* [ULOGD PATCH 0/5] UID dump support in NFLOG, IPCMPv6 support in SQL
@ 2008-02-09 12:36 Eric Leblond
2008-02-09 12:36 ` [ULOGD PATCH 1/5] Fix treatment of return from function Eric Leblond
` (5 more replies)
0 siblings, 6 replies; 13+ messages in thread
From: Eric Leblond @ 2008-02-09 12:36 UTC (permalink / raw)
To: netfilter-devel
Hi,
This patchset starts with two minor code cleaning patches.
The rest of patchset contains some more significative things:
* Add UID in NFLOG (ood.uid) and make PRINTPKT able to display the key if
present
* Add IPCMPv6 support to SQL schema
BR,
--
Eric Leblond <eric@inl.fr>
INL: http://www.inl.fr/
^ permalink raw reply [flat|nested] 13+ messages in thread
* [ULOGD PATCH 1/5] Fix treatment of return from function
2008-02-09 12:36 [ULOGD PATCH 0/5] UID dump support in NFLOG, IPCMPv6 support in SQL Eric Leblond
@ 2008-02-09 12:36 ` Eric Leblond
2008-02-09 17:28 ` Pablo Neira Ayuso
2008-02-09 17:31 ` Pablo Neira Ayuso
2008-02-09 12:36 ` [ULOGD PATCH 2/5] Factorize definition of some macros Eric Leblond
` (4 subsequent siblings)
5 siblings, 2 replies; 13+ messages in thread
From: Eric Leblond @ 2008-02-09 12:36 UTC (permalink / raw)
To: netfilter-devel; +Cc: Eric Leblond
The treatment of the return of some functions from libnetfilter_log API was wrong and this
was preventing some fields to be propagated through the stack.
Signed-off-by: Eric Leblond <eric@inl.fr>
---
:100644 100644 be46fa2... 1b8e32c... M input/packet/ulogd_inppkt_NFLOG.c
input/packet/ulogd_inppkt_NFLOG.c | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/input/packet/ulogd_inppkt_NFLOG.c b/input/packet/ulogd_inppkt_NFLOG.c
index be46fa2..1b8e32c 100644
--- a/input/packet/ulogd_inppkt_NFLOG.c
+++ b/input/packet/ulogd_inppkt_NFLOG.c
@@ -317,11 +317,11 @@ interp_packet(struct ulogd_pluginstance *upi, struct nflog_data *ldata)
ret[NFLOG_KEY_OOB_IFINDEX_OUT].flags |= ULOGD_RETF_VALID;
}
- if (nflog_get_seq(ldata, &seq)) {
+ if (nflog_get_seq(ldata, &seq) == 0) {
ret[NFLOG_KEY_OOB_SEQ_LOCAL].u.value.ui32 = seq;
ret[NFLOG_KEY_OOB_SEQ_LOCAL].flags |= ULOGD_RETF_VALID;
}
- if (nflog_get_seq_global(ldata, &seq)) {
+ if (nflog_get_seq_global(ldata, &seq) == 0) {
ret[NFLOG_KEY_OOB_SEQ_GLOBAL].u.value.ui32 = seq;
ret[NFLOG_KEY_OOB_SEQ_GLOBAL].flags |= ULOGD_RETF_VALID;
}
--
1.5.2.5
^ permalink raw reply related [flat|nested] 13+ messages in thread
* [ULOGD PATCH 2/5] Factorize definition of some macros.
2008-02-09 12:36 [ULOGD PATCH 0/5] UID dump support in NFLOG, IPCMPv6 support in SQL Eric Leblond
2008-02-09 12:36 ` [ULOGD PATCH 1/5] Fix treatment of return from function Eric Leblond
@ 2008-02-09 12:36 ` Eric Leblond
2008-02-09 17:33 ` Pablo Neira Ayuso
2008-02-09 12:36 ` [PATCH 3/5] Add Icmpv6 support to SQL schema Eric Leblond
` (3 subsequent siblings)
5 siblings, 1 reply; 13+ messages in thread
From: Eric Leblond @ 2008-02-09 12:36 UTC (permalink / raw)
To: netfilter-devel; +Cc: Eric Leblond
Some macros were defined several time. This was the case of GET_VALUE,
pp_is_valid. This patch puts the definition in ulogd.h and fixes the
definition of pp_is_valid which was wrong (causing segfault by acessing to
fields at NULL).
Signed-off-by: Eric Leblond <eric@inl.fr>
---
:100644 100644 e490b64... 9b0110e... M filter/ulogd_filter_IP2BIN.c
:100644 100644 2a61220... 39edc05... M filter/ulogd_filter_IP2STR.c
:100644 100644 1bd0b6c... b1d0996... M include/ulogd/ulogd.h
:100644 100644 d803633... 92c4f0f... M util/printflow.c
:100644 100644 6606824... 35d8080... M util/printpkt.c
filter/ulogd_filter_IP2BIN.c | 5 -----
filter/ulogd_filter_IP2STR.c | 5 -----
include/ulogd/ulogd.h | 5 +++++
util/printflow.c | 4 ----
util/printpkt.c | 4 ----
5 files changed, 5 insertions(+), 18 deletions(-)
diff --git a/filter/ulogd_filter_IP2BIN.c b/filter/ulogd_filter_IP2BIN.c
index e490b64..9b0110e 100644
--- a/filter/ulogd_filter_IP2BIN.c
+++ b/filter/ulogd_filter_IP2BIN.c
@@ -114,11 +114,6 @@ static struct ulogd_key ip2bin_keys[] = {
};
-#define GET_VALUE(res, x) (res[x].u.source->u.value)
-#define GET_FLAGS(res, x) (res[x].u.source->flags)
-#define pp_is_valid(res, x) \
- (res[x].u.source && (GET_FLAGS(res, x) & ULOGD_RETF_VALID))
-
/**
* Convert IPv4 address (as 32-bit unsigned integer) to IPv6 address:
* add 96 bits prefix "::ffff:" to get IPv6 address "::ffff:a.b.c.d".
diff --git a/filter/ulogd_filter_IP2STR.c b/filter/ulogd_filter_IP2STR.c
index 2a61220..39edc05 100644
--- a/filter/ulogd_filter_IP2STR.c
+++ b/filter/ulogd_filter_IP2STR.c
@@ -113,11 +113,6 @@ static struct ulogd_key ip2str_keys[] = {
},
};
-#define GET_VALUE(res, x) (res[x].u.source->u.value)
-#define GET_FLAGS(res, x) (res[x].u.source->flags)
-#define pp_is_valid(res, x) \
- (res[x].u.source && (GET_FLAGS(res, x) & ULOGD_RETF_VALID))
-
static char *ip2str(struct ulogd_key* inp, int index, char family)
{
char tmp[IPADDR_LENGTH];
diff --git a/include/ulogd/ulogd.h b/include/ulogd/ulogd.h
index 1bd0b6c..b1d0996 100644
--- a/include/ulogd/ulogd.h
+++ b/include/ulogd/ulogd.h
@@ -216,6 +216,11 @@ void __ulogd_log(int level, char *file, int line, const char *message, ...);
#define IS_NEEDED(x) (x.flags & ULOGD_RETF_NEEDED)
#define SET_NEEDED(x) (x.flags |= ULOGD_RETF_NEEDED)
+#define GET_VALUE(res, x) (res[x].u.source->u.value)
+#define GET_FLAGS(res, x) (res[x].u.source->flags)
+#define pp_is_valid(res, x) \
+ (res[x].u.source && (GET_FLAGS(res, x) & ULOGD_RETF_VALID))
+
int ulogd_key_size(struct ulogd_key *key);
int ulogd_wildcard_inputkeys(struct ulogd_pluginstance *upi);
diff --git a/util/printflow.c b/util/printflow.c
index d803633..92c4f0f 100644
--- a/util/printflow.c
+++ b/util/printflow.c
@@ -131,10 +131,6 @@ struct ulogd_key printflow_keys[FLOW_IDS] = {
};
int printflow_keys_num = sizeof(printflow_keys)/sizeof(*printflow_keys);
-#define GET_VALUE(res, x) (res[x].u.source->u.value)
-#define GET_FLAGS(res, x) (res[x].u.source->flags)
-#define pp_is_valid(res, x) (GET_FLAGS(res, x) & ULOGD_RETF_VALID)
-
#define pp_print(buf_cur, label, res, x, type) \
if (pp_is_valid(res, x)) \
buf_cur += sprintf(buf_cur, label"=%u ", GET_VALUE(res, x).type);
diff --git a/util/printpkt.c b/util/printpkt.c
index 6606824..35d8080 100644
--- a/util/printpkt.c
+++ b/util/printpkt.c
@@ -89,10 +89,6 @@ struct ulogd_key printpkt_keys[] = {
[KEY_AHESP_SPI] = { .name = "ahesp.spi", },
};
-#define GET_VALUE(res, x) (res[x].u.source->u.value)
-#define GET_FLAGS(res, x) (res[x].u.source->flags)
-#define pp_is_valid(res, x) (GET_FLAGS(res, x) & ULOGD_RETF_VALID)
-
static int printpkt_proto(struct ulogd_key *res, char *buf, int protocol)
{
char *buf_cur = buf;
--
1.5.2.5
^ permalink raw reply related [flat|nested] 13+ messages in thread
* [PATCH 3/5] Add Icmpv6 support to SQL schema.
2008-02-09 12:36 [ULOGD PATCH 0/5] UID dump support in NFLOG, IPCMPv6 support in SQL Eric Leblond
2008-02-09 12:36 ` [ULOGD PATCH 1/5] Fix treatment of return from function Eric Leblond
2008-02-09 12:36 ` [ULOGD PATCH 2/5] Factorize definition of some macros Eric Leblond
@ 2008-02-09 12:36 ` Eric Leblond
2008-02-09 17:39 ` Pablo Neira Ayuso
2008-02-09 12:36 ` [ULOGD PATCH 4/5] Add support for UID dumping to NFLOG input plugin Eric Leblond
` (2 subsequent siblings)
5 siblings, 1 reply; 13+ messages in thread
From: Eric Leblond @ 2008-02-09 12:36 UTC (permalink / raw)
To: netfilter-devel; +Cc: Eric Leblond, Pierre Chifflier
Signed-off-by: Pierre Chifflier <chifflier@inl.fr>
Signed-off-by: Eric Leblond <eric@inl.fr>
---
:100644 100644 d42d216... b154c74... M doc/mysql-ulogd2.sql
:100644 100644 740a7ef... 87a85fb... M doc/pgsql-ulogd2.sql
doc/mysql-ulogd2.sql | 67 +++++++++++++++++++++++++++++++++++++++++++++----
doc/pgsql-ulogd2.sql | 55 ++++++++++++++++++++++++++++++++++++----
2 files changed, 110 insertions(+), 12 deletions(-)
diff --git a/doc/mysql-ulogd2.sql b/doc/mysql-ulogd2.sql
index d42d216..b154c74 100644
--- a/doc/mysql-ulogd2.sql
+++ b/doc/mysql-ulogd2.sql
@@ -14,7 +14,7 @@ CREATE TABLE `_format` (
`version` int(4) NOT NULL
) ENGINE=INNODB;
-INSERT INTO _format (version) VALUES (4);
+INSERT INTO _format (version) VALUES (5);
-- this table could be used to know which user-defined tables are linked
-- to ulog
@@ -31,8 +31,11 @@ DROP TABLE IF EXISTS `mac`;
DROP TABLE IF EXISTS `tcp`;
DROP TABLE IF EXISTS `udp`;
DROP TABLE IF EXISTS `icmp`;
+DROP TABLE IF EXISTS `icmpv6`;
DROP TABLE IF EXISTS `nufw`;
DROP TABLE IF EXISTS `ulog2_ct`;
+DROP TABLE IF EXISTS `state_t`;
+DROP TABLE IF EXISTS `nufw`;
DROP TABLE IF EXISTS `ulog2`;
CREATE TABLE `ulog2` (
@@ -125,6 +128,18 @@ CREATE TABLE `icmp` (
ALTER TABLE icmp ADD UNIQUE KEY `key_icmp_id` (`_icmp_id`);
ALTER TABLE icmp ADD KEY `index_icmp_id` (`_icmp_id`);
+CREATE TABLE `icmpv6` (
+ `_icmpv6_id` bigint unsigned NOT NULL,
+ `icmpv6_type` tinyint(3) unsigned default NULL,
+ `icmpv6_code` tinyint(3) unsigned default NULL,
+ `icmpv6_echoid` smallint(5) unsigned default NULL,
+ `icmpv6_echoseq` smallint(5) unsigned default NULL,
+ `icmpv6_csum` int(10) unsigned default NULL
+) ENGINE=INNODB;
+
+ALTER TABLE icmpv6 ADD UNIQUE KEY `key_icmpv6_id` (`_icmpv6_id`);
+ALTER TABLE icmpv6 ADD KEY `index_icmpv6_id` (`_icmpv6_id`);
+
-- views
@@ -143,6 +158,10 @@ DROP VIEW IF EXISTS `view_icmp`;
CREATE SQL SECURITY INVOKER VIEW `view_icmp` AS
SELECT * FROM ulog2 INNER JOIN icmp ON ulog2._id = icmp._icmp_id;
+DROP VIEW IF EXISTS `view_icmpv6`;
+CREATE SQL SECURITY INVOKER VIEW `view_icmpv6` AS
+ SELECT * FROM ulog2 INNER JOIN icmpv6 ON ulog2._id = icmpv6._icmpv6_id;
+
-- ulog view
DROP VIEW IF EXISTS `ulog`;
-- CREATE SQL SECURITY INVOKER VIEW `ulog` AS
@@ -187,9 +206,18 @@ CREATE SQL SECURITY INVOKER VIEW `ulog` AS
icmp_echoid,
icmp_echoseq,
icmp_gateway,
- icmp_fragmtu
+ icmp_fragmtu,
+ icmpv6_type,
+ icmpv6_code,
+ icmpv6_echoid,
+ icmpv6_echoseq,
+ icmpv6_csum
+-- mac_saddr,
+-- mac_daddr,
+-- mac_protocol,
FROM ulog2 LEFT JOIN tcp ON ulog2._id = tcp._tcp_id LEFT JOIN udp ON ulog2._id = udp._udp_id
- LEFT JOIN icmp ON ulog2._id = icmp._icmp_id LEFT JOIN mac ON ulog2._id = mac._mac_id;
+ LEFT JOIN icmp ON ulog2._id = icmp._icmp_id LEFT JOIN mac ON ulog2._id = mac._mac_id
+ LEFT JOIN icmpv6 ON ulog2._id = icmpv6._icmpv6_id;
-- shortcuts
@@ -303,7 +331,6 @@ INSERT INTO ip_proto (_proto_id,proto_name,proto_desc) VALUES
(58,'ipv6-icmp','ICMP for IPv6');
-- State
-DROP TABLE IF EXISTS `state_t`;
CREATE TABLE `state_t` (
`_state_id` bigint unsigned NOT NULL,
state tinyint(3) unsigned
@@ -319,7 +346,6 @@ INSERT INTO _extensions (ext_name,table_name,join_name) VALUES
-- NuFW specific
-DROP TABLE IF EXISTS `nufw`;
CREATE TABLE `nufw` (
`_nufw_id` bigint unsigned NOT NULL,
`username` varchar(30) default NULL,
@@ -362,6 +388,7 @@ SQL SECURITY INVOKER
COMMENT 'Drop constraints for ulog2 tables'
BEGIN
-- remember : table with most constraints first
+ ALTER TABLE icmpv6 DROP FOREIGN KEY _icmpv6_id;
ALTER TABLE icmp DROP FOREIGN KEY _icmp_id;
ALTER TABLE udp DROP FOREIGN KEY _udp_id;
ALTER TABLE tcp DROP FOREIGN KEY _tcp_id;
@@ -380,6 +407,7 @@ BEGIN
ALTER TABLE tcp ADD CONSTRAINT _tcp_id FOREIGN KEY (_tcp_id) REFERENCES ulog2 (_id);
ALTER TABLE udp ADD CONSTRAINT _udp_id FOREIGN KEY (_udp_id) REFERENCES ulog2 (_id);
ALTER TABLE icmp ADD CONSTRAINT _icmp_id FOREIGN KEY (_icmp_id) REFERENCES ulog2 (_id);
+ ALTER TABLE icmpv6 ADD CONSTRAINT _icmpv6_id FOREIGN KEY (_icmpv6_id) REFERENCES ulog2 (_id);
END
$$
delimiter ;
@@ -515,6 +543,25 @@ BEGIN
END
$$
+delimiter $$
+DROP PROCEDURE IF EXISTS PACKET_ADD_ICMPV6;
+CREATE PROCEDURE PACKET_ADD_ICMPV6(
+ IN `id` int(10) unsigned,
+ IN `_icmpv6_type` tinyint(3) unsigned,
+ IN `_icmpv6_code` tinyint(3) unsigned,
+ IN `_icmpv6_echoid` smallint(5) unsigned,
+ IN `_icmpv6_echoseq` smallint(5) unsigned,
+ IN `_icmpv6_csum` int(10) unsigned
+ )
+BEGIN
+ INSERT INTO icmpv6 (_icmpv6_id, icmpv6_type, icmpv6_code, icmpv6_echoid,
+ icmpv6_echoseq, icmpv6_csum) VALUES
+ (id, _icmpv6_type, _icmpv6_code, _icmpv6_echoid,
+ _icmpv6_echoseq, _icmpv6_csum);
+END
+$$
+
+
delimiter $$
DROP PROCEDURE IF EXISTS PACKET_ADD_MAC;
@@ -570,7 +617,12 @@ CREATE FUNCTION INSERT_PACKET_FULL(
icmp_echoid smallint(5) unsigned,
icmp_echoseq smallint(5) unsigned,
icmp_gateway int(10) unsigned,
- icmp_fragmtu smallint(5) unsigned
+ icmp_fragmtu smallint(5) unsigned,
+ icmpv6_type tinyint(3) unsigned,
+ icmpv6_code tinyint(3) unsigned,
+ icmpv6_echoid smallint(5) unsigned,
+ icmpv6_echoseq smallint(5) unsigned,
+ icmpv6_csum int(10) unsigned
-- mac_saddr binary(12),
-- mac_daddr binary(12),
-- mac_protocol smallint(5)
@@ -591,6 +643,9 @@ BEGIN
ELSEIF _ip_protocol = 1 THEN
CALL PACKET_ADD_ICMP(@lastid, icmp_type, icmp_code, icmp_echoid, icmp_echoseq,
icmp_gateway, icmp_fragmtu);
+ ELSEIF _ip_protocol = 58 THEN
+ CALL PACKET_ADD_ICMPV6(@lastid, icmpv6_type, icmpv6_code, icmpv6_echoid,
+ icmpv6_echoseq, icmpv6_csum);
END IF;
-- IF mac_protocol IS NOT NULL THEN
-- CALL PACKET_ADD_MAC(@lastid, mac_saddr, mac_daddr, mac_protocol);
diff --git a/doc/pgsql-ulogd2.sql b/doc/pgsql-ulogd2.sql
index 740a7ef..87a85fb 100644
--- a/doc/pgsql-ulogd2.sql
+++ b/doc/pgsql-ulogd2.sql
@@ -13,7 +13,7 @@ CREATE TABLE _format (
version integer
) WITH (OIDS=FALSE);
-INSERT INTO _format (version) VALUES (4);
+INSERT INTO _format (version) VALUES (5);
-- this table could be used to know which user-defined tables are linked
-- to ulog
@@ -29,6 +29,7 @@ DROP TABLE IF EXISTS mac CASCADE;
DROP TABLE IF EXISTS tcp CASCADE;
DROP TABLE IF EXISTS udp CASCADE;
DROP TABLE IF EXISTS icmp CASCADE;
+DROP TABLE IF EXISTS icmpv6 CASCADE;
DROP TABLE IF EXISTS nufw CASCADE;
DROP TABLE IF EXISTS ulog2_ct CASCADE;
DROP TABLE IF EXISTS ulog2 CASCADE;
@@ -118,6 +119,15 @@ CREATE TABLE icmp (
icmp_fragmtu smallint default NULL
) WITH (OIDS=FALSE);
+CREATE TABLE icmpv6 (
+ _icmpv6_id bigint PRIMARY KEY UNIQUE NOT NULL,
+ icmpv6_type smallint default NULL,
+ icmpv6_code smallint default NULL,
+ icmpv6_echoid smallint default NULL,
+ icmpv6_echoseq smallint default NULL,
+ icmpv6_csum integer default NULL
+) WITH (OIDS=FALSE);
+
--
-- VIEWS
--
@@ -131,6 +141,9 @@ CREATE OR REPLACE VIEW view_udp AS
CREATE OR REPLACE VIEW view_icmp AS
SELECT * FROM ulog2 INNER JOIN icmp ON ulog2._id = icmp._icmp_id;
+CREATE OR REPLACE VIEW view_icmpv6 AS
+ SELECT * FROM ulog2 INNER JOIN icmpv6 ON ulog2._id = icmpv6._icmpv6_id;
+
-- complete view
CREATE OR REPLACE VIEW ulog AS
SELECT _id,
@@ -171,9 +184,15 @@ CREATE OR REPLACE VIEW ulog AS
icmp_echoid,
icmp_echoseq,
icmp_gateway,
- icmp_fragmtu
+ icmp_fragmtu,
+ icmpv6_type,
+ icmpv6_code,
+ icmpv6_echoid,
+ icmpv6_echoseq,
+ icmpv6_csum
FROM ulog2 LEFT JOIN tcp ON ulog2._id = tcp._tcp_id LEFT JOIN udp ON ulog2._id = udp._udp_id
- LEFT JOIN icmp ON ulog2._id = icmp._icmp_id LEFT JOIN mac ON ulog2._id = mac._mac_id;
+ LEFT JOIN icmp ON ulog2._id = icmp._icmp_id LEFT JOIN mac ON ulog2._id = mac._mac_id
+ LEFT JOIN icmpv6 ON ulog2._id = icmpv6._icmpv6_id;
-- shortcuts
CREATE OR REPLACE VIEW view_tcp_quad AS
@@ -285,6 +304,7 @@ INSERT INTO _extensions (ext_name,table_name,join_name) VALUES
CREATE OR REPLACE FUNCTION ULOG2_DROP_FOREIGN_KEYS()
RETURNS void AS $$
+ ALTER TABLE icmpv6 DROP CONSTRAINT icmpv6_id_fk;
ALTER TABLE icmp DROP CONSTRAINT icmp_id_fk;
ALTER TABLE udp DROP CONSTRAINT udp_id_fk;
ALTER TABLE tcp DROP CONSTRAINT tcp_id_fk;
@@ -296,6 +316,7 @@ RETURNS void AS $$
ALTER TABLE tcp ADD CONSTRAINT tcp_id_fk FOREIGN KEY (_tcp_id) REFERENCES ulog2(_id);
ALTER TABLE udp ADD CONSTRAINT udp_id_fk FOREIGN KEY (_udp_id) REFERENCES ulog2(_id);
ALTER TABLE icmp ADD CONSTRAINT icmp_id_fk FOREIGN KEY (_icmp_id) REFERENCES ulog2(_id);
+ ALTER TABLE icmpv6 ADD CONSTRAINT icmpv6_id_fk FOREIGN KEY (_icmpv6_id) REFERENCES ulog2(_id);
$$ LANGUAGE SQL SECURITY INVOKER;
@@ -395,6 +416,21 @@ RETURNS bigint AS $$
SELECT currval('ulog2__id_seq');
$$ LANGUAGE SQL SECURITY INVOKER;
+CREATE OR REPLACE FUNCTION INSERT_ICMPV6(
+ IN icmpv6_id bigint,
+ IN icmpv6_type integer,
+ IN icmpv6_code integer,
+ IN icmpv6_echoid integer,
+ IN icmpv6_echoseq integer,
+ IN icmpv6_csum integer
+ )
+RETURNS bigint AS $$
+ INSERT INTO icmpv6 (_icmpv6_id,icmpv6_type,icmpv6_code,icmpv6_echoid,icmpv6_echoseq,icmpv6_csum)
+ VALUES ($1,$2,$3,$4,$5,$6);
+ SELECT currval('ulog2__id_seq');
+$$ LANGUAGE SQL SECURITY INVOKER;
+
+
-- this function requires plpgsql
-- su -c "createlang plpgsql ulog2" postgres
CREATE OR REPLACE FUNCTION INSERT_PACKET_FULL(
@@ -435,7 +471,12 @@ CREATE OR REPLACE FUNCTION INSERT_PACKET_FULL(
IN icmp_echoid integer,
IN icmp_echoseq integer,
IN icmp_gateway integer,
- IN icmp_fragmtu integer
+ IN icmp_fragmtu integer,
+ IN icmpv6_type integer,
+ IN icmpv6_code integer,
+ IN icmpv6_echoid integer,
+ IN icmpv6_echoseq integer,
+ IN icmpv6_csum integer
)
RETURNS bigint AS $$
DECLARE
@@ -445,9 +486,11 @@ BEGIN
IF (ip_protocol = 6) THEN
PERFORM INSERT_TCP_FULL(_id,$18,$19,$20,$21,$22,$23,$24,$25,$26,$27,$28,$29);
ELSIF (ip_protocol = 17) THEN
- PERFORM INSERT_UDP(_id,$30,$31,$32,$33);
+ PERFORM INSERT_UDP(_id,$30,$31,$32);
ELSIF (ip_protocol = 1) THEN
- PERFORM INSERT_ICMP(_id,$34,$35,$36,$37,$38,$39);
+ PERFORM INSERT_ICMP(_id,$33,$34,$35,$36,$37,$38);
+ ELSIF (ip_protocol = 58) THEN
+ PERFORM INSERT_ICMPV6(_id,$39,$40,$41,$42,$43);
END IF;
RETURN _id;
END
--
1.5.2.5
^ permalink raw reply related [flat|nested] 13+ messages in thread
* [ULOGD PATCH 4/5] Add support for UID dumping to NFLOG input plugin.
2008-02-09 12:36 [ULOGD PATCH 0/5] UID dump support in NFLOG, IPCMPv6 support in SQL Eric Leblond
` (2 preceding siblings ...)
2008-02-09 12:36 ` [PATCH 3/5] Add Icmpv6 support to SQL schema Eric Leblond
@ 2008-02-09 12:36 ` Eric Leblond
2008-02-09 17:40 ` Pablo Neira Ayuso
2008-02-09 12:36 ` [ULOGD PATCH 5/5] Add UID display to PRINTPKT filter Eric Leblond
2008-02-09 17:44 ` [ULOGD PATCH 0/5] UID dump support in NFLOG, IPCMPv6 support in SQL Pablo Neira Ayuso
5 siblings, 1 reply; 13+ messages in thread
From: Eric Leblond @ 2008-02-09 12:36 UTC (permalink / raw)
To: netfilter-devel; +Cc: Eric Leblond
Signed-off-by: Eric Leblond <eric@inl.fr>
---
input/packet/ulogd_inppkt_NFLOG.c | 14 ++++++++++++++
1 files changed, 14 insertions(+), 0 deletions(-)
diff --git a/input/packet/ulogd_inppkt_NFLOG.c b/input/packet/ulogd_inppkt_NFLOG.c
index 1b8e32c..3f013cc 100644
--- a/input/packet/ulogd_inppkt_NFLOG.c
+++ b/input/packet/ulogd_inppkt_NFLOG.c
@@ -106,6 +106,7 @@ enum nflog_keys {
NFLOG_KEY_OOB_SEQ_GLOBAL,
NFLOG_KEY_OOB_FAMILY,
NFLOG_KEY_OOB_PROTOCOL,
+ NFLOG_KEY_OOB_UID,
};
static struct ulogd_key output_keys[] = {
@@ -240,6 +241,12 @@ static struct ulogd_key output_keys[] = {
.flags = ULOGD_RETF_NONE,
.name = "oob.protocol",
},
+ {
+ .type = ULOGD_RET_UINT32,
+ .flags = ULOGD_RETF_NONE,
+ .name = "oob.uid",
+ },
+
};
static inline int
@@ -257,6 +264,8 @@ interp_packet(struct ulogd_pluginstance *upi, struct nflog_data *ldata)
u_int32_t indev = nflog_get_indev(ldata);
u_int32_t outdev = nflog_get_outdev(ldata);
u_int32_t seq;
+ u_int32_t uid;
+
ret[NFLOG_KEY_OOB_FAMILY].u.value.ui8 = af_ce(upi->config_kset).u.value;
ret[NFLOG_KEY_OOB_FAMILY].flags |= ULOGD_RETF_VALID;
@@ -317,6 +326,11 @@ interp_packet(struct ulogd_pluginstance *upi, struct nflog_data *ldata)
ret[NFLOG_KEY_OOB_IFINDEX_OUT].flags |= ULOGD_RETF_VALID;
}
+ if (nflog_get_uid(ldata, &uid) == 0) {
+ ret[NFLOG_KEY_OOB_UID].u.value.ui32 = uid;
+ ret[NFLOG_KEY_OOB_UID].flags |= ULOGD_RETF_VALID;
+ }
+
if (nflog_get_seq(ldata, &seq) == 0) {
ret[NFLOG_KEY_OOB_SEQ_LOCAL].u.value.ui32 = seq;
ret[NFLOG_KEY_OOB_SEQ_LOCAL].flags |= ULOGD_RETF_VALID;
--
1.5.2.5
^ permalink raw reply related [flat|nested] 13+ messages in thread
* [ULOGD PATCH 5/5] Add UID display to PRINTPKT filter.
2008-02-09 12:36 [ULOGD PATCH 0/5] UID dump support in NFLOG, IPCMPv6 support in SQL Eric Leblond
` (3 preceding siblings ...)
2008-02-09 12:36 ` [ULOGD PATCH 4/5] Add support for UID dumping to NFLOG input plugin Eric Leblond
@ 2008-02-09 12:36 ` Eric Leblond
2008-02-09 17:43 ` Pablo Neira Ayuso
2008-02-09 17:44 ` [ULOGD PATCH 0/5] UID dump support in NFLOG, IPCMPv6 support in SQL Pablo Neira Ayuso
5 siblings, 1 reply; 13+ messages in thread
From: Eric Leblond @ 2008-02-09 12:36 UTC (permalink / raw)
To: netfilter-devel; +Cc: Eric Leblond
Signed-off-by: Eric Leblond <eric@inl.fr>
---
:100644 100644 ae56946... b524fc2... M include/ulogd/printpkt.h
:100644 100644 35d8080... 93d506a... M util/printpkt.c
include/ulogd/printpkt.h | 1 +
util/printpkt.c | 7 +++++++
2 files changed, 8 insertions(+), 0 deletions(-)
diff --git a/include/ulogd/printpkt.h b/include/ulogd/printpkt.h
index ae56946..b524fc2 100644
--- a/include/ulogd/printpkt.h
+++ b/include/ulogd/printpkt.h
@@ -7,6 +7,7 @@ enum pkt_keys {
KEY_OOB_PREFIX,
KEY_OOB_IN,
KEY_OOB_OUT,
+ KEY_OOB_UID,
KEY_RAW_MAC,
KEY_RAW_MACLEN,
KEY_IP_SADDR,
diff --git a/util/printpkt.c b/util/printpkt.c
index 35d8080..93d506a 100644
--- a/util/printpkt.c
+++ b/util/printpkt.c
@@ -43,6 +43,9 @@ struct ulogd_key printpkt_keys[] = {
[KEY_OOB_PREFIX] = { .name = "oob.prefix", },
[KEY_OOB_IN] = { .name = "oob.in", },
[KEY_OOB_OUT] = { .name = "oob.out", },
+ [KEY_OOB_UID] = { .name = "oob.uid",
+ .flags = ULOGD_KEYF_OPTIONAL
+ },
[KEY_RAW_MAC] = { .name = "raw.mac", },
[KEY_RAW_MACLEN] = { .name = "raw.mac_len", },
[KEY_IP_SADDR] = { .name = "ip.saddr.str", },
@@ -365,6 +368,10 @@ int printpkt_print(struct ulogd_key *res, char *buf)
break;
}
+ if (pp_is_valid(res, KEY_OOB_UID))
+ buf_cur += sprintf(buf_cur, "UID=%d",
+ GET_VALUE(res, KEY_OOB_UID).ui32);
+
strcat(buf_cur, "\n");
return 0;
--
1.5.2.5
^ permalink raw reply related [flat|nested] 13+ messages in thread
* Re: [ULOGD PATCH 1/5] Fix treatment of return from function
2008-02-09 12:36 ` [ULOGD PATCH 1/5] Fix treatment of return from function Eric Leblond
@ 2008-02-09 17:28 ` Pablo Neira Ayuso
2008-02-09 17:31 ` Pablo Neira Ayuso
1 sibling, 0 replies; 13+ messages in thread
From: Pablo Neira Ayuso @ 2008-02-09 17:28 UTC (permalink / raw)
To: Eric Leblond; +Cc: netfilter-devel
Eric Leblond wrote:
> The treatment of the return of some functions from libnetfilter_log API was wrong and this
> was preventing some fields to be propagated through the stack.
Applied. Thanks.
--
"Los honestos son inadaptados sociales" -- Les Luthiers
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [ULOGD PATCH 1/5] Fix treatment of return from function
2008-02-09 12:36 ` [ULOGD PATCH 1/5] Fix treatment of return from function Eric Leblond
2008-02-09 17:28 ` Pablo Neira Ayuso
@ 2008-02-09 17:31 ` Pablo Neira Ayuso
1 sibling, 0 replies; 13+ messages in thread
From: Pablo Neira Ayuso @ 2008-02-09 17:31 UTC (permalink / raw)
To: Eric Leblond; +Cc: netfilter-devel
Eric Leblond wrote:
> The treatment of the return of some functions from libnetfilter_log API was wrong and this
> was preventing some fields to be propagated through the stack.
libnetfilter_log API is confusing, get_seq() should returns 1 if OK,
that seems more logical to me. Well, we don't have anything to do here
apart from rewritten the API or move later to libnl.
--
"Los honestos son inadaptados sociales" -- Les Luthiers
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [ULOGD PATCH 2/5] Factorize definition of some macros.
2008-02-09 12:36 ` [ULOGD PATCH 2/5] Factorize definition of some macros Eric Leblond
@ 2008-02-09 17:33 ` Pablo Neira Ayuso
0 siblings, 0 replies; 13+ messages in thread
From: Pablo Neira Ayuso @ 2008-02-09 17:33 UTC (permalink / raw)
To: Eric Leblond; +Cc: netfilter-devel
Eric Leblond wrote:
> Some macros were defined several time. This was the case of GET_VALUE,
> pp_is_valid. This patch puts the definition in ulogd.h and fixes the
> definition of pp_is_valid which was wrong (causing segfault by acessing to
> fields at NULL).
I like these sort of cleanups a lot. I think that the code of the input
handlers would be also much nicer if we cook some macros to setup values
and flags of the ulogd_keys.
Applied. Thanks Eric.
--
"Los honestos son inadaptados sociales" -- Les Luthiers
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [PATCH 3/5] Add Icmpv6 support to SQL schema.
2008-02-09 12:36 ` [PATCH 3/5] Add Icmpv6 support to SQL schema Eric Leblond
@ 2008-02-09 17:39 ` Pablo Neira Ayuso
0 siblings, 0 replies; 13+ messages in thread
From: Pablo Neira Ayuso @ 2008-02-09 17:39 UTC (permalink / raw)
To: Eric Leblond; +Cc: netfilter-devel, Pierre Chifflier
Eric Leblond wrote:
> Signed-off-by: Pierre Chifflier <chifflier@inl.fr>
> Signed-off-by: Eric Leblond <eric@inl.fr>
Applied, Thanks.
--
"Los honestos son inadaptados sociales" -- Les Luthiers
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [ULOGD PATCH 4/5] Add support for UID dumping to NFLOG input plugin.
2008-02-09 12:36 ` [ULOGD PATCH 4/5] Add support for UID dumping to NFLOG input plugin Eric Leblond
@ 2008-02-09 17:40 ` Pablo Neira Ayuso
0 siblings, 0 replies; 13+ messages in thread
From: Pablo Neira Ayuso @ 2008-02-09 17:40 UTC (permalink / raw)
To: Eric Leblond; +Cc: netfilter-devel
Eric Leblond wrote:
> Signed-off-by: Eric Leblond <eric@inl.fr>
Also applied. Thanks.
--
"Los honestos son inadaptados sociales" -- Les Luthiers
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [ULOGD PATCH 5/5] Add UID display to PRINTPKT filter.
2008-02-09 12:36 ` [ULOGD PATCH 5/5] Add UID display to PRINTPKT filter Eric Leblond
@ 2008-02-09 17:43 ` Pablo Neira Ayuso
0 siblings, 0 replies; 13+ messages in thread
From: Pablo Neira Ayuso @ 2008-02-09 17:43 UTC (permalink / raw)
To: Eric Leblond; +Cc: netfilter-devel
Eric Leblond wrote:
> Signed-off-by: Eric Leblond <eric@inl.fr>
Applied. Thanks Eric.
--
"Los honestos son inadaptados sociales" -- Les Luthiers
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [ULOGD PATCH 0/5] UID dump support in NFLOG, IPCMPv6 support in SQL
2008-02-09 12:36 [ULOGD PATCH 0/5] UID dump support in NFLOG, IPCMPv6 support in SQL Eric Leblond
` (4 preceding siblings ...)
2008-02-09 12:36 ` [ULOGD PATCH 5/5] Add UID display to PRINTPKT filter Eric Leblond
@ 2008-02-09 17:44 ` Pablo Neira Ayuso
5 siblings, 0 replies; 13+ messages in thread
From: Pablo Neira Ayuso @ 2008-02-09 17:44 UTC (permalink / raw)
To: Eric Leblond; +Cc: netfilter-devel
Hi Eric,
Eric Leblond wrote:
> This patchset starts with two minor code cleaning patches.
>
> The rest of patchset contains some more significative things:
> * Add UID in NFLOG (ood.uid) and make PRINTPKT able to display the key if
> present
> * Add IPCMPv6 support to SQL schema
Nice work again. Thanks for your patches.
--
"Los honestos son inadaptados sociales" -- Les Luthiers
^ permalink raw reply [flat|nested] 13+ messages in thread
end of thread, other threads:[~2008-02-09 17:44 UTC | newest]
Thread overview: 13+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2008-02-09 12:36 [ULOGD PATCH 0/5] UID dump support in NFLOG, IPCMPv6 support in SQL Eric Leblond
2008-02-09 12:36 ` [ULOGD PATCH 1/5] Fix treatment of return from function Eric Leblond
2008-02-09 17:28 ` Pablo Neira Ayuso
2008-02-09 17:31 ` Pablo Neira Ayuso
2008-02-09 12:36 ` [ULOGD PATCH 2/5] Factorize definition of some macros Eric Leblond
2008-02-09 17:33 ` Pablo Neira Ayuso
2008-02-09 12:36 ` [PATCH 3/5] Add Icmpv6 support to SQL schema Eric Leblond
2008-02-09 17:39 ` Pablo Neira Ayuso
2008-02-09 12:36 ` [ULOGD PATCH 4/5] Add support for UID dumping to NFLOG input plugin Eric Leblond
2008-02-09 17:40 ` Pablo Neira Ayuso
2008-02-09 12:36 ` [ULOGD PATCH 5/5] Add UID display to PRINTPKT filter Eric Leblond
2008-02-09 17:43 ` Pablo Neira Ayuso
2008-02-09 17:44 ` [ULOGD PATCH 0/5] UID dump support in NFLOG, IPCMPv6 support in SQL Pablo Neira Ayuso
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox