Crate nflog

Netfilter NFLOG high-level bindings

libnetfilter_log is a userspace library providing interface to packets that have been logged by the kernel packet filter. It is is part of a system that deprecates the old syslog/dmesg based packet logging.

libnetfilter_log homepage is: http://netfilter.org/projects/libnetfilter_log/

Using NFLOG requires root privileges, or the CAP_NET_ADMIN capability

The code is available on Github

Example

extern crate libc;
extern crate nflog;
use std::fmt::Write;

fn callback(msg: &nflog::Message) {
    println!(" -> msg: {}", msg);
    // this will send an error if there is no uid (for ex. incoming packets)
    println!(" -> uid: {}, gid: {}", msg.get_uid().unwrap(), msg.get_gid().unwrap());
    println!(" -> prefix: {}", msg.get_prefix().unwrap());
    println!(" -> seq: {}", msg.get_seq().unwrap_or(0xffff));

    let payload_data = msg.get_payload();
    let mut s = String::new();
    for &byte in payload_data {
        write!(&mut s, "{:X} ", byte).unwrap();
    }
    println!("{}", s);

    println!("XML\n{}", msg.as_xml_str(&[nflog::XMLFormatFlags::XmlAll]).unwrap());

}

fn main() {
    let mut q = nflog::Queue::new();

    q.open();

    let rc = q.bind(libc::AF_INET);
    assert!(rc == 0);

    q.bind_group(0);

    q.set_mode(nflog::CopyMode::CopyPacket, 0xffff);
    q.set_flags(nflog::CfgFlags::CfgFlagsSeq);

    q.set_callback(callback);
    q.run_loop();

    q.close();
}

Structs

HwAddr	Hardware (Ethernet) address
Message	Opaque struct Message: abstracts NFLOG data representing a packet data and metadata
NfMsgPacketHdr	Metaheader wrapping a packet
Queue	Opaque struct Queue: abstracts an NFLOG queue

Enums

CfgFlags	Configuration Flags
CopyMode	Copy modes
NflogError
XMLFormatFlags	XML formatting flags

Type Definitions

NflogCallback

Prototype for the callback function, triggered when a packet is received