-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

[cross-posted to comp.os.linux.networking and
comp.os.linux.development.system]

I'm running Ubuntu Gutsy (amd64 architecture). I'm writing a simple test
application which will print network packet information logged via 'ULOG'
target in 'netfilter'[1].

I'm using following 'iptables' command to create a rule which logs all TCP
packets in 'ppp0' interface in INPUT chain (following command might wrap):

# iptables -A INPUT -i ppp0 -p tcp -j ULOG --ulog-nlgroup 1 --ulog-prefix
capture --ulog-qthreshold 1

I've verified working of above rule, by replacing ULOG with LOG.

Following is the test program I wrote:

- ----8<----8<----
// ulog-test.c
#include
#include
#include
#include
#include
#include
#include

#include

#define BUFSIZE 1024

static struct nflog_handle* h;
static struct nflog_g_handle* gh;

int
ulog_cb(struct nflog_g_handle* gh, struct nfgenmsg* nfmsg,
struct nflog_data* nfad, void* data)
{
fprintf(stderr, "Callbacked\n");
}

void
cleanup(int signo)
{
fprintf(stderr, "terminating...\n");
if(!gh)
{
nflog_unbind_group(gh);
gh = NULL;
}
if(!h)
{
nflog_close(h);
h = NULL;
}
}

int
main()
{
struct pollfd fd[1];
int retval;
int running = 1;
void* buffer;

if((!(buffer = malloc(BUFSIZE))))
{
fprintf(stderr, "malloc() failed.\n");
return 2;
}

if(!(h = nflog_open()))
{
fprintf(stderr, "nflog_open() failed.\n");
return 1;
}
if(!(gh = nflog_bind_group(h, 1)))
{
fprintf(stderr, "nflog_bind_group() failed.\n");
return 1;
}

signal(SIGINT, cleanup);

fprintf(stderr, "nflog_set_mode() = %d\n", nflog_set_mode(gh,
NFULNL_COPY_META, BUFSIZE));
fprintf(stderr, "nflog_callback_register() = %d\n",
nflog_callback_register(gh, ulog_cb, NULL));
fprintf(stderr, "nflog_set_timeout() = %d\n", nflog_set_timeout(gh, 5));
fprintf(stderr, "Registered callback\n");

memset(&fd, 0, sizeof(struct pollfd));
fd[0].fd = nflog_fd(h);
fd[0].events = POLLIN;

do {
fprintf(stderr, "Polling\n");
if((retval = poll(fd, 1, -1) ) == -1)
{
fprintf(stderr, "before EINTR\n");
if(errno == EINTR)
{
if(!h) running = 0;
}
}
else
{
fprintf(stderr, "before POLLIN\n");
if(fd[0].revents & POLLIN)
{
fprintf(stderr, "Read %d bytes.\n",
(retval = recv(fd, buffer, BUFSIZE, 0)));
if(retval == -1)
{
if(errno == EINTR)
{
running = 0;
}
}
}
}
} while(running);

if(buffer)
{
free(buffer);
buffer = NULL;
}

fprintf(stderr, "Exiting...\n");
return 0;
}

// vim:ts=2:sw=2
- ---->8---->8----

To compile above program, I use:

% cc -o ulog-test ulog-test.c `pkg-config --libs --cflags libnetfilter_log`

To run above program, I use:

# ./ulog-test

In above program, I'm not able to receive any packets. I expect it to print
at least 'Read n bytes'. If there are any errors in above program, please
point out.

References:
[1] - http://netfilter.org/projects/libnet...log/index.html

TIA
- --
Ashish Shukla आशीष शुक्ल http://wahjava.wordpress.com/
·-- ·- ···· ·--- ·- ···- ·- ·--·-· --· -- ·- ·· ·-·· ·-·-·- -·-· --- --
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHUxUfHy+EEHYuXnQRAiZ6AKC/39J57Tyvo9pvvFTcfzOqdEOK2ACgnZji
L2YAD1zQrw+IqMDSBPbQI7g=
=KGAW
-----END PGP SIGNATURE-----