static int syslog_init(void) { /* FIXME: error handling */ config_parse_file("SYSLOG", &level_ce); if (!strcmp(facility_ce.u.string, "LOG_DAEMON")) syslog_facility = LOG_DAEMON; else if (!strcmp(facility_ce.u.string, "LOG_KERN")) syslog_facility = LOG_KERN; else if (!strcmp(facility_ce.u.string, "LOG_LOCAL0")) syslog_facility = LOG_LOCAL0; else if (!strcmp(facility_ce.u.string, "LOG_LOCAL1")) syslog_facility = LOG_LOCAL1; else if (!strcmp(facility_ce.u.string, "LOG_LOCAL2")) syslog_facility = LOG_LOCAL2; else if (!strcmp(facility_ce.u.string, "LOG_LOCAL3")) syslog_facility = LOG_LOCAL3; else if (!strcmp(facility_ce.u.string, "LOG_LOCAL4")) syslog_facility = LOG_LOCAL4; else if (!strcmp(facility_ce.u.string, "LOG_LOCAL5")) syslog_facility = LOG_LOCAL5; else if (!strcmp(facility_ce.u.string, "LOG_LOCAL6")) syslog_facility = LOG_LOCAL6; else if (!strcmp(facility_ce.u.string, "LOG_LOCAL7")) syslog_facility = LOG_LOCAL7; else if (!strcmp(facility_ce.u.string, "LOG_USER")) syslog_facility = LOG_USER; else { ulogd_log(ULOGD_FATAL, "unknown facility '%s'\n", facility_ce.u.string); exit(2); } if (!strcmp(level_ce.u.string, "LOG_EMERG")) syslog_level = LOG_EMERG; else if (!strcmp(level_ce.u.string, "LOG_ALERT")) syslog_level = LOG_ALERT; else if (!strcmp(level_ce.u.string, "LOG_CRIT")) syslog_level = LOG_CRIT; else if (!strcmp(level_ce.u.string, "LOG_ERR")) syslog_level = LOG_ERR; else if (!strcmp(level_ce.u.string, "LOG_WARNING")) syslog_level = LOG_WARNING; else if (!strcmp(level_ce.u.string, "LOG_NOTICE")) syslog_level = LOG_NOTICE; else if (!strcmp(level_ce.u.string, "LOG_INFO")) syslog_level = LOG_INFO; else if (!strcmp(level_ce.u.string, "LOG_DEBUG")) syslog_level = LOG_DEBUG; else { ulogd_log(ULOGD_FATAL, "unknown level '%s'\n", level_ce.u.string); exit(2); } openlog("ulogd", LOG_NDELAY|LOG_PID, syslog_facility); return 0; }
void _init(void) { if (printpkt_init()) ulogd_log(ULOGD_ERROR, "can't resolve all keyhash id's\n"); register_output(&syslog_op); }
static void sighup_handler_print(int signal) { switch (signal) { case SIGHUP: ulogd_log(ULOGD_NOTICE, "PKTLOG: reopening logfile\n"); fclose(of); of = fopen(outf_ce.u.string, "ab"); if (!of) { ulogd_log(ULOGD_FATAL, "can't open PKTLOG: %s\n", strerror(errno)); exit(2); } break; default: break; } }
static int configure(struct ulogd_pluginstance *upi, struct ulogd_pluginstance_stack *stack) { ulogd_log(ULOGD_DEBUG, "parsing config file section `%s', " "plugin `%s'\n", upi->id, upi->plugin->name); config_parse_file(upi->id, upi->config_kset); return 0; }
void _init(void) { /* get hostname */ char *tmp; if (gethostname(hostname, sizeof(hostname)) < 0) { ulogd_log(ULOGD_FATAL, "can't gethostname(): %s\n", strerror(errno)); exit(2); } hostname[sizeof(hostname)-1] = '\0'; /* strip off everything after first '.' */ if ((tmp = strchr(hostname, '.'))) *tmp = '\0'; _local_reg_ip(); }
static int binbasic_init(void) { #ifdef DEBUG of = stdout; #else config_parse_file("BINBASIC", &outf_ce); of = fopen(outf_ce.u.string, "a"); if (!of) { ulogd_log(ULOGD_FATAL, "can't open PKTLOG: %s\n", strerror(errno)); exit(2); } #endif return 0; }
static int printflow_interp(struct ulogd_pluginstance *upi) { struct ulogd_key *inp = upi->input.keys; struct ulogd_key *ret = upi->output.keys; static char buf[4096]; printflow_print(inp, buf); ret[0].u.value.ptr = buf; if (!ret[0].u.value.ptr) { ulogd_log(ULOGD_ERROR, "OOM (size=%u)\n", strlen(buf)+1); return 0; } ret[0].flags |= ULOGD_RETF_VALID; return 0; }
static ulog_iret_t *_interp_raw(ulog_interpreter_t *ip, ulog_packet_msg_t *pkt) { unsigned char *p; int i, tmp, len = 0; char *buf, *ptr = NULL; ulog_iret_t *ret = ip->result; size_t siz; if (pkt->mac_len) { siz = 3 * pkt->mac_len + 1; buf = (char *) malloc(siz); if (!buf) { ulogd_log(ULOGD_ERROR, "OOM!!!\n"); return NULL; } *buf = '\0'; p = pkt->mac; ptr = buf; for (i = 0; i < pkt->mac_len; i++, p++) { tmp = snprintf(ptr+len, siz-len, "%02x%s", *p, i==pkt->mac_len-1 ? "":":"); if (tmp < 0) break; if (tmp >= siz-len) { buf[siz] = '\0'; break; } len += tmp; } ret[0].value.ptr = buf; ret[0].flags |= ULOGD_RETF_VALID; } /* include pointer to raw ipv4 packet */ ret[1].value.ptr = pkt->payload; ret[1].flags |= ULOGD_RETF_VALID; ret[2].value.ui32 = pkt->data_len; ret[2].flags |= ULOGD_RETF_VALID; return ret; }
static int ip2bin(struct ulogd_key* inp, int index, int oindex) { char family = ikey_get_u8(&inp[KEY_OOB_FAMILY]); char convfamily = family; unsigned char *addr8; struct in6_addr *addr; struct in6_addr ip4_addr; char *buffer; int i, written; if (family == AF_BRIDGE) { if (!pp_is_valid(inp, KEY_OOB_PROTOCOL)) { ulogd_log(ULOGD_NOTICE, "No protocol inside AF_BRIDGE packet\n"); return ULOGD_IRET_ERR; } switch (ikey_get_u16(&inp[KEY_OOB_PROTOCOL])) { case ETH_P_IPV6: convfamily = AF_INET6; break; case ETH_P_IP: convfamily = AF_INET; break; case ETH_P_ARP: convfamily = AF_INET; break; default: ulogd_log(ULOGD_NOTICE, "Unknown protocol inside AF_BRIDGE packet\n"); return ULOGD_IRET_ERR; } } switch (convfamily) { case AF_INET6: addr = (struct in6_addr *)ikey_get_u128(&inp[index]); break; case AF_INET: /* Convert IPv4 to IPv4 in IPv6 */ addr = &ip4_addr; uint32_to_ipv6(ikey_get_u32(&inp[index]), addr); break; default: /* TODO handle error */ ulogd_log(ULOGD_NOTICE, "Unknown protocol family\n"); return ULOGD_IRET_ERR; } buffer = ipbin_array[oindex]; /* format IPv6 to BINARY(16) as "0x..." */ buffer[0] = '0'; buffer[1] = 'x'; buffer += 2; addr8 = &addr->s6_addr[0]; for (i = 0; i < 4; i++) { written = sprintf(buffer, "%02x%02x%02x%02x", addr8[0], addr8[1], addr8[2], addr8[3]); if (written != 2 * 4) { buffer[0] = 0; return ULOGD_IRET_ERR; } buffer += written; addr8 += 4; } buffer[0] = 0; return ULOGD_IRET_OK; }
static int interp_ip2hbin(struct ulogd_pluginstance *pi) { struct ulogd_key *ret = pi->output.keys; struct ulogd_key *inp = pi->input.keys; u_int8_t family = ikey_get_u8(&inp[KEY_OOB_FAMILY]); u_int8_t convfamily = family; int i; switch (family) { case AF_INET: case AF_INET6: break; case AF_BRIDGE: if (!pp_is_valid(inp, KEY_OOB_PROTOCOL)) { ulogd_log(ULOGD_NOTICE, "No protocol inside AF_BRIDGE packet\n"); return ULOGD_IRET_ERR; } switch (ikey_get_u16(&inp[KEY_OOB_PROTOCOL])) { case ETH_P_IPV6: convfamily = AF_INET6; break; case ETH_P_IP: convfamily = AF_INET; break; case ETH_P_ARP: convfamily = AF_INET; break; default: ulogd_log(ULOGD_NOTICE, "Unknown protocol inside AF_BRIDGE packet\n"); return ULOGD_IRET_ERR; } break; default: ulogd_log(ULOGD_NOTICE, "Unknown protocol inside packet\n"); return ULOGD_IRET_ERR; } /* Iter on all addr fields */ for(i = START_KEY; i < MAX_KEY; i++) { if (pp_is_valid(inp, i)) { switch (convfamily) { case AF_INET: okey_set_u32(&ret[i-START_KEY], ntohl(ikey_get_u32(&inp[i]))); break; case AF_INET6: okey_set_ptr(&ret[i-START_KEY], (struct in6_addr *)ikey_get_u128(&inp[i])); break; default: ; break; } } } return ULOGD_IRET_OK; }