5 #include <netinet/in.h> 6 #include <linux/types.h> 7 #include <linux/netfilter.h> 10 #include <libnetfilter_queue/libnetfilter_queue.h> 13 static uint32_t print_pkt (
struct nfq_data *tb)
16 struct nfqnl_msg_packet_hdr *ph;
17 struct nfqnl_msg_packet_hw *hwph;
18 uint32_t mark, ifi, uid, gid;
20 unsigned char *data, *secdata;
24 id = ntohl(ph->packet_id);
25 printf(
"hw_protocol=0x%04x hook=%u id=%u ",
26 ntohs(ph->hw_protocol), ph->hook,
id);
31 int i, hlen = ntohs(hwph->hw_addrlen);
33 printf(
"hw_src_addr=");
34 for (i = 0; i < hlen-1; i++)
35 printf(
"%02x:", hwph->hw_addr[i]);
36 printf(
"%02x ", hwph->hw_addr[hlen-1]);
41 printf(
"mark=%u ", mark);
45 printf(
"indev=%u ", ifi);
49 printf(
"outdev=%u ", ifi);
52 printf(
"physindev=%u ", ifi);
56 printf(
"physoutdev=%u ", ifi);
59 printf(
"uid=%u ", uid);
62 printf(
"gid=%u ", gid);
66 printf(
"secctx=\"%.*s\" ", ret, secdata);
70 printf(
"payload_len=%d ", ret);
78 static int cb(
struct nfq_q_handle *qh,
struct nfgenmsg *nfmsg,
79 struct nfq_data *nfa,
void *data)
81 uint32_t
id = print_pkt(nfa);
82 printf(
"entering callback\n");
86 int main(
int argc,
char **argv)
89 struct nfq_q_handle *qh;
93 char buf[4096] __attribute__ ((aligned));
96 queue = atoi(argv[1]);
98 fprintf(stderr,
"Usage: %s [<0-65535>]\n", argv[0]);
103 printf(
"opening library handle\n");
106 fprintf(stderr,
"error during nfq_open()\n");
110 printf(
"unbinding existing nf_queue handler for AF_INET (if any)\n");
112 fprintf(stderr,
"error during nfq_unbind_pf()\n");
116 printf(
"binding nfnetlink_queue as nf_queue handler for AF_INET\n");
118 fprintf(stderr,
"error during nfq_bind_pf()\n");
122 printf(
"binding this socket to queue '%d'\n", queue);
125 fprintf(stderr,
"error during nfq_create_queue()\n");
129 printf(
"setting copy_packet mode\n");
131 fprintf(stderr,
"can't set packet_copy mode\n");
135 printf(
"setting flags to request UID and GID\n");
137 fprintf(stderr,
"This kernel version does not allow to " 138 "retrieve process UID/GID.\n");
141 printf(
"setting flags to request security context\n");
143 fprintf(stderr,
"This kernel version does not allow to " 144 "retrieve security context.\n");
147 printf(
"Waiting for packets...\n");
152 if ((rv = recv(fd, buf,
sizeof(buf), 0)) >= 0) {
153 printf(
"pkt received\n");
164 if (rv < 0 && errno == ENOBUFS) {
165 printf(
"losing packets!\n");
168 perror(
"recv failed");
172 printf(
"unbinding from queue 0\n");
178 printf(
"unbinding from AF_INET\n");
182 printf(
"closing library handle\n");
struct nfqnl_msg_packet_hw * nfq_get_packet_hw(struct nfq_data *nfad)
int nfq_bind_pf(struct nfq_handle *h, uint16_t pf)
uint32_t nfq_get_indev(struct nfq_data *nfad)
int nfq_fd(struct nfq_handle *h)
struct nfq_q_handle * nfq_create_queue(struct nfq_handle *h, uint16_t num, nfq_callback *cb, void *data)
struct nfqnl_msg_packet_hdr * nfq_get_msg_packet_hdr(struct nfq_data *nfad)
int nfq_get_payload(struct nfq_data *nfad, unsigned char **data)
uint32_t nfq_get_physoutdev(struct nfq_data *nfad)
struct nfq_handle * nfq_open(void)
int nfq_set_mode(struct nfq_q_handle *qh, uint8_t mode, uint32_t range)
uint32_t nfq_get_physindev(struct nfq_data *nfad)
int nfq_get_gid(struct nfq_data *nfad, uint32_t *gid)
int nfq_destroy_queue(struct nfq_q_handle *qh)
uint32_t nfq_get_nfmark(struct nfq_data *nfad)
int nfq_unbind_pf(struct nfq_handle *h, uint16_t pf)
int nfq_handle_packet(struct nfq_handle *h, char *buf, int len)
int nfq_get_secctx(struct nfq_data *nfad, unsigned char **secdata)
int nfq_close(struct nfq_handle *h)
int nfq_get_uid(struct nfq_data *nfad, uint32_t *uid)
int nfq_set_queue_flags(struct nfq_q_handle *qh, uint32_t mask, uint32_t flags)
uint32_t nfq_get_outdev(struct nfq_data *nfad)
int nfq_set_verdict(struct nfq_q_handle *qh, uint32_t id, uint32_t verdict, uint32_t data_len, const unsigned char *buf)