1 /* SPDX-License-Identifier: GPL-2.0 */ 2 #ifndef _NF_LOG_H 3 #define _NF_LOG_H 4 5 #include <linux/netfilter.h> 6 #include <linux/netfilter/nf_log.h> 7 8 /* Log tcp sequence, tcp options, ip options and uid owning local socket */ 9 #define NF_LOG_DEFAULT_MASK 0x0f 10 11 /* This flag indicates that copy_len field in nf_loginfo is set */ 12 #define NF_LOG_F_COPY_LEN 0x1 13 14 enum nf_log_type { 15 NF_LOG_TYPE_LOG = 0, 16 NF_LOG_TYPE_ULOG, 17 NF_LOG_TYPE_MAX 18 }; 19 20 struct nf_loginfo { 21 u_int8_t type; 22 union { 23 struct { 24 /* copy_len will be used iff you set 25 * NF_LOG_F_COPY_LEN in flags 26 */ 27 u_int32_t copy_len; 28 u_int16_t group; 29 u_int16_t qthreshold; 30 u_int16_t flags; 31 } ulog; 32 struct { 33 u_int8_t level; 34 u_int8_t logflags; 35 } log; 36 } u; 37 }; 38 39 typedef void nf_logfn(struct net *net, 40 u_int8_t pf, 41 unsigned int hooknum, 42 const struct sk_buff *skb, 43 const struct net_device *in, 44 const struct net_device *out, 45 const struct nf_loginfo *li, 46 const char *prefix); 47 48 struct nf_logger { 49 char *name; 50 enum nf_log_type type; 51 nf_logfn *logfn; 52 struct module *me; 53 }; 54 55 /* sysctl_nf_log_all_netns - allow LOG target in all network namespaces */ 56 extern int sysctl_nf_log_all_netns; 57 58 /* Function to register/unregister log function. */ 59 int nf_log_register(u_int8_t pf, struct nf_logger *logger); 60 void nf_log_unregister(struct nf_logger *logger); 61 62 int nf_log_set(struct net *net, u_int8_t pf, const struct nf_logger *logger); 63 void nf_log_unset(struct net *net, const struct nf_logger *logger); 64 65 int nf_log_bind_pf(struct net *net, u_int8_t pf, 66 const struct nf_logger *logger); 67 void nf_log_unbind_pf(struct net *net, u_int8_t pf); 68 69 int nf_logger_find_get(int pf, enum nf_log_type type); 70 void nf_logger_put(int pf, enum nf_log_type type); 71 void nf_logger_request_module(int pf, enum nf_log_type type); 72 73 #define MODULE_ALIAS_NF_LOGGER(family, type) \ 74 MODULE_ALIAS("nf-logger-" __stringify(family) "-" __stringify(type)) 75 76 /* Calls the registered backend logging function */ 77 __printf(8, 9) 78 void nf_log_packet(struct net *net, 79 u_int8_t pf, 80 unsigned int hooknum, 81 const struct sk_buff *skb, 82 const struct net_device *in, 83 const struct net_device *out, 84 const struct nf_loginfo *li, 85 const char *fmt, ...); 86 87 __printf(8, 9) 88 void nf_log_trace(struct net *net, 89 u_int8_t pf, 90 unsigned int hooknum, 91 const struct sk_buff *skb, 92 const struct net_device *in, 93 const struct net_device *out, 94 const struct nf_loginfo *li, 95 const char *fmt, ...); 96 97 struct nf_log_buf; 98 99 struct nf_log_buf *nf_log_buf_open(void); 100 __printf(2, 3) int nf_log_buf_add(struct nf_log_buf *m, const char *f, ...); 101 void nf_log_buf_close(struct nf_log_buf *m); 102 103 /* common logging functions */ 104 int nf_log_dump_udp_header(struct nf_log_buf *m, const struct sk_buff *skb, 105 u8 proto, int fragment, unsigned int offset); 106 int nf_log_dump_tcp_header(struct nf_log_buf *m, const struct sk_buff *skb, 107 u8 proto, int fragment, unsigned int offset, 108 unsigned int logflags); 109 void nf_log_dump_sk_uid_gid(struct net *net, struct nf_log_buf *m, 110 struct sock *sk); 111 void nf_log_dump_vlan(struct nf_log_buf *m, const struct sk_buff *skb); 112 void nf_log_dump_packet_common(struct nf_log_buf *m, u_int8_t pf, 113 unsigned int hooknum, const struct sk_buff *skb, 114 const struct net_device *in, 115 const struct net_device *out, 116 const struct nf_loginfo *loginfo, 117 const char *prefix); 118 void nf_log_l2packet(struct net *net, u_int8_t pf, 119 __be16 protocol, 120 unsigned int hooknum, 121 const struct sk_buff *skb, 122 const struct net_device *in, 123 const struct net_device *out, 124 const struct nf_loginfo *loginfo, const char *prefix); 125 126 #endif /* _NF_LOG_H */ 127