Expand description
Netfilter NFLOG high-level bindings
libnetfilter_log is a userspace library providing interface to packets that have been logged by the kernel packet filter. It is is part of a system that deprecates the old syslog/dmesg based packet logging.
libnetfilter_log homepage is: http://netfilter.org/projects/libnetfilter_log/
Using NFLOG requires root privileges, or the CAP_NET_ADMIN
capability
The code is available on Github
§Example
ⓘ
extern crate libc;
extern crate nflog;
use std::fmt::Write;
fn callback(msg: &nflog::Message) {
println!(" -> msg: {}", msg);
// this will send an error if there is no uid (for ex. incoming packets)
println!(" -> uid: {}, gid: {}", msg.get_uid().unwrap(), msg.get_gid().unwrap());
println!(" -> prefix: {}", msg.get_prefix().unwrap());
println!(" -> seq: {}", msg.get_seq().unwrap_or(0xffff));
let payload_data = msg.get_payload();
let mut s = String::new();
for &byte in payload_data {
write!(&mut s, "{:X} ", byte).unwrap();
}
println!("{}", s);
println!("XML\n{}", msg.as_xml_str(&[nflog::XMLFormatFlags::XmlAll]).unwrap());
}
fn main() {
let mut q = nflog::Queue::new();
q.open();
let rc = q.bind(libc::AF_INET);
assert!(rc == 0);
q.bind_group(0);
q.set_mode(nflog::CopyMode::CopyPacket, 0xffff);
q.set_flags(nflog::CfgFlags::CfgFlagsSeq);
q.set_callback(callback);
q.run_loop();
q.close();
}
Structs§
- Hardware (Ethernet) address
- Opaque struct
Message
: abstracts NFLOG data representing a packet data and metadata - Metaheader wrapping a packet
- Opaque struct
Queue
: abstracts an NFLOG queue
Enums§
- Configuration Flags
- Copy modes
- XML formatting flags
Type Aliases§
- Prototype for the callback function, triggered when a packet is received