[PATCH v3 ulogd 12/12] ipfix: add debug symbol for yafscii

netfilter-devel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Ken-ichirou MATSUZAWA <chamaken@gmail.com>
To: The netfilter developer mailinglist <netfilter-devel@vger.kernel.org>
Cc: Eric Leblond <eric@regit.org>
Subject: [PATCH v3 ulogd 12/12] ipfix: add debug symbol for yafscii
Date: Tue, 3 Jun 2014 19:18:34 +0900	[thread overview]
Message-ID: <20140603101833.GM24668@gmail.com> (raw)
In-Reply-To: <20140603100130.GA24668@gmail.com>

http://tools.netsa.cert.org/yaf/yafscii.html
To see the file by yafscii
yafscii --in /tmp/ulogd.yaf and see /tmp/ulogd.yaf.txt

Signed-off-by: Ken-ichirou MATSUZAWA <chamas@h4.dion.ne.jp>
---
 output/ulogd_output_IPFIX.c | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/output/ulogd_output_IPFIX.c b/output/ulogd_output_IPFIX.c
index f10a82b..e552a3c 100644
--- a/output/ulogd_output_IPFIX.c
+++ b/output/ulogd_output_IPFIX.c
@@ -38,6 +38,12 @@
 #include <sys/socket.h>
 #include <netdb.h>
 
+#define DEBUG_YAFSCII_FILE "/tmp/ulogd.yaf"
+#ifdef DEBUG_YAFSCII_FILE
+#include <sys/stat.h>
+#include <sys/fcntl.h>
+#endif
+
 #include <libnetfilter_conntrack/libnetfilter_conntrack.h>
 
 #include <ulogd/linuxlist.h>
@@ -143,6 +149,10 @@ struct ipfix_instance {
 	struct llist_head template_list;
 	struct nfct_bitmask *valid_bitmask;	/* bitmask of valid keys */
 	u_int32_t seq;
+
+#ifdef DEBUG_YAFSCII_FILE
+	int yaf_fd;
+#endif
 };
 
 #define ULOGD_IPFIX_TEMPL_BASE 1024
@@ -469,6 +479,9 @@ static int output_ipfix(struct ulogd_pluginstance *upi)
 	ipfix_fprintf_header(stdout, ipfix_msg);
 	fprintf(stdout, "\n");
 
+#ifdef DEBUG_YAFSCII_FILE
+	write(ii->yaf_fd, ipfix_msg, ntohs(ipfix_msg->length));
+#endif
 	return ULOGD_IRET_OK;
 }
 
@@ -565,6 +578,10 @@ static int start_ipfix(struct ulogd_pluginstance *pi)
 	if (ret < 0)
 		goto out_bm_free;
 
+#ifdef DEBUG_YAFSCII_FILE
+	ii->yaf_fd = open(DEBUG_YAFSCII_FILE, O_CREAT|O_WRONLY|O_TRUNC, S_IWUSR);
+#endif
+
 	return 0;
 
 out_bm_free:
@@ -578,6 +595,9 @@ static int stop_ipfix(struct ulogd_pluginstance *pi)
 {
 	struct ipfix_instance *ii = (struct ipfix_instance *) &pi->private;
 
+#ifdef DEBUG_YAFSCII_FILE
+	close(ii->yaf_fd);
+#endif
 	close(ii->fd);
 
 	nfct_bitmask_destroy(ii->valid_bitmask);
-- 
1.9.1

     prev parent reply	other threads:[~2014-06-03 10:18 UTC|newest]

Thread overview: 13+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2014-06-03 10:01 [PATCH v3 ulogd 0/12] make progress ulogd_output_IPFIX Ken-ichirou MATSUZAWA
2014-06-03 10:04 ` [PATCH v3 ulogd 01/12] ipfix: use nfct_bitmask Ken-ichirou MATSUZAWA
2014-06-03 10:05 ` [PATCH v3 ulogd 02/12] ipfix: fix enterprise bit handling Ken-ichirou MATSUZAWA
2014-06-03 10:07 ` [PATCH v3 ulogd 03/12] ipfix: some cleanups Ken-ichirou MATSUZAWA
2014-06-03 10:08 ` [PATCH v3 ulogd 04/12] ipfix: add functions for ipfix dataset creation Ken-ichirou MATSUZAWA
2014-06-03 10:09 ` [PATCH v3 ulogd 05/12] ipfix: add function for ipfix message creation Ken-ichirou MATSUZAWA
2014-06-03 10:10 ` [PATCH v3 ulogd 06/12] ipfix: decide whether prepending template by send times Ken-ichirou MATSUZAWA
2014-06-03 10:11 ` [PATCH v3 ulogd 07/12] ipfix: print ipfix message Ken-ichirou MATSUZAWA
2014-06-03 10:12 ` [PATCH 08/12] ipfix: build headers with template Ken-ichirou MATSUZAWA
2014-06-03 10:13 ` [PATCH v3 ulogd 09/12] nfct: fix ipfix field_id of flow.end.usec Ken-ichirou MATSUZAWA
2014-06-03 10:15 ` [PATCH v3 ulogd 10/12] nfct: fix icmp type and code output key size Ken-ichirou MATSUZAWA
2014-06-03 10:16 ` [PATCH v3 ulogd 11/12] nfct/ipfix: introduce new vendor id Ken-ichirou MATSUZAWA
2014-06-03 10:18 ` Ken-ichirou MATSUZAWA [this message]

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:f10a82b dfblob:e552a3c )
 OR (
bs:"[PATCH v3 ulogd 12/12] ipfix: add debug symbol for yafscii" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20140603101833.GM24668@gmail.com \
    --to=chamaken@gmail.com \
    --cc=eric@regit.org \
    --cc=netfilter-devel@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).