doxygen/html/old_8c_source.html

 #include <stdio.h>

 #include <stdlib.h>

 #include <unistd.h>

 #include <string.h>

 #include <time.h>

 #include <arpa/inet.h>


 #include <libmnl/libmnl.h>

 #include <linux/netfilter.h>

 #include <linux/netfilter/nfnetlink.h>


 #include <linux/types.h>

 #include <linux/netfilter/nfnetlink_queue.h>


 #include <libnetfilter_queue/libnetfilter_queue.h>


 static struct mnl_socket *nl;


 static struct nlmsghdr *

 nfq_build_header(char *buf, int type, uint32_t queue_num)

 {

         struct nlmsghdr *nlh = mnl_nlmsg_put_header(buf);

         nlh->nlmsg_type = (NFNL_SUBSYS_QUEUE << 8) | type;

         nlh->nlmsg_flags = NLM_F_REQUEST;


         struct nfgenmsg *nfg = mnl_nlmsg_put_extra_header(nlh, sizeof(*nfg));

         nfg->nfgen_family = AF_UNSPEC;

         nfg->version = NFNETLINK_V0;

         nfg->res_id = htons(queue_num);


         return nlh;

 }


 static int

 nfq_send_verdict(int queue_num, uint32_t id, uint8_t *pkt, uint16_t pktlen)

 {

         char buf[MNL_SOCKET_BUFFER_SIZE];

         struct nlmsghdr *nlh;

         int ret;


         nlh = nfq_build_header(buf, NFQNL_MSG_VERDICT, queue_num);

         nfq_nlmsg_verdict_build(nlh, id, NF_ACCEPT);

         nfq_nlmsg_verdict_payload(nlh, pkt, pktlen);


         if (mnl_socket_sendto(nl, nlh, nlh->nlmsg_len) < 0) {

                 perror("mnl_socket_send");

                 exit(EXIT_FAILURE);

         }


         return ret;

 }


 static int queue_cb(const struct nlmsghdr *nlh, void *data)

 {

         struct nfqnl_msg_packet_hdr *ph = NULL;

         struct nlattr *attr[NFQA_MAX+1];

         uint32_t id = 0;

         struct nfgenmsg *nfg;

         uint8_t *pkt;

         uint16_t pktlen;


         if (nfq_nlmsg_parse(nlh, attr) < 0) {

                 perror("problems parsing");

                 return MNL_CB_ERROR;

         }


         nfg = mnl_nlmsg_get_payload(nlh);


         ph = (struct nfqnl_msg_packet_hdr *)

                 mnl_attr_get_payload(attr[NFQA_PACKET_HDR]);

         if (ph == NULL) {

                 perror("problems retrieving metaheader");

                 return MNL_CB_ERROR;

         }


         id = ntohl(ph->packet_id);


         printf("packet received (id=%u hw=0x%04x hook=%u)\n",

                 id, ntohs(ph->hw_protocol), ph->hook);


         pkt = mnl_attr_get_payload(attr[NFQA_PAYLOAD]);

         pktlen = mnl_attr_get_payload_len(attr[NFQA_PAYLOAD]);


         nfq_send_verdict(ntohs(nfg->res_id), id, pkt, pktlen);


         return MNL_CB_OK;

 }


 int main(int argc, char *argv[])

 {

         char buf[MNL_SOCKET_BUFFER_SIZE];

         struct nlmsghdr *nlh;

         int ret;

         unsigned int portid, queue_num;


         if (argc != 2) {

                 printf("Usage: %s [queue_num]\n", argv[0]);

                 exit(EXIT_FAILURE);

         }

         queue_num = atoi(argv[1]);


         nl = mnl_socket_open(NETLINK_NETFILTER);

         if (nl == NULL) {

                 perror("mnl_socket_open");

                 exit(EXIT_FAILURE);

         }


         if (mnl_socket_bind(nl, 0, MNL_SOCKET_AUTOPID) < 0) {

                 perror("mnl_socket_bind");

                 exit(EXIT_FAILURE);

         }

         portid = mnl_socket_get_portid(nl);


         nlh = nfq_build_header(buf, NFQNL_MSG_CONFIG, 0);

         nfq_nlmsg_cfg_build_request(nlh, AF_INET, NFQNL_CFG_CMD_PF_UNBIND);


         if (mnl_socket_sendto(nl, nlh, nlh->nlmsg_len) < 0) {

                 perror("mnl_socket_send");

                 exit(EXIT_FAILURE);

         }


         nlh = nfq_build_header(buf, NFQNL_MSG_CONFIG, 0);

         nfq_nlmsg_cfg_build_request(nlh, AF_INET, NFQNL_CFG_CMD_PF_BIND);


         if (mnl_socket_sendto(nl, nlh, nlh->nlmsg_len) < 0) {

                 perror("mnl_socket_send");

                 exit(EXIT_FAILURE);

         }


         nlh = nfq_build_header(buf, NFQNL_MSG_CONFIG, queue_num);

         nfq_nlmsg_cfg_build_request(nlh, AF_INET, NFQNL_CFG_CMD_BIND);


         if (mnl_socket_sendto(nl, nlh, nlh->nlmsg_len) < 0) {

                 perror("mnl_socket_send");

                 exit(EXIT_FAILURE);

         }


         nlh = nfq_build_header(buf, NFQNL_MSG_CONFIG, queue_num);

         nfq_nlmsg_cfg_add_copy(nlh, NFQNL_COPY_PACKET, 0xffff);


         if (mnl_socket_sendto(nl, nlh, nlh->nlmsg_len) < 0) {

                 perror("mnl_socket_send");

                 exit(EXIT_FAILURE);

         }


         ret = mnl_socket_recvfrom(nl, buf, sizeof(buf));

         if (ret == -1) {

                 perror("mnl_socket_recvfrom");

                 exit(EXIT_FAILURE);

         }

         while (ret > 0) {

                 uint32_t id;


                 ret = mnl_cb_run(buf, ret, 0, portid, queue_cb, NULL);

                 if (ret < 0){

                         perror("mnl_cb_run");

                         exit(EXIT_FAILURE);

                 }


                 ret = mnl_socket_recvfrom(nl, buf, sizeof(buf));

                 if (ret == -1) {

                         perror("mnl_socket_recvfrom");

                         exit(EXIT_FAILURE);

                 }

         }


         mnl_socket_close(nl);


         return 0;

 }

nfq_nlmsg_parse
int nfq_nlmsg_parse(const struct nlmsghdr *nlh, struct nlattr **attr)
Definition: nlmsg.c:182