bool NetherNetlink::initialize() { nfqHandle = nfq_open(); if(!nfqHandle) { LOGE("Error during nfq_open()"); return (false); } if(nfq_unbind_pf(nfqHandle, AF_INET) < 0) { LOGE("Error during nfq_unbind_pf() (no permission?)"); return (false); } if(nfq_bind_pf(nfqHandle, AF_INET) < 0) { LOGE("Error during nfq_bind_pf()"); return (false); } queueHandle = nfq_create_queue(nfqHandle, queue, &callback, this); if(!queueHandle) { LOGE("Error during nfq_create_queue()"); return (false); } if(nfq_set_queue_flags(queueHandle, NFQA_CFG_F_SECCTX, NFQA_CFG_F_SECCTX)) LOGI("This kernel version does not allow to retrieve security context"); if(nfq_set_mode(queueHandle, netherConfig.copyPackets ? NFQNL_COPY_PACKET : NFQNL_COPY_META, 0xffff) < 0) { LOGE("Can't set packet_copy mode"); nfq_destroy_queue(queueHandle); return (false); } if(nfq_set_queue_flags(queueHandle, NFQA_CFG_F_UID_GID, NFQA_CFG_F_UID_GID)) { LOGE("This kernel version does not allow to retrieve process UID/GID"); nfq_destroy_queue(queueHandle); return (false); } if (netherConfig.interfaceInfo) { nlif = nlif_open(); if(!nlif) LOGI("Failed to initialize NLIF subsystem, interface information won't be available"); else nlif_query(nlif); } return (true); }
response_t destroy_queue(int q_num, q_data_t **q_data, thread_data_t *data) { int cq_idx; response_t r; syslog(LOG_NOTICE,"[%d] q_num: %d\n\r", data->idx, q_num); if((cq_idx = get_queue_idx(q_num, q_data)) >= 0) { if(q_data[cq_idx]->pid > 0) pthread_cancel(q_data[cq_idx]->thread); nfq_destroy_queue(q_data[cq_idx]->qh); nfq_unbind_pf(q_data[cq_idx]->h, AF_INET); nfq_close(q_data[cq_idx]->h); q_data[cq_idx]->pid = 0; q_data[cq_idx]->q_num = -1; q_data[cq_idx]->qh = NULL; q_data[cq_idx]->h = NULL; r.cs = erl_mk_atom("ok"); r.rsp = erl_mk_atom("ok"); } else { r.cs = erl_mk_atom("error"); r.rsp = erl_mk_estring("no such queue", strlen("no such queue")); } return r; }
/* clear resources for interception */ void interception_over() { #if (INTERCEPT_NFQUEUE) if (srv_settings.nfq_q_handler != NULL) { tc_log_info(LOG_NOTICE, 0, "unbinding from queue"); nfq_destroy_queue(srv_settings.nfq_q_handler); srv_settings.nfq_q_handler = NULL; } if (srv_settings.nfq_handler != NULL) { tc_log_info(LOG_NOTICE, 0, "closing nfq library handle"); nfq_close(srv_settings.nfq_handler); srv_settings.nfq_handler = NULL; } #endif #if (INTERCEPT_COMBINED) release_combined_resouces(); #endif #if (!TCPCOPY_SINGLE) router_destroy(); delay_table_destroy(); #endif }
int main(int argc, char **argv) { int rv; char buf[4096] __attribute__ ((aligned)); q_setup(); while ((rv = recv(fd, buf, sizeof(buf), 0)) && rv >= 0) { printf("pkt received\n"); nfq_handle_packet(h, buf, rv); } printf("unbinding from queue 0\n"); nfq_destroy_queue(qh); #ifdef INSANE /* normally, applications SHOULD NOT issue this command, since * it detaches other programs/sockets from AF_INET, too ! */ printf("unbinding from AF_INET\n"); nfq_unbind_pf(h, AF_INET); #endif printf("closing library handle\n"); nfq_close(h); exit(0); }
int main(int argc, char **argv) { struct nfq_handle *h; struct nfq_q_handle *qh; struct nfnl_handle *nh; int fd; int rv; char buf[4096] __attribute__ ((aligned)); printf("Simple latency simulator\n"); printf("(C) 2009, 2010 by Holger Freyther\n"); printf("(C) 2005 by Harald Welte\n"); handle_options(argc, argv); h = nfq_open(); if (!h) { fprintf(stderr, "error during nfq_open()\n"); exit(1); } printf("unbinding existing nf_queue handler for AF_INET (if any)\n"); if (nfq_unbind_pf(h, AF_INET) < 0) { fprintf(stderr, "error during nfq_unbind_pf()\n"); exit(1); } printf("binding nfnetlink_queue as nf_queue handler for AF_INET\n"); if (nfq_bind_pf(h, AF_INET) < 0) { fprintf(stderr, "error during nfq_bind_pf()\n"); exit(1); } printf("binding this socket to queue '0'\n"); qh = nfq_create_queue(h, 0, &cb, NULL); if (!qh) { fprintf(stderr, "error during nfq_create_queue()\n"); exit(1); } printf("setting copy_packet mode\n"); if (nfq_set_mode(qh, NFQNL_COPY_META, 0xffff) < 0) { fprintf(stderr, "can't set packet_copy mode\n"); exit(1); } fd = nfq_fd(h); while ((rv = recv(fd, buf, sizeof(buf), 0)) && rv >= 0) { nfq_handle_packet(h, buf, rv); } printf("unbinding from queue 0\n"); nfq_destroy_queue(qh); printf("closing library handle\n"); nfq_close(h); exit(0); }
static void nfq_daq_shutdown (void* handle) { NfqImpl *impl = (NfqImpl*)handle; impl->state = DAQ_STATE_UNINITIALIZED; if (impl->nf_queue) nfq_destroy_queue(impl->nf_queue); // note that we don't unbind here because // we will unbind other programs too if(impl->nf_handle) nfq_close(impl->nf_handle); if ( impl->link ) eth_close(impl->link); if ( impl->net ) ip_close(impl->net); if ( impl->filter ) free(impl->filter); if ( impl->buf ) free(impl->buf); free(impl); }
void divert_close(void) { if (_q) nfq_destroy_queue(_q); if (_h) nfq_close(_h); }
int main(int argc, char **argv) { struct nfq_handle *qh; struct nfq_q_handle *qqh; // struct nfnl_handle *nh; int fd; int rv; char buf[4096] __attribute__ ((aligned)); struct nfct_handle *cth; if (init_nfct(&cth) != 0) { exit(1); } if (init_nfq(&qh, &qqh, cth) != 0) { exit(1); } fd = nfq_fd(qh); for (;;) { if ((rv = recv(fd, buf, sizeof(buf), 0)) >= 0) { printf("pkt received\n"); nfq_handle_packet(qh, buf, rv); continue; } /* if your application is too slow to digest the packets that * are sent from kernel-space, the socket buffer that we use * to enqueue packets may fill up returning ENOBUFS. Depending * on your application, this error may be ignored. Please, see * the doxygen documentation of this library on how to improve * this situation. */ if (rv < 0 && errno == ENOBUFS) { printf("losing packets!\n"); continue; } perror("recv failed"); break; } printf("unbinding from queue 0\n"); nfq_destroy_queue(qqh); #ifdef INSANE /* normally, applications SHOULD NOT issue this command, since * it detaches other programs/sockets from AF_INET, too ! */ printf("unbinding from AF_INET\n"); nfq_unbind_pf(h, AF_INET); #endif printf("closing library handle\n"); nfq_close(qh); nfct_close(cth); exit(0); }
int nfq() { int len, fd; char buf[BUFSIZE]= {0}; struct nfq_handle *h; //call nfq_open() to open a NFQUEUE handler h = nfq_open(); if(!h) { fprintf(stderr, "error during nfq_open()\n"); exit(1); } //unbinging existing nf_queue handler for PE_INET(if any) if(nfq_unbind_pf(h, PF_INET) < 0) { fprintf(stderr, "error during nfq_unbind_pf()\n"); exit(1); } //binding nfnetlink_queue as nf_queue handler for PF_INET if(nfq_bind_pf(h, PF_INET) < 0) { fprintf(stderr, "error during nfq_bind_pf()\n"); exit(1); } //binding this socket to queue '0' gqh = nfq_create_queue(h, 0, &queue_cb, NULL); if(!gqh) { fprintf(stderr,"error during nfq_create_queue()\n"); exit(1); } //setting copy_packet mode if(nfq_set_mode(gqh, NFQNL_COPY_PACKET, 0xffff) < 0) { fprintf(stderr, "can't set packet_copy_mode\n"); exit(1); } //get the file descriptor associated with the nfqueue handler fd = nfq_fd(h); //handle a packet received from the nfqueue subsystem CONTINUE: while ((len = recv(fd, buf, BUFSIZE, 0)) && len >= 0) { nfq_handle_packet(h, buf, len); } debug_log("error len=%d" ,len); sleep(2); goto CONTINUE; nfq_destroy_queue(gqh); nfq_close(h); return 0; }
/* Basic signal handler: closes nfq hooks on exit */ static void sig_handler(int signum) { printf("\nIPD caught signal ...\n\n"); nfq_destroy_queue(qh); nfq_close(nfqh); exit(OK); }
void* routeRecordMain(void* arg){ randomValue = createLongRandomValue(); char* gatewayIP = getIPAddress(INTERFACE); gatewayAddr = getInAddr(gatewayIP); initializeRRFilterList(); struct nfq_handle* h = nfq_open(); if (!h) { fprintf(stderr, "error during nfq_open()\n"); exit(1); } printf("unbinding existing nf_queue handler for AF_INET (if any)\n"); if (nfq_unbind_pf(h, AF_INET) < 0) { fprintf(stderr, "error during nfq_unbind_pf()\n"); exit(1); } printf("binding nfnetlink_queue as nf_queue handler for AF_INET\n"); if (nfq_bind_pf(h, AF_INET) < 0) { fprintf(stderr, "error during nfq_bind_pf()\n"); exit(1); } //nfq_callback* cb = (nfq_callback*) calloc(1, sizeof(nfq_callback)); printf("binding this socket to queue '0'\n"); struct nfq_q_handle* qh = nfq_create_queue(h, 0, &cb, NULL); if (!qh) { fprintf(stderr, "error during nfq_create_queue()\n"); exit(1); } printf("setting copy_packet mode\n"); if (nfq_set_mode(qh, NFQNL_COPY_PACKET, 0xffff) < 0) { fprintf(stderr, "can't set packet_copy mode\n"); exit(1); } int fd = nfq_fd(h); int rv = -1; char* buf = (char*) calloc(1, 100001); while ((rv = recv(fd, buf, 10000, 0)) >= 0) { printf("pkt received\n received: [%d]\n\n", rv); nfq_handle_packet(h, buf, rv); } printf("unbinding from queue 0\n"); nfq_destroy_queue(qh); printf("closing library handle\n"); nfq_close(h); pthread_exit(NULL); }
void packetsrv_close(int smart) { log_area_printf(DEBUG_AREA_MAIN, DEBUG_LEVEL_SERIOUS_MESSAGE, "Destroy netfilter queue socket"); if (smart) nfq_destroy_queue(hndl); nfq_close(h); /* packet id will be reset after restart, we discard waiting packets */ clear_packet_list(); }
TmEcode VerdictNFQThreadDeinit(ThreadVars *tv, void *data) { NFQThreadVars *ntv = (NFQThreadVars *)data; NFQQueueVars *nq = NFQGetQueue(ntv->nfq_index); SCLogDebug("starting... will close queuenum %" PRIu32 "", nq->queue_num); NFQMutexLock(nq); if (nq->qh) { nfq_destroy_queue(nq->qh); nq->qh = NULL; } NFQMutexUnlock(nq); return TM_ECODE_OK; }
int main(int argc, char** argv) { int fd; ssize_t rv; char buf[4096]; struct nfq_handle* h; struct nfq_q_handle* qh; int i=0; h = nfq_open(); if (!h) { fprintf(stderr, "error during nfq_open()\n"); exit(1); } if (nfq_unbind_pf(h, AF_INET) < 0) { fprintf(stderr, "error during nfq_unbind_pf()\n"); exit(1); } if (nfq_bind_pf(h, AF_INET) < 0) { fprintf(stderr, "error during nfq_bind_pf()\n"); exit(1); } printf("Binding to queue 0...\n"); qh = nfq_create_queue(h, 0, &cb, NULL); if (!qh) { fprintf(stderr, "error during nfq_create_queue()\n"); exit(1); } printf("Copying packets...\n"); if (nfq_set_mode(qh, NFQNL_COPY_PACKET, 0xffff) < 0) { fprintf(stderr, "error during nfq_set_mode()\n"); exit(1); } fd = nfq_fd(h); memset(buf, 0, 4096); while ((rv = recv(fd, buf, sizeof(buf), 0)) && rv >= 0) { for (i = 0; i < rv; i++) printf("%02x\n", *(buf+i)); printf("\n\n"); nfq_handle_packet(h, buf, rv); } nfq_destroy_queue(qh); nfq_close(h); }
static void cleanup_state(struct packet_module_state *state) { if (state->queue) nfq_destroy_queue(state->queue); if (state->handle) nfq_close(state->handle); state->queue = NULL; state->handle = NULL; close(state->send_fd); close(state->send_mark_fd); free(state); }
/* ---------------------------------------------------------------------------- */ void fwnfq_destroy(void) { g_message("Unbinding from queue 0"); nfq_destroy_queue(qh); #ifdef INSANE /* normally, applications SHOULD NOT issue this command, since * it detaches other programs/sockets from AF_INET, too ! */ g_message("Unbinding from AF_INET"); nfq_unbind_pf(h, AF_INET); #endif g_message("Closing library handle"); nfq_close(h); }
int main(int argc, char **argv) { int fd, rv; char buf[BUFSIZE]; strcpy(listtype, argv[1]); if (get_url_info()) { printf("error during get_url_info()\n"); return 0; } memset(buf, 0, sizeof(buf)); /* open a netlink connection to get packet from kernel */ fd = netlink_open_connection(NULL); while (1) { rv = recv(fd, buf, sizeof(buf), 0); if ( rv >= 0) { #ifdef UFD_DEBUG printf("pkt received\n"); #endif nfq_handle_packet(h, buf, rv); memset(buf, 0, sizeof(buf)); } else { nfq_close(h); #ifdef UFD_DEBUG printf("nfq close done\n"); #endif fd = netlink_open_connection(NULL); #ifdef UFD_DEBUG printf("need to rebind to netfilter queue 0\n"); #endif } } #ifdef UFD_DEBUG printf("unbinding from queue 0\n"); #endif nfq_destroy_queue(qh); nfq_close(h); return 0; }
static void NFQDestroyQueue(NFQQueueVars *nq) { if (unlikely(nq == NULL)) { return; } SCLogDebug("starting... will close queuenum %" PRIu32 "", nq->queue_num); NFQMutexLock(nq); if (nq->qh != NULL) { nfq_destroy_queue(nq->qh); nq->qh = NULL; nfq_close(nq->h); nq->h = NULL; } NFQMutexUnlock(nq); }
/* clear resources for interception */ void interception_over() { #if (INTERCEPT_NFQUEUE) if (srv_settings.nfq_q_handler != NULL) { tc_log_info(LOG_NOTICE, 0, "unbinding from queue"); nfq_destroy_queue(srv_settings.nfq_q_handler); srv_settings.nfq_q_handler = NULL; } if (srv_settings.nfq_handler != NULL) { tc_log_info(LOG_NOTICE, 0, "closing nfq library handle"); nfq_close(srv_settings.nfq_handler); srv_settings.nfq_handler = NULL; } #endif router_destroy(); }
int teardown_nfq() { log_debug("unbinding from queue %d", NF_QUEUE_NUM); if (nfq_destroy_queue(g_nfq_qh) != 0) { log_error("error during nfq_destroy_queue()"); return -1; } #ifdef INSANE // normally, applications SHOULD NOT issue this command, since // it detaches other programs/sockets from AF_INET, too ! */ log_debug("unbinding from AF_INET"); nfq_unbind_pf(g_nfq_h, AF_INET); #endif log_debug("closing library handle"); if (nfq_close(g_nfq_h) != 0) { log_error("error during nfq_close()"); return -1; } return 0; }
static struct nfq_q_handle* create_q_handle(struct nfq_handle* h, nfq_callback* cb, void* data) { struct nfq_q_handle* qh = nfq_create_queue(h,queue_id++,cb,data); if(UNLIKELY(NULL == qh)) { fprintf(stderr,"Error creating queue %d\n",queue_id-1); goto error; } if(UNLIKELY(-1 == nfq_set_mode(qh, NFQNL_COPY_PACKET, MAX_BUFFER_SIZE))) { fprintf(stderr,"Error setting NFQ copy mode\n"); goto error; } return qh; error: if(qh) { nfq_destroy_queue(qh); } return NULL; }
/** * \brief Main NFQ reading Loop function */ TmEcode ReceiveNFQLoop(ThreadVars *tv, void *data, void *slot) { SCEnter(); NFQThreadVars *ntv = (NFQThreadVars *)data; NFQQueueVars *nq = NFQGetQueue(ntv->nfq_index); ntv->slot = ((TmSlot *) slot)->slot_next; while(1) { if (suricata_ctl_flags != 0) { NFQMutexLock(nq); if (nq->qh) { nfq_destroy_queue(nq->qh); nq->qh = NULL; } NFQMutexUnlock(nq); break; } NFQRecvPkt(nq, ntv); StatsSyncCountersIfSignalled(tv); } SCReturnInt(TM_ECODE_OK); }
NetherNetlink::~NetherNetlink() { if(queueHandle) nfq_destroy_queue(queueHandle); if(nfqHandle) nfq_close(nfqHandle); }
/* The nfq capture routine. */ int nfq_capture(fko_srv_options_t *opts) { int res, child_pid, fd_flags; int nfq_errcnt = 0; int pending_break = 0; int status; char nfq_buf[1500]; int chk_rm_all = 0; /* Netfilter-related handles */ int nfq_fd; struct nfq_handle *nfq_h; struct nfq_q_handle *nfq_qh; struct nfnl_handle *nfq_nh; nfq_h = nfq_open(); if (!nfq_h) { log_msg(LOG_ERR, "[*] nfq_open error\n"); clean_exit(opts, FW_CLEANUP, EXIT_FAILURE); } /* Unbind existing nf_queue handler for AF_INET (if any) */ res = nfq_unbind_pf(nfq_h, AF_INET); if (res < 0) { log_msg(LOG_WARNING, "[*] Error during nfq_unbind_pf() error: %d\n", res); } /* Bind the given queue connection handle to process packets. */ res = nfq_bind_pf(nfq_h, AF_INET); if ( res < 0) { log_msg(LOG_ERR, "Error during nfq_bind_pf(), error: %d\n", res); clean_exit(opts, FW_CLEANUP, EXIT_FAILURE); } /* Create queue */ nfq_qh = nfq_create_queue(nfq_h, atoi(opts->config[CONF_NFQ_QUEUE_NUMBER]), &process_nfq_packet, opts); if (!nfq_qh) { log_msg(LOG_ERR, "Error during nfq_create_queue()\n"); clean_exit(opts, FW_CLEANUP, EXIT_FAILURE); } /* Set the amount of data to be copied to userspace for each packet * queued to the given queue. */ if (nfq_set_mode(nfq_qh, NFQNL_COPY_PACKET, 0xffff) < 0) { log_msg(LOG_ERR, "Can't set packet_copy mode\n"); clean_exit(opts, FW_CLEANUP, EXIT_FAILURE); } /* Get the netlink handle associated with the given queue connection * handle. Then use it to get the file descriptor we will use for * receiving the queued packets */ nfq_nh = nfq_nfnlh(nfq_h); nfq_fd = nfnl_fd(nfq_nh); /* Set our nfq handle nonblocking mode. * */ if((fd_flags = fcntl(nfq_fd, F_GETFL, 0)) < 0) { log_msg(LOG_ERR, "nfq_capture: fcntl F_GETFL error: %s", strerror(errno)); clean_exit(opts, FW_CLEANUP, EXIT_FAILURE); } fd_flags |= O_NONBLOCK; if(fcntl(nfq_fd, F_SETFL, fd_flags) < 0) { log_msg(LOG_ERR, "nfq_capture: fcntl F_SETFL error setting O_NONBLOCK: %s", strerror(errno)); exit(EXIT_FAILURE); } /* Initialize our signal handlers. You can check the return value for * the number of signals that were *not* set. Those that were not set * will be listed in the log/stderr output. */ if(set_sig_handlers() > 0) log_msg(LOG_ERR, "Errors encountered when setting signal handlers."); log_msg(LOG_INFO, "Starting fwknopd main event loop."); /* Jump into our home-grown packet cature loop. */ while(1) { /* If we got a SIGCHLD and it was the tcp server, then handle it here. ** XXX: --DSS Do we need this here? I'm guessing we would not be using ** the TCP server in NF_QUEUE capture mode. */ if(got_sigchld) { if(opts->tcp_server_pid > 0) { child_pid = waitpid(0, &status, WNOHANG); if(child_pid == opts->tcp_server_pid) { if(WIFSIGNALED(status)) log_msg(LOG_WARNING, "TCP server got signal: %i", WTERMSIG(status)); log_msg(LOG_WARNING, "TCP server exited with status of %i. Attempting restart.", WEXITSTATUS(status) ); opts->tcp_server_pid = 0; /* Attempt to restart tcp server ? */ usleep(1000000); run_tcp_server(opts); } } got_sigchld = 0; } /* Any signal except USR1, USR2, and SIGCHLD mean break the loop. */ if(got_signal != 0) { if(got_sigint || got_sigterm || got_sighup) { pending_break = 1; } else if(got_sigusr1 || got_sigusr2) { /* Not doing anything with these yet. */ got_sigusr1 = got_sigusr2 = 0; got_signal = 0; } else got_signal = 0; } res = recv(nfq_fd, nfq_buf, sizeof(nfq_buf), 0); /* Count processed packets */ if(res > 0) { nfq_handle_packet(nfq_h, nfq_buf, res); /* Count the set of processed packets (nfq_dispatch() return * value) - we use this as a comparison for --packet-limit regardless * of SPA packet validity at this point. */ opts->packet_ctr += res; if (opts->packet_ctr_limit && opts->packet_ctr >= opts->packet_ctr_limit) { log_msg(LOG_WARNING, "* Incoming packet count limit of %i reached", opts->packet_ctr_limit ); pending_break = 1; } } /* If there was an error, complain and go on (to an extent before * giving up). */ else if(res < 0 && errno != EAGAIN) { log_msg(LOG_ERR, "[*] Error reading from nfq descriptor: %s", strerror); if(nfq_errcnt++ > MAX_NFQ_ERRORS_BEFORE_BAIL) { log_msg(LOG_ERR, "[*] %i consecutive nfq errors. Giving up", nfq_errcnt ); clean_exit(opts, FW_CLEANUP, EXIT_FAILURE); } } else if(pending_break == 1 || res == -2) { log_msg(LOG_INFO, "Gracefully leaving the fwknopd event loop."); break; } else nfq_errcnt = 0; /* Check for any expired firewall rules and deal with them. */ check_firewall_rules(opts, chk_rm_all); usleep(atoi(opts->config[CONF_NFQ_LOOP_SLEEP])); } nfq_destroy_queue(nfq_qh); nfq_close(nfq_h); return(0); }
QHandler::~QHandler() { std::cout << "unbinding from queue\n"; nfq_destroy_queue(qh); nfq_close(h); }
int main(int argc, char **argv) { struct nfq_handle *h; struct nfq_q_handle *qh; struct nfnl_handle *nh; int fd; int rv; char buf[4096]; printf("opening library handle\n"); h = nfq_open(); if (!h) { fprintf(stderr, "error during nfq_open()\n"); exit(1); } printf("unbinding existing nf_queue handler for AF_INET (if any)\n"); if (nfq_unbind_pf(h, AF_INET) < 0) { fprintf(stderr, "error during nfq_unbind_pf()\n"); exit(1); } printf("binding nfnetlink_queue as nf_queue handler for AF_INET\n"); if (nfq_bind_pf(h, AF_INET) < 0) { fprintf(stderr, "error during nfq_bind_pf()\n"); exit(1); } printf("binding this socket to queue '0'\n"); qh = nfq_create_queue(h, 0, &cb, NULL); if (!qh) { fprintf(stderr, "error during nfq_create_queue()\n"); exit(1); } printf("setting copy_packet mode\n"); if (nfq_set_mode(qh, NFQNL_COPY_PACKET, 0xffff) < 0) { fprintf(stderr, "can't set packet_copy mode\n"); exit(1); } nh = nfq_nfnlh(h); fd = nfnl_fd(nh); while ((rv = recv(fd, buf, sizeof(buf), 0)) && rv >= 0) { printf("pkt received\n"); nfq_handle_packet(h, buf, rv); } printf("unbinding from queue 0\n"); nfq_destroy_queue(qh); #ifdef INSANE /* normally, applications SHOULD NOT issue this command, since * it detaches other programs/sockets from AF_INET, too ! */ printf("unbinding from AF_INET\n"); nfq_unbind_pf(h, AF_INET); #endif printf("closing library handle\n"); nfq_close(h); exit(0); }
/* * NFQUEUE main loop * Reads packet and calls callback */ static void *nkn_nfqueue_thread(void *arg) { struct nfq_handle *nfq_h; struct nfq_q_handle *nfq_q_h; int64_t thread_id = (int64_t) arg; char buf[65536] __attribute__ ((aligned)); int fd, rv, opt, ret; int queue_created; char t_name[50]; #if 0 char mem_pool_str[64]; #endif snprintf(t_name, 50, "nfqueue-%ld", thread_id); prctl(PR_SET_NAME, t_name, 0, 0, 0); #if 0 snprintf(mem_pool_str, sizeof(mem_pool_str), "nfqueuemempool-%ld", thread_id); nkn_mem_create_thread_pool(mem_pool_str); #endif #ifdef PROCESS_IN_NF_THREAD nkn_dpi_event_handle_init(thread_id); #endif UNUSED_ARGUMENT(arg); while (1) { queue_created = 0; nfq_h = nfq_open(); if (!nfq_h) { DBG_LOG(ERROR, MOD_DPI_URIF, "error during nfq_open()\n"); goto end; } if (nfq_unbind_pf(nfq_h, AF_INET) < 0) { DBG_LOG(ERROR, MOD_DPI_URIF, "error during nfq_unbind_pf()\n"); goto end; } if (nfq_bind_pf(nfq_h, AF_INET) < 0) { if (errno != EEXIST) { DBG_LOG(ERROR, MOD_DPI_URIF, "error during nfq_bind_pf()\n"); goto end; } } nfq_q_h = nfq_create_queue(nfq_h, thread_id, &nkn_nfqueue_callback, arg); if (!nfq_q_h) { DBG_LOG(ERROR, MOD_DPI_URIF, "error during nfq_create_queue()\n"); goto end; } queue_created = 1; if (nfq_set_mode(nfq_q_h, NFQNL_COPY_PACKET, 0xffff) < 0) { DBG_LOG(ERROR, MOD_DPI_URIF, "can't set packet_copy mode\n"); goto end; } fd = nfq_fd(nfq_h); opt = 0; ret = setsockopt(fd, SOL_NETLINK, NETLINK_BROADCAST_SEND_ERROR, &opt, sizeof(int)); if (ret < 0) { DBG_LOG(ERROR, MOD_DPI_URIF, "Failed to un set broadcast send error\n"); } opt = 1; ret = setsockopt(fd, SOL_NETLINK, NETLINK_NO_ENOBUFS, &opt, sizeof(int)); if (ret < 0) { DBG_LOG(ERROR, MOD_DPI_URIF, "Failed to set no enobug\n"); } opt = 1024 * 1024 * 256; ret = setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &opt, sizeof(int)); if (ret < 0) { DBG_LOG(ERROR, MOD_DPI_URIF, "Failed to set recv buf size\n"); } ret = setsockopt(fd, SOL_SOCKET, SO_SNDBUF, &opt, sizeof(int)); if (ret < 0) { DBG_LOG(ERROR, MOD_DPI_URIF, "Failed to set send buf size\n"); } while ((rv = recv(fd, buf, sizeof(buf), 0)) && rv >= 0) { nfq_handle_packet(nfq_h, buf, rv); } end:; if (queue_created) nfq_destroy_queue(nfq_q_h); nfq_close(nfq_h); /* * Wait for 2 secs before retrying */ sleep(2); } return NULL; }
int main(int argc, char **argv) { struct nfq_handle *h; struct nfq_q_handle *qh; int fd; int rv; char buf[4096] __attribute__ ((aligned)); printf("Obteniendo el handle de la libreria: "); h = nfq_open(); if (!h) { fprintf(stderr, "Ha fallado\n"); exit(1); } else printf(" OK !\n"); printf("Haciendo unbind (por si existe alguno de AF_INET): "); if (nfq_unbind_pf(h, AF_INET) < 0) { fprintf(stderr, "error nfq_unbind_pf()\n"); exit(1); } else printf(" OK!\n"); printf("Vinculando nfnetlink_queue de tipo nf_queue handler para AF_INET:"); if (nfq_bind_pf(h, AF_INET) < 0) { fprintf(stderr, "error nfq_bind_pf()\n"); exit(1); } else printf(" OK!\n"); printf("Creando la vinculacion de la funcion callback con Queue 0, socket receptor: "); qh = nfq_create_queue(h, 0, &cb, NULL); if (!qh) { fprintf(stderr, "error during nfq_create_queue()\n"); exit(1); } else printf(" OK !\n"); printf("Definiendo que cantidad de paquete queremos recibir (no queremos todo para estas pruebas): "); if (nfq_set_mode(qh, NFQNL_COPY_PACKET, 0xffff) < 0) { fprintf(stderr, "FALLO el COPY_META mode\n"); exit(1); } else printf("OK\n"); fd = nfq_fd(h); printf("Realizando conexión a memcache: "); memc= memcached_create(NULL); servers= memcached_server_list_append(servers, "localhost", 11211, &rc); rc= memcached_server_push(memc, servers); if (rc == MEMCACHED_SUCCESS) printf(" OK ! \n"); else { printf("error conectando a memcache: %s\n",memcached_strerror(memc, rc)); exit(0); } printf("Realizando INIT de MySQL: "); con = mysql_init(NULL); if (con == NULL) { printf(" FAIL\n"); exit(1); } else printf("OK\n"); printf("Realizando Conexion a MYQSL: "); if (mysql_real_connect(con, "localhost", "root", "FIXMEPASSWORD", "nfqueue", 0, NULL, 0) == NULL) { printf(" FAILED\n"); exit(1); } else printf(" OKI\n"); printf("Todo Listo !\n Entrando en bucle principal de recepcion ..\n"); while ((rv = recv(fd, buf, sizeof(buf), 0))) { // Si todo ha ido bien, gestionamos el paquete: if (rv>=0) nfq_handle_packet(h, buf, rv); // es posible que tengamos packet loss porque // nuestro codigo es lento y se llena la queue: else if ( errno == ENOBUFS) { fflush(stdout); printf("!"); } // O "simplemente", que algo haya ido mal: else { printf("ERROR \n"); fflush(stdout); break; } } // Teoricamente, nunca llegaremos aqui, pero si llegamos // Habra que liberar bien y tal: printf("unbinding de queue 0\n"); nfq_destroy_queue(qh); printf("cerrando library handle\n"); nfq_close(h); exit(0); }
int main(int argc, char **argv) { struct nfq_handle *nfqHandle; struct nfq_q_handle *myQueue; struct nfnl_handle *netlinkHandle; int fd, res; char buf[BUFF_SIZE]; if (argc!=4) { fprintf(stderr,"Error in number of arguments\n"); exit(-1); } // get the public IP address. And the public IP address is host byte order. publicIP = inet_network(argv[1]); if (publicIP == 0) { fprintf(stderr,"Error in public IP\n"); exit(-1); } fprintf(stdout,"publicIP: %u\n",publicIP); // get the subnet IP address. And the subnet IP address is host byte order. internalIP = inet_network(argv[2]); if (internalIP == 0) { fprintf(stderr,"Error in internal IP\n"); exit(-1); } fprintf(stdout,"internalIP: %u\n",internalIP); mask = mask << (32-atoi(argv[3])); subnetIP = internalIP & mask; fprintf(stdout,"subnetIP: %u\n",subnetIP); initUdp( &udpHead ); initTcp( &tcpHead ); if ( !(nfqHandle = nfq_open())) { fprintf(stderr, "Error in nfq_open()\n"); exit(-1); } if ( nfq_unbind_pf(nfqHandle, AF_INET) < 0 ) { fprintf(stderr, "Error in nfq_unbind_pf()\n"); exit(-1); } if ( nfq_bind_pf(nfqHandle, AF_INET) < 0) { fprintf(stderr, "Error in nfq_bind_pf()\n"); exit(-1); } if ( !(myQueue = nfq_create_queue(nfqHandle, 0, &Callback123, NULL)) ) { fprintf(stderr, "Error in nfq_create_queue()\n"); exit(1); } if ( nfq_set_mode(myQueue, NFQNL_COPY_PACKET, 0xffff) <0 ) { fprintf(stderr, "Could not set packet copy mode\n"); exit(1); } netlinkHandle = nfq_nfnlh(nfqHandle); fd = nfnl_fd(netlinkHandle); fprintf(stdout,"ready to receive packets\n"); //Start to process the packet we receive. while ( (res = recv(fd, buf , sizeof(buf), 0)) && res>=0 ) { printf("\n\n\n*******NEW ONE*******\n"); fprintf(stdout,"in the loop\n"); nfq_handle_packet(nfqHandle, buf , res); } //End the process nfq_destroy_queue(myQueue); nfq_close(nfqHandle); return 0; }
void *erl_message_read_loop(void *arg_data) { thread_data_t *data = (thread_data_t *)arg_data; ErlMessage emsg; // Incoming message unsigned char buf[BUFSIZE]; // Buffer for incoming message int got; // Result of receive ETERM *fromp, *tuplep, *fun, *arg, *resp; // Erlang terms int loop = 1; // Loop flag char *f_name_atom; int q_num; int i = 0, temp; q_data_t *q_data[MAX_Q_NUMS]; // Per queue data response_t r; /* Exepected Erlang term: {from_pid(), {fun_name_atom, argument}}} or {from_pid(), {fun_name_atom, argument1, argument2}}} and returned term: {call_state, response} */ syslog(LOG_NOTICE,"[%d] Connection with node: %s\n\r",data->idx, data->node); for(i = 0; i < MAX_Q_NUMS; i++) { q_data[i] = malloc(sizeof(q_data_t)); q_data[i]->q_num = -1; q_data[i]->h = NULL; q_data[i]->qh = NULL; q_data[i]->pid = 0; } pthread_setname_np(pthread_self(), "msg_read_loop"); while (loop) { got = erl_receive_msg(data->fd, buf, BUFSIZE, &emsg); switch (got) { case ERL_TICK: syslog(LOG_NOTICE,"[%d] %s tick\n\r",data->idx, data->node); break; case ERL_ERROR: syslog(LOG_NOTICE,"[%d] %s erl_receive_msg error or node down\n\r",data->idx, data->node); loop = 0; break; case ERL_MSG: if (emsg.type == ERL_REG_SEND || emsg.type == ERL_SEND) { fromp = erl_element(1, emsg.msg); tuplep = erl_element(2, emsg.msg); fun = erl_element(1, tuplep); arg = erl_element(2, tuplep); f_name_atom = ERL_ATOM_PTR(fun); syslog(LOG_NOTICE,"[%d] %s %s()\n\r", data->idx, data->node, f_name_atom); if(strcmp(f_name_atom, "create_queue") == 0) { q_num = ERL_INT_VALUE(arg); r = create_queue(q_num, q_data, data); } else if(strcmp(f_name_atom, "destroy_queue") == 0) { q_num = ERL_INT_VALUE(arg); r = destroy_queue(q_num, q_data, data); } else if(strcmp(f_name_atom, "queue_list") == 0) { r = queue_list(q_data); } else if(strcmp(f_name_atom, "set_mode") == 0) { temp = ERL_INT_VALUE(arg); r = set_mode(temp, tuplep, q_data, data); } else if(strcmp(f_name_atom, "set_queue_len") == 0) { temp = ERL_INT_VALUE(arg); r = set_queue_len(temp, tuplep, q_data, data); } else if(strcmp(f_name_atom, "read_pkt_start") == 0) { q_num = ERL_INT_VALUE(arg); r = read_pkt_start(q_num, q_data, data); } else if(strcmp(f_name_atom, "read_pkt_stop") == 0) { q_num = ERL_INT_VALUE(arg); r = read_pkt_stop(q_num, q_data, data); } else { r.cs = erl_mk_atom("error"); r.rsp = erl_mk_estring("no such function", strlen("no such function")); } if ((resp = erl_format("{cnode, {reply, {~w, ~w}}}", r.cs, r.rsp)) != NULL) { if(!erl_send(data->fd, fromp, resp)) { syslog(LOG_ERR,"[%d] %s send reply error, exit loop\n\r", data->idx, data->node); loop = 0; } } else { syslog(LOG_ERR,"[%d] %s term format error\n\r", data->idx, data->node); loop = 0; } erl_free_term(emsg.from); erl_free_term(emsg.msg); erl_free_term(fromp); erl_free_term(tuplep); erl_free_term(fun); erl_free_term(arg); erl_free_term(resp); erl_free_term(r.rsp); erl_free_term(r.cs); } break; default: syslog(LOG_ERR,"[%d] %s something wrong! :(\n\r", data->idx, data->node); loop = 0; break; } } /* while */ for(i = 0; i < MAX_Q_NUMS; i++) { if(q_data[i]->pid > 0) pthread_cancel(q_data[i]->thread); if (q_data[i]->q_num >= 0) { nfq_destroy_queue(q_data[i]->qh); nfq_close(q_data[i]->h); } free(q_data[i]); } syslog(LOG_ERR,"[%d] %s thread stop\n\r", data->idx, data->node); free(data->node); free(data); pthread_exit(NULL); }