7 #include <linux/netfilter/x_tables.h>
8 #include <linux/netfilter/xt_NFLOG.h>
14 NFLOG_THRESHOLD = 0x8,
17 static const struct option NFLOG_opts[] = {
18 { "nflog-group", 1, NULL, NFLOG_GROUP },
19 { "nflog-prefix", 1, NULL, NFLOG_PREFIX },
20 { "nflog-range", 1, NULL, NFLOG_RANGE },
21 { "nflog-threshold", 1, NULL, NFLOG_THRESHOLD },
25 static void NFLOG_help(void)
27 printf("NFLOG target options:\n"
28 " --nflog-group NUM NETLINK group used for logging\n"
29 " --nflog-range NUM Number of byte to copy\n"
30 " --nflog-threshold NUM Message threshold of in-kernel queue\n"
31 " --nflog-prefix STRING Prefix string for log messages\n");
34 static void NFLOG_init(struct xt_entry_target *t)
36 struct xt_nflog_info *info = (struct xt_nflog_info *)t->data;
39 info->threshold = XT_NFLOG_DEFAULT_THRESHOLD;
42 static int NFLOG_parse(int c, char **argv, int invert, unsigned int *flags,
43 const void *entry, struct xt_entry_target **target)
45 struct xt_nflog_info *info = (struct xt_nflog_info *)(*target)->data;
51 if (*flags & NFLOG_GROUP)
52 exit_error(PARAMETER_PROBLEM,
53 "Can't specify --nflog-group twice");
54 if (check_inverse(optarg, &invert, NULL, 0))
55 exit_error(PARAMETER_PROBLEM,
56 "Unexpected `!' after --nflog-group");
60 exit_error(PARAMETER_PROBLEM,
61 "--nflog-group can not be negative");
65 if (*flags & NFLOG_PREFIX)
66 exit_error(PARAMETER_PROBLEM,
67 "Can't specify --nflog-prefix twice");
68 if (check_inverse(optarg, &invert, NULL, 0))
69 exit_error(PARAMETER_PROBLEM,
70 "Unexpected `!' after --nflog-prefix");
72 length = strlen(optarg);
74 exit_error(PARAMETER_PROBLEM,
75 "No prefix specified for --nflog-prefix");
76 if (length >= sizeof(info->prefix))
77 exit_error(PARAMETER_PROBLEM,
78 "--nflog-prefix too long, max %Zu characters",
79 sizeof(info->prefix) - 1);
80 if (length != strlen(strtok(optarg, "\n")))
81 exit_error(PARAMETER_PROBLEM,
82 "Newlines are not allowed in --nflog-prefix");
83 strcpy(info->prefix, optarg);
86 if (*flags & NFLOG_RANGE)
87 exit_error(PARAMETER_PROBLEM,
88 "Can't specify --nflog-range twice");
91 exit_error(PARAMETER_PROBLEM,
92 "Invalid --nflog-range, must be >= 0");
96 if (*flags & NFLOG_THRESHOLD)
97 exit_error(PARAMETER_PROBLEM,
98 "Can't specify --nflog-threshold twice");
101 exit_error(PARAMETER_PROBLEM,
102 "Invalid --nflog-threshold, must be >= 1");
112 static void nflog_print(const struct xt_nflog_info *info, char *prefix)
114 if (info->prefix[0] != '\0') {
115 printf("%snflog-prefix ", prefix);
116 save_string(info->prefix);
119 printf("%snflog-group %u ", prefix, info->group);
121 printf("%snflog-range %u ", prefix, info->len);
122 if (info->threshold != XT_NFLOG_DEFAULT_THRESHOLD)
123 printf("%snflog-threshold %u ", prefix, info->threshold);
126 static void NFLOG_print(const void *ip, const struct xt_entry_target *target,
129 const struct xt_nflog_info *info = (struct xt_nflog_info *)target->data;
131 nflog_print(info, "");
134 static void NFLOG_save(const void *ip, const struct xt_entry_target *target)
136 const struct xt_nflog_info *info = (struct xt_nflog_info *)target->data;
138 nflog_print(info, "--");
141 static struct xtables_target nflog_target = {
144 .version = XTABLES_VERSION,
145 .size = XT_ALIGN(sizeof(struct xt_nflog_info)),
146 .userspacesize = XT_ALIGN(sizeof(struct xt_nflog_info)),
149 .parse = NFLOG_parse,
150 .print = NFLOG_print,
152 .extra_opts = NFLOG_opts,
155 static struct xtables_target nflog_target6 = {
158 .version = XTABLES_VERSION,
159 .size = XT_ALIGN(sizeof(struct xt_nflog_info)),
160 .userspacesize = XT_ALIGN(sizeof(struct xt_nflog_info)),
163 .parse = NFLOG_parse,
164 .print = NFLOG_print,
166 .extra_opts = NFLOG_opts,
171 xtables_register_target(&nflog_target);
172 xtables_register_target(&nflog_target6);