACCT.c
@@ -125,28 +125,28 @@ nacct_interp(struct ulogd_pluginstance *pi)
/* try to be as close to nacct as possible. Instead of nacct's
'timestamp' value use 'flow.end.sec' */
- if (GET_VALUE(inp, KEY_IP_PROTO).ui8 == IPPROTO_ICMP) {
+ if (ikey_get_u8(&inp[KEY_IP_PROTO]) == IPPROTO_ICMP) {
snprintf(buf, sizeof(buf),
"%u\t%u\t%s\t%u\t%s\t%u\t%u\t%u",
- GET_VALUE(inp, KEY_FLOW_END).ui32,
- GET_VALUE(inp, KEY_IP_PROTO).ui8,
- (char *) GET_VALUE(inp, KEY_IP_SADDR).ptr,
- GET_VALUE(inp, KEY_ICMP_TYPE).ui8,
- (char *) GET_VALUE(inp, KEY_IP_DADDR).ptr,
- GET_VALUE(inp, KEY_ICMP_CODE).ui8,
- GET_VALUE(inp, KEY_RAW_PKTCNT).ui32,
- GET_VALUE(inp, KEY_RAW_PKTLEN).ui32);
+ ikey_get_u32(&inp[KEY_FLOW_END]),
+ ikey_get_u8(&inp[KEY_IP_PROTO]),
+ (char *) ikey_get_ptr(&inp[KEY_IP_SADDR]),
+ ikey_get_u8(&inp[KEY_ICMP_TYPE]),
+ (char *) ikey_get_ptr(&inp[KEY_IP_DADDR]),
+ ikey_get_u8(&inp[KEY_ICMP_CODE]),
+ ikey_get_u32(&inp[KEY_RAW_PKTCNT]),
+ ikey_get_u32(&inp[KEY_RAW_PKTLEN]));
} else {
snprintf(buf, sizeof(buf),
"%u\t%u\t%s\t%u\t%s\t%u\t%u\t%u",
- GET_VALUE(inp, KEY_FLOW_END).ui32,
- GET_VALUE(inp, KEY_IP_PROTO).ui8,
- (char *) GET_VALUE(inp, KEY_IP_SADDR).ptr,
- GET_VALUE(inp, KEY_L4_SPORT).ui16,
- (char *) GET_VALUE(inp, KEY_IP_DADDR).ptr,
- GET_VALUE(inp, KEY_L4_DPORT).ui16,
- GET_VALUE(inp, KEY_RAW_PKTCNT).ui32,
- GET_VALUE(inp, KEY_RAW_PKTLEN).ui32);
+ ikey_get_u32(&inp[KEY_FLOW_END]),
+ ikey_get_u8(&inp[KEY_IP_PROTO]),
+ (char *) ikey_get_ptr(&inp[KEY_IP_SADDR]),
+ ikey_get_u16(&inp[KEY_L4_SPORT]),
+ (char *) ikey_get_ptr(&inp[KEY_IP_DADDR]),
+ ikey_get_u16(&inp[KEY_L4_DPORT]),
+ ikey_get_u32(&inp[KEY_RAW_PKTCNT]),
+ ikey_get_u32(&inp[KEY_RAW_PKTLEN]));
}
fprintf(priv->of, "%s\n", buf);
diff --git a/util/printflow.c b/util/printflow.c
index bb3c2c4..7743a6a 100644
--- a/util/printflow.c
+++ b/util/printflow.c
@@ -139,14 +139,14 @@ int printflow_keys_num = sizeof(printflow_keys)/sizeof(*printflow_keys);
#define pp_print(buf_cur, label, res, x, type) \
if (pp_is_valid(res, x)) \
- buf_cur += sprintf(buf_cur, label"=%u ", GET_VALUE(res, x).type);
+ buf_cur += sprintf(buf_cur, label"=%u ", ikey_get_##type(&res[x]));
int printflow_print(struct ulogd_key *res, char *buf)
{
char *buf_cur = buf;
if (pp_is_valid(res, PRINTFLOW_EVENT_TYPE)) {
- switch (GET_VALUE(res, PRINTFLOW_EVENT_TYPE).ui32) {
+ switch (ikey_get_u32(&res[PRINTFLOW_EVENT_TYPE])) {
case 1:
buf_cur += sprintf(buf_cur, "[NEW] ");
break;
@@ -164,33 +164,33 @@ int printflow_print(struct ulogd_key *res, char *buf)
if (pp_is_valid(res, PRINTFLOW_ORIG_IP_SADDR))
buf_cur += sprintf(buf_cur,
"SRC=%s ",
- (char *) GET_VALUE(res, PRINTFLOW_ORIG_IP_SADDR).ptr);
+ (char *) ikey_get_ptr(&res[PRINTFLOW_ORIG_IP_SADDR]));
if (pp_is_valid(res, PRINTFLOW_ORIG_IP_DADDR))
buf_cur += sprintf(buf_cur,
"DST=%s ",
- (char *) GET_VALUE(res, PRINTFLOW_ORIG_IP_DADDR).ptr);
+ (char *) ikey_get_ptr(&res[PRINTFLOW_ORIG_IP_DADDR]));
if (!pp_is_valid(res, PRINTFLOW_ORIG_IP_PROTOCOL))
goto orig_out;
- switch (GET_VALUE(res, PRINTFLOW_ORIG_IP_PROTOCOL).ui8) {
+ switch (ikey_get_u8(&res[PRINTFLOW_ORIG_IP_PROTOCOL])) {
case IPPROTO_TCP:
buf_cur += sprintf(buf_cur, "PROTO=TCP ");
- pp_print(buf_cur, "SPT", res, PRINTFLOW_ORIG_L4_SPORT, ui16);
- pp_print(buf_cur, "DPT", res, PRINTFLOW_ORIG_L4_DPORT, ui16);
+ pp_print(buf_cur, "SPT", res, PRINTFLOW_ORIG_L4_SPORT, u16);
+ pp_print(buf_cur, "DPT", res, PRINTFLOW_ORIG_L4_DPORT, u16);
break;
case IPPROTO_UDP:
buf_cur += sprintf(buf_cur, "PROTO=UDP ");
- pp_print(buf_cur, "SPT", res, PRINTFLOW_ORIG_L4_SPORT, ui16);
- pp_print(buf_cur, "DPT", res, PRINTFLOW_ORIG_L4_DPORT, ui16);
+ pp_print(buf_cur, "SPT", res, PRINTFLOW_ORIG_L4_SPORT, u16);
+ pp_print(buf_cur, "DPT", res, PRINTFLOW_ORIG_L4_DPORT, u16);
break;
case IPPROTO_ICMP:
buf_cur += sprintf(buf_cur, "PROTO=ICMP ");
- pp_print(buf_cur, "TYPE", res, PRINTFLOW_ICMP_CODE, ui8);
- pp_print(buf_cur, "CODE", res, PRINTFLOW_ICMP_TYPE, ui8);
+ pp_print(buf_cur, "TYPE", res, PRINTFLOW_ICMP_CODE, u8);
+ pp_print(buf_cur, "CODE", res, PRINTFLOW_ICMP_TYPE, u8);
break;
case IPPROTO_ESP:
@@ -202,46 +202,46 @@ int printflow_print(struct ulogd_key *res, char *buf)
break;
default:
- pp_print(buf_cur, "PROTO", res, PRINTFLOW_ORIG_IP_PROTOCOL, ui8);
+ pp_print(buf_cur, "PROTO", res, PRINTFLOW_ORIG_IP_PROTOCOL, u8);
break;
}
orig_out:
- pp_print(buf_cur, "PKTS", res, PRINTFLOW_ORIG_RAW_PKTCOUNT, ui32);
- pp_print(buf_cur, "BYTES", res, PRINTFLOW_ORIG_RAW_PKTLEN, ui32);
+ pp_print(buf_cur, "PKTS", res, PRINTFLOW_ORIG_RAW_PKTCOUNT, u32);
+ pp_print(buf_cur, "BYTES", res, PRINTFLOW_ORIG_RAW_PKTLEN, u32);
buf_cur += sprintf(buf_cur, ", REPLY: ");
if (pp_is_valid(res, PRINTFLOW_REPLY_IP_SADDR))
buf_cur += sprintf(buf_cur,
"SRC=%s ",
- (char *) GET_VALUE(res,PRINTFLOW_REPLY_IP_SADDR).ptr);
+ (char *) ikey_get_ptr(&res[PRINTFLOW_REPLY_IP_SADDR]));
if (pp_is_valid(res, PRINTFLOW_REPLY_IP_DADDR))
buf_cur += sprintf(buf_cur,
"DST=%s ",
- (char *) GET_VALUE(res,PRINTFLOW_REPLY_IP_DADDR).ptr);
+ (char *) ikey_get_ptr(&res[PRINTFLOW_REPLY_IP_DADDR]));
if (!pp_is_valid(res, PRINTFLOW_REPLY_IP_PROTOCOL))
goto reply_out;
- switch (GET_VALUE(res, PRINTFLOW_REPLY_IP_PROTOCOL).ui8) {
+ switch (ikey_get_u8(&res[PRINTFLOW_REPLY_IP_PROTOCOL])) {
case IPPROTO_TCP:
buf_cur += sprintf(buf_cur, "PROTO=TCP ");
- pp_print(buf_cur, "SPT", res, PRINTFLOW_REPLY_L4_SPORT, ui16);
- pp_print(buf_cur, "DPT", res, PRINTFLOW_REPLY_L4_DPORT, ui16);
+ pp_print(buf_cur, "SPT", res, PRINTFLOW_REPLY_L4_SPORT, u16);
+ pp_print(buf_cur, "DPT", res, PRINTFLOW_REPLY_L4_DPORT, u16);
break;
case IPPROTO_UDP:
buf_cur += sprintf(buf_cur, "PROTO=UDP ");
- pp_print(buf_cur, "SPT", res, PRINTFLOW_REPLY_L4_SPORT, ui16);
- pp_print(buf_cur, "DPT", res, PRINTFLOW_REPLY_L4_DPORT, ui16);
+ pp_print(buf_cur, "SPT", res, PRINTFLOW_REPLY_L4_SPORT, u16);
+ pp_print(buf_cur, "DPT", res, PRINTFLOW_REPLY_L4_DPORT, u16);
break;
case IPPROTO_ICMP:
buf_cur += sprintf(buf_cur, "PROTO=ICMP ");
- pp_print(buf_cur, "TYPE", res, PRINTFLOW_ICMP_CODE, ui8);
- pp_print(buf_cur, "CODE", res, PRINTFLOW_ICMP_TYPE, ui8);
+ pp_print(buf_cur, "TYPE", res, PRINTFLOW_ICMP_CODE, u8);
+ pp_print(buf_cur, "CODE", res, PRINTFLOW_ICMP_TYPE, u8);
break;
case IPPROTO_ESP:
@@ -253,13 +253,13 @@ orig_out:
break;
default:
- pp_print(buf_cur, "PROTO", res, PRINTFLOW_REPLY_IP_PROTOCOL, ui8);
+ pp_print(buf_cur, "PROTO", res, PRINTFLOW_REPLY_IP_PROTOCOL, u8);
break;
}
reply_out:
- pp_print(buf_cur, "PKTS", res, PRINTFLOW_REPLY_RAW_PKTCOUNT, ui32);
- pp_print(buf_cur, "BYTES", res, PRINTFLOW_REPLY_RAW_PKTLEN, ui32);
+ pp_print(buf_cur, "PKTS", res, PRINTFLOW_REPLY_RAW_PKTCOUNT, u32);
+ pp_print(buf_cur, "BYTES", res, PRINTFLOW_REPLY_RAW_PKTLEN, u32);
strcat(buf_cur, "\n");
return 0;
diff --git a/util/printpkt.c b/util/printpkt.c
index 29c2ea4..2292377 100644
--- a/util/printpkt.c
+++ b/util/printpkt.c
@@ -119,38 +119,38 @@ static int printpkt_proto(struct ulogd_key *res, char *buf, int protocol)
}
buf_cur += sprintf(buf_cur, "SPT=%u DPT=%u ",
- GET_VALUE(res, KEY_TCP_SPORT).ui16,
- GET_VALUE(res, KEY_TCP_DPORT).ui16);
+ ikey_get_u16(&res[KEY_TCP_SPORT]),
+ ikey_get_u16(&res[KEY_TCP_DPORT]));
/* FIXME: config */
- buf_cur += sprintf(buf_cur, "SEQ=%u ACK=%u ",
- GET_VALUE(res, KEY_TCP_SEQ).ui32,
- GET_VALUE(res, KEY_TCP_ACKSEQ).ui32);
+ buf_cur += sprintf(buf_cur, "SEQ=%u ACK=%u ",
+ ikey_get_u32(&res[KEY_TCP_SEQ]),
+ ikey_get_u32(&res[KEY_TCP_ACKSEQ]));
buf_cur += sprintf(buf_cur, "WINDOW=%u ",
- GET_VALUE(res, KEY_TCP_WINDOW).ui16);
+ ikey_get_u16(&res[KEY_TCP_WINDOW]));
// buf_cur += sprintf(buf_cur, "RES=0x%02x ",
- if (GET_VALUE(res, KEY_TCP_URG).b)
+ if (ikey_get_u8(&res[KEY_TCP_URG]))
buf_cur += sprintf(buf_cur, "URG ");
- if (GET_VALUE(res, KEY_TCP_ACK).b)
+ if (ikey_get_u8(&res[KEY_TCP_ACK]))
buf_cur += sprintf(buf_cur, "ACK ");
- if (GET_VALUE(res, KEY_TCP_PSH).b)
+ if (ikey_get_u8(&res[KEY_TCP_PSH]))
buf_cur += sprintf(buf_cur, "PSH ");
- if (GET_VALUE(res, KEY_TCP_RST).b)
+ if (ikey_get_u8(&res[KEY_TCP_RST]))
buf_cur += sprintf(buf_cur, "RST ");
- if (GET_VALUE(res, KEY_TCP_SYN).b)
+ if (ikey_get_u8(&res[KEY_TCP_SYN]))
buf_cur += sprintf(buf_cur, "SYN ");
- if (GET_VALUE(res, KEY_TCP_FIN).b)
+ if (ikey_get_u8(&res[KEY_TCP_FIN]))
buf_cur += sprintf(buf_cur, "FIN ");
buf_cur += sprintf(buf_cur, "URGP=%u ",
- GET_VALUE(res, KEY_TCP_URGP).ui16);
+ ikey_get_u16(&res[KEY_TCP_URGP]));
break;
@@ -163,14 +163,14 @@ static int printpkt_proto(struct ulogd_key *res, char *buf, int protocol)
}
buf_cur += sprintf(buf_cur, "SPT=%u DPT=%u LEN=%u ",
- GET_VALUE(res, KEY_UDP_SPORT).ui16,
- GET_VALUE(res, KEY_UDP_DPORT).ui16,
- GET_VALUE(res, KEY_UDP_LEN).ui16);
+ ikey_get_u16(&res[KEY_UDP_SPORT]),
+ ikey_get_u16(&res[KEY_UDP_DPORT]),
+ ikey_get_u16(&res[KEY_UDP_LEN]));
break;
case IPPROTO_ESP:
case IPPROTO_AH:
buf_cur += sprintf(buf_cur, "PROTO=%s ",
- GET_VALUE(res, KEY_IP_PROTOCOL).ui8 == IPPROTO_ESP ? "ESP" : "AH");
+ ikey_get_u8(&res[KEY_IP_PROTOCOL]) == IPPROTO_ESP ? "ESP" : "AH");
if (!pp_is_valid(res, KEY_AHESP_SPI)) {
buf_cur += sprintf(buf_cur, "INCOMPLETE");
@@ -178,7 +178,7 @@ static int printpkt_proto(struct ulogd_key *res, char *buf, int protocol)
}
buf_cur += sprintf(buf_cur, "SPI=0x%x ",
- GET_VALUE(res, KEY_AHESP_SPI).ui32);
+ ikey_get_u32(&res[KEY_AHESP_SPI]));
break;
}
@@ -189,43 +189,44 @@ static int printpkt_ipv4(struct ulogd_key *res, char *buf)
{
char *buf_cur = buf;
char tmp[INET_ADDRSTRLEN];
+ u_int32_t paddr;
if (pp_is_valid(res, KEY_IP_SADDR))
buf_cur += sprintf(buf_cur, "SRC=%s ",
- (char *) GET_VALUE(res, KEY_IP_SADDR).ptr);
+ (char *) ikey_get_ptr(&res[KEY_IP_SADDR]));
if (pp_is_valid(res, KEY_IP_DADDR))
buf_cur += sprintf(buf_cur, "DST=%s ",
- (char *) GET_VALUE(res, KEY_IP_DADDR).ptr);
+ (char *) ikey_get_ptr(&res[KEY_IP_DADDR]));
/* FIXME: add pp_is_valid calls to remainder of file */
buf_cur += sprintf(buf_cur,"LEN=%u TOS=%02X PREC=0x%02X TTL=%u ID=%u ",
- GET_VALUE(res, KEY_IP_TOTLEN).ui16,
- GET_VALUE(res, KEY_IP_TOS).ui8 & IPTOS_TOS_MASK,
- GET_VALUE(res, KEY_IP_TOS).ui8 & IPTOS_PREC_MASK,
- GET_VALUE(res, KEY_IP_TTL).ui8,
- GET_VALUE(res, KEY_IP_ID).ui16);
+ ikey_get_u16(&res[KEY_IP_TOTLEN]),
+ ikey_get_u8(&res[KEY_IP_TOS]) & IPTOS_TOS_MASK,
+ ikey_get_u8(&res[KEY_IP_TOS]) & IPTOS_PREC_MASK,
+ ikey_get_u8(&res[KEY_IP_TTL]),
+ ikey_get_u16(&res[KEY_IP_ID]));
- if (GET_VALUE(res, KEY_IP_FRAGOFF).ui16 & IP_RF)
+ if (ikey_get_u16(&res[KEY_IP_FRAGOFF]) & IP_RF)
buf_cur += sprintf(buf_cur, "CE ");
- if (GET_VALUE(res, KEY_IP_FRAGOFF).ui16 & IP_DF)
+ if (ikey_get_u16(&res[KEY_IP_FRAGOFF]) & IP_DF)
buf_cur += sprintf(buf_cur, "DF ");
- if (GET_VALUE(res, KEY_IP_FRAGOFF).ui16 & IP_MF)
+ if (ikey_get_u16(&res[KEY_IP_FRAGOFF]) & IP_MF)
buf_cur += sprintf(buf_cur, "MF ");
- if (GET_VALUE(res, KEY_IP_FRAGOFF).ui16 & IP_OFFMASK)
+ if (ikey_get_u16(&res[KEY_IP_FRAGOFF]) & IP_OFFMASK)
buf_cur += sprintf(buf_cur, "FRAG:%u ",
- GET_VALUE(res, KEY_IP_FRAGOFF).ui16 & IP_OFFMASK);
+ ikey_get_u16(&res[KEY_IP_FRAGOFF]) & IP_OFFMASK);
- switch (GET_VALUE(res, KEY_IP_PROTOCOL).ui8) {
+ switch (ikey_get_u8(&res[KEY_IP_PROTOCOL])) {
case IPPROTO_TCP:
case IPPROTO_UDP:
case IPPROTO_ESP:
case IPPROTO_AH:
buf_cur += printpkt_proto(res, buf_cur,
- GET_VALUE(res, KEY_IP_PROTOCOL).ui8);
+ ikey_get_u8(&res[KEY_IP_PROTOCOL]));
break;
case IPPROTO_ICMP:
@@ -237,36 +238,37 @@ static int printpkt_ipv4(struct ulogd_key *res, char *buf)
}
buf_cur += sprintf(buf_cur, "TYPE=%u CODE=%u ",
- GET_VALUE(res, KEY_ICMP_TYPE).ui8,
- GET_VALUE(res, KEY_ICMP_CODE).ui8);
+ ikey_get_u8(&res[KEY_ICMP_TYPE]),
+ ikey_get_u8(&res[KEY_ICMP_CODE]));
- switch (GET_VALUE(res, KEY_ICMP_TYPE).ui8) {
+ switch (ikey_get_u8(&res[KEY_ICMP_CODE])) {
case ICMP_ECHO:
case ICMP_ECHOREPLY:
buf_cur += sprintf(buf_cur, "ID=%u SEQ=%u ",
- GET_VALUE(res, KEY_ICMP_ECHOID).ui16,
- GET_VALUE(res, KEY_ICMP_ECHOSEQ).ui16);
+ ikey_get_u16(&res[KEY_ICMP_ECHOID]),
+ ikey_get_u16(&res[KEY_ICMP_ECHOSEQ]));
break;
case ICMP_PARAMETERPROB:
buf_cur += sprintf(buf_cur, "PARAMETER=%u ",
- GET_VALUE(res, KEY_ICMP_GATEWAY).ui32 >> 24);
+ ikey_get_u32(&res[KEY_ICMP_GATEWAY]) >> 24);
break;
case ICMP_REDIRECT:
+ paddr = ikey_get_u32(&res[KEY_ICMP_GATEWAY]),
buf_cur += sprintf(buf_cur, "GATEWAY=%s ",
inet_ntop(AF_INET,
- &GET_VALUE(res, KEY_ICMP_GATEWAY).ui32,
+ &paddr,
tmp, sizeof(tmp)));
break;
case ICMP_DEST_UNREACH:
- if (GET_VALUE(res, KEY_ICMP_CODE).ui8 == ICMP_FRAG_NEEDED)
+ if (ikey_get_u8(&res[KEY_ICMP_CODE]) == ICMP_FRAG_NEEDED)
buf_cur += sprintf(buf_cur, "MTU=%u ",
- GET_VALUE(res, KEY_ICMP_FRAGMTU).ui16);
+ ikey_get_u16(&res[KEY_ICMP_FRAGMTU]));
break;
}
break;
default:
buf_cur += sprintf(buf_cur, "PROTO=%u ",
- GET_VALUE(res, KEY_IP_PROTOCOL).ui8);
+ ikey_get_u8(&res[KEY_IP_PROTOCOL]));
}
return buf_cur - buf;
@@ -278,41 +280,41 @@ static int printpkt_ipv6(struct ulogd_key *res, char *buf)
if (pp_is_valid(res, KEY_IP_SADDR))
buf_cur += sprintf(buf_cur, "SRC=%s ",
- (char *) GET_VALUE(res, KEY_IP_SADDR).ptr);
+ (char *) ikey_get_ptr(&res[KEY_IP_SADDR]));
if (pp_is_valid(res, KEY_IP_DADDR))
buf_cur += sprintf(buf_cur, "DST=%s ",
- (char *) GET_VALUE(res, KEY_IP_DADDR).ptr);
+ (char *) ikey_get_ptr(&res[KEY_IP_DADDR]));
if (pp_is_valid(res, KEY_IP6_PAYLOAD_LEN))
buf_cur += sprintf(buf_cur, "LEN=%Zu ",
- GET_VALUE(res, KEY_IP6_PAYLOAD_LEN).ui16 +
+ ikey_get_u16(&res[KEY_IP6_PAYLOAD_LEN]) +
sizeof(struct ip6_hdr));
if (pp_is_valid(res, KEY_IP6_PRIORITY))
buf_cur += sprintf(buf_cur, "TC=%u ",
- GET_VALUE(res, KEY_IP6_PRIORITY).ui8);
+ ikey_get_u8(&res[KEY_IP6_PRIORITY]));
if (pp_is_valid(res, KEY_IP6_HOPLIMIT))
buf_cur += sprintf(buf_cur, "HOPLIMIT=%u ",
- GET_VALUE(res, KEY_IP6_HOPLIMIT).ui8);
+ ikey_get_u8(&res[KEY_IP6_HOPLIMIT]));
if (pp_is_valid(res, KEY_IP6_FLOWLABEL))
buf_cur += sprintf(buf_cur, "FLOWLBL=%u ",
- GET_VALUE(res, KEY_IP6_FLOWLABEL).ui32);
+ ikey_get_u32(&res[KEY_IP6_FLOWLABEL]));
if (pp_is_valid(res, KEY_IP6_FRAG_OFF) && pp_is_valid(res, KEY_IP6_FRAG_ID))
buf_cur += sprintf(buf_cur, "FRAG: %u ID: %08x ",
- GET_VALUE(res, KEY_IP6_FRAG_OFF).ui16,
- GET_VALUE(res, KEY_IP6_FRAG_ID).ui32);
+ ikey_get_u16(&res[KEY_IP6_FRAG_OFF]),
+ ikey_get_u32(&res[KEY_IP6_FRAG_ID]));
- switch (GET_VALUE(res, KEY_IP6_NEXTHDR).ui8) {
+ switch (ikey_get_u8(&res[KEY_IP6_NEXTHDR])) {
case IPPROTO_TCP:
case IPPROTO_UDP:
case IPPROTO_ESP:
case IPPROTO_AH:
buf_cur += printpkt_proto(res, buf_cur,
- GET_VALUE(res, KEY_IP6_NEXTHDR).ui8);
+ ikey_get_u8(&res[KEY_IP6_NEXTHDR]));
break;
case IPPROTO_ICMPV6:
buf_cur += sprintf(buf_cur, "PROTO=ICMPv6 ");
@@ -329,15 +331,15 @@ static int printpkt_ipv6(struct ulogd_key *res, char *buf)
}
buf_cur += sprintf(buf_cur, "TYPE=%u CODE=%u ",
- GET_VALUE(res, KEY_ICMPV6_TYPE).ui8,
- GET_VALUE(res, KEY_ICMPV6_CODE).ui8);
+ ikey_get_u8(&res[KEY_ICMPV6_TYPE]),
+ ikey_get_u8(&res[KEY_ICMPV6_CODE]));
- switch (GET_VALUE(res, KEY_ICMPV6_TYPE).ui8) {
+ switch (ikey_get_u8(&res[KEY_ICMPV6_TYPE])) {
case ICMP6_ECHO_REQUEST:
case ICMP6_ECHO_REPLY:
buf_cur += sprintf(buf_cur, "ID=%u SEQ=%u ",
- GET_VALUE(res, KEY_ICMPV6_ECHOID).ui16,
- GET_VALUE(res, KEY_ICMPV6_ECHOSEQ).ui16);
+ ikey_get_u16(&res[KEY_ICMPV6_ECHOID]),
+ ikey_get_u16(&res[KEY_ICMPV6_ECHOSEQ]));
break;
}
break;
@@ -354,16 +356,16 @@ int printpkt_arp(struct ulogd_key *res, char *buf)
if (pp_is_valid(res, KEY_ARP_SPA))
buf_cur += sprintf(buf_cur, "SRC=%s ",
- (char *) GET_VALUE(res, KEY_ARP_SPA).ptr);
+ (char *) ikey_get_ptr(&res[KEY_ARP_SPA]));
if (pp_is_valid(res, KEY_ARP_TPA))
buf_cur += sprintf(buf_cur, "DST=%s ",
- (char *) GET_VALUE(res, KEY_ARP_TPA).ptr);
+ (char *) ikey_get_ptr(&res[KEY_ARP_TPA]));
buf_cur += sprintf(buf_cur, "PROTO=ARP ");
if (pp_is_valid(res, KEY_ARP_OPCODE)) {
- code = GET_VALUE(res, KEY_ARP_OPCODE).ui16;
+ code = ikey_get_u16(&res[KEY_ARP_OPCODE]);
switch (code) {
case ARPOP_REQUEST:
buf_cur += sprintf(buf_cur, "REQUEST ");
@@ -379,7 +381,7 @@ int printpkt_arp(struct ulogd_key *res, char *buf)
}
if (pp_is_valid(res, KEY_ARP_SHA) && (code == ARPOP_REPLY)) {
- mac = GET_VALUE(res, KEY_ARP_SHA).ptr;
+ mac = ikey_get_ptr(&res[KEY_ARP_SHA]);
buf_cur += sprintf(buf_cur, "REPLY_MAC="
"%02x:%02x:%02x:%02x:%02x:%02x ",
mac[0], mac[1], mac[2],
@@ -395,7 +397,7 @@ int printpkt_bridge(struct ulogd_key *res, char *buf)
{
char *buf_cur = buf;
- switch (GET_VALUE(res, KEY_OOB_PROTOCOL).ui16) {
+ switch (ikey_get_u16(&res[KEY_OOB_PROTOCOL])) {
case ETH_P_IP:
buf_cur += printpkt_ipv4(res, buf_cur);
break;
@@ -407,7 +409,7 @@ int printpkt_bridge(struct ulogd_key *res, char *buf)
break;
default:
buf_cur += sprintf(buf_cur, "PROTO=%u ",
- GET_VALUE(res, KEY_OOB_PROTOCOL).ui16);
+ ikey_get_u16(&res[KEY_OOB_PROTOCOL]));
}
return buf_cur - buf;
@@ -419,17 +421,17 @@ int printpkt_print(struct ulogd_key *res, char *buf)
if (pp_is_valid(res, KEY_OOB_PREFIX))
buf_cur += sprintf(buf_cur, "%s ",
- (char *) GET_VALUE(res, KEY_OOB_PREFIX).ptr);
+ (char *) ikey_get_ptr(&res[KEY_OOB_PREFIX]));
if (pp_is_valid(res, KEY_OOB_IN) && pp_is_valid(res, KEY_OOB_OUT))
buf_cur += sprintf(buf_cur, "IN=%s OUT=%s ",
- (char *) GET_VALUE(res, KEY_OOB_IN).ptr,
- (char *) GET_VALUE(res, KEY_OOB_OUT).ptr);
+ (char *) ikey_get_ptr(&res[KEY_OOB_IN]),
+ (char *) ikey_get_ptr(&res[KEY_OOB_OUT]));
/* FIXME: configurable */
if (pp_is_valid(res, KEY_RAW_MAC)) {
- unsigned char *mac = (unsigned char *) GET_VALUE(res, KEY_RAW_MAC).ptr;
- int i, len = GET_VALUE(res, KEY_RAW_MACLEN).ui16;
+ unsigned char *mac = (unsigned char *) ikey_get_ptr(&res[KEY_RAW_MAC]);
+ int i, len = ikey_get_u16(&res[KEY_RAW_MACLEN]);
buf_cur += sprintf(buf_cur, "MAC=");
for (i = 0; i < len; i++)
@@ -438,7 +440,7 @@ int printpkt_print(struct ulogd_key *res, char *buf)
} else
buf_cur += sprintf(buf_cur, "MAC= ");
- switch (GET_VALUE(res, KEY_OOB_FAMILY).ui8) {
+ switch (ikey_get_u8(&res[KEY_OOB_FAMILY])) {
case AF_INET:
buf_cur += printpkt_ipv4(res, buf_cur);
break;
@@ -452,13 +454,13 @@ int printpkt_print(struct ulogd_key *res, char *buf)
if (pp_is_valid(res, KEY_OOB_UID))
buf_cur += sprintf(buf_cur, "UID=%u ",
- GET_VALUE(res, KEY_OOB_UID).ui32);
+ ikey_get_u32(&res[KEY_OOB_UID]));
if (pp_is_valid(res, KEY_OOB_GID))
buf_cur += sprintf(buf_cur, "GID=%u ",
- GET_VALUE(res, KEY_OOB_GID).ui32);
+ ikey_get_u32(&res[KEY_OOB_GID]));
if (pp_is_valid(res, KEY_OOB_MARK))
buf_cur += sprintf(buf_cur, "MARK=%x ",
- GET_VALUE(res, KEY_OOB_MARK).ui32);
+ ikey_get_u32(&res[KEY_OOB_MARK]));
strcat(buf_cur, "\n");
--
1.5.6.3
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [ULOGD2 PATCH 02/18] Modify usage of nflog_bind_pf function.
2008-12-01 21:35 [ULOGD2 PATCH 0/18] Code cleaning, SCTP support, NFLOG logic fix Eric Leblond
2008-12-01 21:35 ` [ULOGD2 PATCH 01/18] add ukey_* function for key assignation Eric Leblond
@ 2008-12-01 21:36 ` Eric Leblond
2008-12-01 21:36 ` [ULOGD2 PATCH 03/18] Get rid of addressfamily variable in NFLOG input plugin Eric Leblond
` (16 subsequent siblings)
18 siblings, 0 replies; 20+ messages in thread
From: Eric Leblond @ 2008-12-01 21:36 UTC (permalink / raw)
To: netfilter-devel; +Cc: pablo, Eric Leblond
The nflog_bind_pf function was called for each NFLOG instance. This patch
modifies the behaviour to have it call if and only if the nfgroup is set
to 0. As the kernel uses only the 0 group to output subsystem messages,
this change clarify the situation.
Signed-off-by: Eric Leblond <eric@inl.fr>
---
input/packet/ulogd_inppkt_NFLOG.c | 52 ++++++++++++++++++++++--------------
1 files changed, 32 insertions(+), 20 deletions(-)
diff --git a/input/packet/ulogd_inppkt_NFLOG.c b/input/packet/ulogd_inppkt_NFLOG.c
index 5d25eec..647b61c 100644
--- a/input/packet/ulogd_inppkt_NFLOG.c
+++ b/input/packet/ulogd_inppkt_NFLOG.c
@@ -463,6 +463,33 @@ static int configure(struct ulogd_pluginstance *upi,
return 0;
}
+static int become_system_logging(struct ulogd_pluginstance *upi)
+{
+ struct nflog_input *ui = (struct nflog_input *) upi->private;
+
+ if (unbind_ce(upi->config_kset).u.value > 0) {
+ ulogd_log(ULOGD_NOTICE, "forcing unbind of existing log "
+ "handler for protocol %d\n",
+ af_ce(upi->config_kset).u.value);
+ if (nflog_unbind_pf(ui->nful_h,
+ af_ce(upi->config_kset).u.value) < 0) {
+ ulogd_log(ULOGD_ERROR, "unable to force-unbind "
+ "existing log handler for protocol %d\n",
+ af_ce(upi->config_kset).u.value);
+ return -1;
+ }
+ }
+
+ ulogd_log(ULOGD_DEBUG, "binding to protocol family %d\n",
+ af_ce(upi->config_kset).u.value);
+ if (nflog_bind_pf(ui->nful_h, af_ce(upi->config_kset).u.value) < 0) {
+ ulogd_log(ULOGD_ERROR, "unable to bind to protocol family %d\n",
+ af_ce(upi->config_kset).u.value);
+ return -1;
+ }
+ return 0;
+}
+
static int start(struct ulogd_pluginstance *upi)
{
struct nflog_input *ui = (struct nflog_input *) upi->private;
@@ -477,25 +504,10 @@ static int start(struct ulogd_pluginstance *upi)
if (!ui->nful_h)
goto out_handle;
- if (unbind_ce(upi->config_kset).u.value > 0) {
- ulogd_log(ULOGD_NOTICE, "forcing unbind of existing log "
- "handler for protocol %d\n",
- af_ce(upi->config_kset).u.value);
- if (nflog_unbind_pf(ui->nful_h,
- af_ce(upi->config_kset).u.value) < 0) {
- ulogd_log(ULOGD_ERROR, "unable to force-unbind "
- "existing log handler for protocol %d\n",
- af_ce(upi->config_kset).u.value);
+ /* This is the system logging (conntrack, ...) facility */
+ if (group_ce(upi->config_kset).u.value == 0) {
+ if (become_system_logging(upi) == -1)
goto out_handle;
- }
- }
-
- ulogd_log(ULOGD_DEBUG, "binding to protocol family %d\n",
- af_ce(upi->config_kset).u.value);
- if (nflog_bind_pf(ui->nful_h, af_ce(upi->config_kset).u.value) < 0) {
- ulogd_log(ULOGD_ERROR, "unable to bind to protocol family %d\n",
- af_ce(upi->config_kset).u.value);
- goto out_bind_pf;
}
ulogd_log(ULOGD_DEBUG, "binding to log group %d\n",
@@ -542,8 +554,8 @@ static int start(struct ulogd_pluginstance *upi)
out_bind:
nflog_close(ui->nful_h);
-out_bind_pf:
- nflog_unbind_pf(ui->nful_h, af_ce(upi->config_kset).u.value);
+ if (group_ce(upi->config_kset).u.value == 0)
+ nflog_unbind_pf(ui->nful_h, af_ce(upi->config_kset).u.value);
out_handle:
free(ui->nfulog_buf);
out_buf:
--
1.5.6.3
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [ULOGD2 PATCH 03/18] Get rid of addressfamily variable in NFLOG input plugin
2008-12-01 21:35 [ULOGD2 PATCH 0/18] Code cleaning, SCTP support, NFLOG logic fix Eric Leblond
2008-12-01 21:35 ` [ULOGD2 PATCH 01/18] add ukey_* function for key assignation Eric Leblond
2008-12-01 21:36 ` [ULOGD2 PATCH 02/18] Modify usage of nflog_bind_pf function Eric Leblond
@ 2008-12-01 21:36 ` Eric Leblond
2008-12-01 21:36 ` [ULOGD2 PATCH 04/18] Document group 0 usage and suppress address_family Eric Leblond
` (15 subsequent siblings)
18 siblings, 0 replies; 20+ messages in thread
From: Eric Leblond @ 2008-12-01 21:36 UTC (permalink / raw)
To: netfilter-devel; +Cc: pablo, Eric Leblond
The addressfamily configuration variable for NFLOG is used as param
for nflog_bind_pf. This function is used to claim the fetching of
kernel message sent via nf_log_packet() function.
As all kernel messages are sent to the group 0, it is useless to
call nflog_bind_pf when nflog group of the input plugin is not 0.
Furthermore, as only one plugin can be bound to nflog group 0, it
is mandatory to call nflog_bind_pf for all pf family when the group
is 0.
To sum up, this patch suppress the adressfamily parameter (which
simplify the configuration file) and call nflog_bind_pf for all
pf family when the nflog group of the instance is 0.
Signed-off-by: Eric Leblond <eric@inl.fr>
---
input/packet/ulogd_inppkt_NFLOG.c | 59 ++++++++++++++++++-------------------
1 files changed, 29 insertions(+), 30 deletions(-)
diff --git a/input/packet/ulogd_inppkt_NFLOG.c b/input/packet/ulogd_inppkt_NFLOG.c
index 647b61c..e27355d 100644
--- a/input/packet/ulogd_inppkt_NFLOG.c
+++ b/input/packet/ulogd_inppkt_NFLOG.c
@@ -46,12 +46,6 @@ static struct config_keyset libulog_kset = {
.u.value = NFLOG_GROUP_DEFAULT,
},
{
- .key = "addressfamily",
- .type = CONFIG_TYPE_INT,
- .options = CONFIG_OPT_NONE,
- .u.value = AF_INET,
- },
- {
.key = "unbind",
.type = CONFIG_TYPE_INT,
.options = CONFIG_OPT_NONE,
@@ -92,13 +86,12 @@ static struct config_keyset libulog_kset = {
#define bufsiz_ce(x) (x->ces[0])
#define group_ce(x) (x->ces[1])
-#define af_ce(x) (x->ces[2])
-#define unbind_ce(x) (x->ces[3])
-#define seq_ce(x) (x->ces[4])
-#define seq_global_ce(x) (x->ces[5])
-#define label_ce(x) (x->ces[6])
-#define nlsockbufsize_ce(x) (x->ces[7])
-#define nlsockbufmaxsize_ce(x) (x->ces[8])
+#define unbind_ce(x) (x->ces[2])
+#define seq_ce(x) (x->ces[3])
+#define seq_global_ce(x) (x->ces[4])
+#define label_ce(x) (x->ces[5])
+#define nlsockbufsize_ce(x) (x->ces[6])
+#define nlsockbufmaxsize_ce(x) (x->ces[7])
enum nflog_keys {
NFLOG_KEY_RAW_MAC = 0,
@@ -293,7 +286,8 @@ static struct ulogd_key output_keys[] = {
};
static inline int
-interp_packet(struct ulogd_pluginstance *upi, struct nflog_data *ldata)
+interp_packet(struct ulogd_pluginstance *upi, u_int8_t pf_family,
+ struct nflog_data *ldata)
{
struct ulogd_key *ret = upi->output.keys;
@@ -311,7 +305,7 @@ interp_packet(struct ulogd_pluginstance *upi, struct nflog_data *ldata)
u_int32_t gid;
okey_set_u8(&ret[NFLOG_KEY_OOB_FAMILY],
- af_ce(upi->config_kset).u.value);
+ pf_family);
okey_set_u8(&ret[NFLOG_KEY_RAW_LABEL],
label_ce(upi->config_kset).u.value);
@@ -446,11 +440,11 @@ static int msg_cb(struct nflog_g_handle *gh, struct nfgenmsg *nfmsg,
/* since we support the re-use of one instance in several
* different stacks, we duplicate the message to let them know */
llist_for_each_entry(npi, &upi->plist, plist) {
- ret = interp_packet(npi, nfa);
+ ret = interp_packet(npi, nfmsg->nfgen_family, nfa);
if (ret != 0)
return ret;
}
- return interp_packet(upi, nfa);
+ return interp_packet(upi, nfmsg->nfgen_family, nfa);
}
static int configure(struct ulogd_pluginstance *upi,
@@ -463,28 +457,26 @@ static int configure(struct ulogd_pluginstance *upi,
return 0;
}
-static int become_system_logging(struct ulogd_pluginstance *upi)
+static int become_system_logging(struct ulogd_pluginstance *upi, u_int8_t pf)
{
struct nflog_input *ui = (struct nflog_input *) upi->private;
if (unbind_ce(upi->config_kset).u.value > 0) {
ulogd_log(ULOGD_NOTICE, "forcing unbind of existing log "
"handler for protocol %d\n",
- af_ce(upi->config_kset).u.value);
- if (nflog_unbind_pf(ui->nful_h,
- af_ce(upi->config_kset).u.value) < 0) {
+ pf);
+ if (nflog_unbind_pf(ui->nful_h, pf) < 0) {
ulogd_log(ULOGD_ERROR, "unable to force-unbind "
"existing log handler for protocol %d\n",
- af_ce(upi->config_kset).u.value);
+ pf);
return -1;
}
}
- ulogd_log(ULOGD_DEBUG, "binding to protocol family %d\n",
- af_ce(upi->config_kset).u.value);
- if (nflog_bind_pf(ui->nful_h, af_ce(upi->config_kset).u.value) < 0) {
- ulogd_log(ULOGD_ERROR, "unable to bind to protocol family %d\n",
- af_ce(upi->config_kset).u.value);
+ ulogd_log(ULOGD_DEBUG, "binding to protocol family %d\n", pf);
+ if (nflog_bind_pf(ui->nful_h, pf) < 0) {
+ ulogd_log(ULOGD_ERROR, "unable to bind to"
+ " protocol family %d\n", pf);
return -1;
}
return 0;
@@ -506,7 +498,11 @@ static int start(struct ulogd_pluginstance *upi)
/* This is the system logging (conntrack, ...) facility */
if (group_ce(upi->config_kset).u.value == 0) {
- if (become_system_logging(upi) == -1)
+ if (become_system_logging(upi, AF_INET) == -1)
+ goto out_handle;
+ if (become_system_logging(upi, AF_INET6) == -1)
+ goto out_handle;
+ if (become_system_logging(upi, AF_BRIDGE) == -1)
goto out_handle;
}
@@ -554,8 +550,11 @@ static int start(struct ulogd_pluginstance *upi)
out_bind:
nflog_close(ui->nful_h);
- if (group_ce(upi->config_kset).u.value == 0)
- nflog_unbind_pf(ui->nful_h, af_ce(upi->config_kset).u.value);
+ if (group_ce(upi->config_kset).u.value == 0) {
+ nflog_unbind_pf(ui->nful_h, AF_INET);
+ nflog_unbind_pf(ui->nful_h, AF_INET6);
+ nflog_unbind_pf(ui->nful_h, AF_BRIDGE);
+ }
out_handle:
free(ui->nfulog_buf);
out_buf:
--
1.5.6.3
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [ULOGD2 PATCH 04/18] Document group 0 usage and suppress address_family
2008-12-01 21:35 [ULOGD2 PATCH 0/18] Code cleaning, SCTP support, NFLOG logic fix Eric Leblond
` (2 preceding siblings ...)
2008-12-01 21:36 ` [ULOGD2 PATCH 03/18] Get rid of addressfamily variable in NFLOG input plugin Eric Leblond
@ 2008-12-01 21:36 ` Eric Leblond
2008-12-01 21:36 ` [ULOGD2 PATCH 05/18] Add SCTP support to BASE plugin Eric Leblond
` (14 subsequent siblings)
18 siblings, 0 replies; 20+ messages in thread
From: Eric Leblond @ 2008-12-01 21:36 UTC (permalink / raw)
To: netfilter-devel; +Cc: pablo, Eric Leblond
Document the fact that group 0 is used by system logging and
update stack and plugin definition to match the suppression
of the address_family variable.
Signed-off-by: Eric Leblond <eric@inl.fr>
---
ulogd.conf.in | 37 ++++++++++++++++++++-----------------
1 files changed, 20 insertions(+), 17 deletions(-)
diff --git a/ulogd.conf.in b/ulogd.conf.in
index e24e6b6..a48af3f 100644
--- a/ulogd.conf.in
+++ b/ulogd.conf.in
@@ -45,20 +45,17 @@ plugin="@libdir@/ulogd/ulogd_output_SYSLOG.so"
#plugin="@libdir@/ulogd/ulogd_output_DBI.so"
plugin="@libdir@/ulogd/ulogd_raw2packet_BASE.so"
-# this is a stack for IPv4 packet-based logging via LOGEMU
+# this is a stack for logging packet send by system via LOGEMU
#stack=log1:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
-# this is a stack for IPv6 packet-based logging via LOGEMU
+# this is a stack for packet-based logging via LOGEMU
#stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
-# this is a stack for ebtables packet-based logging via LOGEMU
-#stack=log3:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
-
# this is a stack for ULOG packet-based logging via LOGEMU
#stack=ulog1:ULOG,base1:BASE,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
-# this is a stack for IPv4 packet-based logging via LOGEMU with filtering on MARK
-#stack=log1:NFLOG,mark1:MARK,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
+# this is a stack for packet-based logging via LOGEMU with filtering on MARK
+#stack=log2:NFLOG,mark1:MARK,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
# this is a stack for flow-based logging via LOGEMU
#stack=ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,emu1:LOGEMU
@@ -67,15 +64,15 @@ plugin="@libdir@/ulogd/ulogd_raw2packet_BASE.so"
#stack=ct1:NFCT,op1:OPRINT
# this is a stack for NFLOG packet-based logging to PCAP
-#stack=log1:NFLOG,base1:BASE,pcap1:PCAP
+#stack=log2:NFLOG,base1:BASE,pcap1:PCAP
# this is a stack for logging packet to MySQL
-#stack=log1:NFLOG,base1:BASE,ifi1:IFINDEX,ip2bin1:IP2BIN,mac2str1:MAC2STR,mysql1:MYSQL
+#stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2bin1:IP2BIN,mac2str1:MAC2STR,mysql1:MYSQL
-# this is a stack for logging IPv6 packet to PGsql after a collect via NFLOG
+# this is a stack for logging packet to PGsql after a collect via NFLOG
#stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,mac2str1:MAC2STR,pgsql1:PGSQL
-# this is a stack for logging ebtables packets to syslog after a collect via NFLOG
+# this is a stack for logging packets to syslog after a collect via NFLOG
#stack=log3:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,sys1:SYSLOG
# this is a stack for flow-based logging to MySQL
@@ -100,23 +97,29 @@ plugin="@libdir@/ulogd/ulogd_raw2packet_BASE.so"
#netlink_socket_buffer_maxsize=1085440
hash_enable=0
-# IPv4 logging through NFLOG
+# Logging of system packet through NFLOG
[log1]
# netlink multicast group (the same as the iptables --nflog-group param)
+# Group O is used by the kernel to log connection tracking invalid message
group=0
#netlink_socket_buffer_size=217088
#netlink_socket_buffer_maxsize=1085440
-# IPv6 logging through NFLOG
+# packet logging through NFLOG for group 1
[log2]
+# netlink multicast group (the same as the iptables --nflog-group param)
group=1 # Group has to be different from the one use in log1
-addressfamily=10 # 10 is value of AF_INET6
-numeric_label=1 # you can label the log info based on the packet verdict
+#netlink_socket_buffer_size=217088
+#netlink_socket_buffer_maxsize=1085440
-# ebtables logging through NFLOG
+# packet logging through NFLOG for group 2, numeric_label is
+# set to 1
[log3]
+# netlink multicast group (the same as the iptables --nflog-group param)
group=2 # Group has to be different from the one use in log1/log2
-addressfamily=7 # 7 is value of AF_BRIDGE
+numeric_label=1 # you can label the log info based on the packet verdict
+#netlink_socket_buffer_size=217088
+#netlink_socket_buffer_maxsize=1085440
[ulog1]
# netlink multicast group (the same as the iptables --ulog-nlgroup param)
--
1.5.6.3
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [ULOGD2 PATCH 05/18] Add SCTP support to BASE plugin.
2008-12-01 21:35 [ULOGD2 PATCH 0/18] Code cleaning, SCTP support, NFLOG logic fix Eric Leblond
` (3 preceding siblings ...)
2008-12-01 21:36 ` [ULOGD2 PATCH 04/18] Document group 0 usage and suppress address_family Eric Leblond
@ 2008-12-01 21:36 ` Eric Leblond
2008-12-01 21:36 ` [ULOGD2 PATCH 06/18] SCTP support for PRINTPKT Eric Leblond
` (13 subsequent siblings)
18 siblings, 0 replies; 20+ messages in thread
From: Eric Leblond @ 2008-12-01 21:36 UTC (permalink / raw)
To: netfilter-devel; +Cc: pablo, Eric Leblond
THis patch adds basic support for SCTP in the BASE plugin.
Signed-off-by: Eric Leblond <eric@inl.fr>
---
filter/raw2packet/ulogd_raw2packet_BASE.c | 53 +++++++++++++++++++++++++++++
1 files changed, 53 insertions(+), 0 deletions(-)
diff --git a/filter/raw2packet/ulogd_raw2packet_BASE.c b/filter/raw2packet/ulogd_raw2packet_BASE.c
index c38c696..584d1c4 100644
--- a/filter/raw2packet/ulogd_raw2packet_BASE.c
+++ b/filter/raw2packet/ulogd_raw2packet_BASE.c
@@ -113,6 +113,10 @@ enum output_keys {
KEY_ARP_SPA,
KEY_ARP_THA,
KEY_ARP_TPA,
+ KEY_SCTP_SPORT,
+ KEY_SCTP_DPORT,
+ KEY_SCTP_CSUM,
+
};
static struct ulogd_key iphdr_rets[] = {
@@ -507,6 +511,21 @@ static struct ulogd_key iphdr_rets[] = {
.flags = ULOGD_RETF_NONE,
.name = "arp.daddr",
},
+ [KEY_SCTP_SPORT] = {
+ .type = ULOGD_RET_UINT16,
+ .flags = ULOGD_RETF_NONE,
+ .name = "sctp.sport",
+ },
+ [KEY_SCTP_DPORT] = {
+ .type = ULOGD_RET_UINT16,
+ .flags = ULOGD_RETF_NONE,
+ .name = "sctp.dport",
+ },
+ [KEY_SCTP_CSUM] = {
+ .type = ULOGD_RET_UINT32,
+ .flags = ULOGD_RETF_NONE,
+ .name = "sctp.csum",
+ },
};
/***********************************************************************
@@ -566,6 +585,37 @@ static int _interp_udp(struct ulogd_pluginstance *pi, struct udphdr *udph,
}
/***********************************************************************
+ * SCTP HEADER
+ ***********************************************************************/
+
+/* Section 3.1. SCTP Common Header Format */
+typedef struct sctphdr {
+ __be16 source;
+ __be16 dest;
+ __be32 vtag;
+ __be32 checksum;
+} __attribute__((packed)) sctp_sctphdr_t;
+
+static int _interp_sctp(struct ulogd_pluginstance *pi, struct sctphdr *sctph,
+ u_int32_t len)
+
+{
+ struct ulogd_key *ret = pi->output.keys;
+
+ if (len < sizeof(struct sctphdr))
+ return ULOGD_IRET_OK;
+
+ ret[KEY_SCTP_SPORT].u.value.ui16 = ntohs(sctph->source);
+ ret[KEY_SCTP_SPORT].flags |= ULOGD_RETF_VALID;
+ ret[KEY_SCTP_DPORT].u.value.ui16 = ntohs(sctph->dest);
+ ret[KEY_SCTP_DPORT].flags |= ULOGD_RETF_VALID;
+ ret[KEY_SCTP_CSUM].u.value.ui32 = ntohl(sctph->checksum);
+ ret[KEY_SCTP_CSUM].flags |= ULOGD_RETF_VALID;
+
+ return ULOGD_IRET_OK;
+}
+
+/***********************************************************************
* ICMP HEADER
***********************************************************************/
@@ -688,6 +738,9 @@ static int _interp_iphdr(struct ulogd_pluginstance *pi, u_int32_t len)
case IPPROTO_ICMP:
_interp_icmp(pi, nexthdr, len);
break;
+ case IPPROTO_SCTP:
+ _interp_sctp(pi, nexthdr, len);
+ break;
case IPPROTO_AH:
case IPPROTO_ESP:
_interp_ahesp(pi, nexthdr, len);
--
1.5.6.3
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [ULOGD2 PATCH 06/18] SCTP support for PRINTPKT.
2008-12-01 21:35 [ULOGD2 PATCH 0/18] Code cleaning, SCTP support, NFLOG logic fix Eric Leblond
` (4 preceding siblings ...)
2008-12-01 21:36 ` [ULOGD2 PATCH 05/18] Add SCTP support to BASE plugin Eric Leblond
@ 2008-12-01 21:36 ` Eric Leblond
2008-12-01 21:36 ` [ULOGD2 PATCH 07/18] Add SCTP support to MySQL and PGSQL output Eric Leblond
` (12 subsequent siblings)
18 siblings, 0 replies; 20+ messages in thread
From: Eric Leblond @ 2008-12-01 21:36 UTC (permalink / raw)
To: netfilter-devel; +Cc: pablo, Eric Leblond
This patch modifies PRINTPKT plugin to add SCTP support.
Signed-off-by: Eric Leblond <eric@inl.fr>
---
include/ulogd/printpkt.h | 2 ++
util/printpkt.c | 17 ++++++++++++++++-
2 files changed, 18 insertions(+), 1 deletions(-)
diff --git a/include/ulogd/printpkt.h b/include/ulogd/printpkt.h
index 6207d5b..a11ce4a 100644
--- a/include/ulogd/printpkt.h
+++ b/include/ulogd/printpkt.h
@@ -61,6 +61,8 @@ enum pkt_keys {
KEY_ARP_SPA,
KEY_ARP_THA,
KEY_ARP_TPA,
+ KEY_SCTP_SPORT,
+ KEY_SCTP_DPORT,
__PRINTPKT_KEYS
};
#define PRINTPKT_KEYS (__PRINTPKT_KEYS)
diff --git a/util/printpkt.c b/util/printpkt.c
index 2292377..5250792 100644
--- a/util/printpkt.c
+++ b/util/printpkt.c
@@ -102,7 +102,8 @@ struct ulogd_key printpkt_keys[] = {
[KEY_ARP_SPA] = { .name = "arp.saddr.str", },
[KEY_ARP_THA] = { .name = "arp.dhwaddr", },
[KEY_ARP_TPA] = { .name = "arp.daddr.str", },
-
+ [KEY_SCTP_SPORT] = { .name = "sctp.sport", },
+ [KEY_SCTP_DPORT] = { .name = "sctp.dport", },
};
static int printpkt_proto(struct ulogd_key *res, char *buf, int protocol)
@@ -167,6 +168,18 @@ static int printpkt_proto(struct ulogd_key *res, char *buf, int protocol)
ikey_get_u16(&res[KEY_UDP_DPORT]),
ikey_get_u16(&res[KEY_UDP_LEN]));
break;
+ case IPPROTO_SCTP:
+ buf_cur += sprintf(buf_cur, "PROTO=SCTP ");
+
+ if (!pp_is_valid(res, KEY_SCTP_SPORT)) {
+ buf_cur += sprintf(buf_cur, "INCOMPLETE");
+ break;
+ }
+
+ buf_cur += sprintf(buf_cur, "SPT=%u DPT=%u ",
+ ikey_get_u16(&res[KEY_SCTP_SPORT]),
+ ikey_get_u16(&res[KEY_SCTP_DPORT]));
+ break;
case IPPROTO_ESP:
case IPPROTO_AH:
buf_cur += sprintf(buf_cur, "PROTO=%s ",
@@ -223,6 +236,7 @@ static int printpkt_ipv4(struct ulogd_key *res, char *buf)
switch (ikey_get_u8(&res[KEY_IP_PROTOCOL])) {
case IPPROTO_TCP:
case IPPROTO_UDP:
+ case IPPROTO_SCTP:
case IPPROTO_ESP:
case IPPROTO_AH:
buf_cur += printpkt_proto(res, buf_cur,
@@ -311,6 +325,7 @@ static int printpkt_ipv6(struct ulogd_key *res, char *buf)
switch (ikey_get_u8(&res[KEY_IP6_NEXTHDR])) {
case IPPROTO_TCP:
case IPPROTO_UDP:
+ case IPPROTO_SCTP:
case IPPROTO_ESP:
case IPPROTO_AH:
buf_cur += printpkt_proto(res, buf_cur,
--
1.5.6.3
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [ULOGD2 PATCH 07/18] Add SCTP support to MySQL and PGSQL output.
2008-12-01 21:35 [ULOGD2 PATCH 0/18] Code cleaning, SCTP support, NFLOG logic fix Eric Leblond
` (5 preceding siblings ...)
2008-12-01 21:36 ` [ULOGD2 PATCH 06/18] SCTP support for PRINTPKT Eric Leblond
@ 2008-12-01 21:36 ` Eric Leblond
2008-12-01 21:36 ` [ULOGD2 PATCH 08/18] Treat nice function return Eric Leblond
` (11 subsequent siblings)
18 siblings, 0 replies; 20+ messages in thread
From: Eric Leblond @ 2008-12-01 21:36 UTC (permalink / raw)
To: netfilter-devel; +Cc: pablo, Eric Leblond
This patch adds support for SCTP in the MySQL and PGSQL
output plugins. It adds a dedicated SCTP table and modifies
the insert_packet_full procedure.
Signed-off-by: Eric Leblond <eric@inl.fr>
---
doc/mysql-ulogd2.sql | 43 ++++++++++++++++++++++++++++++++++++++++---
doc/pgsql-ulogd2.sql | 41 +++++++++++++++++++++++++++++++++++++++--
2 files changed, 79 insertions(+), 5 deletions(-)
diff --git a/doc/mysql-ulogd2.sql b/doc/mysql-ulogd2.sql
index f1fc710..0c2973d 100644
--- a/doc/mysql-ulogd2.sql
+++ b/doc/mysql-ulogd2.sql
@@ -31,6 +31,7 @@ DROP TABLE IF EXISTS `mac`;
DROP TABLE IF EXISTS `hwhdr`;
DROP TABLE IF EXISTS `tcp`;
DROP TABLE IF EXISTS `udp`;
+DROP TABLE IF EXISTS `sctp`;
DROP TABLE IF EXISTS `icmp`;
DROP TABLE IF EXISTS `icmpv6`;
DROP TABLE IF EXISTS `nufw`;
@@ -128,6 +129,19 @@ ALTER TABLE udp ADD KEY `index_udp_id` (`_udp_id`);
ALTER TABLE udp ADD KEY `udp_sport` (`udp_sport`);
ALTER TABLE udp ADD KEY `udp_dport` (`udp_dport`);
+CREATE TABLE `sctp` (
+ `_sctp_id` bigint unsigned NOT NULL,
+ `sctp_sport` int(5) unsigned default NULL,
+ `sctp_dport` int(5) unsigned default NULL,
+ `sctp_csum` int(5) unsigned default NULL
+) ENGINE=INNODB;
+
+ALTER TABLE sctp ADD UNIQUE KEY `_sctp_id` (`_sctp_id`);
+ALTER TABLE sctp ADD KEY `index_sctp_id` (`_sctp_id`);
+ALTER TABLE sctp ADD KEY `sctp_sport` (`sctp_sport`);
+ALTER TABLE sctp ADD KEY `sctp_dport` (`sctp_dport`);
+
+
CREATE TABLE `icmp` (
`_icmp_id` bigint unsigned NOT NULL,
`icmp_type` tinyint(3) unsigned default NULL,
@@ -231,10 +245,14 @@ CREATE SQL SECURITY INVOKER VIEW `ulog` AS
mac_saddr as mac_saddr_str,
mac_daddr as mac_daddr_str,
mac_protocol as oob_protocol,
- label as raw_label
+ label as raw_label,
+ sctp_sport,
+ sctp_dport,
+ sctp_csum
FROM ulog2 LEFT JOIN tcp ON ulog2._id = tcp._tcp_id LEFT JOIN udp ON ulog2._id = udp._udp_id
LEFT JOIN icmp ON ulog2._id = icmp._icmp_id LEFT JOIN mac ON ulog2.mac_id = mac._mac_id
- LEFT JOIN hwhdr ON ulog2._id = hwhdr._hw_id LEFT JOIN icmpv6 ON ulog2._id = icmpv6._icmpv6_id;
+ LEFT JOIN hwhdr ON ulog2._id = hwhdr._hw_id LEFT JOIN icmpv6 ON ulog2._id = icmpv6._icmpv6_id
+ LEFT JOIN sctp ON ulog2._id = sctp._sctp_id;
-- shortcuts
@@ -579,6 +597,20 @@ END
$$
delimiter $$
+DROP PROCEDURE IF EXISTS PACKET_ADD_SCTP;
+CREATE PROCEDURE PACKET_ADD_SCTP(
+ IN `id` int(10) unsigned,
+ IN `_sport` smallint(5) unsigned,
+ IN `_dport` smallint(5) unsigned,
+ IN `_csum` smallint(5) unsigned
+ )
+BEGIN
+ INSERT INTO sctp (_sctp_id, sctp_sport, sctp_dport, sctp_csum) VALUES
+ (id, _sport, _dport, _csum);
+END
+$$
+
+delimiter $$
DROP PROCEDURE IF EXISTS PACKET_ADD_ICMP;
CREATE PROCEDURE PACKET_ADD_ICMP(
IN `id` int(10) unsigned,
@@ -699,7 +731,10 @@ CREATE FUNCTION INSERT_PACKET_FULL(
mac_saddr varchar(32),
mac_daddr varchar(32),
mac_protocol smallint(5),
- _label tinyint(4) unsigned
+ _label tinyint(4) unsigned,
+ sctp_sport smallint(5) unsigned,
+ sctp_dport smallint(5) unsigned,
+ sctp_csum int(10) unsigned
) RETURNS bigint unsigned
READS SQL DATA
BEGIN
@@ -714,6 +749,8 @@ BEGIN
tcp_rst, tcp_syn, tcp_fin);
ELSEIF _ip_protocol = 17 THEN
CALL PACKET_ADD_UDP(@lastid, udp_sport, udp_dport, udp_len);
+ ELSEIF _ip_protocol = 132 THEN
+ CALL PACKET_ADD_SCTP(@lastid, sctp_sport, sctp_dport, sctp_csum);
ELSEIF _ip_protocol = 1 THEN
CALL PACKET_ADD_ICMP(@lastid, icmp_type, icmp_code, icmp_echoid, icmp_echoseq,
icmp_gateway, icmp_fragmtu);
diff --git a/doc/pgsql-ulogd2.sql b/doc/pgsql-ulogd2.sql
index 9340801..73e038d 100644
--- a/doc/pgsql-ulogd2.sql
+++ b/doc/pgsql-ulogd2.sql
@@ -29,6 +29,7 @@ DROP TABLE IF EXISTS mac CASCADE;
DROP TABLE IF EXISTS hwhdr CASCADE;
DROP TABLE IF EXISTS tcp CASCADE;
DROP TABLE IF EXISTS udp CASCADE;
+DROP TABLE IF EXISTS sctp CASCADE;
DROP TABLE IF EXISTS icmp CASCADE;
DROP TABLE IF EXISTS icmpv6 CASCADE;
DROP TABLE IF EXISTS nufw CASCADE;
@@ -119,6 +120,16 @@ CREATE TABLE udp (
CREATE INDEX udp_sport ON udp(udp_sport);
CREATE INDEX udp_dport ON udp(udp_dport);
+CREATE TABLE sctp (
+ _sctp_id bigint PRIMARY KEY UNIQUE NOT NULL,
+ sctp_sport integer default NULL,
+ sctp_dport integer default NULL,
+ sctp_csum smallint default NULL
+) WITH (OIDS=FALSE);
+
+CREATE INDEX sctp_sport ON sctp(sctp_sport);
+CREATE INDEX sctp_dport ON sctp(sctp_dport);
+
CREATE TABLE icmp (
_icmp_id bigint PRIMARY KEY UNIQUE NOT NULL,
icmp_type smallint default NULL,
@@ -206,8 +217,12 @@ CREATE OR REPLACE VIEW ulog AS
mac_saddr AS mac_saddr_str,
mac_daddr AS mac_daddr_str,
mac_protocol AS oob_protocol,
- label AS raw_label
+ label AS raw_label,
+ sctp_sport,
+ sctp_dport,
+ sctp_csum
FROM ulog2 LEFT JOIN tcp ON ulog2._id = tcp._tcp_id LEFT JOIN udp ON ulog2._id = udp._udp_id
+ LEFT JOIN sctp ON ulog2._id = sctp._sctp_id
LEFT JOIN icmp ON ulog2._id = icmp._icmp_id
LEFT JOIN mac ON ulog2.mac_id = mac._mac_id
LEFT JOIN hwhdr ON ulog2._id = hwhdr._hw_id
@@ -291,6 +306,7 @@ INSERT INTO ip_proto (_proto_id,proto_name,proto_desc) VALUES
(6,'tcp','transmission control protocol'),
(17,'udp','user datagram protocol'),
(41,'ipv6','Internet Protocol, version 6'),
+ (132,'sctp','Stream Control Transmission Protocol'),
(58,'ipv6-icmp','ICMP for IPv6');
--
@@ -335,6 +351,7 @@ CREATE OR REPLACE FUNCTION ULOG2_ADD_FOREIGN_KEYS()
RETURNS void AS $$
ALTER TABLE tcp ADD CONSTRAINT tcp_id_fk FOREIGN KEY (_tcp_id) REFERENCES ulog2(_id);
ALTER TABLE udp ADD CONSTRAINT udp_id_fk FOREIGN KEY (_udp_id) REFERENCES ulog2(_id);
+ ALTER TABLE sctp ADD CONSTRAINT sctp_id_fk FOREIGN KEY (_sctp_id) REFERENCES ulog2(_id);
ALTER TABLE icmp ADD CONSTRAINT icmp_id_fk FOREIGN KEY (_icmp_id) REFERENCES ulog2(_id);
ALTER TABLE icmpv6 ADD CONSTRAINT icmpv6_id_fk FOREIGN KEY (_icmpv6_id) REFERENCES ulog2(_id);
ALTER TABLE ulog2 ADD CONSTRAINT mac_id_fk FOREIGN KEY (mac_id) REFERENCES mac(_mac_id);
@@ -424,6 +441,18 @@ RETURNS bigint AS $$
SELECT currval('ulog2__id_seq');
$$ LANGUAGE SQL SECURITY INVOKER;
+CREATE OR REPLACE FUNCTION INSERT_SCTP(
+ IN sctp_id bigint,
+ IN sctp_sport integer,
+ IN sctp_dport integer,
+ IN sctp_csum integer
+ )
+RETURNS bigint AS $$
+ INSERT INTO sctp (_sctp_id,sctp_sport,sctp_dport,sctp_csum)
+ VALUES ($1,$2,$3,$4);
+ SELECT currval('ulog2__id_seq');
+$$ LANGUAGE SQL SECURITY INVOKER;
+
CREATE OR REPLACE FUNCTION INSERT_ICMP(
IN icmp_id bigint,
IN icmp_type integer,
@@ -538,7 +567,10 @@ CREATE OR REPLACE FUNCTION INSERT_PACKET_FULL(
IN mac_saddr varchar(32),
IN mac_daddr varchar(32),
IN mac_protocol integer,
- IN label integer
+ IN label integer,
+ IN sctp_sport integer,
+ IN sctp_dport integer,
+ IN sctp_csum integer
)
RETURNS bigint AS $$
DECLARE
@@ -550,6 +582,8 @@ BEGIN
PERFORM INSERT_TCP_FULL(t_id,$19,$20,$21,$22,$23,$24,$25,$26,$27,$28,$29,$30);
ELSIF (ip_protocol = 17) THEN
PERFORM INSERT_UDP(t_id,$31,$32,$33);
+ ELSIF (ip_protocol = 132) THEN
+ PERFORM INSERT_SCTP(t_id,$51,$52,$53);
ELSIF (ip_protocol = 1) THEN
PERFORM INSERT_ICMP(t_id,$34,$35,$36,$37,$38,$39);
ELSIF (ip_protocol = 58) THEN
@@ -677,6 +711,7 @@ RETURNS void AS $$
DELETE FROM icmp WHERE icmp._icmp_id = $1;
DELETE FROM tcp WHERE tcp._tcp_id = $1;
DELETE FROM udp WHERE udp._udp_id = $1;
+ DELETE FROM sctp WHERE sctp._sctp_id = $1;
DELETE FROM ulog2 WHERE ulog2._id = $1;
$$ LANGUAGE SQL SECURITY INVOKER;
@@ -717,10 +752,12 @@ RETURNS void AS $$
-- DELETE FROM tcp WHERE _tcp_id IN (SELECT tcp._tcp_id FROM tcp LEFT OUTER JOIN ulog2 ON (tcp._tcp_id = ulog2._id) WHERE ulog2._id IS NULL);
DELETE FROM mac WHERE _mac_id NOT IN (SELECT _id FROM ulog2);
DELETE FROM udp WHERE _udp_id NOT IN (SELECT _id FROM ulog2);
+ DELETE FROM sctp WHERE _sctp_id NOT IN (SELECT _id FROM ulog2);
DELETE FROM icmp WHERE _icmp_id NOT IN (SELECT _id FROM ulog2);
-- look for packets in table ulog2 with proto tcp (or ipv6 ?) and not in table tcp
DELETE FROM ulog2 WHERE ulog2.ip_protocol = '6' AND _id NOT IN (SELECT _tcp_id FROM tcp);
DELETE FROM ulog2 WHERE ulog2.ip_protocol = '17' AND _id NOT IN (SELECT _udp_id FROM udp);
+ DELETE FROM ulog2 WHERE ulog2.ip_protocol = '132' AND _id NOT IN (SELECT _sctp_id FROM sctp);
DELETE FROM ulog2 WHERE ulog2.ip_protocol = '2' AND _id NOT IN (SELECT _icmp_id FROM icmp);
$$ LANGUAGE SQL SECURITY INVOKER;
--
1.5.6.3
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [ULOGD2 PATCH 08/18] Treat nice function return.
2008-12-01 21:35 [ULOGD2 PATCH 0/18] Code cleaning, SCTP support, NFLOG logic fix Eric Leblond
` (6 preceding siblings ...)
2008-12-01 21:36 ` [ULOGD2 PATCH 07/18] Add SCTP support to MySQL and PGSQL output Eric Leblond
@ 2008-12-01 21:36 ` Eric Leblond
2008-12-01 21:36 ` [ULOGD2 PATCH 09/18] Fix stop function of NFCT plugin Eric Leblond
` (10 subsequent siblings)
18 siblings, 0 replies; 20+ messages in thread
From: Eric Leblond @ 2008-12-01 21:36 UTC (permalink / raw)
To: netfilter-devel; +Cc: pablo, Eric Leblond
gcc was warning that the return of the nice function should
be treated. This patch adds an error message in case of failure.
Signed-off-by: Eric Leblond <eric@inl.fr>
---
src/ulogd.c | 8 +++++++-
1 files changed, 7 insertions(+), 1 deletions(-)
diff --git a/src/ulogd.c b/src/ulogd.c
index e69079d..ead35b5 100644
--- a/src/ulogd.c
+++ b/src/ulogd.c
@@ -1129,7 +1129,13 @@ int main(int argc, char* argv[])
}
}
- nice(-1);
+ errno = 0;
+ if (nice(-1) == -1) {
+ if (errno != 0)
+ ulogd_log(ULOGD_ERROR, "Could not nice process: %s\n",
+ strerror(errno));
+ }
+
if (daemonize){
if (fork()) {
--
1.5.6.3
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [ULOGD2 PATCH 09/18] Fix stop function of NFCT plugin.
2008-12-01 21:35 [ULOGD2 PATCH 0/18] Code cleaning, SCTP support, NFLOG logic fix Eric Leblond
` (7 preceding siblings ...)
2008-12-01 21:36 ` [ULOGD2 PATCH 08/18] Treat nice function return Eric Leblond
@ 2008-12-01 21:36 ` Eric Leblond
2008-12-01 21:36 ` [ULOGD2 PATCH 10/18] Don't free pluginstance when leaving Eric Leblond
` (9 subsequent siblings)
18 siblings, 0 replies; 20+ messages in thread
From: Eric Leblond @ 2008-12-01 21:36 UTC (permalink / raw)
To: netfilter-devel; +Cc: pablo, Eric Leblond
This patch fixes some crashes in NFCT plugin that were triggered
by the call of the destructor_nfct function (during stop).
Signed-off-by: Eric Leblond <eric@inl.fr>
---
input/flow/ulogd_inpflow_NFCT.c | 2 +-
src/hash.c | 6 ++++--
2 files changed, 5 insertions(+), 3 deletions(-)
diff --git a/input/flow/ulogd_inpflow_NFCT.c b/input/flow/ulogd_inpflow_NFCT.c
index a33ec35..a39bf08 100644
--- a/input/flow/ulogd_inpflow_NFCT.c
+++ b/input/flow/ulogd_inpflow_NFCT.c
@@ -884,7 +884,7 @@ static int constructor_nfct(struct ulogd_pluginstance *upi)
static int destructor_nfct(struct ulogd_pluginstance *pi)
{
- struct nfct_pluginstance *cpi = (void *) pi;
+ struct nfct_pluginstance *cpi = (void *) pi->private;
int rc;
hashtable_destroy(cpi->ct_active);
diff --git a/src/hash.c b/src/hash.c
index 33541e8..700678c 100644
--- a/src/hash.c
+++ b/src/hash.c
@@ -75,8 +75,10 @@ hashtable_create(int hashsize, int limit, int datasize,
void hashtable_destroy(struct hashtable *h)
{
- hashtable_flush(h);
- free(h);
+ if (h) {
+ hashtable_flush(h);
+ free(h);
+ }
}
void *hashtable_add(struct hashtable *table, void *data)
--
1.5.6.3
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [ULOGD2 PATCH 10/18] Don't free pluginstance when leaving
2008-12-01 21:35 [ULOGD2 PATCH 0/18] Code cleaning, SCTP support, NFLOG logic fix Eric Leblond
` (8 preceding siblings ...)
2008-12-01 21:36 ` [ULOGD2 PATCH 09/18] Fix stop function of NFCT plugin Eric Leblond
@ 2008-12-01 21:36 ` Eric Leblond
2008-12-01 21:36 ` [ULOGD2 PATCH 11/18] Fix minor memory leak in NFLOG plugin Eric Leblond
` (8 subsequent siblings)
18 siblings, 0 replies; 20+ messages in thread
From: Eric Leblond @ 2008-12-01 21:36 UTC (permalink / raw)
To: netfilter-devel; +Cc: pablo, Eric Leblond
If we free pluginstance in the stop function we won't
be able to iter anymore on the stack linked list.
Signed-off-by: Eric Leblond <eric@inl.fr>
---
input/packet/ulogd_inppkt_NFLOG.c | 2 --
input/packet/ulogd_inppkt_ULOG.c | 1 -
2 files changed, 0 insertions(+), 3 deletions(-)
diff --git a/input/packet/ulogd_inppkt_NFLOG.c b/input/packet/ulogd_inppkt_NFLOG.c
index e27355d..9a39234 100644
--- a/input/packet/ulogd_inppkt_NFLOG.c
+++ b/input/packet/ulogd_inppkt_NFLOG.c
@@ -569,8 +569,6 @@ static int stop(struct ulogd_pluginstance *pi)
nflog_unbind_group(ui->nful_gh);
nflog_close(ui->nful_h);
- free(pi);
-
return 0;
}
diff --git a/input/packet/ulogd_inppkt_ULOG.c b/input/packet/ulogd_inppkt_ULOG.c
index 00975de..719898d 100644
--- a/input/packet/ulogd_inppkt_ULOG.c
+++ b/input/packet/ulogd_inppkt_ULOG.c
@@ -309,7 +309,6 @@ static int fini(struct ulogd_pluginstance *pi)
struct ulog_input *ui = (struct ulog_input *)pi->private;
ulogd_unregister_fd(&ui->ulog_fd);
- free(pi);
return 0;
}
--
1.5.6.3
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [ULOGD2 PATCH 11/18] Fix minor memory leak in NFLOG plugin.
2008-12-01 21:35 [ULOGD2 PATCH 0/18] Code cleaning, SCTP support, NFLOG logic fix Eric Leblond
` (9 preceding siblings ...)
2008-12-01 21:36 ` [ULOGD2 PATCH 10/18] Don't free pluginstance when leaving Eric Leblond
@ 2008-12-01 21:36 ` Eric Leblond
2008-12-01 21:36 ` [ULOGD2 PATCH 12/18] Call pluginstance stop function when exiting Eric Leblond
` (7 subsequent siblings)
18 siblings, 0 replies; 20+ messages in thread
From: Eric Leblond @ 2008-12-01 21:36 UTC (permalink / raw)
To: netfilter-devel; +Cc: pablo, Eric Leblond
This patch fix a minor memory leak at NFLOG plugin exit.
Signed-off-by: Eric Leblond <eric@inl.fr>
---
input/packet/ulogd_inppkt_NFLOG.c | 2 ++
1 files changed, 2 insertions(+), 0 deletions(-)
diff --git a/input/packet/ulogd_inppkt_NFLOG.c b/input/packet/ulogd_inppkt_NFLOG.c
index 9a39234..70e9f77 100644
--- a/input/packet/ulogd_inppkt_NFLOG.c
+++ b/input/packet/ulogd_inppkt_NFLOG.c
@@ -569,6 +569,8 @@ static int stop(struct ulogd_pluginstance *pi)
nflog_unbind_group(ui->nful_gh);
nflog_close(ui->nful_h);
+ free(ui->nfulog_buf);
+
return 0;
}
--
1.5.6.3
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [ULOGD2 PATCH 12/18] Call pluginstance stop function when exiting
2008-12-01 21:35 [ULOGD2 PATCH 0/18] Code cleaning, SCTP support, NFLOG logic fix Eric Leblond
` (10 preceding siblings ...)
2008-12-01 21:36 ` [ULOGD2 PATCH 11/18] Fix minor memory leak in NFLOG plugin Eric Leblond
@ 2008-12-01 21:36 ` Eric Leblond
2008-12-01 21:36 ` [ULOGD2 PATCH 13/18] Add SIGINT to list of terminal signal Eric Leblond
` (6 subsequent siblings)
18 siblings, 0 replies; 20+ messages in thread
From: Eric Leblond @ 2008-12-01 21:36 UTC (permalink / raw)
To: netfilter-devel; +Cc: pablo, Eric Leblond
The stop function of plugin was not called when ulogd2 was
preparing to quit. This patch adds a call to stop for all
plugins in each stack and free pluginstance.
Signed-off-by: Eric Leblond <eric@inl.fr>
---
src/ulogd.c | 26 +++++++++++++++++++++++++-
1 files changed, 25 insertions(+), 1 deletions(-)
diff --git a/src/ulogd.c b/src/ulogd.c
index ead35b5..d193b26 100644
--- a/src/ulogd.c
+++ b/src/ulogd.c
@@ -958,18 +958,42 @@ static void deliver_signal_pluginstances(int signal)
}
}
+static void stop_pluginstances()
+{
+ struct ulogd_pluginstance_stack *stack;
+ struct ulogd_pluginstance *pi, *npi;
+
+ llist_for_each_entry(stack, &ulogd_pi_stacks, stack_list) {
+ llist_for_each_entry_safe(pi, npi, &stack->list, list) {
+ if (((pi->plugin->priv_size == 0) || pi->private[0])
+ && *pi->plugin->stop) {
+ ulogd_log(ULOGD_DEBUG, "calling stop for %s\n",
+ pi->plugin->name);
+ (*pi->plugin->stop)(pi);
+ pi->private[0] = 0;
+ }
+ free(pi);
+ }
+ }
+}
+
static void sigterm_handler(int signal)
{
-
+
ulogd_log(ULOGD_NOTICE, "sigterm received, exiting\n");
deliver_signal_pluginstances(signal);
+ stop_pluginstances();
+
if (logfile != NULL && logfile != stdout) {
fclose(logfile);
logfile = NULL;
}
+ if (ulogd_logfile)
+ free(ulogd_logfile);
+
exit(0);
}
--
1.5.6.3
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [ULOGD2 PATCH 13/18] Add SIGINT to list of terminal signal.
2008-12-01 21:35 [ULOGD2 PATCH 0/18] Code cleaning, SCTP support, NFLOG logic fix Eric Leblond
` (11 preceding siblings ...)
2008-12-01 21:36 ` [ULOGD2 PATCH 12/18] Call pluginstance stop function when exiting Eric Leblond
@ 2008-12-01 21:36 ` Eric Leblond
2008-12-01 21:36 ` [ULOGD2 PATCH 14/18] Unload plugins when quitting Eric Leblond
` (5 subsequent siblings)
18 siblings, 0 replies; 20+ messages in thread
From: Eric Leblond @ 2008-12-01 21:36 UTC (permalink / raw)
To: netfilter-devel; +Cc: pablo, Eric Leblond
This patch modifies ulogd to intercept SIGINT signal
and quit nicely when this signal is received.
Signed-off-by: Eric Leblond <eric@inl.fr>
---
src/ulogd.c | 3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
diff --git a/src/ulogd.c b/src/ulogd.c
index d193b26..2f80913 100644
--- a/src/ulogd.c
+++ b/src/ulogd.c
@@ -980,7 +980,7 @@ static void stop_pluginstances()
static void sigterm_handler(int signal)
{
- ulogd_log(ULOGD_NOTICE, "sigterm received, exiting\n");
+ ulogd_log(ULOGD_NOTICE, "Terminal signal received, exiting\n");
deliver_signal_pluginstances(signal);
@@ -1173,6 +1173,7 @@ int main(int argc, char* argv[])
}
signal(SIGTERM, &sigterm_handler);
+ signal(SIGINT, &sigterm_handler);
signal(SIGHUP, &signal_handler);
signal(SIGALRM, &signal_handler);
signal(SIGUSR1, &signal_handler);
--
1.5.6.3
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [ULOGD2 PATCH 14/18] Unload plugins when quitting.
2008-12-01 21:35 [ULOGD2 PATCH 0/18] Code cleaning, SCTP support, NFLOG logic fix Eric Leblond
` (12 preceding siblings ...)
2008-12-01 21:36 ` [ULOGD2 PATCH 13/18] Add SIGINT to list of terminal signal Eric Leblond
@ 2008-12-01 21:36 ` Eric Leblond
2008-12-01 21:36 ` [ULOGD2 PATCH 15/18] Introduce config_stop() function Eric Leblond
` (4 subsequent siblings)
18 siblings, 0 replies; 20+ messages in thread
From: Eric Leblond @ 2008-12-01 21:36 UTC (permalink / raw)
To: netfilter-devel; +Cc: pablo, Eric Leblond
This patch adds unloading of plugins (call dlclose()) in ulogd2. This
make valgrind happy and will be useful for daemon live reconfiguration.
Signed-off-by: Eric Leblond <eric@inl.fr>
---
include/ulogd/ulogd.h | 8 ++++++++
src/ulogd.c | 21 ++++++++++++++++++++-
2 files changed, 28 insertions(+), 1 deletions(-)
diff --git a/include/ulogd/ulogd.h b/include/ulogd/ulogd.h
index 3f6d784..f55d5f1 100644
--- a/include/ulogd/ulogd.h
+++ b/include/ulogd/ulogd.h
@@ -187,6 +187,14 @@ static inline void *ikey_get_ptr(struct ulogd_key *key)
struct ulogd_pluginstance_stack;
struct ulogd_pluginstance;
+
+struct ulogd_plugin_handle {
+ /* global list of plugins */
+ struct llist_head list;
+ void *handle;
+};
+
+
struct ulogd_plugin {
/* global list of plugins */
struct llist_head list;
diff --git a/src/ulogd.c b/src/ulogd.c
index 2f80913..ae57a38 100644
--- a/src/ulogd.c
+++ b/src/ulogd.c
@@ -83,6 +83,8 @@ static int info_mode = 0;
/* linked list for all registered plugins */
static LLIST_HEAD(ulogd_plugins);
+/* linked list for all plugins handle */
+static LLIST_HEAD(ulogd_plugins_handle);
static LLIST_HEAD(ulogd_pi_stacks);
@@ -580,11 +582,17 @@ pluginstance_alloc_init(struct ulogd_plugin *pl, char *pi_id,
/* plugin loader to dlopen() a plugins */
static int load_plugin(const char *file)
{
- if (!dlopen(file, RTLD_NOW)) {
+ void * handle;
+ struct ulogd_plugin_handle *ph;
+ if ((handle = dlopen(file, RTLD_NOW)) == NULL) {
ulogd_log(ULOGD_ERROR, "load_plugin: '%s': %s\n", file,
dlerror());
return -1;
}
+
+ ph = (struct ulogd_plugin_handle *) calloc(1, sizeof(*ph));
+ ph->handle = handle;
+ llist_add(&ph->list, &ulogd_plugins_handle);
return 0;
}
@@ -977,6 +985,15 @@ static void stop_pluginstances()
}
}
+static void unload_plugins()
+{
+ struct ulogd_plugin_handle *ph, *nph;
+ llist_for_each_entry_safe(ph, nph, &ulogd_plugins_handle, list) {
+ dlclose(ph->handle);
+ free(ph);
+ }
+}
+
static void sigterm_handler(int signal)
{
@@ -986,6 +1003,8 @@ static void sigterm_handler(int signal)
stop_pluginstances();
+ unload_plugins();
+
if (logfile != NULL && logfile != stdout) {
fclose(logfile);
logfile = NULL;
--
1.5.6.3
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [ULOGD2 PATCH 15/18] Introduce config_stop() function
2008-12-01 21:35 [ULOGD2 PATCH 0/18] Code cleaning, SCTP support, NFLOG logic fix Eric Leblond
` (13 preceding siblings ...)
2008-12-01 21:36 ` [ULOGD2 PATCH 14/18] Unload plugins when quitting Eric Leblond
@ 2008-12-01 21:36 ` Eric Leblond
2008-12-01 21:36 ` [ULOGD2 PATCH 16/18] Free stacks when exiting Eric Leblond
` (3 subsequent siblings)
18 siblings, 0 replies; 20+ messages in thread
From: Eric Leblond @ 2008-12-01 21:36 UTC (permalink / raw)
To: netfilter-devel; +Cc: pablo, Eric Leblond
This patch adds the config_stop function which is in charge of releasing
ressources allocated for configuration file parsing.
Signed-off-by: Eric Leblond <eric@inl.fr>
---
include/ulogd/conffile.h | 3 +++
src/conffile.c | 4 ++++
src/ulogd.c | 2 ++
3 files changed, 9 insertions(+), 0 deletions(-)
diff --git a/include/ulogd/conffile.h b/include/ulogd/conffile.h
index 826d9d5..7431243 100644
--- a/include/ulogd/conffile.h
+++ b/include/ulogd/conffile.h
@@ -67,4 +67,7 @@ int config_register_file(const char *file);
/* parse the config file */
int config_parse_file(const char *section, struct config_keyset *kset);
+/* release ressource allocated by config file handling */
+void config_stop();
+
#endif /* ifndef _CONFFILE_H */
diff --git a/src/conffile.c b/src/conffile.c
index 0c1a2a4..b27187e 100644
--- a/src/conffile.c
+++ b/src/conffile.c
@@ -222,3 +222,7 @@ cpf_error:
return err;
}
+void config_stop()
+{
+ free(fname);
+}
diff --git a/src/ulogd.c b/src/ulogd.c
index ae57a38..b079fd2 100644
--- a/src/ulogd.c
+++ b/src/ulogd.c
@@ -1013,6 +1013,8 @@ static void sigterm_handler(int signal)
if (ulogd_logfile)
free(ulogd_logfile);
+ config_stop();
+
exit(0);
}
--
1.5.6.3
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [ULOGD2 PATCH 16/18] Free stacks when exiting.
2008-12-01 21:35 [ULOGD2 PATCH 0/18] Code cleaning, SCTP support, NFLOG logic fix Eric Leblond
` (14 preceding siblings ...)
2008-12-01 21:36 ` [ULOGD2 PATCH 15/18] Introduce config_stop() function Eric Leblond
@ 2008-12-01 21:36 ` Eric Leblond
2008-12-01 21:36 ` [ULOGD2 PATCH 17/18] Fix memory leak in destructor_nfct() Eric Leblond
` (2 subsequent siblings)
18 siblings, 0 replies; 20+ messages in thread
From: Eric Leblond @ 2008-12-01 21:36 UTC (permalink / raw)
To: netfilter-devel; +Cc: pablo, Eric Leblond
This patch modifies ulogd2 to have it free the stacks when leaving.
Signed-off-by: Eric Leblond <eric@inl.fr>
---
src/ulogd.c | 12 ++++++++++++
1 files changed, 12 insertions(+), 0 deletions(-)
diff --git a/src/ulogd.c b/src/ulogd.c
index b079fd2..1a1f6af 100644
--- a/src/ulogd.c
+++ b/src/ulogd.c
@@ -994,6 +994,16 @@ static void unload_plugins()
}
}
+static void stop_stack()
+{
+ struct ulogd_pluginstance_stack *stack, *nstack;
+
+ llist_for_each_entry_safe(stack, nstack, &ulogd_pi_stacks, stack_list) {
+ free(stack);
+ }
+}
+
+
static void sigterm_handler(int signal)
{
@@ -1003,6 +1013,8 @@ static void sigterm_handler(int signal)
stop_pluginstances();
+ stop_stack();
+
unload_plugins();
if (logfile != NULL && logfile != stdout) {
--
1.5.6.3
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [ULOGD2 PATCH 17/18] Fix memory leak in destructor_nfct().
2008-12-01 21:35 [ULOGD2 PATCH 0/18] Code cleaning, SCTP support, NFLOG logic fix Eric Leblond
` (15 preceding siblings ...)
2008-12-01 21:36 ` [ULOGD2 PATCH 16/18] Free stacks when exiting Eric Leblond
@ 2008-12-01 21:36 ` Eric Leblond
2008-12-01 21:36 ` [ULOGD2 PATCH 18/18] Add valgrind compilation option Eric Leblond
2008-12-10 11:07 ` [ULOGD2 PATCH 0/18] Code cleaning, SCTP support, NFLOG logic fix Eric Leblond
18 siblings, 0 replies; 20+ messages in thread
From: Eric Leblond @ 2008-12-01 21:36 UTC (permalink / raw)
To: netfilter-devel; +Cc: pablo, Eric Leblond
This patch fixes a memroy leak in the destructor function which was not
releasing the memory allocated for each connection tracking entry.
Signed-off-by: Eric Leblond <eric@inl.fr>
---
input/flow/ulogd_inpflow_NFCT.c | 10 ++++++++++
1 files changed, 10 insertions(+), 0 deletions(-)
diff --git a/input/flow/ulogd_inpflow_NFCT.c b/input/flow/ulogd_inpflow_NFCT.c
index a39bf08..1730ec9 100644
--- a/input/flow/ulogd_inpflow_NFCT.c
+++ b/input/flow/ulogd_inpflow_NFCT.c
@@ -692,6 +692,13 @@ static int read_cb_nfct(int fd, unsigned int what, void *param)
return 0;
}
+static int do_free(void *data1, void *data2)
+{
+ struct ct_timestamp *ts = data2;
+ free(ts->ct);
+}
+
+
static int do_purge(void *data1, void *data2)
{
int ret;
@@ -887,6 +894,9 @@ static int destructor_nfct(struct ulogd_pluginstance *pi)
struct nfct_pluginstance *cpi = (void *) pi->private;
int rc;
+ /* free existent entries */
+ hashtable_iterate(cpi->ct_active, NULL, do_free);
+
hashtable_destroy(cpi->ct_active);
rc = nfct_close(cpi->cth);
--
1.5.6.3
^ permalink raw reply related [flat|nested] 20+ messages in thread
* [ULOGD2 PATCH 18/18] Add valgrind compilation option.
2008-12-01 21:35 [ULOGD2 PATCH 0/18] Code cleaning, SCTP support, NFLOG logic fix Eric Leblond
` (16 preceding siblings ...)
2008-12-01 21:36 ` [ULOGD2 PATCH 17/18] Fix memory leak in destructor_nfct() Eric Leblond
@ 2008-12-01 21:36 ` Eric Leblond
2008-12-10 11:07 ` [ULOGD2 PATCH 0/18] Code cleaning, SCTP support, NFLOG logic fix Eric Leblond
18 siblings, 0 replies; 20+ messages in thread
From: Eric Leblond @ 2008-12-01 21:36 UTC (permalink / raw)
To: netfilter-devel; +Cc: pablo, Eric Leblond
Valgrind messages are obscur when the plugins are unloaded. This patch
adds a macro that can be used to desactivate unloading. To use it, you
have to specify 'CPPFLAGS=-DDEBUG_VALGRIND' on configure line.
Signed-off-by: Eric Leblond <eric@inl.fr>
---
src/ulogd.c | 4 ++++
1 files changed, 4 insertions(+), 0 deletions(-)
diff --git a/src/ulogd.c b/src/ulogd.c
index 1a1f6af..badd7bd 100644
--- a/src/ulogd.c
+++ b/src/ulogd.c
@@ -985,6 +985,7 @@ static void stop_pluginstances()
}
}
+#ifndef DEBUG_VALGRIND
static void unload_plugins()
{
struct ulogd_plugin_handle *ph, *nph;
@@ -993,6 +994,7 @@ static void unload_plugins()
free(ph);
}
}
+#endif
static void stop_stack()
{
@@ -1015,7 +1017,9 @@ static void sigterm_handler(int signal)
stop_stack();
+#ifndef DEBUG_VALGRIND
unload_plugins();
+#endif
if (logfile != NULL && logfile != stdout) {
fclose(logfile);
--
1.5.6.3
^ permalink raw reply related [flat|nested] 20+ messages in thread
* Re: [ULOGD2 PATCH 0/18] Code cleaning, SCTP support, NFLOG logic fix
2008-12-01 21:35 [ULOGD2 PATCH 0/18] Code cleaning, SCTP support, NFLOG logic fix Eric Leblond
` (17 preceding siblings ...)
2008-12-01 21:36 ` [ULOGD2 PATCH 18/18] Add valgrind compilation option Eric Leblond
@ 2008-12-10 11:07 ` Eric Leblond
18 siblings, 0 replies; 20+ messages in thread
From: Eric Leblond @ 2008-12-10 11:07 UTC (permalink / raw)
To: netfilter-devel; +Cc: pablo
[-- Attachment #1: Type: text/plain, Size: 158 bytes --]
Hi,
I've applied all patches to Netfilter's ulogd2 git tree.
BR,
--
Éric Leblond <eric@inl.fr>
INL, http://www.inl.fr/
NuFW, http://www.nufw.org
[-- Attachment #2: Ceci est une partie de message numériquement signée --]
[-- Type: application/pgp-signature, Size: 197 bytes --]
^ permalink raw reply [flat|nested] 20+ messages in thread
end of thread, other threads:[~2008-12-10 11:07 UTC | newest]
Thread overview: 20+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2008-12-01 21:35 [ULOGD2 PATCH 0/18] Code cleaning, SCTP support, NFLOG logic fix Eric Leblond
2008-12-01 21:35 ` [ULOGD2 PATCH 01/18] add ukey_* function for key assignation Eric Leblond
2008-12-01 21:36 ` [ULOGD2 PATCH 02/18] Modify usage of nflog_bind_pf function Eric Leblond
2008-12-01 21:36 ` [ULOGD2 PATCH 03/18] Get rid of addressfamily variable in NFLOG input plugin Eric Leblond
2008-12-01 21:36 ` [ULOGD2 PATCH 04/18] Document group 0 usage and suppress address_family Eric Leblond
2008-12-01 21:36 ` [ULOGD2 PATCH 05/18] Add SCTP support to BASE plugin Eric Leblond
2008-12-01 21:36 ` [ULOGD2 PATCH 06/18] SCTP support for PRINTPKT Eric Leblond
2008-12-01 21:36 ` [ULOGD2 PATCH 07/18] Add SCTP support to MySQL and PGSQL output Eric Leblond
2008-12-01 21:36 ` [ULOGD2 PATCH 08/18] Treat nice function return Eric Leblond
2008-12-01 21:36 ` [ULOGD2 PATCH 09/18] Fix stop function of NFCT plugin Eric Leblond
2008-12-01 21:36 ` [ULOGD2 PATCH 10/18] Don't free pluginstance when leaving Eric Leblond
2008-12-01 21:36 ` [ULOGD2 PATCH 11/18] Fix minor memory leak in NFLOG plugin Eric Leblond
2008-12-01 21:36 ` [ULOGD2 PATCH 12/18] Call pluginstance stop function when exiting Eric Leblond
2008-12-01 21:36 ` [ULOGD2 PATCH 13/18] Add SIGINT to list of terminal signal Eric Leblond
2008-12-01 21:36 ` [ULOGD2 PATCH 14/18] Unload plugins when quitting Eric Leblond
2008-12-01 21:36 ` [ULOGD2 PATCH 15/18] Introduce config_stop() function Eric Leblond
2008-12-01 21:36 ` [ULOGD2 PATCH 16/18] Free stacks when exiting Eric Leblond
2008-12-01 21:36 ` [ULOGD2 PATCH 17/18] Fix memory leak in destructor_nfct() Eric Leblond
2008-12-01 21:36 ` [ULOGD2 PATCH 18/18] Add valgrind compilation option Eric Leblond
2008-12-10 11:07 ` [ULOGD2 PATCH 0/18] Code cleaning, SCTP support, NFLOG logic fix Eric Leblond
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).