.TH "Parsing" 3 "Wed Aug 9 2023" "Version 1.0.2" "libnetfilter_log" \" -*- nroff -*- .ad l .nh .SH NAME nflog_get_msg_packet_hdr, nflog_get_hwtype, nflog_get_msg_packet_hwhdrlen, nflog_get_msg_packet_hwhdr, nflog_get_nfmark, nflog_get_timestamp, nflog_get_indev, nflog_get_physindev, nflog_get_outdev, nflog_get_physoutdev, nflog_get_packet_hw, nflog_get_payload, nflog_get_prefix, nflog_get_uid, nflog_get_gid, nflog_get_seq, nflog_get_seq_global, nflog_get_ctid \- Message parsing functions .SH SYNOPSIS .nf \fB #include #include .in +1c .ti -1c .RI "struct nfulnl_msg_packet_hdr * \fBnflog_get_msg_packet_hdr\fP (struct nflog_data *nfad)" .br .ti -1c .RI "uint16_t \fBnflog_get_hwtype\fP (struct nflog_data *nfad)" .br .ti -1c .RI "uint16_t \fBnflog_get_msg_packet_hwhdrlen\fP (struct nflog_data *nfad)" .br .ti -1c .RI "char * \fBnflog_get_msg_packet_hwhdr\fP (struct nflog_data *nfad)" .br .ti -1c .RI "uint32_t \fBnflog_get_nfmark\fP (struct nflog_data *nfad)" .br .ti -1c .RI "int \fBnflog_get_timestamp\fP (struct nflog_data *nfad, struct timeval *tv)" .br .ti -1c .RI "uint32_t \fBnflog_get_indev\fP (struct nflog_data *nfad)" .br .ti -1c .RI "uint32_t \fBnflog_get_physindev\fP (struct nflog_data *nfad)" .br .ti -1c .RI "uint32_t \fBnflog_get_outdev\fP (struct nflog_data *nfad)" .br .ti -1c .RI "uint32_t \fBnflog_get_physoutdev\fP (struct nflog_data *nfad)" .br .ti -1c .RI "struct nfulnl_msg_packet_hw * \fBnflog_get_packet_hw\fP (struct nflog_data *nfad)" .br .ti -1c .RI "int \fBnflog_get_payload\fP (struct nflog_data *nfad, char **data)" .br .ti -1c .RI "char * \fBnflog_get_prefix\fP (struct nflog_data *nfad)" .br .ti -1c .RI "int \fBnflog_get_uid\fP (struct nflog_data *nfad, uint32_t *uid)" .br .ti -1c .RI "int \fBnflog_get_gid\fP (struct nflog_data *nfad, uint32_t *gid)" .br .ti -1c .RI "int \fBnflog_get_seq\fP (struct nflog_data *nfad, uint32_t *seq)" .br .ti -1c .RI "int \fBnflog_get_seq_global\fP (struct nflog_data *nfad, uint32_t *seq)" .br .ti -1c .RI "int \fBnflog_get_ctid\fP (struct nflog_data *nfad, uint32_t *id)" .br .in -1c .SH "Function Documentation" .PP .SS "int nflog_get_ctid (struct nflog_data * nfad, uint32_t * id)" nflog_get_ct_id - get the conntrack id .PP \fBParameters\fP .RS 4 \fInfad\fP Netlink packet data handle passed to callback function .br \fIid\fP conntrack id, if the function returns zero .RE .PP You must enable this via \fBnflog_set_flags()\fP\&. .PP \fBReturns\fP .RS 4 0 on success or -1 if conntrack itself or its id was unavailable .RE .PP .PP Definition at line \fB990\fP of file \fBlibnetfilter_log\&.c\fP\&. .SS "int nflog_get_gid (struct nflog_data * nfad, uint32_t * gid)" nflog_get_gid - get the GID of the user that has generated the packet .PP \fBParameters\fP .RS 4 \fInfad\fP Netlink packet data handle passed to callback function .br \fIgid\fP GID of the user that generated the packet, if the function returns zero .RE .PP \fBReturns\fP .RS 4 0 on success or -1 if GID was unavailable (\fBgid\fP is then invalid) .RE .PP .PP Definition at line \fB932\fP of file \fBlibnetfilter_log\&.c\fP\&. .SS "uint16_t nflog_get_hwtype (struct nflog_data * nfad)" nflog_get_hwtype - get the hardware link layer type from logging data .PP \fBParameters\fP .RS 4 \fInfad\fP pointer to logging data .RE .PP \fBReturns\fP .RS 4 the hardware link layer type\&. .RE .PP .PP Definition at line \fB724\fP of file \fBlibnetfilter_log\&.c\fP\&. .SS "uint32_t nflog_get_indev (struct nflog_data * nfad)" nflog_get_indev - get the interface that the packet was received through .PP \fBParameters\fP .RS 4 \fInfad\fP Netlink packet data handle passed to callback function .RE .PP \fBReturns\fP .RS 4 The index of the device the packet was received via\&. If the returned index is 0, the packet was locally generated or the input interface is not known (ie\&. POSTROUTING?)\&. .RE .PP \fBWarning\fP .RS 4 all nflog_get_dev() functions return 0 if not set, since Linux only allows ifindex >= 1, see net/core/dev\&.c:9819 (in 5\&.14\&.3) .RE .PP .PP Definition at line \fB799\fP of file \fBlibnetfilter_log\&.c\fP\&. .SS "struct nfulnl_msg_packet_hdr * nflog_get_msg_packet_hdr (struct nflog_data * nfad)" nflog_get_msg_packet_hdr - return the metaheader that wraps the packet .PP \fBParameters\fP .RS 4 \fInfad\fP Netlink packet data handle passed to callback function .RE .PP \fBReturns\fP .RS 4 the netfilter log netlink packet header for the given nflog_data argument\&. Typically, the nflog_data value is passed as the 3rd parameter to the callback function set by a call to \fBnflog_callback_register()\fP\&. .RE .PP The nfulnl_msg_packet_hdr structure is defined in libnetfilter_log\&.h as: .PP .nf struct nfulnl_msg_packet_hdr { uint16_t hw_protocol; // hw protocol (network order) uint8_t hook; // netfilter hook uint8_t _pad; } __attribute__ ((packed)); .fi .PP .PP Definition at line \fB712\fP of file \fBlibnetfilter_log\&.c\fP\&. .SS "char * nflog_get_msg_packet_hwhdr (struct nflog_data * nfad)" nflog_get_msg_packet_hwhdr - get the hardware link layer header .PP \fBParameters\fP .RS 4 \fInfad\fP pointer to logging data .RE .PP \fBReturns\fP .RS 4 the hardware link layer header .RE .PP .PP Definition at line \fB746\fP of file \fBlibnetfilter_log\&.c\fP\&. .SS "uint16_t nflog_get_msg_packet_hwhdrlen (struct nflog_data * nfad)" nflog_get_hwhdrlen - get the length of the hardware link layer header .PP \fBParameters\fP .RS 4 \fInfad\fP pointer to logging data .RE .PP \fBReturns\fP .RS 4 the size of the hardware link layer header .RE .PP .PP Definition at line \fB735\fP of file \fBlibnetfilter_log\&.c\fP\&. .SS "uint32_t nflog_get_nfmark (struct nflog_data * nfad)" nflog_get_nfmark - get the packet mark .PP \fBParameters\fP .RS 4 \fInfad\fP Netlink packet data handle passed to callback function .RE .PP \fBReturns\fP .RS 4 the netfilter mark currently assigned to the logged packet\&. .RE .PP .PP Definition at line \fB757\fP of file \fBlibnetfilter_log\&.c\fP\&. .SS "uint32_t nflog_get_outdev (struct nflog_data * nfad)" nflog_get_outdev - gets the interface that the packet will be routed to .PP \fBParameters\fP .RS 4 \fInfad\fP Netlink packet data handle passed to callback function .RE .PP \fBReturns\fP .RS 4 The index of the device the packet will be sent to\&. If the returned index is 0, the packet is destined for localhost or the output interface is not yet known (ie\&. PREROUTING?)\&. .RE .PP .PP Definition at line \fB826\fP of file \fBlibnetfilter_log\&.c\fP\&. .SS "struct nfulnl_msg_packet_hw * nflog_get_packet_hw (struct nflog_data * nfad)" nflog_get_packet_hw - get hardware address .PP \fBParameters\fP .RS 4 \fInfad\fP Netlink packet data handle passed to callback function .RE .PP Retrieves the hardware address associated with the given packet\&. For ethernet packets, the hardware address returned (if any) will be the MAC address of the packet source host\&. The destination MAC address is not known until after POSTROUTING and a successful ARP request, so cannot currently be retrieved\&. .PP The nfulnl_msg_packet_hw structure is defined in libnetfilter_log\&.h as: .PP .nf struct nfulnl_msg_packet_hw { uint16_t hw_addrlen; // Network Byte Order uint16_t _pad; uint8_t hw_addr[8]; } __attribute__ ((packed)); .fi .PP .PP \fBReturns\fP .RS 4 Pointer to struct nfulnl_msg_packet_hw from originating host or NULL if none available (e\&.g\&. locally-originated packet not for \fBlo\fP interface)\&. .RE .PP .PP Definition at line \fB867\fP of file \fBlibnetfilter_log\&.c\fP\&. .SS "int nflog_get_payload (struct nflog_data * nfad, char ** data)" nflog_get_payload - get payload of the logged packet .PP \fBParameters\fP .RS 4 \fInfad\fP Netlink packet data handle passed to callback function .br \fIdata\fP Pointer of pointer that will be pointed to the payload .RE .PP Retrieve the payload for a logged packet\&. The actual amount and type of data retrieved by this function will depend on the mode set with the \fBnflog_set_mode()\fP function\&. .PP \fBReturns\fP .RS 4 payload length, or -1 if this is not available .RE .PP .PP Definition at line \fB884\fP of file \fBlibnetfilter_log\&.c\fP\&. .SS "uint32_t nflog_get_physindev (struct nflog_data * nfad)" nflog_get_physindev - get the physical interface that the packet was received through .PP \fBParameters\fP .RS 4 \fInfad\fP Netlink packet data handle passed to callback function .RE .PP \fBReturns\fP .RS 4 The index of the physical device the packet was received via\&. If the returned index is 0, the packet was locally generated or the physical input interface is no longer known (ie\&. POSTROUTING?)\&. .RE .PP .PP Definition at line \fB813\fP of file \fBlibnetfilter_log\&.c\fP\&. .SS "uint32_t nflog_get_physoutdev (struct nflog_data * nfad)" nflog_get_physoutdev - get the physical interface for packet output .PP \fBParameters\fP .RS 4 \fInfad\fP Netlink packet data handle passed to callback function .RE .PP \fBReturns\fP .RS 4 Index of physical device the packet will be routed to\&. If the returned index is 0, the packet is destined for localhost or the physical output interface is not yet known (ie\&. PREROUTING?)\&. .RE .PP .PP Definition at line \fB839\fP of file \fBlibnetfilter_log\&.c\fP\&. .SS "char * nflog_get_prefix (struct nflog_data * nfad)" nflog_get_prefix - get the logging string prefix .PP \fBParameters\fP .RS 4 \fInfad\fP Netlink packet data handle passed to callback function .RE .PP \fBReturns\fP .RS 4 the string prefix that is specified as argument to the iptables' NFLOG target or NULL if this is not available\&. .RE .PP .PP Definition at line \fB900\fP of file \fBlibnetfilter_log\&.c\fP\&. .SS "int nflog_get_seq (struct nflog_data * nfad, uint32_t * seq)" nflog_get_seq - get the local nflog sequence number .PP \fBParameters\fP .RS 4 \fInfad\fP Netlink packet data handle passed to callback function .br \fIseq\fP local nflog sequence number, if the function returns zero .RE .PP You must enable this via \fBnflog_set_flags()\fP\&. .PP \fBReturns\fP .RS 4 0 on success or -1 if sequence number was unavailable (\fBseq\fP is then invalid) .RE .PP .PP Definition at line \fB952\fP of file \fBlibnetfilter_log\&.c\fP\&. .SS "int nflog_get_seq_global (struct nflog_data * nfad, uint32_t * seq)" nflog_get_seq_global - get the global nflog sequence number .PP \fBParameters\fP .RS 4 \fInfad\fP Netlink packet data handle passed to callback function .br \fIseq\fP global nflog sequence number, if the function returns zero .RE .PP You must enable this via \fBnflog_set_flags()\fP\&. .PP \fBReturns\fP .RS 4 0 on success or -1 if sequence number was unavailable (\fBseq\fP is then invalid) .RE .PP .PP Definition at line \fB972\fP of file \fBlibnetfilter_log\&.c\fP\&. .SS "int nflog_get_timestamp (struct nflog_data * nfad, struct timeval * tv)" nflog_get_timestamp - get the packet timestamp .PP \fBParameters\fP .RS 4 \fInfad\fP Netlink packet data handle passed to callback function .br \fItv\fP structure to fill with timestamp info .RE .PP Retrieves the received timestamp from the given logged packet\&. .PP \fBReturns\fP .RS 4 0 on success, -1 on failure with \fBerrno\fP set\&. .RE .PP \fBErrors\fP .RS 4 from underlying calls, in exceptional circumstances .RE .PP .PP Definition at line \fB773\fP of file \fBlibnetfilter_log\&.c\fP\&. .SS "int nflog_get_uid (struct nflog_data * nfad, uint32_t * uid)" nflog_get_uid - get the UID of the user that generated the packet .PP \fBParameters\fP .RS 4 \fInfad\fP Netlink packet data handle passed to callback function .br \fIuid\fP UID of the user that generated the packet, if the function returns zero .RE .PP \fBReturns\fP .RS 4 0 on success or -1 if UID was unavailable (\fBuid\fP is then invalid) .RE .PP .PP Definition at line \fB914\fP of file \fBlibnetfilter_log\&.c\fP\&. .SH "Author" .PP Generated automatically by Doxygen for libnetfilter_log from the source code\&.