netfilter
firewalling, NAT, and packet mangling for linux
 All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Macros Modules Pages
libnfnetlink.c File Reference
#include <stdlib.h>
#include <stdio.h>
#include <unistd.h>
#include <errno.h>
#include <string.h>
#include <time.h>
#include <netinet/in.h>
#include <assert.h>
#include <linux/types.h>
#include <sys/socket.h>
#include <sys/uio.h>
#include <linux/netlink.h>
#include <libnfnetlink/libnfnetlink.h>
Include dependency graph for libnfnetlink.c:

Data Structures

struct  nfnl_subsys_handle
 
struct  nfnl_handle
 
struct  nfnl_iterator
 

Macros

#define NETLINK_ADD_MEMBERSHIP   1
 
#define SOL_NETLINK   270
 
#define nfnl_error(format, args...)   fprintf(stderr, "%s: " format "\n", __FUNCTION__, ## args)
 
#define nfnl_debug_dump_packet(a, b,...)
 
#define NFNL_MAX_SUBSYS   16 /* enough for now */
 
#define NFNL_F_SEQTRACK_ENABLED   (1 << 0)
 
#define SO_RCVBUFFORCE   (33)
 

Functions

void nfnl_dump_packet (struct nlmsghdr *nlh, int received_len, char *desc)
 
int nfnl_fd (struct nfnl_handle *h)
 nfnl_fd - returns the descriptor that identifies the socket : nfnetlink handler More...
 
unsigned int nfnl_portid (const struct nfnl_handle *h)
 nfnl_portid - returns the Netlink port ID of this socket : nfnetlink handler More...
 
struct nfnl_handlenfnl_open (void)
 nfnl_open - open a nfnetlink handler More...
 
void nfnl_set_sequence_tracking (struct nfnl_handle *h)
 nfnl_set_sequence_tracking - set netlink sequence tracking : nfnetlink handler More...
 
void nfnl_unset_sequence_tracking (struct nfnl_handle *h)
 nfnl_unset_sequence_tracking - set netlink sequence tracking : nfnetlink handler More...
 
void nfnl_set_rcv_buffer_size (struct nfnl_handle *h, unsigned int size)
 nfnl_set_rcv_buffer_size - set the size of the receive buffer : libnfnetlink handler : buffer size More...
 
struct nfnl_subsys_handlenfnl_subsys_open (struct nfnl_handle *nfnlh, u_int8_t subsys_id, u_int8_t cb_count, u_int32_t subscriptions)
 nfnl_subsys_open - open a netlink subsystem : libnfnetlink handle : which nfnetlink subsystem we are interested in : number of callbacks that are used maximum. More...
 
void nfnl_subsys_close (struct nfnl_subsys_handle *ssh)
 nfnl_subsys_close - close a nfnetlink subsys handler : nfnetlink subsystem handler More...
 
int nfnl_close (struct nfnl_handle *nfnlh)
 nfnl_close - close a nfnetlink handler : nfnetlink handler More...
 
int nfnl_join (const struct nfnl_handle *nfnlh, unsigned int group)
 nfnl_join - join a nfnetlink multicast group : nfnetlink handler : group we want to join More...
 
int nfnl_send (struct nfnl_handle *nfnlh, struct nlmsghdr *n)
 nfnl_send - send a nfnetlink message through netlink socket : nfnetlink handler
: netlink message More...
 
int nfnl_sendmsg (const struct nfnl_handle *nfnlh, const struct msghdr *msg, unsigned int flags)
 
int nfnl_sendiov (const struct nfnl_handle *nfnlh, const struct iovec *iov, unsigned int num, unsigned int flags)
 
void nfnl_fill_hdr (struct nfnl_subsys_handle *ssh, struct nlmsghdr *nlh, unsigned int len, u_int8_t family, u_int16_t res_id, u_int16_t msg_type, u_int16_t msg_flags)
 nfnl_fill_hdr - fill in netlink and nfnetlink header : nfnetlink handle : netlink message to be filled in : length of payload bytes (not including nfgenmsg) : AF_INET / ... More...
 
struct nfattrnfnl_parse_hdr (const struct nfnl_handle *nfnlh, const struct nlmsghdr *nlh, struct nfgenmsg **genmsg)
 
ssize_t nfnl_recv (const struct nfnl_handle *h, unsigned char *buf, size_t len)
 nfnl_recv - receive data from a nfnetlink subsystem : nfnetlink handler : buffer where the data will be stored : size of the buffer More...
 
int nfnl_listen (struct nfnl_handle *nfnlh, int(*handler)(struct sockaddr_nl *, struct nlmsghdr *n, void *), void *jarg)
 nfnl_listen: listen for one or more netlink messages : libnfnetlink handle : callback function to be called for every netlink message More...
 
int nfnl_talk (struct nfnl_handle *nfnlh, struct nlmsghdr *n, pid_t peer, unsigned groups, struct nlmsghdr *answer, int(*junk)(struct sockaddr_nl *, struct nlmsghdr *n, void *), void *jarg)
 nfnl_talk - send a request and then receive and process messages returned : nfnetelink handler
: netlink message that contains the request : peer PID : netlink groups : callback called if out-of-sequence messages were received : data for the junk callback More...
 
int nfnl_addattr_l (struct nlmsghdr *n, int maxlen, int type, const void *data, int alen)
 nfnl_addattr_l - Add variable length attribute to nlmsghdr
: netlink message header to which attribute is to be added : maximum length of netlink message header : type of new attribute : content of new attribute : attribute length More...
 
int nfnl_nfa_addattr_l (struct nfattr *nfa, int maxlen, int type, const void *data, int alen)
 nfnl_nfa_addattr_l - Add variable length attribute to struct nfattr More...
 
int nfnl_addattr8 (struct nlmsghdr *n, int maxlen, int type, u_int8_t data)
 nfnl_addattr8 - Add u_int8_t attribute to nlmsghdr More...
 
int nfnl_nfa_addattr16 (struct nfattr *nfa, int maxlen, int type, u_int16_t data)
 nfnl_nfa_addattr16 - Add u_int16_t attribute to struct nfattr More...
 
int nfnl_addattr16 (struct nlmsghdr *n, int maxlen, int type, u_int16_t data)
 nfnl_addattr16 - Add u_int16_t attribute to nlmsghdr More...
 
int nfnl_nfa_addattr32 (struct nfattr *nfa, int maxlen, int type, u_int32_t data)
 nfnl_nfa_addattr32 - Add u_int32_t attribute to struct nfattr More...
 
int nfnl_addattr32 (struct nlmsghdr *n, int maxlen, int type, u_int32_t data)
 nfnl_addattr32 - Add u_int32_t attribute to nlmsghdr More...
 
int nfnl_parse_attr (struct nfattr *tb[], int max, struct nfattr *nfa, int len)
 nfnl_parse_attr - Parse a list of nfattrs into a pointer array More...
 
void nfnl_build_nfa_iovec (struct iovec *iov, struct nfattr *nfa, u_int16_t type, u_int32_t len, unsigned char *val)
 nfnl_build_nfa_iovec - Build two iovec's from tag, length and value More...
 
unsigned int nfnl_rcvbufsiz (const struct nfnl_handle *h, unsigned int size)
 nfnl_rcvbufsiz - set the socket buffer size : nfnetlink handler : size of the buffer we want to set More...
 
struct nlmsghdrnfnl_get_msg_first (struct nfnl_handle *h, const unsigned char *buf, size_t len)
 nfnl_get_msg_first - get the first message of a multipart netlink message : nfnetlink handle : data received that we want to process : size of the data received More...
 
struct nlmsghdrnfnl_get_msg_next (struct nfnl_handle *h, const unsigned char *buf, size_t len)
 
int nfnl_callback_register (struct nfnl_subsys_handle *ssh, u_int8_t type, struct nfnl_callback *cb)
 nfnl_callback_register - register a callback for a certain message type : nfnetlink subsys handler : subsys call : nfnetlink callback to be registered More...
 
int nfnl_callback_unregister (struct nfnl_subsys_handle *ssh, u_int8_t type)
 nfnl_callback_unregister - unregister a certain callback : nfnetlink subsys handler : subsys call More...
 
int nfnl_check_attributes (const struct nfnl_handle *h, const struct nlmsghdr *nlh, struct nfattr *nfa[])
 
int nfnl_handle_packet (struct nfnl_handle *h, char *buf, int len)
 
int nfnl_process (struct nfnl_handle *h, const unsigned char *buf, size_t len)
 nfnl_process - process data coming from a nfnetlink system : nfnetlink handler : buffer that contains the netlink message : size of the data contained in the buffer (not the buffer size) More...
 
struct nfnl_iteratornfnl_iterator_create (const struct nfnl_handle *h, const char *buf, size_t len)
 nfnl_iterator_create: create an nfnetlink iterator : nfnetlink handler : buffer that contains data received from a nfnetlink system : size of the data contained in the buffer (not the buffer size) More...
 
void nfnl_iterator_destroy (struct nfnl_iterator *it)
 nfnl_iterator_destroy - destroy a nfnetlink iterator : nfnetlink iterator More...
 
int nfnl_iterator_process (struct nfnl_handle *h, struct nfnl_iterator *it)
 nfnl_iterator_process - process a nfnetlink message : nfnetlink handler : nfnetlink iterator that contains the current message to be proccesed More...
 
int nfnl_iterator_next (const struct nfnl_handle *h, struct nfnl_iterator *it)
 nfnl_iterator_next - get the next message hold by the iterator : nfnetlink handler : nfnetlink iterator that contains the current message processed More...
 
int nfnl_catch (struct nfnl_handle *h)
 nfnl_catch - get responses from the nfnetlink system and process them : nfnetlink handler More...
 
int nfnl_query (struct nfnl_handle *h, struct nlmsghdr *nlh)
 nfnl_query - request/response communication challenge : nfnetlink handler : nfnetlink message to be sent More...
 

Macro Definition Documentation

#define NETLINK_ADD_MEMBERSHIP   1

Referenced by nfnl_join().

#define nfnl_debug_dump_packet (   a,
  b,
  ... 
)

Referenced by nfnl_send().

#define nfnl_error (   format,
  args... 
)    fprintf(stderr, "%s: " format "\n", __FUNCTION__, ## args)

Referenced by nfnl_listen(), and nfnl_talk().

#define NFNL_F_SEQTRACK_ENABLED   (1 << 0)
#define NFNL_MAX_SUBSYS   16 /* enough for now */

Referenced by nfnl_close().

#define SO_RCVBUFFORCE   (33)

Referenced by nfnl_rcvbufsiz().

#define SOL_NETLINK   270

Referenced by nfnl_join().

Function Documentation

int nfnl_addattr16 ( struct nlmsghdr n,
int  maxlen,
int  type,
u_int16_t  data 
)

nfnl_addattr16 - Add u_int16_t attribute to nlmsghdr


: netlink message header to which attribute is to be added : maximum length of netlink message header : type of new attribute : content of new attribute

References nfnl_addattr_l().

Referenced by nflog_set_flags().

Here is the call graph for this function:

Here is the caller graph for this function:

int nfnl_addattr32 ( struct nlmsghdr n,
int  maxlen,
int  type,
u_int32_t  data 
)

nfnl_addattr32 - Add u_int32_t attribute to nlmsghdr


: netlink message header to which attribute is to be added : maximum length of netlink message header : type of new attribute : content of new attribute

References nfnl_addattr_l().

Referenced by __build_expect(), __build_filter_dump(), nflog_set_nlbufsiz(), nflog_set_qthresh(), nflog_set_timeout(), and nfq_set_queue_flags().

Here is the call graph for this function:

Here is the caller graph for this function:

int nfnl_addattr8 ( struct nlmsghdr n,
int  maxlen,
int  type,
u_int8_t  data 
)

nfnl_addattr8 - Add u_int8_t attribute to nlmsghdr


: netlink message header to which attribute is to be added : maximum length of netlink message header : type of new attribute : content of new attribute

References nfnl_addattr_l().

Here is the call graph for this function:

int nfnl_addattr_l ( struct nlmsghdr n,
int  maxlen,
int  type,
const void *  data,
int  alen 
)

nfnl_addattr_l - Add variable length attribute to nlmsghdr
: netlink message header to which attribute is to be added : maximum length of netlink message header : type of new attribute : content of new attribute : attribute length

References len, NFA_ALIGN, NFA_DATA, nfattr::nfa_len, NFA_LENGTH, nfattr::nfa_type, NLMSG_ALIGN, nlmsghdr::nlmsg_len, NLMSG_TAIL, and type.

Referenced by nflog_set_mode(), nfnl_addattr16(), nfnl_addattr32(), nfnl_addattr8(), nfq_set_mode(), and nfq_set_queue_maxlen().

Here is the caller graph for this function:

void nfnl_build_nfa_iovec ( struct iovec *  iov,
struct nfattr nfa,
u_int16_t  type,
u_int32_t  len,
unsigned char *  val 
)

nfnl_build_nfa_iovec - Build two iovec's from tag, length and value

: pointer to array of two 'struct iovec' (caller-allocated) : pointer to 'struct nfattr' (caller-allocated) : type (tag) of attribute : length of value : pointer to buffer containing 'value'

References NFA_ALIGN, nfattr::nfa_len, nfattr::nfa_type, and type.

int nfnl_callback_register ( struct nfnl_subsys_handle ssh,
u_int8_t  type,
struct nfnl_callback cb 
)

nfnl_callback_register - register a callback for a certain message type : nfnetlink subsys handler : subsys call : nfnetlink callback to be registered

On success, 0 is returned. On error, -1 is returned and errno is set appropiately.

References nfnl_subsys_handle::cb, and nfnl_subsys_handle::cb_count.

Referenced by nfct_callback_register(), nfct_callback_register2(), nfexp_callback_register(), nfexp_callback_register2(), nflog_open_nfnl(), and nfq_open_nfnl().

Here is the caller graph for this function:

int nfnl_callback_unregister ( struct nfnl_subsys_handle ssh,
u_int8_t  type 
)

nfnl_callback_unregister - unregister a certain callback : nfnetlink subsys handler : subsys call

On sucess, 0 is returned. On error, -1 is returned and errno is set appropiately.

References nfnl_callback::call, nfnl_subsys_handle::cb, nfnl_subsys_handle::cb_count, NULL, and type.

Referenced by nfct_callback_unregister(), nfct_callback_unregister2(), nfexp_callback_unregister(), and nfexp_callback_unregister2().

Here is the caller graph for this function:

int nfnl_catch ( struct nfnl_handle h)

nfnl_catch - get responses from the nfnetlink system and process them : nfnetlink handler

This function handles the data received from the nfnetlink system. For example, events generated by one of the subsystems. The message is passed to the callback registered via callback_register(). Note that this a replacement of nfnl_listen and its use is recommended.

On success, 0 is returned. On error, a -1 is returned. If you do not want to listen to events anymore, then your callback must return NFNL_CB_STOP.

Note that ENOBUFS is returned in case that nfnetlink is exhausted. In that case is possible that the information requested is incomplete.

References __attribute__, buf, NFNL_CB_STOP, nfnl_process(), nfnl_recv(), and nfnl_handle::rcv_buffer_size.

Referenced by nfct_catch(), nfexp_catch(), and nfnl_query().

Here is the call graph for this function:

Here is the caller graph for this function:

int nfnl_close ( struct nfnl_handle nfnlh)

nfnl_close - close a nfnetlink handler : nfnetlink handler

This function closes the nfnetlink handler. On success, 0 is returned. On error, -1 is returned and errno is set appropiately.

References nfnl_handle::fd, NFNL_MAX_SUBSYS, nfnl_subsys_close(), and nfnl_handle::subsys.

Referenced by main(), nfct_close(), nfct_open(), nflog_close(), nflog_open(), nflog_open_nfnl(), nfq_close(), and nfq_open().

Here is the call graph for this function:

Here is the caller graph for this function:

void nfnl_dump_packet ( struct nlmsghdr nlh,
int  received_len,
char *  desc 
)
int nfnl_fd ( struct nfnl_handle h)

nfnl_fd - returns the descriptor that identifies the socket : nfnetlink handler

Use this function if you need to interact with the socket. Common scenarios are the use of poll()/select() to achieve multiplexation.

References nfnl_handle::fd.

Referenced by nfct_fd(), nflog_fd(), and nfq_fd().

Here is the caller graph for this function:

void nfnl_fill_hdr ( struct nfnl_subsys_handle ssh,
struct nlmsghdr nlh,
unsigned int  len,
u_int8_t  family,
u_int16_t  res_id,
u_int16_t  msg_type,
u_int16_t  msg_flags 
)

nfnl_fill_hdr - fill in netlink and nfnetlink header : nfnetlink handle : netlink message to be filled in : length of payload bytes (not including nfgenmsg) : AF_INET / ...

: resource id : nfnetlink message type (without subsystem) : netlink message flags

This function sets up appropiately the nfnetlink header. See that the pointer to the netlink message passed must point to a memory region of at least the size of struct nlmsghdr + struct nfgenmsg.

References nfnl_handle::flags, nfgenmsg::nfgen_family, NFNETLINK_V0, NFNL_F_SEQTRACK_ENABLED, nfnl_subsys_handle::nfnlh, nlmsghdr::nlmsg_flags, nlmsghdr::nlmsg_len, NLMSG_LENGTH, nlmsghdr::nlmsg_pid, nlmsghdr::nlmsg_seq, nlmsghdr::nlmsg_type, NULL, nfgenmsg::res_id, nfnl_handle::seq, nfnl_subsys_handle::subsys_id, and nfgenmsg::version.

Referenced by __build_conntrack(), __build_expect(), nflog_set_flags(), nflog_set_mode(), nflog_set_nlbufsiz(), nflog_set_qthresh(), nflog_set_timeout(), nfq_set_mode(), nfq_set_queue_flags(), and nfq_set_queue_maxlen().

Here is the caller graph for this function:

struct nlmsghdr* nfnl_get_msg_first ( struct nfnl_handle h,
const unsigned char *  buf,
size_t  len 
)

nfnl_get_msg_first - get the first message of a multipart netlink message : nfnetlink handle : data received that we want to process : size of the data received

This function returns a pointer to the first netlink message contained in the chunk of data received from certain nfnetlink subsystem.

On success, a valid address that points to the netlink message is returned. On error, NULL is returned.

References nfnl_handle::last_nlhdr, nlh, NLMSG_OK, and NULL.

Referenced by ipulog_get_packet().

Here is the caller graph for this function:

struct nlmsghdr* nfnl_get_msg_next ( struct nfnl_handle h,
const unsigned char *  buf,
size_t  len 
)

References nfnl_handle::last_nlhdr, nlh, NLM_F_MULTI, NLMSG_DONE, nlmsghdr::nlmsg_flags, NLMSG_NEXT, NLMSG_OK, nlmsghdr::nlmsg_type, and NULL.

Referenced by ipulog_get_packet().

Here is the caller graph for this function:

int nfnl_handle_packet ( struct nfnl_handle h,
char *  buf,
int  len 
)

References len, NLMSG_ALIGN, nlmsghdr::nlmsg_len, and NLMSG_SPACE.

Referenced by nflog_handle_packet(), and nfq_handle_packet().

Here is the caller graph for this function:

struct nfnl_iterator* nfnl_iterator_create ( const struct nfnl_handle h,
const char *  buf,
size_t  len 
)

nfnl_iterator_create: create an nfnetlink iterator : nfnetlink handler : buffer that contains data received from a nfnetlink system : size of the data contained in the buffer (not the buffer size)

This function creates an iterator that can be used to parse nfnetlink message one by one. The iterator gives more control to the programmer in the messages processing.

On success, a valid address is returned. On error, NULL is returned and errno is set to the appropiate value.

References len, nfnl_iterator::len, nlh, nfnl_iterator::nlh, NLMSG_OK, NLMSG_SPACE, and NULL.

void nfnl_iterator_destroy ( struct nfnl_iterator it)

nfnl_iterator_destroy - destroy a nfnetlink iterator : nfnetlink iterator

This function destroys a certain iterator. Nothing is returned.

int nfnl_iterator_next ( const struct nfnl_handle h,
struct nfnl_iterator it 
)

nfnl_iterator_next - get the next message hold by the iterator : nfnetlink handler : nfnetlink iterator that contains the current message processed

This function update the current message to be processed pointer. It returns NFNL_CB_CONTINUE if there is still more messages to be processed, otherwise NFNL_CB_STOP is returned.

References nfnl_iterator::len, nfnl_iterator::nlh, and NLMSG_NEXT.

int nfnl_iterator_process ( struct nfnl_handle h,
struct nfnl_iterator it 
)

nfnl_iterator_process - process a nfnetlink message : nfnetlink handler : nfnetlink iterator that contains the current message to be proccesed

This function process just the current message selected by the iterator. On success, a value greater or equal to zero is returned. On error, -1 is returned and errno is appropiately set.

References nfnl_iterator::len, nfnl_iterator::nlh, NLMSG_OK, nlmsghdr::nlmsg_seq, NLMSG_SPACE, and nfnl_handle::seq.

int nfnl_join ( const struct nfnl_handle nfnlh,
unsigned int  group 
)

nfnl_join - join a nfnetlink multicast group : nfnetlink handler : group we want to join

This function is used to join a certain multicast group. It must be called once the nfnetlink handler has been created. If any doubt, just use it if you have to listen to nfnetlink events.

On success, 0 is returned. On error, -1 is returned and errno is set approapiately.

References nfnl_handle::fd, NETLINK_ADD_MEMBERSHIP, and SOL_NETLINK.

int nfnl_listen ( struct nfnl_handle nfnlh,
int(*)(struct sockaddr_nl *, struct nlmsghdr *n, void *)  handler,
void *  jarg 
)

nfnl_listen: listen for one or more netlink messages : libnfnetlink handle : callback function to be called for every netlink message

  • the callback handler should normally return 0
  • but may return a negative error code which will cause nfnl_listen to return immediately with the same error code
  • or return a postivie error code which will cause nfnl_listen to return after it has finished processing all the netlink messages in the current packet Thus a positive error code will terminate nfnl_listen "soon" without any loss of data, a negative error code will terminate nfnl_listen "very soon" and throw away data already read from the netlink socket. : opaque argument passed on to callback

This function is used to receive and process messages coming from an open nfnetlink handler like events or information request via nfnl_send().

On error, -1 is returned, unfortunately errno is not always set appropiately. For that reason, the use of this function is DEPRECATED. Please, use nfnl_receive_process() instead.

References __attribute__, buf, nlmsgerr::error, nfnl_handle::fd, len, MSG_TRUNC, NFNL_BUFFSIZE, nfnl_error, sockaddr_nl::nl_family, NLMSG_ALIGN, NLMSG_DATA, NLMSG_DONE, NLMSG_ERROR, and nlmsghdr::nlmsg_len.

int nfnl_nfa_addattr16 ( struct nfattr nfa,
int  maxlen,
int  type,
u_int16_t  data 
)

nfnl_nfa_addattr16 - Add u_int16_t attribute to struct nfattr

: struct nfattr : maximal length of nfattr buffer : type for new attribute : content of new attribute

References nfnl_nfa_addattr_l().

Here is the call graph for this function:

int nfnl_nfa_addattr32 ( struct nfattr nfa,
int  maxlen,
int  type,
u_int32_t  data 
)

nfnl_nfa_addattr32 - Add u_int32_t attribute to struct nfattr

: struct nfattr : maximal length of nfattr buffer : type for new attribute : content of new attribute

References nfnl_nfa_addattr_l().

Here is the call graph for this function:

int nfnl_nfa_addattr_l ( struct nfattr nfa,
int  maxlen,
int  type,
const void *  data,
int  alen 
)

nfnl_nfa_addattr_l - Add variable length attribute to struct nfattr

: struct nfattr : maximal length of nfattr buffer : type for new attribute : content of new attribute : length of new attribute

References len, NFA_ALIGN, NFA_DATA, nfattr::nfa_len, NFA_LENGTH, nfattr::nfa_type, and type.

Referenced by nfnl_nfa_addattr16(), and nfnl_nfa_addattr32().

Here is the caller graph for this function:

struct nfnl_handle* nfnl_open ( void  )

nfnl_open - open a nfnetlink handler

This function creates a nfnetlink handler, this is required to establish a communication between the userspace and the nfnetlink system.

On success, a valid address that points to a nfnl_handle structure is returned. On error, NULL is returned and errno is set approapiately.

References nfnl_handle::fd, nfnl_handle::flags, nfnl_handle::local, NETLINK_NETFILTER, NFNL_BUFFSIZE, NFNL_F_SEQTRACK_ENABLED, sockaddr_nl::nl_family, NULL, nfnl_handle::peer, nfnl_handle::rcv_buffer_size, and nfnl_handle::seq.

Referenced by main(), nfct_open(), nflog_open(), and nfq_open().

Here is the caller graph for this function:

int nfnl_parse_attr ( struct nfattr tb[],
int  max,
struct nfattr nfa,
int  len 
)

nfnl_parse_attr - Parse a list of nfattrs into a pointer array

: pointer array, will be filled in (output) : size of pointer array : pointer to list of nfattrs : length of 'nfa'

The returned value is equal to the number of remaining bytes of the netlink message that cannot be parsed.

References len, NFA_NEXT, NFA_OK, and NFA_TYPE.

struct nfattr* nfnl_parse_hdr ( const struct nfnl_handle nfnlh,
const struct nlmsghdr nlh,
struct nfgenmsg **  genmsg 
)
unsigned int nfnl_portid ( const struct nfnl_handle h)

nfnl_portid - returns the Netlink port ID of this socket : nfnetlink handler

References nfnl_handle::local, and sockaddr_nl::nl_pid.

Referenced by origin_register(), and origin_unregister().

Here is the caller graph for this function:

int nfnl_process ( struct nfnl_handle h,
const unsigned char *  buf,
size_t  len 
)

nfnl_process - process data coming from a nfnetlink system : nfnetlink handler : buffer that contains the netlink message : size of the data contained in the buffer (not the buffer size)

This function processes all the nfnetlink messages contained inside a buffer. It performs the appropiate sanity checks and passes the message to a certain handler that is registered via register_callback().

On success, NFNL_CB_STOP is returned if the data processing has finished. If a value NFNL_CB_CONTINUE is returned, then there is more data to process. On error, NFNL_CB_CONTINUE is returned and errno is set to the appropiate value.

In case that the callback returns NFNL_CB_FAILURE, errno may be set by the library client. If your callback decides not to process data anymore for any reason, then it must return NFNL_CB_STOP. Otherwise, if the callback continues the processing NFNL_CB_CONTINUE is returned.

References NFNL_CB_STOP, NLMSG_NEXT, NLMSG_OK, nlmsghdr::nlmsg_seq, NLMSG_SPACE, and nfnl_handle::seq.

Referenced by nfnl_catch().

Here is the caller graph for this function:

int nfnl_query ( struct nfnl_handle h,
struct nlmsghdr nlh 
)

nfnl_query - request/response communication challenge : nfnetlink handler : nfnetlink message to be sent

This function sends a nfnetlink message to a certain subsystem and receives the response messages associated, such messages are passed to the callback registered via register_callback(). Note that this function is a replacement for nfnl_talk, its use is recommended.

On success, 0 is returned. On error, a negative is returned. If your does not want to listen to events anymore, then your callback must return NFNL_CB_STOP.

Note that ENOBUFS is returned in case that nfnetlink is exhausted. In that case is possible that the information requested is incomplete.

References nfnl_catch(), and nfnl_send().

Referenced by nfct_query(), nfexp_query(), nflog_set_flags(), nflog_set_mode(), nflog_set_nlbufsiz(), nflog_set_qthresh(), nflog_set_timeout(), nfq_set_mode(), nfq_set_queue_flags(), and nfq_set_queue_maxlen().

Here is the call graph for this function:

Here is the caller graph for this function:

unsigned int nfnl_rcvbufsiz ( const struct nfnl_handle h,
unsigned int  size 
)

nfnl_rcvbufsiz - set the socket buffer size : nfnetlink handler : size of the buffer we want to set

This function sets the new size of the socket buffer. Use this setting to increase the socket buffer size if your system is reporting ENOBUFS errors.

This function returns the new size of the socket buffer.

References nfnl_handle::fd, size, and SO_RCVBUFFORCE.

Referenced by main(), nflog_set_nlbufsiz(), nl_init_event_handler(), and nl_resize_socket_buffer().

Here is the caller graph for this function:

ssize_t nfnl_recv ( const struct nfnl_handle h,
unsigned char *  buf,
size_t  len 
)

nfnl_recv - receive data from a nfnetlink subsystem : nfnetlink handler : buffer where the data will be stored : size of the buffer

This function doesn't perform any sanity checking. So do no expect that the data is well-formed. Such checkings are done by the parsing functions.

On success, 0 is returned. On error, -1 is returned and errno is set appropiately.

Note that ENOBUFS is returned in case that nfnetlink is exhausted. In that case is possible that the information requested is incomplete.

References nfnl_handle::fd, sockaddr_nl::nl_pid, and nfnl_handle::peer.

Referenced by ipulog_read(), and nfnl_catch().

Here is the caller graph for this function:

int nfnl_send ( struct nfnl_handle nfnlh,
struct nlmsghdr n 
)

nfnl_send - send a nfnetlink message through netlink socket : nfnetlink handler
: netlink message

On success, the number of bytes is returned. On error, -1 is returned and errno is set appropiately.

References nfnl_handle::fd, nfnl_debug_dump_packet, nlmsghdr::nlmsg_len, and nfnl_handle::peer.

Referenced by nfct_send(), nfexp_send(), and nfnl_query().

Here is the caller graph for this function:

int nfnl_sendiov ( const struct nfnl_handle nfnlh,
const struct iovec *  iov,
unsigned int  num,
unsigned int  flags 
)

References nfnl_sendmsg(), NULL, and nfnl_handle::peer.

Here is the call graph for this function:

int nfnl_sendmsg ( const struct nfnl_handle nfnlh,
const struct msghdr *  msg,
unsigned int  flags 
)

References nfnl_handle::fd.

Referenced by nfnl_sendiov().

Here is the caller graph for this function:

void nfnl_set_rcv_buffer_size ( struct nfnl_handle h,
unsigned int  size 
)

nfnl_set_rcv_buffer_size - set the size of the receive buffer : libnfnetlink handler : buffer size

This function sets the size of the receive buffer size, i.e. the size of the buffer used by nfnl_recv. Default value is 4096 bytes.

References nfnl_handle::rcv_buffer_size, and size.

void nfnl_set_sequence_tracking ( struct nfnl_handle h)

nfnl_set_sequence_tracking - set netlink sequence tracking : nfnetlink handler

References nfnl_handle::flags, and NFNL_F_SEQTRACK_ENABLED.

void nfnl_subsys_close ( struct nfnl_subsys_handle ssh)

nfnl_subsys_close - close a nfnetlink subsys handler : nfnetlink subsystem handler

Release all the callbacks registered in a subsystem handler.

References nfnl_subsys_handle::cb, nfnl_subsys_handle::cb_count, NULL, and nfnl_subsys_handle::subscriptions.

Referenced by main(), nfct_close(), nfct_open_nfnl(), nfnl_close(), and nfq_open_nfnl().

Here is the caller graph for this function:

struct nfnl_subsys_handle* nfnl_subsys_open ( struct nfnl_handle nfnlh,
u_int8_t  subsys_id,
u_int8_t  cb_count,
u_int32_t  subscriptions 
)

nfnl_subsys_open - open a netlink subsystem : libnfnetlink handle : which nfnetlink subsystem we are interested in : number of callbacks that are used maximum.

: netlink groups we want to be subscribed to

This function creates a subsystem handler that contains the set of callbacks that handle certain types of messages coming from a netfilter subsystem. Initially the callback set is empty, you can register callbacks via nfnl_callback_register().

On error, NULL is returned and errno is set appropiately. On success, a valid address that points to a nfnl_subsys_handle structure is returned.

References nfnl_subsys_handle::cb, nfnl_subsys_handle::cb_count, nfnl_subsys_handle::nfnlh, NULL, nfnl_subsys_handle::subscriptions, nfnl_handle::subsys, and nfnl_subsys_handle::subsys_id.

int nfnl_talk ( struct nfnl_handle nfnlh,
struct nlmsghdr n,
pid_t  peer,
unsigned  groups,
struct nlmsghdr answer,
int(*)(struct sockaddr_nl *, struct nlmsghdr *n, void *)  junk,
void *  jarg 
)

nfnl_talk - send a request and then receive and process messages returned : nfnetelink handler
: netlink message that contains the request : peer PID : netlink groups : callback called if out-of-sequence messages were received : data for the junk callback

This function is used to request an action that does not returns any information. On error, a negative value is returned, errno could be set appropiately. For that reason, the use of this function is DEPRECATED. Please, use nfnl_query() instead.

References __attribute__, buf, nlmsgerr::error, nfnl_handle::fd, len, nfnl_handle::local, MSG_TRUNC, NFNL_BUFFSIZE, nfnl_error, sockaddr_nl::nl_family, sockaddr_nl::nl_groups, sockaddr_nl::nl_pid, NLM_F_ACK, NLMSG_ALIGN, NLMSG_DATA, NLMSG_ERROR, nlmsghdr::nlmsg_flags, nlmsghdr::nlmsg_len, nlmsghdr::nlmsg_seq, and nfnl_handle::seq.

void nfnl_unset_sequence_tracking ( struct nfnl_handle h)

nfnl_unset_sequence_tracking - set netlink sequence tracking : nfnetlink handler

References nfnl_handle::flags, and NFNL_F_SEQTRACK_ENABLED.

Referenced by nflog_open(), and nfq_open().

Here is the caller graph for this function: