/** * log_tuple() - Prints the "tuple" tuple in the kernel ring buffer. * @tuple: Structure to be dumped on logging. * * It's a ripoff of nf_ct_dump_tuple(), adjusted to comply to this project's logging requirements. */ void log_tuple(struct tuple *tuple) { switch (tuple->l3_proto) { case L3PROTO_IPV4: log_debug("Tuple: %pI4#%u -> %pI4#%u (%s)", &tuple->src.addr4.l3, tuple->src.addr4.l4, &tuple->dst.addr4.l3, tuple->dst.addr4.l4, l4proto_to_string(tuple->l4_proto)); break; case L3PROTO_IPV6: log_debug("Tuple: %pI6c#%u -> %pI6c#%u (%s)", &tuple->src.addr6.l3, tuple->src.addr6.l4, &tuple->dst.addr6.l3, tuple->dst.addr6.l4, l4proto_to_string(tuple->l4_proto)); break; } }
static void log_entries(struct bib_session *entries) { struct session_entry *session = &entries->session; if (entries->bib_set) { log_debug("BIB entry: %pI6c#%u - %pI4#%u (%s)", &session->src6.l3, session->src6.l4, &session->src4.l3, session->src4.l4, l4proto_to_string(session->proto)); } else { log_debug("BIB entry: None"); } if (entries->session_set) { log_debug("Session entry: %pI6c#%u - %pI6c#%u | %pI4#%u - %pI4#%u (%s)", &session->src6.l3, session->src6.l4, &session->dst6.l3, session->dst6.l4, &session->src4.l3, session->src4.l4, &session->dst4.l3, session->dst4.l4, l4proto_to_string(session->proto)); } else { log_debug("Session entry: None"); } }
static bool display_single_table(u_int8_t l4_proto, bool numeric_hostname, bool csv_format) { unsigned char request[HDR_LEN + PAYLOAD_LEN]; struct request_hdr *hdr = (struct request_hdr *) request; struct request_session *payload = (struct request_session *) (request + HDR_LEN); struct display_params params; bool error; if (!csv_format) { printf("%s:\n", l4proto_to_string(l4_proto)); printf("---------------------------------\n"); } init_request_hdr(hdr, sizeof(request), MODE_SESSION, OP_DISPLAY); payload->l4_proto = l4_proto; payload->display.connection_set = false; memset(&payload->display.remote4, 0, sizeof(payload->display.remote4)); memset(&payload->display.local4, 0, sizeof(payload->display.local4)); params.numeric_hostname = numeric_hostname; params.csv_format = csv_format; params.row_count = 0; params.req_payload = payload; do { error = netlink_request(request, hdr->length, session_display_response, ¶ms); } while (!error && params.req_payload->display.connection_set); if (!csv_format && !error) { if (params.row_count > 0) log_info(" (Fetched %u entries.)\n", params.row_count); else log_info(" (empty)\n"); } return error; }
static int logtime_display_response(struct nl_msg *msg, void *arg) { struct nlmsghdr *hdr; struct logtime_entry_usr *entries; struct display_params *params = arg; const char *l3_proto_out, *l4_proto; char *l3_proto_in; __u16 entry_count, i; hdr = nlmsg_hdr(msg); entries = nlmsg_data(hdr); entry_count = nlmsg_datalen(hdr) / sizeof(*entries); if (params->req_payload->l3_proto == L3PROTO_IPV4) { l3_proto_in = "IPv6"; } else { l3_proto_in = "IPv4"; } l3_proto_out = l3proto_to_string(params->req_payload->l3_proto); l4_proto = l4proto_to_string(params->req_payload->l4_proto); for (i = 0; i < entry_count; i++) { printf ("%s->%s,", l3_proto_in, l3_proto_out); printf ("%s,", l4_proto); printf ("%ld,%ld\n", entries[i].time.tv_sec, entries[i].time.tv_nsec); } params->row_count += entry_count; if (hdr->nlmsg_flags & NLM_F_MULTI) { params->req_payload->display.iterate = true; } else { params->req_payload->display.iterate = false; } return 0; }
static int session_display_response(struct nl_msg *msg, void *arg) { struct nlmsghdr *hdr; struct session_entry_usr *entries; struct display_params *params = arg; __u16 entry_count, i; hdr = nlmsg_hdr(msg); entries = nlmsg_data(hdr); entry_count = nlmsg_datalen(hdr) / sizeof(*entries); if (params->csv_format) { for (i = 0; i < entry_count; i++) { struct session_entry_usr *entry = &entries[i]; printf("%s,", l4proto_to_string(params->req_payload->l4_proto)); print_addr6(&entry->remote6, params->numeric_hostname, ",", params->req_payload->l4_proto); printf(","); print_addr6(&entry->local6, true, ",", params->req_payload->l4_proto); printf(","); print_addr4(&entry->local4, true, ",", params->req_payload->l4_proto); printf(","); print_addr4(&entry->remote4, params->numeric_hostname, ",", params->req_payload->l4_proto); printf(","); print_time_csv(entry->dying_time); if (params->req_payload->l4_proto == L4PROTO_TCP) printf(",%s", tcp_state_to_string(entry->state)); printf("\n"); } } else { for (i = 0; i < entry_count; i++) { struct session_entry_usr *entry = &entries[i]; if (params->req_payload->l4_proto == L4PROTO_TCP) printf("(%s) ", tcp_state_to_string(entry->state)); printf("Expires in "); print_time_friendly(entry->dying_time); printf("Remote: "); print_addr4(&entry->remote4, params->numeric_hostname, "#", params->req_payload->l4_proto); printf("\t"); print_addr6(&entry->remote6, params->numeric_hostname, "#", params->req_payload->l4_proto); printf("\n"); printf("Local: "); print_addr4(&entry->local4, true, "#", params->req_payload->l4_proto); printf("\t"); print_addr6(&entry->local6, true, "#", params->req_payload->l4_proto); printf("\n"); printf("---------------------------------\n"); } } params->row_count += entry_count; params->req_payload->display.connection_set = hdr->nlmsg_flags == NLM_F_MULTI; if (entry_count > 0) { params->req_payload->display.remote4 = entries[entry_count - 1].remote4; params->req_payload->display.local4 = entries[entry_count - 1].local4; } return 0; }