Group handling

Functions

int nflog_fd (struct nflog_handle *h)
struct nflog_g_handlenflog_bind_group (struct nflog_handle *h, u_int16_t num)
int nflog_unbind_group (struct nflog_g_handle *gh)
int nflog_set_mode (struct nflog_g_handle *gh, u_int8_t mode, u_int32_t range)
int nflog_set_timeout (struct nflog_g_handle *gh, u_int32_t timeout)
int nflog_set_qthresh (struct nflog_g_handle *gh, u_int32_t qthresh)
int nflog_set_nlbufsiz (struct nflog_g_handle *gh, u_int32_t nlbufsiz)
int nflog_set_flags (struct nflog_g_handle *gh, u_int16_t flags)

Detailed Description

Once libnetfilter_log library has been initialised (See LibrarySetup), it is possible to bind the program to a specific group. This can be done using nflog_bind_group().

The group can then be tuned via nflog_set_mode() among many others.

Here's a little code snippet that binds to the group 100: 

	printf("binding this socket to group 0\n");
	qh = nflog_bind_group(h, 0);
	if (!qh) {
		fprintf(stderr, "no handle for grup 0\n");
		exit(1);
	}

	printf("setting copy_packet mode\n");
	if (nflog_set_mode(qh, NFULNL_COPY_PACKET, 0xffff) < 0) {
		fprintf(stderr, "can't set packet copy mode\n");
		exit(1);
	}

Next step is the handling of incoming packets which can be done via a loop:

	fd = nflog_fd(h);

	while ((rv = recv(fd, buf, sizeof(buf), 0)) && rv >= 0) {
		printf("pkt received (len=%u)\n", rv);
		nflog_handle_packet(h, buf, rv);
	}

Data and information about the packet can be fetch by using message parsing functions (See Parsing).

Function Documentation

struct nflog_g_handle* nflog_bind_group ( struct nflog_handle h,
u_int16_t  num 
) [read]

nflog_bind_group - bind a new handle to a specific group number.

Parameters:
h Netfilter log handle obtained via call to nflog_open()
num the number of the group to bind to
Returns:
a nflog_g_handle pointing to the newly created group

Definition at line 398 of file libnetfilter_log.c.

int nflog_fd ( struct nflog_handle h  ) 

nflog_fd - get the file descriptor associated with the nflog handler

Parameters:
log handler obtained via call to nflog_open()
Returns:
a file descriptor for the netlink connection associated with the given log connection handle. The file descriptor can then be used for receiving the logged packets for processing.

This function returns a file descriptor that can be used for communication over the netlink connection associated with the given log connection handle.

Definition at line 231 of file libnetfilter_log.c.

int nflog_set_flags ( struct nflog_g_handle gh,
u_int16_t  flags 
)

nflog_set_flags - set the nflog flags for this group

Parameters:
gh Netfilter log handle obtained by call to nflog_bind_group().
flags Flags that you want to set

There are two existing flags:

  • NFULNL_CFG_F_SEQ: This enables local nflog sequence numbering.
  • NFULNL_CFG_F_SEQ_GLOBAL: This enables global nflog sequence numbering.
Returns:
-1 in case of error and errno is explicity set.

Definition at line 580 of file libnetfilter_log.c.

int nflog_set_mode ( struct nflog_g_handle gh,
u_int8_t  mode,
u_int32_t  range 
)

nflog_set_mode - set the amount of packet data that nflog copies to userspace

Parameters:
qh Netfilter log handle obtained by call to nflog_bind_group().
mode the part of the packet that we are interested in
range size of the packet that we want to get

Sets the amount of data to be copied to userspace for each packet logged to the given group.

  • NFULNL_COPY_NONE - do not copy any data
  • NFULNL_COPY_META - copy only packet metadata
  • NFULNL_COPY_PACKET - copy entire packet
Returns:
-1 on error; >= otherwise.

Definition at line 463 of file libnetfilter_log.c.

int nflog_set_nlbufsiz ( struct nflog_g_handle gh,
u_int32_t  nlbufsiz 
)

nflog_set_nlbufsiz - set the size of the nflog buffer for this group

Parameters:
gh Netfilter log handle obtained by call to nflog_bind_group().
nlbufsiz Size of the nflog buffer

This function sets the size (in bytes) of the buffer that is used to stack log messages in nflog.

Returns:
-1 in case of error and errno is explicity set.

Definition at line 546 of file libnetfilter_log.c.

int nflog_set_qthresh ( struct nflog_g_handle gh,
u_int32_t  qthresh 
)

nflog_set_qthresh - set the maximum amount of logs in buffer for this group

Parameters:
gh Netfilter log handle obtained by call to nflog_bind_group().
qthresh Maximum number of log entries

This function determines the maximum number of log entries in the buffer until it is pushed to userspace.

Returns:
-1 in case of error and errno is explicity set.

Definition at line 521 of file libnetfilter_log.c.

int nflog_set_timeout ( struct nflog_g_handle gh,
u_int32_t  timeout 
)

nflog_set_timeout - set the maximum time to push log buffer for this group

Parameters:
gh Netfilter log handle obtained by call to nflog_bind_group().
timeout Time to wait until the log buffer is pushed to userspace

This function allows to set the maximum time that nflog waits until it pushes the log buffer to userspace if no new logged packets have occured. Basically, nflog implements a buffer to reduce the computational cost of delivering the log message to userspace.

Returns:
-1 in case of error and errno is explicity set.

Definition at line 496 of file libnetfilter_log.c.

int nflog_unbind_group ( struct nflog_g_handle gh  ) 

nflog_unbind_group - unbind a group handle.

Parameters:
gh Netfilter log group handle obtained via nflog_bind_group()
Returns:
-1 in case of error and errno is explicity in case of error.

Definition at line 437 of file libnetfilter_log.c.

Generated on Thu Jul 15 14:18:24 2010 for libnetfilter_log by  doxygen 1.6.3