2 * src/nf-log.c Monitor netfilter log events
4 * This library is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU Lesser General Public
6 * License as published by the Free Software Foundation version 2.1
9 * Copyright (c) 2003-2006 Thomas Graf <tgraf@suug.ch>
10 * Copyright (c) 2007 Philip Craig <philipc@snapgear.com>
11 * Copyright (c) 2007 Secure Computing Corporation
14 #include <sys/types.h>
15 #include <linux/netfilter/nfnetlink_log.h>
18 #include <netlink/netfilter/nfnl.h>
19 #include <netlink/netfilter/log.h>
21 static void obj_input(struct nl_object *obj, void *arg)
23 struct nl_dump_params dp = {
24 .dp_type = NL_DUMP_STATS,
29 nl_object_dump(obj, &dp);
32 static int event_input(struct nl_msg *msg, void *arg)
34 if (nl_msg_parse(msg, &obj_input, NULL) < 0)
35 fprintf(stderr, "<<EVENT>> Unknown message type\n");
37 /* Exit nl_recvmsgs_def() and return to the main select() */
41 int main(int argc, char *argv[])
43 struct nl_handle *nfnlh;
44 struct nl_handle *rtnlh;
45 struct nl_cache *link_cache;
49 if (nltool_init(argc, argv) < 0)
52 nfnlh = nltool_alloc_handle();
56 nl_disable_sequence_check(nfnlh);
58 nl_socket_modify_cb(nfnlh, NL_CB_VALID, NL_CB_CUSTOM, event_input, NULL);
60 if ((argc > 1 && !strcasecmp(argv[1], "-h")) || argc < 3) {
61 printf("Usage: nf-log family group\n");
65 if (nfnl_connect(nfnlh) < 0) {
66 fprintf(stderr, "%s\n", nl_geterror());
70 family = nl_str2af(argv[1]);
71 if (family == AF_UNSPEC) {
72 fprintf(stderr, "Unknown family: %s\n", argv[1]);
75 if (nfnl_log_pf_unbind(nfnlh, family) < 0) {
76 fprintf(stderr, "%s\n", nl_geterror());
79 if (nfnl_log_pf_bind(nfnlh, family) < 0) {
80 fprintf(stderr, "%s\n", nl_geterror());
84 group = nl_str2af(argv[2]);
85 if (nfnl_log_bind(nfnlh, group) < 0) {
86 fprintf(stderr, "%s\n", nl_geterror());
90 if (nfnl_log_set_mode(nfnlh, 0, NFULNL_COPY_PACKET, 0xffff) < 0) {
91 fprintf(stderr, "%s\n", nl_geterror());
95 rtnlh = nltool_alloc_handle();
100 if (nl_connect(rtnlh, NETLINK_ROUTE) < 0) {
101 fprintf(stderr, "%s\n", nl_geterror());
105 if ((link_cache = rtnl_link_alloc_cache(rtnlh)) == NULL) {
106 fprintf(stderr, "%s\n", nl_geterror());
110 nl_cache_mngt_provide(link_cache);
114 int nffd, rtfd, maxfd, retval;
118 maxfd = nffd = nl_socket_get_fd(nfnlh);
121 rtfd = nl_socket_get_fd(rtnlh);
126 /* wait for an incoming message on the netlink socket */
127 retval = select(maxfd+1, &rfds, NULL, NULL, NULL);
130 if (FD_ISSET(nffd, &rfds))
131 nl_recvmsgs_default(nfnlh);
132 if (FD_ISSET(rtfd, &rfds))
133 nl_recvmsgs_default(rtnlh);