Example #1
0
struct nlif_handle *nl_init_interface_handler(void)
{
	struct nlif_handle *h;
	h = nlif_open();
	if (h == NULL)
		return NULL;

	if (nlif_query(h) == -1) {
		free(h);
		return NULL;
	}
	fcntl(nlif_fd(h), F_SETFL, O_NONBLOCK);

	return h;
}
Example #2
0
static void iface_activity_cb(struct ev_loop *loop, ev_io *w, int revents)
{
	struct nlif_handle *nlif_handle = w->data;
	ev_io_stop(loop, w);
	if (revents & EV_ERROR) {
		int if_fd;
		iface_table_close(nlif_handle);

		nlif_handle = iface_table_open();
		if (!nlif_handle)
			exit(EXIT_FAILURE);

		if_fd = nlif_fd(nlif_handle);
		if (if_fd < 0) {
			exit(EXIT_FAILURE);
		}
		ev_io_set(w, if_fd, EV_READ);
	}
	if (revents & EV_READ) {
		iface_treat_message(nlif_handle);
	}
	ev_io_start(loop, w);
}
Example #3
0
/**
 * \brief Packet server thread function.
 *
 * Connect to netfilter to ask a netlink. Read packet
 * on this link. Check if packet useful for NuFW. If yes, add it to packet
 * list and/or send it to NuAuth.
 *
 * When using NetFilter queue, it uses treat_packet() as callback.
 * In ipq mode it uses an internal packet parser and process mechanism.
 *
 * \return NULL
 */
void *packetsrv(void *void_arg)
{
	int fatal_error = 0;
	ev_io iface_watcher;
	ev_timer timer;
	int fd;
#ifdef HAVE_NFQ_INDEV_NAME
	struct nlif_handle *nlif_handle;
	int if_fd;
#endif

#ifdef HAVE_NFQ_INDEV_NAME
	nlif_handle = iface_table_open();

	if (!nlif_handle)
		exit(EXIT_FAILURE);

	if_fd = nlif_fd(nlif_handle);
	if (if_fd < 0) {
		exit(EXIT_FAILURE);
	}

	fd = packetsrv_open((void *) nlif_handle);
#else
	fd = packetsrv_open(NULL);
#endif

	if (fd < 0) {
		exit(EXIT_FAILURE);
	}

	log_area_printf(DEBUG_AREA_MAIN | DEBUG_AREA_PACKET, DEBUG_LEVEL_DEBUG,
			"[+] Packet server started");

	nufw_loop = ev_loop_new(0);
	/* add io for nfq */
	ev_io_init(&nufw_nfq_watcher , packetsrv_activity_cb, fd, EV_READ);
	nufw_nfq_watcher.data = nlif_handle;
	ev_io_start(nufw_loop, &nufw_nfq_watcher);
#ifdef HAVE_NFQ_INDEV_NAME
	/* add io for iface */
	ev_io_init(&iface_watcher , iface_activity_cb, if_fd, EV_READ);
	iface_watcher.data = nlif_handle;
	ev_io_start(nufw_loop, &iface_watcher);
#endif
	fd = nussl_session_get_fd(tls.session);
	if (fd >= 0) {
		ev_io_init(&tls.ev_io, tls_activity_cb,
				nussl_session_get_fd(tls.session), EV_READ);
		tls.ev_io.data = &nufw_nfq_watcher;
		ev_io_start(nufw_loop, &tls.ev_io);
	}

	p_pckt_rx = 0;
	p_pckt_tx = 0;
	ev_timer_init(&timer, cleaning_timer_cb, 0, 1.0 * CLEANING_DELAY);
	timer.data = &nufw_nfq_watcher;
	ev_timer_start(nufw_loop, &timer);

	/* start loop */
	ev_loop(nufw_loop, 0);

	ev_loop_destroy(nufw_loop);


#ifdef HAVE_NFQ_INDEV_NAME
	iface_table_close(nlif_handle);
#endif

	packetsrv_close(!fatal_error);

	log_area_printf(DEBUG_AREA_MAIN | DEBUG_AREA_PACKET,
			DEBUG_LEVEL_WARNING,
			"[+] Leave packet server thread");
	return NULL;
}