1616#include <linux/netfilter.h>
1717#include <linux/netfilter/nfnetlink.h>
1818#include <linux/ip.h>
19+ #include <linux/in.h>
20+ #include <linux/if.h>
21+ #include <linux/ipv6.h>
1922#include <linux/tcp.h>
2023#include <linux/udp.h>
2124#include <linux/icmp.h>
22- #include <net/if.h>
25+ #include <linux/icmpv6.h>
26+ #include <linux/if_ether.h>
2327#include <sys/ioctl.h>
2428#include <sys/socket.h>
2529#include <sys/select.h>
@@ -48,6 +52,12 @@ static int parse_attr_cb(const struct nlattr *attr, void *data)
4852 return MNL_CB_OK ;
4953
5054 switch (type ) {
55+ case NFULA_HWTYPE :
56+ if (mnl_attr_validate (attr , MNL_TYPE_U16 ) < 0 ) {
57+ perror ("mnl_attr_validate" );
58+ return MNL_CB_ERROR ;
59+ }
60+ break ;
5161 case NFULA_MARK :
5262 case NFULA_IFINDEX_INDEV :
5363 case NFULA_IFINDEX_OUTDEV :
@@ -72,6 +82,13 @@ static int parse_attr_cb(const struct nlattr *attr, void *data)
7282 return MNL_CB_ERROR ;
7383 }
7484 break ;
85+ case NFULA_PACKET_HDR :
86+ if (mnl_attr_validate2 (attr , MNL_TYPE_UNSPEC ,
87+ sizeof (struct nfulnl_msg_packet_hdr )) < 0 ) {
88+ perror ("mnl_attr_validate" );
89+ return MNL_CB_ERROR ;
90+ }
91+ break ;
7592 case NFULA_PREFIX :
7693 if (mnl_attr_validate (attr , MNL_TYPE_NUL_STRING ) < 0 ) {
7794 perror ("mnl_attr_validate" );
@@ -173,48 +190,91 @@ static int log_cb(const struct nlmsghdr *nlh, void *data)
173190 printf ("OUT= " );
174191 }
175192
193+ uint16_t hwProtocol = 0 ;
194+ if (tb [NFULA_PACKET_HDR ]) {
195+ struct nfulnl_msg_packet_hdr * pktHdr = (struct nfulnl_msg_packet_hdr * )mnl_attr_get_payload (tb [NFULA_PACKET_HDR ]);
196+ hwProtocol = ntohs (pktHdr -> hw_protocol );
197+ }
198+
176199 if (tb [NFULA_PAYLOAD ]) {
177- struct iphdr * iph = (struct iphdr * ) mnl_attr_get_payload (tb [NFULA_PAYLOAD ]);
178-
179- printf ("SRC=%u.%u.%u.%u DST=%u.%u.%u.%u " ,
180- ((unsigned char * )& iph -> saddr )[0 ],
181- ((unsigned char * )& iph -> saddr )[1 ],
182- ((unsigned char * )& iph -> saddr )[2 ],
183- ((unsigned char * )& iph -> saddr )[3 ],
184- ((unsigned char * )& iph -> daddr )[0 ],
185- ((unsigned char * )& iph -> daddr )[1 ],
186- ((unsigned char * )& iph -> daddr )[2 ],
187- ((unsigned char * )& iph -> daddr )[3 ]);
188-
189- printf ("LEN=%u " , ntohs (iph -> tot_len ));
190-
191- switch (iph -> protocol )
192- {
193- case IPPROTO_TCP :
194- {
195- struct tcphdr * th = (struct tcphdr * ) ((__u32 * ) iph + iph -> ihl );
196- printf ("PROTO=TCP SPT=%u DPT=%u " ,
197- ntohs (th -> source ), ntohs (th -> dest ));
198- break ;
199- }
200- case IPPROTO_UDP :
201- {
202- struct udphdr * uh = (struct udphdr * ) ((__u32 * ) iph + iph -> ihl );
203- printf ("PROTO=UDP SPT=%u DPT=%u LEN=%u " ,
204- ntohs (uh -> source ), ntohs (uh -> dest ), ntohs (uh -> len ));
205- break ;
206- }
207- case IPPROTO_ICMP :
200+
201+ switch (hwProtocol ) {
202+ case ETH_P_IP : {
203+ struct iphdr * iph = (struct iphdr * ) mnl_attr_get_payload (tb [NFULA_PAYLOAD ]);
204+
205+ char addressStr [INET_ADDRSTRLEN ];
206+ inet_ntop (AF_INET , & iph -> saddr , addressStr , sizeof (addressStr ));
207+ printf ("SRC=%s " , addressStr );
208+ inet_ntop (AF_INET , & iph -> daddr , addressStr , sizeof (addressStr ));
209+ printf ("DST=%s " , addressStr );
210+
211+ printf ("LEN=%u " , ntohs (iph -> tot_len ));
212+
213+ switch (iph -> protocol )
208214 {
209- struct icmphdr * ich = (struct icmphdr * ) ((__u32 * ) iph + iph -> ihl );
210- printf ("PROTO=ICMP TYPE=%u CODE=%u " ,
211- ich -> type , ich -> code );
212- break ;
215+ case IPPROTO_TCP :
216+ {
217+ struct tcphdr * th = (struct tcphdr * ) ((__u32 * ) iph + iph -> ihl );
218+ printf ("PROTO=TCP SPT=%u DPT=%u " ,
219+ ntohs (th -> source ), ntohs (th -> dest ));
220+ break ;
221+ }
222+ case IPPROTO_UDP :
223+ {
224+ struct udphdr * uh = (struct udphdr * ) ((__u32 * ) iph + iph -> ihl );
225+ printf ("PROTO=UDP SPT=%u DPT=%u LEN=%u " ,
226+ ntohs (uh -> source ), ntohs (uh -> dest ), ntohs (uh -> len ));
227+ break ;
228+ }
229+ case IPPROTO_ICMP :
230+ {
231+ struct icmphdr * ich = (struct icmphdr * ) ((__u32 * ) iph + iph -> ihl );
232+ printf ("PROTO=ICMP TYPE=%u CODE=%u " ,
233+ ich -> type , ich -> code );
234+ break ;
235+ }
236+ default :
237+ {
238+ printf ("PROTO=%u " , iph -> protocol );
239+ }
213240 }
214- default :
215- {
216- printf ("PROTO=%u " , iph -> protocol );
241+ break ;
242+ }
243+ case ETH_P_IPV6 : {
244+ struct ipv6hdr * iph = (struct ipv6hdr * ) mnl_attr_get_payload (tb [NFULA_PAYLOAD ]);
245+
246+ char addressStr [INET6_ADDRSTRLEN ];
247+ inet_ntop (AF_INET6 , & iph -> saddr , addressStr , sizeof (addressStr ));
248+ printf ("SRC=%s " , addressStr );
249+ inet_ntop (AF_INET6 , & iph -> daddr , addressStr , sizeof (addressStr ));
250+ printf ("DST=%s " , addressStr );
251+
252+ switch (iph -> nexthdr ) {
253+ case IPPROTO_TCP : {
254+ struct tcphdr * th = (struct tcphdr * ) ((uint8_t * ) iph + sizeof (* iph ));
255+ printf ("PROTO=TCP SPT=%u DPT=%u " ,
256+ ntohs (th -> source ), ntohs (th -> dest ));
257+ break ;
258+ }
259+ case IPPROTO_UDP : {
260+ struct udphdr * uh = (struct udphdr * ) ((uint8_t * ) iph + sizeof (* iph ));
261+ printf ("PROTO=UDP SPT=%u DPT=%u LEN=%u " ,
262+ ntohs (uh -> source ), ntohs (uh -> dest ), ntohs (uh -> len ));
263+ break ;
264+ }
265+ case IPPROTO_ICMPV6 : {
266+ struct icmp6hdr * icmpv6h = (struct icmp6hdr * ) ((uint8_t * ) iph + sizeof (* iph ));
267+ printf ("PROTO=ICMP6 TYPE=%u CODE=%u " , icmpv6h -> icmp6_type , icmpv6h -> icmp6_code );
268+ break ;
269+ }
270+ default : {
271+ printf ("PROTO=%d " , iph -> nexthdr );
272+ break ;
273+ }
217274 }
275+ }
276+ default :
277+ break ;
218278 }
219279 }
220280
0 commit comments