static int interp_mark(struct ulogd_pluginstance *pi)
{
struct ulogd_key *inp = pi->input.keys;
if (pp_is_valid(inp, KEY_CT_MARK)) {
if ((ikey_get_u32(&inp[KEY_CT_MARK]) &
pi->config_kset->ces[MARK_MASK].u.value) !=
(u_int32_t) pi->config_kset->ces[MARK_MARK].u.value
) {
return ULOGD_IRET_STOP;
}
} else if (pp_is_valid(inp, KEY_OOB_MARK)) {
if ((ikey_get_u32(&inp[KEY_OOB_MARK]) &
pi->config_kset->ces[MARK_MASK].u.value) !=
(u_int32_t) pi->config_kset->ces[MARK_MARK].u.value
) {
return ULOGD_IRET_STOP;
}
}
return ULOGD_IRET_OK;
}
static int interp_mac2str(struct ulogd_pluginstance *pi)
{
struct ulogd_key *ret = pi->output.keys;
struct ulogd_key *inp = pi->input.keys;
u_int16_t type = 0;
if (pp_is_valid(inp, KEY_OOB_PROTOCOL))
okey_set_u16(&ret[KEY_MAC_PROTOCOL],
ikey_get_u16(&inp[KEY_OOB_PROTOCOL]));
if (pp_is_valid(inp, KEY_RAW_MAC_SADDR)) {
int fret;
if (! pp_is_valid(inp, KEY_RAW_MAC_ADDRLEN))
return ULOGD_IRET_ERR;
fret = parse_mac2str(ret,
ikey_get_ptr(&inp[KEY_RAW_MAC_SADDR]),
KEY_MAC_SADDR,
ikey_get_u16(&inp[KEY_RAW_MAC_ADDRLEN]));
if (fret != ULOGD_IRET_OK)
return fret;
/* set MAC type to unknown */
okey_set_u16(&ret[KEY_MAC_TYPE], ARPHRD_VOID);
}
if (pp_is_valid(inp, KEY_RAW_MAC)) {
if (! pp_is_valid(inp, KEY_RAW_MACLEN))
return ULOGD_IRET_ERR;
if (pp_is_valid(inp, KEY_RAW_TYPE)) {
/* NFLOG with Linux >= 2.6.27 case */
type = ikey_get_u16(&inp[KEY_RAW_TYPE]);
} else {
/* ULOG case, treat ethernet encapsulation */
if (ikey_get_u16(&inp[KEY_RAW_MACLEN]) == ETH_HLEN)
type = ARPHRD_ETHER;
else
type = ARPHRD_VOID;
}
okey_set_u16(&ret[KEY_MAC_TYPE], type);
}
switch (type) {
case ARPHRD_ETHER:
parse_ethernet(ret, inp);
default:
if (!pp_is_valid(inp, KEY_RAW_MAC))
return ULOGD_IRET_OK;
/* convert raw header to string */
return parse_mac2str(ret,
ikey_get_ptr(&inp[KEY_RAW_MAC]),
KEY_MAC_ADDR,
ikey_get_u16(&inp[KEY_RAW_MACLEN]));
}
return ULOGD_IRET_OK;
}
int printpkt_print(struct ulogd_key *res, char *buf)
{
char *buf_cur = buf;
if (pp_is_valid(res, 1))
buf_cur += sprintf(buf_cur, "%s", (char *) GET_VALUE(res, 1).ptr);
if (pp_is_valid(res, 2) && pp_is_valid(res, 3)) {
buf_cur += sprintf(buf_cur," IN=%s OUT=%s ",
(char *) GET_VALUE(res, 2).ptr,
(char *) GET_VALUE(res, 3).ptr);
}
/* FIXME: configurable */
if (pp_is_valid(res, 4))
buf_cur += sprintf(buf_cur, "MAC=%s ",
(char *) GET_VALUE(res, 4).ptr);
else
buf_cur += sprintf(buf_cur, "MAC= ");
if (pp_is_valid(res, 5))
buf_cur += sprintf(buf_cur, "SRC=%s ", inet_ntoa(
(struct in_addr) {htonl(GET_VALUE(res, 5).ui32)}));
static int parse_ethernet(struct ulogd_key *ret, struct ulogd_key *inp)
{
int fret;
if (!pp_is_valid(inp, KEY_RAW_MAC_SADDR)) {
fret = parse_mac2str(ret, hwhdr_get_saddr(inp),
KEY_MAC_SADDR, ETH_ALEN);
if (fret != ULOGD_IRET_OK)
return fret;
}
fret = parse_mac2str(ret, hwhdr_get_daddr(inp),
KEY_MAC_DADDR, ETH_ALEN);
if (fret != ULOGD_IRET_OK)
return fret;
okey_set_u16(&ret[KEY_MAC_PROTOCOL], hwhdr_get_len(inp));
return ULOGD_IRET_OK;
}
static int interp_ip2bin(struct ulogd_pluginstance *pi)
{
struct ulogd_key *ret = pi->output.keys;
struct ulogd_key *inp = pi->input.keys;
int i;
int fret;
/* Iter on all addr fields */
for(i = START_KEY; i < MAX_KEY; i++) {
if (pp_is_valid(inp, i)) {
fret = ip2bin(inp, i, i-START_KEY);
if (fret != ULOGD_IRET_OK)
return fret;
okey_set_ptr(&ret[i-START_KEY],
ipbin_array[i-START_KEY]);
}
}
return ULOGD_IRET_OK;
}
static int ip2bin(struct ulogd_key* inp, int index, int oindex)
{
char family = ikey_get_u8(&inp[KEY_OOB_FAMILY]);
char convfamily = family;
unsigned char *addr8;
struct in6_addr *addr;
struct in6_addr ip4_addr;
char *buffer;
int i, written;
if (family == AF_BRIDGE) {
if (!pp_is_valid(inp, KEY_OOB_PROTOCOL)) {
ulogd_log(ULOGD_NOTICE,
"No protocol inside AF_BRIDGE packet\n");
return ULOGD_IRET_ERR;
}
switch (ikey_get_u16(&inp[KEY_OOB_PROTOCOL])) {
case ETH_P_IPV6:
convfamily = AF_INET6;
break;
case ETH_P_IP:
convfamily = AF_INET;
break;
case ETH_P_ARP:
convfamily = AF_INET;
break;
default:
ulogd_log(ULOGD_NOTICE,
"Unknown protocol inside AF_BRIDGE packet\n");
return ULOGD_IRET_ERR;
}
}
switch (convfamily) {
case AF_INET6:
addr = (struct in6_addr *)ikey_get_u128(&inp[index]);
break;
case AF_INET:
/* Convert IPv4 to IPv4 in IPv6 */
addr = &ip4_addr;
uint32_to_ipv6(ikey_get_u32(&inp[index]), addr);
break;
default:
/* TODO handle error */
ulogd_log(ULOGD_NOTICE, "Unknown protocol family\n");
return ULOGD_IRET_ERR;
}
buffer = ipbin_array[oindex];
/* format IPv6 to BINARY(16) as "0x..." */
buffer[0] = '0';
buffer[1] = 'x';
buffer += 2;
addr8 = &addr->s6_addr[0];
for (i = 0; i < 4; i++) {
written = sprintf(buffer, "%02x%02x%02x%02x",
addr8[0], addr8[1], addr8[2], addr8[3]);
if (written != 2 * 4) {
buffer[0] = 0;
return ULOGD_IRET_ERR;
}
buffer += written;
addr8 += 4;
}
buffer[0] = 0;
return ULOGD_IRET_OK;
}
static int interp_ip2hbin(struct ulogd_pluginstance *pi)
{
struct ulogd_key *ret = pi->output.keys;
struct ulogd_key *inp = pi->input.keys;
u_int8_t family = ikey_get_u8(&inp[KEY_OOB_FAMILY]);
u_int8_t convfamily = family;
int i;
switch (family) {
case AF_INET:
case AF_INET6:
break;
case AF_BRIDGE:
if (!pp_is_valid(inp, KEY_OOB_PROTOCOL)) {
ulogd_log(ULOGD_NOTICE,
"No protocol inside AF_BRIDGE packet\n");
return ULOGD_IRET_ERR;
}
switch (ikey_get_u16(&inp[KEY_OOB_PROTOCOL])) {
case ETH_P_IPV6:
convfamily = AF_INET6;
break;
case ETH_P_IP:
convfamily = AF_INET;
break;
case ETH_P_ARP:
convfamily = AF_INET;
break;
default:
ulogd_log(ULOGD_NOTICE,
"Unknown protocol inside AF_BRIDGE packet\n");
return ULOGD_IRET_ERR;
}
break;
default:
ulogd_log(ULOGD_NOTICE,
"Unknown protocol inside packet\n");
return ULOGD_IRET_ERR;
}
/* Iter on all addr fields */
for(i = START_KEY; i < MAX_KEY; i++) {
if (pp_is_valid(inp, i)) {
switch (convfamily) {
case AF_INET:
okey_set_u32(&ret[i-START_KEY],
ntohl(ikey_get_u32(&inp[i])));
break;
case AF_INET6:
okey_set_ptr(&ret[i-START_KEY],
(struct in6_addr *)ikey_get_u128(&inp[i]));
break;
default:
;
break;
}
}
}
return ULOGD_IRET_OK;
}