1 /* Shared library add-on to iptables to add ULOG support.
3 * (C) 2000 by Harald Welte <laforge@gnumonks.org>
5 * multipart netlink support based on ideas by Sebastian Zander
6 * <zander@fokus.gmd.de>
8 * This software is released under the terms of GNU GPL
10 * libipt_ULOG.c,v 1.7 2001/01/30 11:55:02 laforge Exp
19 #include <linux/netfilter_ipv4/ip_tables.h>
20 /* For 64bit kernel / 32bit userspace */
21 #include "../include/linux/netfilter_ipv4/ipt_ULOG.h"
24 static void print_groups(unsigned int gmask)
29 for (b = 31; b >= 0; b--) {
36 /* Function which prints out usage message. */
37 static void ULOG_help(void)
39 printf("ULOG target options:\n"
40 " --ulog-nlgroup nlgroup NETLINK group used for logging\n"
41 " --ulog-cprange size Bytes of each packet to be passed\n"
42 " --ulog-qthreshold Threshold of in-kernel queue\n"
43 " --ulog-prefix prefix Prefix log messages with this prefix.\n");
46 static const struct option ULOG_opts[] = {
47 {"ulog-nlgroup", 1, NULL, '!'},
48 {"ulog-prefix", 1, NULL, '#'},
49 {"ulog-cprange", 1, NULL, 'A'},
50 {"ulog-qthreshold", 1, NULL, 'B'},
54 /* Initialize the target. */
55 static void ULOG_init(struct xt_entry_target *t)
57 struct ipt_ulog_info *loginfo = (struct ipt_ulog_info *) t->data;
59 loginfo->nl_group = ULOG_DEFAULT_NLGROUP;
60 loginfo->qthreshold = ULOG_DEFAULT_QTHRESHOLD;
64 #define IPT_LOG_OPT_NLGROUP 0x01
65 #define IPT_LOG_OPT_PREFIX 0x02
66 #define IPT_LOG_OPT_CPRANGE 0x04
67 #define IPT_LOG_OPT_QTHRESHOLD 0x08
69 /* Function which parses command options; returns true if it
71 static int ULOG_parse(int c, char **argv, int invert, unsigned int *flags,
72 const void *entry, struct xt_entry_target **target)
74 struct ipt_ulog_info *loginfo =
75 (struct ipt_ulog_info *) (*target)->data;
80 if (*flags & IPT_LOG_OPT_NLGROUP)
81 exit_error(PARAMETER_PROBLEM,
82 "Can't specify --ulog-nlgroup twice");
84 if (check_inverse(optarg, &invert, NULL, 0))
85 exit_error(PARAMETER_PROBLEM,
86 "Unexpected `!' after --ulog-nlgroup");
87 group_d = atoi(optarg);
88 if (group_d > 32 || group_d < 1)
89 exit_error(PARAMETER_PROBLEM,
90 "--ulog-nlgroup has to be between 1 and 32");
92 loginfo->nl_group = (1 << (group_d - 1));
94 *flags |= IPT_LOG_OPT_NLGROUP;
98 if (*flags & IPT_LOG_OPT_PREFIX)
99 exit_error(PARAMETER_PROBLEM,
100 "Can't specify --ulog-prefix twice");
102 if (check_inverse(optarg, &invert, NULL, 0))
103 exit_error(PARAMETER_PROBLEM,
104 "Unexpected `!' after --ulog-prefix");
106 if (strlen(optarg) > sizeof(loginfo->prefix) - 1)
107 exit_error(PARAMETER_PROBLEM,
108 "Maximum prefix length %u for --ulog-prefix",
109 (unsigned int)sizeof(loginfo->prefix) - 1);
111 if (strlen(optarg) == 0)
112 exit_error(PARAMETER_PROBLEM,
113 "No prefix specified for --ulog-prefix");
115 if (strlen(optarg) != strlen(strtok(optarg, "\n")))
116 exit_error(PARAMETER_PROBLEM,
117 "Newlines not allowed in --ulog-prefix");
119 strcpy(loginfo->prefix, optarg);
120 *flags |= IPT_LOG_OPT_PREFIX;
123 if (*flags & IPT_LOG_OPT_CPRANGE)
124 exit_error(PARAMETER_PROBLEM,
125 "Can't specify --ulog-cprange twice");
126 if (atoi(optarg) < 0)
127 exit_error(PARAMETER_PROBLEM,
128 "Negative copy range?");
129 loginfo->copy_range = atoi(optarg);
130 *flags |= IPT_LOG_OPT_CPRANGE;
133 if (*flags & IPT_LOG_OPT_QTHRESHOLD)
134 exit_error(PARAMETER_PROBLEM,
135 "Can't specify --ulog-qthreshold twice");
136 if (atoi(optarg) < 1)
137 exit_error(PARAMETER_PROBLEM,
138 "Negative or zero queue threshold ?");
139 if (atoi(optarg) > ULOG_MAX_QLEN)
140 exit_error(PARAMETER_PROBLEM,
141 "Maximum queue length exceeded");
142 loginfo->qthreshold = atoi(optarg);
143 *flags |= IPT_LOG_OPT_QTHRESHOLD;
151 /* Saves the union ipt_targinfo in parsable form to stdout. */
152 static void ULOG_save(const void *ip, const struct xt_entry_target *target)
154 const struct ipt_ulog_info *loginfo
155 = (const struct ipt_ulog_info *) target->data;
157 if (strcmp(loginfo->prefix, "") != 0) {
158 fputs("--ulog-prefix ", stdout);
159 save_string(loginfo->prefix);
162 if (loginfo->nl_group != ULOG_DEFAULT_NLGROUP) {
163 printf("--ulog-nlgroup ");
164 print_groups(loginfo->nl_group);
166 if (loginfo->copy_range)
167 printf("--ulog-cprange %u ", (unsigned int)loginfo->copy_range);
169 if (loginfo->qthreshold != ULOG_DEFAULT_QTHRESHOLD)
170 printf("--ulog-qthreshold %u ", (unsigned int)loginfo->qthreshold);
173 /* Prints out the targinfo. */
174 static void ULOG_print(const void *ip, const struct xt_entry_target *target,
177 const struct ipt_ulog_info *loginfo
178 = (const struct ipt_ulog_info *) target->data;
181 printf("copy_range %u nlgroup ", (unsigned int)loginfo->copy_range);
182 print_groups(loginfo->nl_group);
183 if (strcmp(loginfo->prefix, "") != 0)
184 printf("prefix `%s' ", loginfo->prefix);
185 printf("queue_threshold %u ", (unsigned int)loginfo->qthreshold);
188 static struct xtables_target ulog_tg_reg = {
190 .version = XTABLES_VERSION,
192 .size = XT_ALIGN(sizeof(struct ipt_ulog_info)),
193 .userspacesize = XT_ALIGN(sizeof(struct ipt_ulog_info)),
199 .extra_opts = ULOG_opts,
204 xtables_register_target(&ulog_tg_reg);