Struct Queue

pub struct Queue { /* private fields */ }

Opaque struct Queue: abstracts an NFLOG queue

Implementations

impl Queue

pub fn new() -> Queue

Creates a new, uninitialized, Queue.

pub fn open(&mut self)

Opens a NFLOG handler

This function obtains a netfilter log connection handle. When you are finished with the handle returned by this function, you should destroy it by calling close(). A new netlink connection is obtained internally and associated with the log connection handle returned.

pub fn close(&mut self)

Closes a NFLOG handler

This function closes the nflog handler and free associated resources.

pub fn bind(&self, pf: c_int) -> i32

Bind a nflog handler to a given protocol family

Binds the given log connection handle to process packets belonging to the given protocol family (ie. PF_INET, PF_INET6, etc).

Arguments

• pf - Protocol family (usually AF_INET or AF_INET6)

Remarks:

Requires root privileges

pub fn unbind(&self, pf: c_int) -> i32

Unbinds the nflog handler from a protocol family

Unbinds the given nflog handle from processing packets belonging to the given protocol family.

Arguments

• pf - Protocol family (usually AF_INET or AF_INET6)

Remarks:

Requires root privileges

pub fn fd(&self) -> i32

Returns the C file descriptor associated with the nflog handler

This function returns a file descriptor that can be used for communication over the netlink connection associated with the given log connection handle.

pub fn bind_group(&mut self, num: u16)

Binds a new handle to a specific group number.

Arguments:

• num - The number of the group to bind to

pub fn unbind_group(&mut self)

Unbinds a group handle

Arguments:

• num - The number of the group to unbind to

pub fn set_mode(&self, mode: CopyMode, range: u32)

Set the amount of packet data that nflog copies to userspace

Arguments:

• mode - The part of the packet that we are interested in
• range - Size of the packet that we want to get

mode can be one of:

• NFULNL_COPY_NONE - do not copy any data
• NFULNL_COPY_META - copy only packet metadata
• NFULNL_COPY_PACKET - copy entire packet

pub fn set_timeout(&self, timeout: u32)

Sets the maximum time to push log buffer for this group

Arguments:

• timeout - Time to wait until the log buffer is pushed to userspace

This function allows to set the maximum time that nflog waits until it pushes the log buffer to userspace if no new logged packets have occured.

Basically, nflog implements a buffer to reduce the computational cost of delivering the log message to userspace.

pub fn set_qthresh(&self, qthresh: u32)

Sets the maximum amount of logs in buffer for this group

Arguments:

• qthresh - Maximum number of log entries

This function determines the maximum number of log entries in the buffer until it is pushed to userspace.

pub fn set_nlbufsiz(&self, nlbufsiz: u32)

Sets the size of the nflog buffer for this group

Arguments:

• nlbufsiz - Size of the nflog buffer

This function sets the size (in bytes) of the buffer that is used to stack log messages in nflog.

pub fn set_flags(&self, flags: CfgFlags)

Sets the nflog flags for this group

Arguments:

• flags - Flags that you want to set

There are two existing flags:

• NFULNL_CFG_F_SEQ: This enables local nflog sequence numbering.
• NFULNL_CFG_F_SEQ_GLOBAL: This enables global nflog sequence numbering.

pub fn set_callback(&mut self, cb: NflogCallback)

Registers the callback triggered when a packet is received

pub fn run_loop(&self)

Runs an infinite loop, waiting for packets and triggering the callback.