* [ULOGD PATCH 0/5] UID dump support in NFLOG, IPCMPv6 support in SQL
@ 2008-02-09 12:36 Eric Leblond
2008-02-09 12:36 ` [ULOGD PATCH 1/5] Fix treatment of return from function Eric Leblond
` (5 more replies)
0 siblings, 6 replies; 13+ messages in thread
From: Eric Leblond @ 2008-02-09 12:36 UTC (permalink / raw)
To: netfilter-devel
Hi,
This patchset starts with two minor code cleaning patches.
The rest of patchset contains some more significative things:
* Add UID in NFLOG (ood.uid) and make PRINTPKT able to display the key if
present
* Add IPCMPv6 support to SQL schema
BR,
--
Eric Leblond <eric@inl.fr>
INL: http://www.inl.fr/
^ permalink raw reply [flat|nested] 13+ messages in thread
* [ULOGD PATCH 1/5] Fix treatment of return from function
2008-02-09 12:36 [ULOGD PATCH 0/5] UID dump support in NFLOG, IPCMPv6 support in SQL Eric Leblond
@ 2008-02-09 12:36 ` Eric Leblond
2008-02-09 17:28 ` Pablo Neira Ayuso
2008-02-09 17:31 ` Pablo Neira Ayuso
2008-02-09 12:36 ` [ULOGD PATCH 2/5] Factorize definition of some macros Eric Leblond
` (4 subsequent siblings)
5 siblings, 2 replies; 13+ messages in thread
From: Eric Leblond @ 2008-02-09 12:36 UTC (permalink / raw)
To: netfilter-devel; +Cc: Eric Leblond
The treatment of the return of some functions from libnetfilter_log API was wrong and this
was preventing some fields to be propagated through the stack.
Signed-off-by: Eric Leblond <eric@inl.fr>
---
:100644 100644 be46fa2... 1b8e32c... M input/packet/ulogd_inppkt_NFLOG.c
input/packet/ulogd_inppkt_NFLOG.c | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/input/packet/ulogd_inppkt_NFLOG.c b/input/packet/ulogd_inppkt_NFLOG.c
index be46fa2..1b8e32c 100644
--- a/input/packet/ulogd_inppkt_NFLOG.c
+++ b/input/packet/ulogd_inppkt_NFLOG.c
@@ -317,11 +317,11 @@ interp_packet(struct ulogd_pluginstance *upi, struct nflog_data *ldata)
ret[NFLOG_KEY_OOB_IFINDEX_OUT].flags |= ULOGD_RETF_VALID;
}
- if (nflog_get_seq(ldata, &seq)) {
+ if (nflog_get_seq(ldata, &seq) == 0) {
ret[NFLOG_KEY_OOB_SEQ_LOCAL].u.value.ui32 = seq;
ret[NFLOG_KEY_OOB_SEQ_LOCAL].flags |= ULOGD_RETF_VALID;
}
- if (nflog_get_seq_global(ldata, &seq)) {
+ if (nflog_get_seq_global(ldata, &seq) == 0) {
ret[NFLOG_KEY_OOB_SEQ_GLOBAL].u.value.ui32 = seq;
ret[NFLOG_KEY_OOB_SEQ_GLOBAL].flags |= ULOGD_RETF_VALID;
}
--
1.5.2.5
^ permalink raw reply related [flat|nested] 13+ messages in thread
* [ULOGD PATCH 2/5] Factorize definition of some macros.
2008-02-09 12:36 [ULOGD PATCH 0/5] UID dump support in NFLOG, IPCMPv6 support in SQL Eric Leblond
2008-02-09 12:36 ` [ULOGD PATCH 1/5] Fix treatment of return from function Eric Leblond
@ 2008-02-09 12:36 ` Eric Leblond
2008-02-09 17:33 ` Pablo Neira Ayuso
2008-02-09 12:36 ` [PATCH 3/5] Add Icmpv6 support to SQL schema Eric Leblond
` (3 subsequent siblings)
5 siblings, 1 reply; 13+ messages in thread
From: Eric Leblond @ 2008-02-09 12:36 UTC (permalink / raw)
To: netfilter-devel; +Cc: Eric Leblond
Some macros were defined several time. This was the case of GET_VALUE,
pp_is_valid. This patch puts the definition in ulogd.h and fixes the
definition of pp_is_valid which was wrong (causing segfault by acessing to
fields at NULL).
Signed-off-by: Eric Leblond <eric@inl.fr>
---
:100644 100644 e490b64... 9b0110e... M filter/ulogd_filter_IP2BIN.c
:100644 100644 2a61220... 39edc05... M filter/ulogd_filter_IP2STR.c
:100644 100644 1bd0b6c... b1d0996... M include/ulogd/ulogd.h
:100644 100644 d803633... 92c4f0f... M util/printflow.c
:100644 100644 6606824... 35d8080... M util/printpkt.c
filter/ulogd_filter_IP2BIN.c | 5 -----
filter/ulogd_filter_IP2STR.c | 5 -----
include/ulogd/ulogd.h | 5 +++++
util/printflow.c | 4 ----
util/printpkt.c | 4 ----
5 files changed, 5 insertions(+), 18 deletions(-)
diff --git a/filter/ulogd_filter_IP2BIN.c b/filter/ulogd_filter_IP2BIN.c
index e490b64..9b0110e 100644
--- a/filter/ulogd_filter_IP2BIN.c
+++ b/filter/ulogd_filter_IP2BIN.c
@@ -114,11 +114,6 @@ static struct ulogd_key ip2bin_keys[] = {
};
-#define GET_VALUE(res, x) (res[x].u.source->u.value)
-#define GET_FLAGS(res, x) (res[x].u.source->flags)
-#define pp_is_valid(res, x) \
- (res[x].u.source && (GET_FLAGS(res, x) & ULOGD_RETF_VALID))
-
/**
* Convert IPv4 address (as 32-bit unsigned integer) to IPv6 address:
* add 96 bits prefix "::ffff:" to get IPv6 address "::ffff:a.b.c.d".
diff --git a/filter/ulogd_filter_IP2STR.c b/filter/ulogd_filter_IP2STR.c
index 2a61220..39edc05 100644
--- a/filter/ulogd_filter_IP2STR.c
+++ b/filter/ulogd_filter_IP2STR.c
@@ -113,11 +113,6 @@ static struct ulogd_key ip2str_keys[] = {
},
};
-#define GET_VALUE(res, x) (res[x].u.source->u.value)
-#define GET_FLAGS(res, x) (res[x].u.source->flags)
-#define pp_is_valid(res, x) \
- (res[x].u.source && (GET_FLAGS(res, x) & ULOGD_RETF_VALID))
-
static char *ip2str(struct ulogd_key* inp, int index, char family)
{
char tmp[IPADDR_LENGTH];
diff --git a/include/ulogd/ulogd.h b/include/ulogd/ulogd.h
index 1bd0b6c..b1d0996 100644
--- a/include/ulogd/ulogd.h
+++ b/include/ulogd/ulogd.h
@@ -216,6 +216,11 @@ void __ulogd_log(int level, char *file, int line, const char *message, ...);
#define IS_NEEDED(x) (x.flags & ULOGD_RETF_NEEDED)
#define SET_NEEDED(x) (x.flags |= ULOGD_RETF_NEEDED)
+#define GET_VALUE(res, x) (res[x].u.source->u.value)
+#define GET_FLAGS(res, x) (res[x].u.source->flags)
+#define pp_is_valid(res, x) \
+ (res[x].u.source && (GET_FLAGS(res, x) & ULOGD_RETF_VALID))
+
int ulogd_key_size(struct ulogd_key *key);
int ulogd_wildcard_inputkeys(struct ulogd_pluginstance *upi);
diff --git a/util/printflow.c b/util/printflow.c
index d803633..92c4f0f 100644
--- a/util/printflow.c
+++ b/util/printflow.c
@@ -131,10 +131,6 @@ struct ulogd_key printflow_keys[FLOW_IDS] = {
};
int printflow_keys_num = sizeof(printflow_keys)/sizeof(*printflow_keys);
-#define GET_VALUE(res, x) (res[x].u.source->u.value)
-#define GET_FLAGS(res, x) (res[x].u.source->flags)
-#define pp_is_valid(res, x) (GET_FLAGS(res, x) & ULOGD_RETF_VALID)
-
#define pp_print(buf_cur, label, res, x, type) \
if (pp_is_valid(res, x)) \
buf_cur += sprintf(buf_cur, label"=%u ", GET_VALUE(res, x).type);
diff --git a/util/printpkt.c b/util/printpkt.c
index 6606824..35d8080 100644
--- a/util/printpkt.c
+++ b/util/printpkt.c
@@ -89,10 +89,6 @@ struct ulogd_key printpkt_keys[] = {
[KEY_AHESP_SPI] = { .name = "ahesp.spi", },
};
-#define GET_VALUE(res, x) (res[x].u.source->u.value)
-#define GET_FLAGS(res, x) (res[x].u.source->flags)
-#define pp_is_valid(res, x) (GET_FLAGS(res, x) & ULOGD_RETF_VALID)
-
static int printpkt_proto(struct ulogd_key *res, char *buf, int protocol)
{
char *buf_cur = buf;
--
1.5.2.5
^ permalink raw reply related [flat|nested] 13+ messages in thread
* [PATCH 3/5] Add Icmpv6 support to SQL schema.
2008-02-09 12:36 [ULOGD PATCH 0/5] UID dump support in NFLOG, IPCMPv6 support in SQL Eric Leblond
2008-02-09 12:36 ` [ULOGD PATCH 1/5] Fix treatment of return from function Eric Leblond
2008-02-09 12:36 ` [ULOGD PATCH 2/5] Factorize definition of some macros Eric Leblond
@ 2008-02-09 12:36 ` Eric Leblond
2008-02-09 17:39 ` Pablo Neira Ayuso
2008-02-09 12:36 ` [ULOGD PATCH 4/5] Add support for UID dumping to NFLOG input plugin Eric Leblond
` (2 subsequent siblings)
5 siblings, 1 reply; 13+ messages in thread
From: Eric Leblond @ 2008-02-09 12:36 UTC (permalink / raw)
To: netfilter-devel; +Cc: Eric Leblond, Pierre Chifflier
Signed-off-by: Pierre Chifflier <chifflier@inl.fr>
Signed-off-by: Eric Leblond <eric@inl.fr>
---
:100644 100644 d42d216... b154c74... M doc/mysql-ulogd2.sql
:100644 100644 740a7ef... 87a85fb... M doc/pgsql-ulogd2.sql
doc/mysql-ulogd2.sql | 67 +++++++++++++++++++++++++++++++++++++++++++++----
doc/pgsql-ulogd2.sql | 55 ++++++++++++++++++++++++++++++++++++----
2 files changed, 110 insertions(+), 12 deletions(-)
diff --git a/doc/mysql-ulogd2.sql b/doc/mysql-ulogd2.sql
index d42d216..b154c74 100644
--- a/doc/mysql-ulogd2.sql
+++ b/doc/mysql-ulogd2.sql
@@ -14,7 +14,7 @@ CREATE TABLE `_format` (
`version` int(4) NOT NULL
) ENGINE=INNODB;
-INSERT INTO _format (version) VALUES (4);
+INSERT INTO _format (version) VALUES (5);
-- this table could be used to know which user-defined tables are linked
-- to ulog
@@ -31,8 +31,11 @@ DROP TABLE IF EXISTS `mac`;
DROP TABLE IF EXISTS `tcp`;
DROP TABLE IF EXISTS `udp`;
DROP TABLE IF EXISTS `icmp`;
+DROP TABLE IF EXISTS `icmpv6`;
DROP TABLE IF EXISTS `nufw`;
DROP TABLE IF EXISTS `ulog2_ct`;
+DROP TABLE IF EXISTS `state_t`;
+DROP TABLE IF EXISTS `nufw`;
DROP TABLE IF EXISTS `ulog2`;
CREATE TABLE `ulog2` (
@@ -125,6 +128,18 @@ CREATE TABLE `icmp` (
ALTER TABLE icmp ADD UNIQUE KEY `key_icmp_id` (`_icmp_id`);
ALTER TABLE icmp ADD KEY `index_icmp_id` (`_icmp_id`);
+CREATE TABLE `icmpv6` (
+ `_icmpv6_id` bigint unsigned NOT NULL,
+ `icmpv6_type` tinyint(3) unsigned default NULL,
+ `icmpv6_code` tinyint(3) unsigned default NULL,
+ `icmpv6_echoid` smallint(5) unsigned default NULL,
+ `icmpv6_echoseq` smallint(5) unsigned default NULL,
+ `icmpv6_csum` int(10) unsigned default NULL
+) ENGINE=INNODB;
+
+ALTER TABLE icmpv6 ADD UNIQUE KEY `key_icmpv6_id` (`_icmpv6_id`);
+ALTER TABLE icmpv6 ADD KEY `index_icmpv6_id` (`_icmpv6_id`);
+
-- views
@@ -143,6 +158,10 @@ DROP VIEW IF EXISTS `view_icmp`;
CREATE SQL SECURITY INVOKER VIEW `view_icmp` AS
SELECT * FROM ulog2 INNER JOIN icmp ON ulog2._id = icmp._icmp_id;
+DROP VIEW IF EXISTS `view_icmpv6`;
+CREATE SQL SECURITY INVOKER VIEW `view_icmpv6` AS
+ SELECT * FROM ulog2 INNER JOIN icmpv6 ON ulog2._id = icmpv6._icmpv6_id;
+
-- ulog view
DROP VIEW IF EXISTS `ulog`;
-- CREATE SQL SECURITY INVOKER VIEW `ulog` AS
@@ -187,9 +206,18 @@ CREATE SQL SECURITY INVOKER VIEW `ulog` AS
icmp_echoid,
icmp_echoseq,
icmp_gateway,
- icmp_fragmtu
+ icmp_fragmtu,
+ icmpv6_type,
+ icmpv6_code,
+ icmpv6_echoid,
+ icmpv6_echoseq,
+ icmpv6_csum
+-- mac_saddr,
+-- mac_daddr,
+-- mac_protocol,
FROM ulog2 LEFT JOIN tcp ON ulog2._id = tcp._tcp_id LEFT JOIN udp ON ulog2._id = udp._udp_id
- LEFT JOIN icmp ON ulog2._id = icmp._icmp_id LEFT JOIN mac ON ulog2._id = mac._mac_id;
+ LEFT JOIN icmp ON ulog2._id = icmp._icmp_id LEFT JOIN mac ON ulog2._id = mac._mac_id
+ LEFT JOIN icmpv6 ON ulog2._id = icmpv6._icmpv6_id;
-- shortcuts
@@ -303,7 +331,6 @@ INSERT INTO ip_proto (_proto_id,proto_name,proto_desc) VALUES
(58,'ipv6-icmp','ICMP for IPv6');
-- State
-DROP TABLE IF EXISTS `state_t`;
CREATE TABLE `state_t` (
`_state_id` bigint unsigned NOT NULL,
state tinyint(3) unsigned
@@ -319,7 +346,6 @@ INSERT INTO _extensions (ext_name,table_name,join_name) VALUES
-- NuFW specific
-DROP TABLE IF EXISTS `nufw`;
CREATE TABLE `nufw` (
`_nufw_id` bigint unsigned NOT NULL,
`username` varchar(30) default NULL,
@@ -362,6 +388,7 @@ SQL SECURITY INVOKER
COMMENT 'Drop constraints for ulog2 tables'
BEGIN
-- remember : table with most constraints first
+ ALTER TABLE icmpv6 DROP FOREIGN KEY _icmpv6_id;
ALTER TABLE icmp DROP FOREIGN KEY _icmp_id;
ALTER TABLE udp DROP FOREIGN KEY _udp_id;
ALTER TABLE tcp DROP FOREIGN KEY _tcp_id;
@@ -380,6 +407,7 @@ BEGIN
ALTER TABLE tcp ADD CONSTRAINT _tcp_id FOREIGN KEY (_tcp_id) REFERENCES ulog2 (_id);
ALTER TABLE udp ADD CONSTRAINT _udp_id FOREIGN KEY (_udp_id) REFERENCES ulog2 (_id);
ALTER TABLE icmp ADD CONSTRAINT _icmp_id FOREIGN KEY (_icmp_id) REFERENCES ulog2 (_id);
+ ALTER TABLE icmpv6 ADD CONSTRAINT _icmpv6_id FOREIGN KEY (_icmpv6_id) REFERENCES ulog2 (_id);
END
$$
delimiter ;
@@ -515,6 +543,25 @@ BEGIN
END
$$
+delimiter $$
+DROP PROCEDURE IF EXISTS PACKET_ADD_ICMPV6;
+CREATE PROCEDURE PACKET_ADD_ICMPV6(
+ IN `id` int(10) unsigned,
+ IN `_icmpv6_type` tinyint(3) unsigned,
+ IN `_icmpv6_code` tinyint(3) unsigned,
+ IN `_icmpv6_echoid` smallint(5) unsigned,
+ IN `_icmpv6_echoseq` smallint(5) unsigned,
+ IN `_icmpv6_csum` int(10) unsigned
+ )
+BEGIN
+ INSERT INTO icmpv6 (_icmpv6_id, icmpv6_type, icmpv6_code, icmpv6_echoid,
+ icmpv6_echoseq, icmpv6_csum) VALUES
+ (id, _icmpv6_type, _icmpv6_code, _icmpv6_echoid,
+ _icmpv6_echoseq, _icmpv6_csum);
+END
+$$
+
+
delimiter $$
DROP PROCEDURE IF EXISTS PACKET_ADD_MAC;
@@ -570,7 +617,12 @@ CREATE FUNCTION INSERT_PACKET_FULL(
icmp_echoid smallint(5) unsigned,
icmp_echoseq smallint(5) unsigned,
icmp_gateway int(10) unsigned,
- icmp_fragmtu smallint(5) unsigned
+ icmp_fragmtu smallint(5) unsigned,
+ icmpv6_type tinyint(3) unsigned,
+ icmpv6_code tinyint(3) unsigned,
+ icmpv6_echoid smallint(5) unsigned,
+ icmpv6_echoseq smallint(5) unsigned,
+ icmpv6_csum int(10) unsigned
-- mac_saddr binary(12),
-- mac_daddr binary(12),
-- mac_protocol smallint(5)
@@ -591,6 +643,9 @@ BEGIN
ELSEIF _ip_protocol = 1 THEN
CALL PACKET_ADD_ICMP(@lastid, icmp_type, icmp_code, icmp_echoid, icmp_echoseq,
icmp_gateway, icmp_fragmtu);
+ ELSEIF _ip_protocol = 58 THEN
+ CALL PACKET_ADD_ICMPV6(@lastid, icmpv6_type, icmpv6_code, icmpv6_echoid,
+ icmpv6_echoseq, icmpv6_csum);
END IF;
-- IF mac_protocol IS NOT NULL THEN
-- CALL PACKET_ADD_MAC(@lastid, mac_saddr, mac_daddr, mac_protocol);
diff --git a/doc/pgsql-ulogd2.sql b/doc/pgsql-ulogd2.sql
index 740a7ef..87a85fb 100644
--- a/doc/pgsql-ulogd2.sql
+++ b/doc/pgsql-ulogd2.sql
@@ -13,7 +13,7 @@ CREATE TABLE _format (
version integer
) WITH (OIDS=FALSE);
-INSERT INTO _format (version) VALUES (4);
+INSERT INTO _format (version) VALUES (5);
-- this table could be used to know which user-defined tables are linked
-- to ulog
@@ -29,6 +29,7 @@ DROP TABLE IF EXISTS mac CASCADE;
DROP TABLE IF EXISTS tcp CASCADE;
DROP TABLE IF EXISTS udp CASCADE;
DROP TABLE IF EXISTS icmp CASCADE;
+DROP TABLE IF EXISTS icmpv6 CASCADE;
DROP TABLE IF EXISTS nufw CASCADE;
DROP TABLE IF EXISTS ulog2_ct CASCADE;
DROP TABLE IF EXISTS ulog2 CASCADE;
@@ -118,6 +119,15 @@ CREATE TABLE icmp (
icmp_fragmtu smallint default NULL
) WITH (OIDS=FALSE);
+CREATE TABLE icmpv6 (
+ _icmpv6_id bigint PRIMARY KEY UNIQUE NOT NULL,
+ icmpv6_type smallint default NULL,
+ icmpv6_code smallint default NULL,
+ icmpv6_echoid smallint default NULL,
+ icmpv6_echoseq smallint default NULL,
+ icmpv6_csum integer default NULL
+) WITH (OIDS=FALSE);
+
--
-- VIEWS
--
@@ -131,6 +141,9 @@ CREATE OR REPLACE VIEW view_udp AS
CREATE OR REPLACE VIEW view_icmp AS
SELECT * FROM ulog2 INNER JOIN icmp ON ulog2._id = icmp._icmp_id;
+CREATE OR REPLACE VIEW view_icmpv6 AS
+ SELECT * FROM ulog2 INNER JOIN icmpv6 ON ulog2._id = icmpv6._icmpv6_id;
+
-- complete view
CREATE OR REPLACE VIEW ulog AS
SELECT _id,
@@ -171,9 +184,15 @@ CREATE OR REPLACE VIEW ulog AS
icmp_echoid,
icmp_echoseq,
icmp_gateway,
- icmp_fragmtu
+ icmp_fragmtu,
+ icmpv6_type,
+ icmpv6_code,
+ icmpv6_echoid,
+ icmpv6_echoseq,
+ icmpv6_csum
FROM ulog2 LEFT JOIN tcp ON ulog2._id = tcp._tcp_id LEFT JOIN udp ON ulog2._id = udp._udp_id
- LEFT JOIN icmp ON ulog2._id = icmp._icmp_id LEFT JOIN mac ON ulog2._id = mac._mac_id;
+ LEFT JOIN icmp ON ulog2._id = icmp._icmp_id LEFT JOIN mac ON ulog2._id = mac._mac_id
+ LEFT JOIN icmpv6 ON ulog2._id = icmpv6._icmpv6_id;
-- shortcuts
CREATE OR REPLACE VIEW view_tcp_quad AS
@@ -285,6 +304,7 @@ INSERT INTO _extensions (ext_name,table_name,join_name) VALUES
CREATE OR REPLACE FUNCTION ULOG2_DROP_FOREIGN_KEYS()
RETURNS void AS $$
+ ALTER TABLE icmpv6 DROP CONSTRAINT icmpv6_id_fk;
ALTER TABLE icmp DROP CONSTRAINT icmp_id_fk;
ALTER TABLE udp DROP CONSTRAINT udp_id_fk;
ALTER TABLE tcp DROP CONSTRAINT tcp_id_fk;
@@ -296,6 +316,7 @@ RETURNS void AS $$
ALTER TABLE tcp ADD CONSTRAINT tcp_id_fk FOREIGN KEY (_tcp_id) REFERENCES ulog2(_id);
ALTER TABLE udp ADD CONSTRAINT udp_id_fk FOREIGN KEY (_udp_id) REFERENCES ulog2(_id);
ALTER TABLE icmp ADD CONSTRAINT icmp_id_fk FOREIGN KEY (_icmp_id) REFERENCES ulog2(_id);
+ ALTER TABLE icmpv6 ADD CONSTRAINT icmpv6_id_fk FOREIGN KEY (_icmpv6_id) REFERENCES ulog2(_id);
$$ LANGUAGE SQL SECURITY INVOKER;
@@ -395,6 +416,21 @@ RETURNS bigint AS $$
SELECT currval('ulog2__id_seq');
$$ LANGUAGE SQL SECURITY INVOKER;
+CREATE OR REPLACE FUNCTION INSERT_ICMPV6(
+ IN icmpv6_id bigint,
+ IN icmpv6_type integer,
+ IN icmpv6_code integer,
+ IN icmpv6_echoid integer,
+ IN icmpv6_echoseq integer,
+ IN icmpv6_csum integer
+ )
+RETURNS bigint AS $$
+ INSERT INTO icmpv6 (_icmpv6_id,icmpv6_type,icmpv6_code,icmpv6_echoid,icmpv6_echoseq,icmpv6_csum)
+ VALUES ($1,$2,$3,$4,$5,$6);
+ SELECT currval('ulog2__id_seq');
+$$ LANGUAGE SQL SECURITY INVOKER;
+
+
-- this function requires plpgsql
-- su -c "createlang plpgsql ulog2" postgres
CREATE OR REPLACE FUNCTION INSERT_PACKET_FULL(
@@ -435,7 +471,12 @@ CREATE OR REPLACE FUNCTION INSERT_PACKET_FULL(
IN icmp_echoid integer,
IN icmp_echoseq integer,
IN icmp_gateway integer,
- IN icmp_fragmtu integer
+ IN icmp_fragmtu integer,
+ IN icmpv6_type integer,
+ IN icmpv6_code integer,
+ IN icmpv6_echoid integer,
+ IN icmpv6_echoseq integer,
+ IN icmpv6_csum integer
)
RETURNS bigint AS $$
DECLARE
@@ -445,9 +486,11 @@ BEGIN
IF (ip_protocol = 6) THEN
PERFORM INSERT_TCP_FULL(_id,$18,$19,$20,$21,$22,$23,$24,$25,$26,$27,$28,$29);
ELSIF (ip_protocol = 17) THEN
- PERFORM INSERT_UDP(_id,$30,$31,$32,$33);
+ PERFORM INSERT_UDP(_id,$30,$31,$32);
ELSIF (ip_protocol = 1) THEN
- PERFORM INSERT_ICMP(_id,$34,$35,$36,$37,$38,$39);
+ PERFORM INSERT_ICMP(_id,$33,$34,$35,$36,$37,$38);
+ ELSIF (ip_protocol = 58) THEN
+ PERFORM INSERT_ICMPV6(_id,$39,$40,$41,$42,$43);
END IF;
RETURN _id;
END
--
1.5.2.5
^ permalink raw reply related [flat|nested] 13+ messages in thread
* [ULOGD PATCH 4/5] Add support for UID dumping to NFLOG input plugin.
2008-02-09 12:36 [ULOGD PATCH 0/5] UID dump support in NFLOG, IPCMPv6 support in SQL Eric Leblond
` (2 preceding siblings ...)
2008-02-09 12:36 ` [PATCH 3/5] Add Icmpv6 support to SQL schema Eric Leblond
@ 2008-02-09 12:36 ` Eric Leblond
2008-02-09 17:40 ` Pablo Neira Ayuso
2008-02-09 12:36 ` [ULOGD PATCH 5/5] Add UID display to PRINTPKT filter Eric Leblond
2008-02-09 17:44 ` [ULOGD PATCH 0/5] UID dump support in NFLOG, IPCMPv6 support in SQL Pablo Neira Ayuso
5 siblings, 1 reply; 13+ messages in thread
From: Eric Leblond @ 2008-02-09 12:36 UTC (permalink / raw)
To: netfilter-devel; +Cc: Eric Leblond
Signed-off-by: Eric Leblond <eric@inl.fr>
---
input/packet/ulogd_inppkt_NFLOG.c | 14 ++++++++++++++
1 files changed, 14 insertions(+), 0 deletions(-)
diff --git a/input/packet/ulogd_inppkt_NFLOG.c b/input/packet/ulogd_inppkt_NFLOG.c
index 1b8e32c..3f013cc 100644
--- a/input/packet/ulogd_inppkt_NFLOG.c
+++ b/input/packet/ulogd_inppkt_NFLOG.c
@@ -106,6 +106,7 @@ enum nflog_keys {
NFLOG_KEY_OOB_SEQ_GLOBAL,
NFLOG_KEY_OOB_FAMILY,
NFLOG_KEY_OOB_PROTOCOL,
+ NFLOG_KEY_OOB_UID,
};
static struct ulogd_key output_keys[] = {
@@ -240,6 +241,12 @@ static struct ulogd_key output_keys[] = {
.flags = ULOGD_RETF_NONE,
.name = "oob.protocol",
},
+ {
+ .type = ULOGD_RET_UINT32,
+ .flags = ULOGD_RETF_NONE,
+ .name = "oob.uid",
+ },
+
};
static inline int
@@ -257,6 +264,8 @@ interp_packet(struct ulogd_pluginstance *upi, struct nflog_data *ldata)
u_int32_t indev = nflog_get_indev(ldata);
u_int32_t outdev = nflog_get_outdev(ldata);
u_int32_t seq;
+ u_int32_t uid;
+
ret[NFLOG_KEY_OOB_FAMILY].u.value.ui8 = af_ce(upi->config_kset).u.value;
ret[NFLOG_KEY_OOB_FAMILY].flags |= ULOGD_RETF_VALID;
@@ -317,6 +326,11 @@ interp_packet(struct ulogd_pluginstance *upi, struct nflog_data *ldata)
ret[NFLOG_KEY_OOB_IFINDEX_OUT].flags |= ULOGD_RETF_VALID;
}
+ if (nflog_get_uid(ldata, &uid) == 0) {
+ ret[NFLOG_KEY_OOB_UID].u.value.ui32 = uid;
+ ret[NFLOG_KEY_OOB_UID].flags |= ULOGD_RETF_VALID;
+ }
+
if (nflog_get_seq(ldata, &seq) == 0) {
ret[NFLOG_KEY_OOB_SEQ_LOCAL].u.value.ui32 = seq;
ret[NFLOG_KEY_OOB_SEQ_LOCAL].flags |= ULOGD_RETF_VALID;
--
1.5.2.5
^ permalink raw reply related [flat|nested] 13+ messages in thread
* [ULOGD PATCH 5/5] Add UID display to PRINTPKT filter.
2008-02-09 12:36 [ULOGD PATCH 0/5] UID dump support in NFLOG, IPCMPv6 support in SQL Eric Leblond
` (3 preceding siblings ...)
2008-02-09 12:36 ` [ULOGD PATCH 4/5] Add support for UID dumping to NFLOG input plugin Eric Leblond
@ 2008-02-09 12:36 ` Eric Leblond
2008-02-09 17:43 ` Pablo Neira Ayuso
2008-02-09 17:44 ` [ULOGD PATCH 0/5] UID dump support in NFLOG, IPCMPv6 support in SQL Pablo Neira Ayuso
5 siblings, 1 reply; 13+ messages in thread
From: Eric Leblond @ 2008-02-09 12:36 UTC (permalink / raw)
To: netfilter-devel; +Cc: Eric Leblond
Signed-off-by: Eric Leblond <eric@inl.fr>
---
:100644 100644 ae56946... b524fc2... M include/ulogd/printpkt.h
:100644 100644 35d8080... 93d506a... M util/printpkt.c
include/ulogd/printpkt.h | 1 +
util/printpkt.c | 7 +++++++
2 files changed, 8 insertions(+), 0 deletions(-)
diff --git a/include/ulogd/printpkt.h b/include/ulogd/printpkt.h
index ae56946..b524fc2 100644
--- a/include/ulogd/printpkt.h
+++ b/include/ulogd/printpkt.h
@@ -7,6 +7,7 @@ enum pkt_keys {
KEY_OOB_PREFIX,
KEY_OOB_IN,
KEY_OOB_OUT,
+ KEY_OOB_UID,
KEY_RAW_MAC,
KEY_RAW_MACLEN,
KEY_IP_SADDR,
diff --git a/util/printpkt.c b/util/printpkt.c
index 35d8080..93d506a 100644
--- a/util/printpkt.c
+++ b/util/printpkt.c
@@ -43,6 +43,9 @@ struct ulogd_key printpkt_keys[] = {
[KEY_OOB_PREFIX] = { .name = "oob.prefix", },
[KEY_OOB_IN] = { .name = "oob.in", },
[KEY_OOB_OUT] = { .name = "oob.out", },
+ [KEY_OOB_UID] = { .name = "oob.uid",
+ .flags = ULOGD_KEYF_OPTIONAL
+ },
[KEY_RAW_MAC] = { .name = "raw.mac", },
[KEY_RAW_MACLEN] = { .name = "raw.mac_len", },
[KEY_IP_SADDR] = { .name = "ip.saddr.str", },
@@ -365,6 +368,10 @@ int printpkt_print(struct ulogd_key *res, char *buf)
break;
}
+ if (pp_is_valid(res, KEY_OOB_UID))
+ buf_cur += sprintf(buf_cur, "UID=%d",
+ GET_VALUE(res, KEY_OOB_UID).ui32);
+
strcat(buf_cur, "\n");
return 0;
--
1.5.2.5
^ permalink raw reply related [flat|nested] 13+ messages in thread
* Re: [ULOGD PATCH 1/5] Fix treatment of return from function
2008-02-09 12:36 ` [ULOGD PATCH 1/5] Fix treatment of return from function Eric Leblond
@ 2008-02-09 17:28 ` Pablo Neira Ayuso
2008-02-09 17:31 ` Pablo Neira Ayuso
1 sibling, 0 replies; 13+ messages in thread
From: Pablo Neira Ayuso @ 2008-02-09 17:28 UTC (permalink / raw)
To: Eric Leblond; +Cc: netfilter-devel
Eric Leblond wrote:
> The treatment of the return of some functions from libnetfilter_log API was wrong and this
> was preventing some fields to be propagated through the stack.
Applied. Thanks.
--
"Los honestos son inadaptados sociales" -- Les Luthiers
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [ULOGD PATCH 1/5] Fix treatment of return from function
2008-02-09 12:36 ` [ULOGD PATCH 1/5] Fix treatment of return from function Eric Leblond
2008-02-09 17:28 ` Pablo Neira Ayuso
@ 2008-02-09 17:31 ` Pablo Neira Ayuso
1 sibling, 0 replies; 13+ messages in thread
From: Pablo Neira Ayuso @ 2008-02-09 17:31 UTC (permalink / raw)
To: Eric Leblond; +Cc: netfilter-devel
Eric Leblond wrote:
> The treatment of the return of some functions from libnetfilter_log API was wrong and this
> was preventing some fields to be propagated through the stack.
libnetfilter_log API is confusing, get_seq() should returns 1 if OK,
that seems more logical to me. Well, we don't have anything to do here
apart from rewritten the API or move later to libnl.
--
"Los honestos son inadaptados sociales" -- Les Luthiers
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [ULOGD PATCH 2/5] Factorize definition of some macros.
2008-02-09 12:36 ` [ULOGD PATCH 2/5] Factorize definition of some macros Eric Leblond
@ 2008-02-09 17:33 ` Pablo Neira Ayuso
0 siblings, 0 replies; 13+ messages in thread
From: Pablo Neira Ayuso @ 2008-02-09 17:33 UTC (permalink / raw)
To: Eric Leblond; +Cc: netfilter-devel
Eric Leblond wrote:
> Some macros were defined several time. This was the case of GET_VALUE,
> pp_is_valid. This patch puts the definition in ulogd.h and fixes the
> definition of pp_is_valid which was wrong (causing segfault by acessing to
> fields at NULL).
I like these sort of cleanups a lot. I think that the code of the input
handlers would be also much nicer if we cook some macros to setup values
and flags of the ulogd_keys.
Applied. Thanks Eric.
--
"Los honestos son inadaptados sociales" -- Les Luthiers
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [PATCH 3/5] Add Icmpv6 support to SQL schema.
2008-02-09 12:36 ` [PATCH 3/5] Add Icmpv6 support to SQL schema Eric Leblond
@ 2008-02-09 17:39 ` Pablo Neira Ayuso
0 siblings, 0 replies; 13+ messages in thread
From: Pablo Neira Ayuso @ 2008-02-09 17:39 UTC (permalink / raw)
To: Eric Leblond; +Cc: netfilter-devel, Pierre Chifflier
Eric Leblond wrote:
> Signed-off-by: Pierre Chifflier <chifflier@inl.fr>
> Signed-off-by: Eric Leblond <eric@inl.fr>
Applied, Thanks.
--
"Los honestos son inadaptados sociales" -- Les Luthiers
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [ULOGD PATCH 4/5] Add support for UID dumping to NFLOG input plugin.
2008-02-09 12:36 ` [ULOGD PATCH 4/5] Add support for UID dumping to NFLOG input plugin Eric Leblond
@ 2008-02-09 17:40 ` Pablo Neira Ayuso
0 siblings, 0 replies; 13+ messages in thread
From: Pablo Neira Ayuso @ 2008-02-09 17:40 UTC (permalink / raw)
To: Eric Leblond; +Cc: netfilter-devel
Eric Leblond wrote:
> Signed-off-by: Eric Leblond <eric@inl.fr>
Also applied. Thanks.
--
"Los honestos son inadaptados sociales" -- Les Luthiers
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [ULOGD PATCH 5/5] Add UID display to PRINTPKT filter.
2008-02-09 12:36 ` [ULOGD PATCH 5/5] Add UID display to PRINTPKT filter Eric Leblond
@ 2008-02-09 17:43 ` Pablo Neira Ayuso
0 siblings, 0 replies; 13+ messages in thread
From: Pablo Neira Ayuso @ 2008-02-09 17:43 UTC (permalink / raw)
To: Eric Leblond; +Cc: netfilter-devel
Eric Leblond wrote:
> Signed-off-by: Eric Leblond <eric@inl.fr>
Applied. Thanks Eric.
--
"Los honestos son inadaptados sociales" -- Les Luthiers
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [ULOGD PATCH 0/5] UID dump support in NFLOG, IPCMPv6 support in SQL
2008-02-09 12:36 [ULOGD PATCH 0/5] UID dump support in NFLOG, IPCMPv6 support in SQL Eric Leblond
` (4 preceding siblings ...)
2008-02-09 12:36 ` [ULOGD PATCH 5/5] Add UID display to PRINTPKT filter Eric Leblond
@ 2008-02-09 17:44 ` Pablo Neira Ayuso
5 siblings, 0 replies; 13+ messages in thread
From: Pablo Neira Ayuso @ 2008-02-09 17:44 UTC (permalink / raw)
To: Eric Leblond; +Cc: netfilter-devel
Hi Eric,
Eric Leblond wrote:
> This patchset starts with two minor code cleaning patches.
>
> The rest of patchset contains some more significative things:
> * Add UID in NFLOG (ood.uid) and make PRINTPKT able to display the key if
> present
> * Add IPCMPv6 support to SQL schema
Nice work again. Thanks for your patches.
--
"Los honestos son inadaptados sociales" -- Les Luthiers
^ permalink raw reply [flat|nested] 13+ messages in thread
end of thread, other threads:[~2008-02-09 17:44 UTC | newest]
Thread overview: 13+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2008-02-09 12:36 [ULOGD PATCH 0/5] UID dump support in NFLOG, IPCMPv6 support in SQL Eric Leblond
2008-02-09 12:36 ` [ULOGD PATCH 1/5] Fix treatment of return from function Eric Leblond
2008-02-09 17:28 ` Pablo Neira Ayuso
2008-02-09 17:31 ` Pablo Neira Ayuso
2008-02-09 12:36 ` [ULOGD PATCH 2/5] Factorize definition of some macros Eric Leblond
2008-02-09 17:33 ` Pablo Neira Ayuso
2008-02-09 12:36 ` [PATCH 3/5] Add Icmpv6 support to SQL schema Eric Leblond
2008-02-09 17:39 ` Pablo Neira Ayuso
2008-02-09 12:36 ` [ULOGD PATCH 4/5] Add support for UID dumping to NFLOG input plugin Eric Leblond
2008-02-09 17:40 ` Pablo Neira Ayuso
2008-02-09 12:36 ` [ULOGD PATCH 5/5] Add UID display to PRINTPKT filter Eric Leblond
2008-02-09 17:43 ` Pablo Neira Ayuso
2008-02-09 17:44 ` [ULOGD PATCH 0/5] UID dump support in NFLOG, IPCMPv6 support in SQL Pablo Neira Ayuso
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.