1 #ifndef _NF_LOG_H 2 #define _NF_LOG_H 3 4 #include <linux/netfilter.h> 5 #include <linux/netfilter/nf_log.h> 6 7 /* Log tcp sequence, tcp options, ip options and uid owning local socket */ 8 #define NF_LOG_DEFAULT_MASK 0x0f 9 10 /* This flag indicates that copy_len field in nf_loginfo is set */ 11 #define NF_LOG_F_COPY_LEN 0x1 12 13 enum nf_log_type { 14 NF_LOG_TYPE_LOG = 0, 15 NF_LOG_TYPE_ULOG, 16 NF_LOG_TYPE_MAX 17 }; 18 19 struct nf_loginfo { 20 u_int8_t type; 21 union { 22 struct { 23 /* copy_len will be used iff you set 24 * NF_LOG_F_COPY_LEN in flags 25 */ 26 u_int32_t copy_len; 27 u_int16_t group; 28 u_int16_t qthreshold; 29 u_int16_t flags; 30 } ulog; 31 struct { 32 u_int8_t level; 33 u_int8_t logflags; 34 } log; 35 } u; 36 }; 37 38 typedef void nf_logfn(struct net *net, 39 u_int8_t pf, 40 unsigned int hooknum, 41 const struct sk_buff *skb, 42 const struct net_device *in, 43 const struct net_device *out, 44 const struct nf_loginfo *li, 45 const char *prefix); 46 47 struct nf_logger { 48 char *name; 49 enum nf_log_type type; 50 nf_logfn *logfn; 51 struct module *me; 52 }; 53 54 /* sysctl_nf_log_all_netns - allow LOG target in all network namespaces */ 55 extern int sysctl_nf_log_all_netns; 56 57 /* Function to register/unregister log function. */ 58 int nf_log_register(u_int8_t pf, struct nf_logger *logger); 59 void nf_log_unregister(struct nf_logger *logger); 60 61 int nf_log_set(struct net *net, u_int8_t pf, const struct nf_logger *logger); 62 void nf_log_unset(struct net *net, const struct nf_logger *logger); 63 64 int nf_log_bind_pf(struct net *net, u_int8_t pf, 65 const struct nf_logger *logger); 66 void nf_log_unbind_pf(struct net *net, u_int8_t pf); 67 68 int nf_logger_find_get(int pf, enum nf_log_type type); 69 void nf_logger_put(int pf, enum nf_log_type type); 70 void nf_logger_request_module(int pf, enum nf_log_type type); 71 72 #define MODULE_ALIAS_NF_LOGGER(family, type) \ 73 MODULE_ALIAS("nf-logger-" __stringify(family) "-" __stringify(type)) 74 75 /* Calls the registered backend logging function */ 76 __printf(8, 9) 77 void nf_log_packet(struct net *net, 78 u_int8_t pf, 79 unsigned int hooknum, 80 const struct sk_buff *skb, 81 const struct net_device *in, 82 const struct net_device *out, 83 const struct nf_loginfo *li, 84 const char *fmt, ...); 85 86 __printf(8, 9) 87 void nf_log_trace(struct net *net, 88 u_int8_t pf, 89 unsigned int hooknum, 90 const struct sk_buff *skb, 91 const struct net_device *in, 92 const struct net_device *out, 93 const struct nf_loginfo *li, 94 const char *fmt, ...); 95 96 struct nf_log_buf; 97 98 struct nf_log_buf *nf_log_buf_open(void); 99 __printf(2, 3) int nf_log_buf_add(struct nf_log_buf *m, const char *f, ...); 100 void nf_log_buf_close(struct nf_log_buf *m); 101 102 /* common logging functions */ 103 int nf_log_dump_udp_header(struct nf_log_buf *m, const struct sk_buff *skb, 104 u8 proto, int fragment, unsigned int offset); 105 int nf_log_dump_tcp_header(struct nf_log_buf *m, const struct sk_buff *skb, 106 u8 proto, int fragment, unsigned int offset, 107 unsigned int logflags); 108 void nf_log_dump_sk_uid_gid(struct nf_log_buf *m, struct sock *sk); 109 void nf_log_dump_packet_common(struct nf_log_buf *m, u_int8_t pf, 110 unsigned int hooknum, const struct sk_buff *skb, 111 const struct net_device *in, 112 const struct net_device *out, 113 const struct nf_loginfo *loginfo, 114 const char *prefix); 115 void nf_log_l2packet(struct net *net, u_int8_t pf, 116 __be16 protocol, 117 unsigned int hooknum, 118 const struct sk_buff *skb, 119 const struct net_device *in, 120 const struct net_device *out, 121 const struct nf_loginfo *loginfo, const char *prefix); 122 123 #endif /* _NF_LOG_H */ 124