1#include <stdbool.h> 2#include <stdlib.h> 3#include <stdio.h> 4#include <string.h> 5#include <getopt.h> 6#include <xtables.h> 7 8#include <linux/netfilter/x_tables.h> 9#include <linux/netfilter/xt_NFLOG.h> 10 11enum { 12 O_GROUP = 0, 13 O_PREFIX, 14 O_RANGE, 15 O_THRESHOLD, 16}; 17 18#define s struct xt_nflog_info 19static const struct xt_option_entry NFLOG_opts[] = { 20 {.name = "nflog-group", .id = O_GROUP, .type = XTTYPE_UINT16, 21 .flags = XTOPT_PUT, XTOPT_POINTER(s, group)}, 22 {.name = "nflog-prefix", .id = O_PREFIX, .type = XTTYPE_STRING, 23 .min = 1, .flags = XTOPT_PUT, XTOPT_POINTER(s, prefix)}, 24 {.name = "nflog-range", .id = O_RANGE, .type = XTTYPE_UINT32, 25 .flags = XTOPT_PUT, XTOPT_POINTER(s, len)}, 26 {.name = "nflog-threshold", .id = O_THRESHOLD, .type = XTTYPE_UINT16, 27 .flags = XTOPT_PUT, XTOPT_POINTER(s, threshold)}, 28 XTOPT_TABLEEND, 29}; 30#undef s 31 32static void NFLOG_help(void) 33{ 34 printf("NFLOG target options:\n" 35 " --nflog-group NUM NETLINK group used for logging\n" 36 " --nflog-range NUM Number of byte to copy\n" 37 " --nflog-threshold NUM Message threshold of in-kernel queue\n" 38 " --nflog-prefix STRING Prefix string for log messages\n"); 39} 40 41static void NFLOG_init(struct xt_entry_target *t) 42{ 43 struct xt_nflog_info *info = (struct xt_nflog_info *)t->data; 44 45 info->threshold = XT_NFLOG_DEFAULT_THRESHOLD; 46} 47 48static void NFLOG_parse(struct xt_option_call *cb) 49{ 50 xtables_option_parse(cb); 51 switch (cb->entry->id) { 52 case O_PREFIX: 53 if (strchr(cb->arg, '\n') != NULL) 54 xtables_error(PARAMETER_PROBLEM, 55 "Newlines not allowed in --log-prefix"); 56 break; 57 } 58} 59 60static void nflog_print(const struct xt_nflog_info *info, char *prefix) 61{ 62 if (info->prefix[0] != '\0') { 63 printf(" %snflog-prefix ", prefix); 64 xtables_save_string(info->prefix); 65 } 66 if (info->group) 67 printf(" %snflog-group %u", prefix, info->group); 68 if (info->len) 69 printf(" %snflog-range %u", prefix, info->len); 70 if (info->threshold != XT_NFLOG_DEFAULT_THRESHOLD) 71 printf(" %snflog-threshold %u", prefix, info->threshold); 72} 73 74static void NFLOG_print(const void *ip, const struct xt_entry_target *target, 75 int numeric) 76{ 77 const struct xt_nflog_info *info = (struct xt_nflog_info *)target->data; 78 79 nflog_print(info, ""); 80} 81 82static void NFLOG_save(const void *ip, const struct xt_entry_target *target) 83{ 84 const struct xt_nflog_info *info = (struct xt_nflog_info *)target->data; 85 86 nflog_print(info, "--"); 87} 88 89static struct xtables_target nflog_target = { 90 .family = NFPROTO_UNSPEC, 91 .name = "NFLOG", 92 .version = XTABLES_VERSION, 93 .size = XT_ALIGN(sizeof(struct xt_nflog_info)), 94 .userspacesize = XT_ALIGN(sizeof(struct xt_nflog_info)), 95 .help = NFLOG_help, 96 .init = NFLOG_init, 97 .x6_parse = NFLOG_parse, 98 .print = NFLOG_print, 99 .save = NFLOG_save, 100 .x6_options = NFLOG_opts, 101}; 102 103void _init(void) 104{ 105 xtables_register_target(&nflog_target); 106} 107