Message parsing functions [DEPRECATED]

Functions
struct nfqnl_msg_packet_hdr *	nfq_get_msg_packet_hdr (struct nfq_data *nfad)
uint32_t	nfq_get_nfmark (struct nfq_data *nfad)
int	nfq_get_timestamp (struct nfq_data *nfad, struct timeval *tv)
uint32_t	nfq_get_indev (struct nfq_data *nfad)
uint32_t	nfq_get_physindev (struct nfq_data *nfad)
uint32_t	nfq_get_outdev (struct nfq_data *nfad)
uint32_t	nfq_get_physoutdev (struct nfq_data *nfad)
int	nfq_get_indev_name (struct nlif_handle *nlif_handle, struct nfq_data *nfad, char *name)
int	nfq_get_physindev_name (struct nlif_handle *nlif_handle, struct nfq_data *nfad, char *name)
int	nfq_get_outdev_name (struct nlif_handle *nlif_handle, struct nfq_data *nfad, char *name)
int	nfq_get_physoutdev_name (struct nlif_handle *nlif_handle, struct nfq_data *nfad, char *name)
struct nfqnl_msg_packet_hw *	nfq_get_packet_hw (struct nfq_data *nfad)
uint32_t	nfq_get_skbinfo (struct nfq_data *nfad)
int	nfq_get_uid (struct nfq_data *nfad, uint32_t *uid)
int	nfq_get_gid (struct nfq_data *nfad, uint32_t *gid)
int	nfq_get_secctx (struct nfq_data *nfad, unsigned char **secdata)
int	nfq_get_payload (struct nfq_data *nfad, unsigned char **data)

Detailed Description

Function Documentation

nfq_get_gid()

int nfq_get_gid	(	struct nfq_data *	nfad,
		uint32_t *	gid
	)

nfq_get_gid - get the GID of the user the packet belongs to

Parameters

nfad	Netlink packet data handle passed to callback function
gid	Set to GID on return

Warning

If the NFQA_CFG_F_GSO flag is not set, then fragmented packets may be pushed into the queue. In this case, only one fragment will have the GID field set. To deal with this issue always set NFQA_CFG_F_GSO.

Returns

1 if there is a GID available, 0 otherwise.

Definition at line 1277 of file libnetfilter_queue.c.

nfq_get_indev()

uint32_t nfq_get_indev

(

struct nfq_data *

nfad

)

nfq_get_indev - get the interface that the packet was received through

Parameters

nfad	Netlink packet data handle passed to callback function

Returns

The index of the device the queued packet was received via. If the returned index is 0, the packet was locally generated or the input interface is not known (ie. POSTROUTING?).

Warning

all nfq_get_dev() functions return 0 if not set, since linux only allows ifindex >= 1, see net/core/dev.c:2600 (in 2.6.13.1)

Definition at line 1028 of file libnetfilter_queue.c.

nfq_get_indev_name()

int nfq_get_indev_name	(	struct nlif_handle *	nlif_handle,
		struct nfq_data *	nfad,
		char *	name
	)

nfq_get_indev_name - get the name of the interface the packet was received through

Parameters

nlif_handle	pointer to a nlif interface resolving handle
nfad	Netlink packet data handle passed to callback function
name	pointer to the buffer to receive the interface name; not more than IFNAMSIZ bytes will be copied to it.

Returns

-1 in case of error, >0 if it succeed.

To use a nlif_handle, You need first to call nlif_open() and to open an handler. Don't forget to store the result as it will be used during all your program life:

        h = nlif_open();
        if (h == NULL) {
                perror("nlif_open");
                exit(EXIT_FAILURE);
        }

Once the handler is open, you need to fetch the interface table at a whole via a call to nlif_query.

        nlif_query(h);

libnfnetlink is able to update the interface mapping when a new interface appears. To do so, you need to call nlif_catch() on the handler after each interface related event. The simplest way to get and treat event is to run a select() or poll() against the nlif file descriptor. To get this file descriptor, you need to use nlif_fd:

        if_fd = nlif_fd(h);

Don't forget to close the handler when you don't need the feature anymore:

        nlif_close(h);

Definition at line 1116 of file libnetfilter_queue.c.

nfq_get_msg_packet_hdr()

struct nfqnl_msg_packet_hdr* nfq_get_msg_packet_hdr

(

struct nfq_data *

nfad

)

nfqnl_msg_packet_hdr - return the metaheader that wraps the packet

Parameters

nfad	Netlink packet data handle passed to callback function

Returns

the netfilter queue netlink packet header for the given nfq_data argument. Typically, the nfq_data value is passed as the 3rd parameter to the callback function set by a call to nfq_create_queue().

The nfqnl_msg_packet_hdr structure is defined in libnetfilter_queue.h as:

        struct nfqnl_msg_packet_hdr {
                uint32_t        packet_id;      // unique ID of packet in queue
                uint16_t        hw_protocol;    // hw protocol (network order)
                uint8_t         hook;           // netfilter hook
        } __attribute__ ((packed));

Definition at line 974 of file libnetfilter_queue.c.

nfq_get_nfmark()

uint32_t nfq_get_nfmark

(

struct nfq_data *

nfad

)

nfq_get_nfmark - get the packet mark

Parameters

nfad	Netlink packet data handle passed to callback function

Returns

the netfilter mark currently assigned to the given queued packet.

Definition at line 987 of file libnetfilter_queue.c.

nfq_get_outdev()

uint32_t nfq_get_outdev

(

struct nfq_data *

nfad

)

nfq_get_outdev - gets the interface that the packet will be routed out

Parameters

nfad	Netlink packet data handle passed to callback function

Returns

The index of the device the queued packet will be sent out. If the returned index is 0, the packet is destined for localhost or the output interface is not yet known (ie. PREROUTING?).

Definition at line 1056 of file libnetfilter_queue.c.

nfq_get_outdev_name()

int nfq_get_outdev_name	(	struct nlif_handle *	nlif_handle,
		struct nfq_data *	nfad,
		char *	name
	)

nfq_get_outdev_name - get the name of the physical interface the packet will be sent to

Parameters

nlif_handle	pointer to a nlif interface resolving handle
nfad	Netlink packet data handle passed to callback function
name	pointer to the buffer to receive the interface name; not more than IFNAMSIZ bytes will be copied to it.

See nfq_get_indev_name() documentation for nlif_handle usage.

Returns

-1 in case of error, > 0 if it succeed.

Definition at line 1156 of file libnetfilter_queue.c.

nfq_get_packet_hw()

struct nfqnl_msg_packet_hw* nfq_get_packet_hw

(

struct nfq_data *

nfad

)

nfq_get_packet_hw

get hardware address

Parameters

nfad	Netlink packet data handle passed to callback function

Retrieves the hardware address associated with the given queued packet. For ethernet packets, the hardware address returned (if any) will be the MAC address of the packet source host. The destination MAC address is not known until after POSTROUTING and a successful ARP request, so cannot currently be retrieved.

The nfqnl_msg_packet_hw structure is defined in libnetfilter_queue.h as:

        struct nfqnl_msg_packet_hw {
                uint16_t        hw_addrlen;
                uint16_t        _pad;
                uint8_t hw_addr[8];
        } __attribute__ ((packed));

Definition at line 1207 of file libnetfilter_queue.c.

nfq_get_payload()

int nfq_get_payload	(	struct nfq_data *	nfad,
		unsigned char **	data
	)

nfq_get_payload - get payload

Parameters

nfad	Netlink packet data handle passed to callback function
data	Pointer of pointer that will be pointed to the payload

Retrieve the payload for a queued packet. The actual amount and type of data retrieved by this function will depend on the mode set with the nfq_set_mode() function.

Returns

-1 on error, otherwise > 0.

Definition at line 1324 of file libnetfilter_queue.c.

nfq_get_physindev()

uint32_t nfq_get_physindev

(

struct nfq_data *

nfad

)

nfq_get_physindev - get the physical interface that the packet was received

Parameters

nfad	Netlink packet data handle passed to callback function

Returns

The index of the physical device the queued packet was received via. If the returned index is 0, the packet was locally generated or the physical input interface is no longer known (ie. POSTROUTING?).

Definition at line 1042 of file libnetfilter_queue.c.

nfq_get_physindev_name()

int nfq_get_physindev_name	(	struct nlif_handle *	nlif_handle,
		struct nfq_data *	nfad,
		char *	name
	)

nfq_get_physindev_name - get the name of the physical interface the packet was received through

Parameters

nlif_handle	pointer to a nlif interface resolving handle
nfad	Netlink packet data handle passed to callback function
name	pointer to the buffer to receive the interface name; not more than IFNAMSIZ bytes will be copied to it.

See nfq_get_indev_name() documentation for nlif_handle usage.

Returns

-1 in case of error, > 0 if it succeed.

Definition at line 1136 of file libnetfilter_queue.c.

nfq_get_physoutdev()

uint32_t nfq_get_physoutdev

(

struct nfq_data *

nfad

)

nfq_get_physoutdev - get the physical interface that the packet output

Parameters

nfad	Netlink packet data handle passed to callback function

The index of the physical device the queued packet will be sent out. If the returned index is 0, the packet is destined for localhost or the physical output interface is not yet known (ie. PREROUTING?).

Returns

The index of physical interface that the packet output will be routed out.

Definition at line 1072 of file libnetfilter_queue.c.

nfq_get_physoutdev_name()

int nfq_get_physoutdev_name	(	struct nlif_handle *	nlif_handle,
		struct nfq_data *	nfad,
		char *	name
	)

nfq_get_physoutdev_name - get the name of the interface the packet will be sent to

Parameters

nlif_handle	pointer to a nlif interface resolving handle
nfad	Netlink packet data handle passed to callback function
name	pointer to the buffer to receive the interface name; not more than IFNAMSIZ bytes will be copied to it.

See nfq_get_indev_name() documentation for nlif_handle usage.

Returns

-1 in case of error, > 0 if it succeed.

Definition at line 1177 of file libnetfilter_queue.c.

nfq_get_secctx()

int nfq_get_secctx	(	struct nfq_data *	nfad,
		unsigned char **	secdata
	)

nfq_get_secctx - get the security context for this packet

Parameters

nfad	Netlink packet data handle passed to callback function
secdata	data to write the security context to

Warning

If the NFQA_CFG_F_GSO flag is not set, then fragmented packets may be pushed into the queue. In this case, only one fragment will have the SECCTX field set. To deal with this issue always set NFQA_CFG_F_GSO.

Returns

-1 on error, otherwise > 0

Definition at line 1298 of file libnetfilter_queue.c.

nfq_get_skbinfo()

uint32_t nfq_get_skbinfo

(

struct nfq_data *

nfad

)

nfq_get_skbinfo - return the NFQA_SKB_INFO meta information

Parameters

nfad	Netlink packet data handle passed to callback function

This can be used to obtain extra information about a packet by testing the returned integer for any of the following bit flags:

• NFQA_SKB_CSUMNOTREADY packet header checksums will be computed by hardware later on, i.e. tcp/ip checksums in the packet must not be validated, application should pretend they are correct.
• NFQA_SKB_GSO packet is an aggregated super-packet. It exceeds device mtu and will be (re-)split on transmit by hardware.
• NFQA_SKB_CSUM_NOTVERIFIED packet checksum was not yet verified by the kernel/hardware, for example because this is an incoming packet and the NIC does not perform checksum validation at hardware level.

Returns

the skbinfo value

See also

nfq_set_queue_flags(3)

Definition at line 1236 of file libnetfilter_queue.c.

nfq_get_timestamp()

int nfq_get_timestamp	(	struct nfq_data *	nfad,
		struct timeval *	tv
	)

nfq_get_timestamp - get the packet timestamp

Parameters

nfad	Netlink packet data handle passed to callback function
tv	structure to fill with timestamp info

Retrieves the received timestamp when the given queued packet.

Returns

0 on success, non-zero on failure.

Definition at line 1002 of file libnetfilter_queue.c.

nfq_get_uid()

int nfq_get_uid	(	struct nfq_data *	nfad,
		uint32_t *	uid
	)

nfq_get_uid - get the UID of the user the packet belongs to

Parameters

nfad	Netlink packet data handle passed to callback function
uid	Set to UID on return

Warning

If the NFQA_CFG_F_GSO flag is not set, then fragmented packets may be pushed into the queue. In this case, only one fragment will have the UID field set. To deal with this issue always set NFQA_CFG_F_GSO.

Returns

1 if there is a UID available, 0 otherwise.

Definition at line 1256 of file libnetfilter_queue.c.