static int syslog_init(void)
{
/* FIXME: error handling */
config_parse_file("SYSLOG", &level_ce);
if (!strcmp(facility_ce.u.string, "LOG_DAEMON"))
syslog_facility = LOG_DAEMON;
else if (!strcmp(facility_ce.u.string, "LOG_KERN"))
syslog_facility = LOG_KERN;
else if (!strcmp(facility_ce.u.string, "LOG_LOCAL0"))
syslog_facility = LOG_LOCAL0;
else if (!strcmp(facility_ce.u.string, "LOG_LOCAL1"))
syslog_facility = LOG_LOCAL1;
else if (!strcmp(facility_ce.u.string, "LOG_LOCAL2"))
syslog_facility = LOG_LOCAL2;
else if (!strcmp(facility_ce.u.string, "LOG_LOCAL3"))
syslog_facility = LOG_LOCAL3;
else if (!strcmp(facility_ce.u.string, "LOG_LOCAL4"))
syslog_facility = LOG_LOCAL4;
else if (!strcmp(facility_ce.u.string, "LOG_LOCAL5"))
syslog_facility = LOG_LOCAL5;
else if (!strcmp(facility_ce.u.string, "LOG_LOCAL6"))
syslog_facility = LOG_LOCAL6;
else if (!strcmp(facility_ce.u.string, "LOG_LOCAL7"))
syslog_facility = LOG_LOCAL7;
else if (!strcmp(facility_ce.u.string, "LOG_USER"))
syslog_facility = LOG_USER;
else {
ulogd_log(ULOGD_FATAL, "unknown facility '%s'\n",
facility_ce.u.string);
exit(2);
}
if (!strcmp(level_ce.u.string, "LOG_EMERG"))
syslog_level = LOG_EMERG;
else if (!strcmp(level_ce.u.string, "LOG_ALERT"))
syslog_level = LOG_ALERT;
else if (!strcmp(level_ce.u.string, "LOG_CRIT"))
syslog_level = LOG_CRIT;
else if (!strcmp(level_ce.u.string, "LOG_ERR"))
syslog_level = LOG_ERR;
else if (!strcmp(level_ce.u.string, "LOG_WARNING"))
syslog_level = LOG_WARNING;
else if (!strcmp(level_ce.u.string, "LOG_NOTICE"))
syslog_level = LOG_NOTICE;
else if (!strcmp(level_ce.u.string, "LOG_INFO"))
syslog_level = LOG_INFO;
else if (!strcmp(level_ce.u.string, "LOG_DEBUG"))
syslog_level = LOG_DEBUG;
else {
ulogd_log(ULOGD_FATAL, "unknown level '%s'\n",
level_ce.u.string);
exit(2);
}
openlog("ulogd", LOG_NDELAY|LOG_PID, syslog_facility);
return 0;
}
void _init(void)
{
if (printpkt_init())
ulogd_log(ULOGD_ERROR, "can't resolve all keyhash id's\n");
register_output(&syslog_op);
}
static void sighup_handler_print(int signal)
{
switch (signal) {
case SIGHUP:
ulogd_log(ULOGD_NOTICE, "PKTLOG: reopening logfile\n");
fclose(of);
of = fopen(outf_ce.u.string, "ab");
if (!of) {
ulogd_log(ULOGD_FATAL, "can't open PKTLOG: %s\n",
strerror(errno));
exit(2);
}
break;
default:
break;
}
}
static int configure(struct ulogd_pluginstance *upi,
struct ulogd_pluginstance_stack *stack)
{
ulogd_log(ULOGD_DEBUG, "parsing config file section `%s', "
"plugin `%s'\n", upi->id, upi->plugin->name);
config_parse_file(upi->id, upi->config_kset);
return 0;
}
void _init(void)
{
/* get hostname */
char *tmp;
if (gethostname(hostname, sizeof(hostname)) < 0) {
ulogd_log(ULOGD_FATAL, "can't gethostname(): %s\n",
strerror(errno));
exit(2);
}
hostname[sizeof(hostname)-1] = '\0';
/* strip off everything after first '.' */
if ((tmp = strchr(hostname, '.')))
*tmp = '\0';
_local_reg_ip();
}
static int binbasic_init(void)
{
#ifdef DEBUG
of = stdout;
#else
config_parse_file("BINBASIC", &outf_ce);
of = fopen(outf_ce.u.string, "a");
if (!of) {
ulogd_log(ULOGD_FATAL, "can't open PKTLOG: %s\n",
strerror(errno));
exit(2);
}
#endif
return 0;
}
static int printflow_interp(struct ulogd_pluginstance *upi)
{
struct ulogd_key *inp = upi->input.keys;
struct ulogd_key *ret = upi->output.keys;
static char buf[4096];
printflow_print(inp, buf);
ret[0].u.value.ptr = buf;
if (!ret[0].u.value.ptr) {
ulogd_log(ULOGD_ERROR, "OOM (size=%u)\n", strlen(buf)+1);
return 0;
}
ret[0].flags |= ULOGD_RETF_VALID;
return 0;
}
static ulog_iret_t *_interp_raw(ulog_interpreter_t *ip,
ulog_packet_msg_t *pkt)
{
unsigned char *p;
int i, tmp, len = 0;
char *buf, *ptr = NULL;
ulog_iret_t *ret = ip->result;
size_t siz;
if (pkt->mac_len) {
siz = 3 * pkt->mac_len + 1;
buf = (char *) malloc(siz);
if (!buf) {
ulogd_log(ULOGD_ERROR, "OOM!!!\n");
return NULL;
}
*buf = '\0';
p = pkt->mac;
ptr = buf;
for (i = 0; i < pkt->mac_len; i++, p++) {
tmp = snprintf(ptr+len, siz-len, "%02x%s",
*p, i==pkt->mac_len-1 ? "":":");
if (tmp < 0)
break;
if (tmp >= siz-len) {
buf[siz] = '\0';
break;
}
len += tmp;
}
ret[0].value.ptr = buf;
ret[0].flags |= ULOGD_RETF_VALID;
}
/* include pointer to raw ipv4 packet */
ret[1].value.ptr = pkt->payload;
ret[1].flags |= ULOGD_RETF_VALID;
ret[2].value.ui32 = pkt->data_len;
ret[2].flags |= ULOGD_RETF_VALID;
return ret;
}
static int ip2bin(struct ulogd_key* inp, int index, int oindex)
{
char family = ikey_get_u8(&inp[KEY_OOB_FAMILY]);
char convfamily = family;
unsigned char *addr8;
struct in6_addr *addr;
struct in6_addr ip4_addr;
char *buffer;
int i, written;
if (family == AF_BRIDGE) {
if (!pp_is_valid(inp, KEY_OOB_PROTOCOL)) {
ulogd_log(ULOGD_NOTICE,
"No protocol inside AF_BRIDGE packet\n");
return ULOGD_IRET_ERR;
}
switch (ikey_get_u16(&inp[KEY_OOB_PROTOCOL])) {
case ETH_P_IPV6:
convfamily = AF_INET6;
break;
case ETH_P_IP:
convfamily = AF_INET;
break;
case ETH_P_ARP:
convfamily = AF_INET;
break;
default:
ulogd_log(ULOGD_NOTICE,
"Unknown protocol inside AF_BRIDGE packet\n");
return ULOGD_IRET_ERR;
}
}
switch (convfamily) {
case AF_INET6:
addr = (struct in6_addr *)ikey_get_u128(&inp[index]);
break;
case AF_INET:
/* Convert IPv4 to IPv4 in IPv6 */
addr = &ip4_addr;
uint32_to_ipv6(ikey_get_u32(&inp[index]), addr);
break;
default:
/* TODO handle error */
ulogd_log(ULOGD_NOTICE, "Unknown protocol family\n");
return ULOGD_IRET_ERR;
}
buffer = ipbin_array[oindex];
/* format IPv6 to BINARY(16) as "0x..." */
buffer[0] = '0';
buffer[1] = 'x';
buffer += 2;
addr8 = &addr->s6_addr[0];
for (i = 0; i < 4; i++) {
written = sprintf(buffer, "%02x%02x%02x%02x",
addr8[0], addr8[1], addr8[2], addr8[3]);
if (written != 2 * 4) {
buffer[0] = 0;
return ULOGD_IRET_ERR;
}
buffer += written;
addr8 += 4;
}
buffer[0] = 0;
return ULOGD_IRET_OK;
}
static int interp_ip2hbin(struct ulogd_pluginstance *pi)
{
struct ulogd_key *ret = pi->output.keys;
struct ulogd_key *inp = pi->input.keys;
u_int8_t family = ikey_get_u8(&inp[KEY_OOB_FAMILY]);
u_int8_t convfamily = family;
int i;
switch (family) {
case AF_INET:
case AF_INET6:
break;
case AF_BRIDGE:
if (!pp_is_valid(inp, KEY_OOB_PROTOCOL)) {
ulogd_log(ULOGD_NOTICE,
"No protocol inside AF_BRIDGE packet\n");
return ULOGD_IRET_ERR;
}
switch (ikey_get_u16(&inp[KEY_OOB_PROTOCOL])) {
case ETH_P_IPV6:
convfamily = AF_INET6;
break;
case ETH_P_IP:
convfamily = AF_INET;
break;
case ETH_P_ARP:
convfamily = AF_INET;
break;
default:
ulogd_log(ULOGD_NOTICE,
"Unknown protocol inside AF_BRIDGE packet\n");
return ULOGD_IRET_ERR;
}
break;
default:
ulogd_log(ULOGD_NOTICE,
"Unknown protocol inside packet\n");
return ULOGD_IRET_ERR;
}
/* Iter on all addr fields */
for(i = START_KEY; i < MAX_KEY; i++) {
if (pp_is_valid(inp, i)) {
switch (convfamily) {
case AF_INET:
okey_set_u32(&ret[i-START_KEY],
ntohl(ikey_get_u32(&inp[i])));
break;
case AF_INET6:
okey_set_ptr(&ret[i-START_KEY],
(struct in6_addr *)ikey_get_u128(&inp[i]));
break;
default:
;
break;
}
}
}
return ULOGD_IRET_OK;
}
