net/netfilter/nf_log.h

0001 /* SPDX-License-Identifier: GPL-2.0 */
0002 #ifndef _NF_LOG_H
0003 #define _NF_LOG_H
0004
0005 #include <linux/netfilter.h>
0006 #include <linux/netfilter/nf_log.h>
0007
0008 /* Log tcp sequence, tcp options, ip options and uid owning local socket */
0009 #define NF_LOG_DEFAULT_MASK 0x0f
0010
0011 /* This flag indicates that copy_len field in nf_loginfo is set */
0012 #define NF_LOG_F_COPY_LEN   0x1
0013
0014 enum nf_log_type {
0015     NF_LOG_TYPE_LOG     = 0,
0016     NF_LOG_TYPE_ULOG,
0017     NF_LOG_TYPE_MAX
0018 };
0019
0020 struct nf_loginfo {
0021     u_int8_t type;
0022     union {
0023         struct {
0024             /* copy_len will be used iff you set
0025              * NF_LOG_F_COPY_LEN in flags
0026              */
0027             u_int32_t copy_len;
0028             u_int16_t group;
0029             u_int16_t qthreshold;
0030             u_int16_t flags;
0031         } ulog;
0032         struct {
0033             u_int8_t level;
0034             u_int8_t logflags;
0035         } log;
0036     } u;
0037 };
0038
0039 typedef void nf_logfn(struct net *net,
0040               u_int8_t pf,
0041               unsigned int hooknum,
0042               const struct sk_buff *skb,
0043               const struct net_device *in,
0044               const struct net_device *out,
0045               const struct nf_loginfo *li,
0046               const char *prefix);
0047
0048 struct nf_logger {
0049     char            *name;
0050     enum nf_log_type    type;
0051     nf_logfn        *logfn;
0052     struct module       *me;
0053 };
0054
0055 /* sysctl_nf_log_all_netns - allow LOG target in all network namespaces */
0056 extern int sysctl_nf_log_all_netns;
0057
0058 /* Function to register/unregister log function. */
0059 int nf_log_register(u_int8_t pf, struct nf_logger *logger);
0060 void nf_log_unregister(struct nf_logger *logger);
0061
0062 int nf_log_set(struct net *net, u_int8_t pf, const struct nf_logger *logger);
0063 void nf_log_unset(struct net *net, const struct nf_logger *logger);
0064
0065 int nf_log_bind_pf(struct net *net, u_int8_t pf,
0066            const struct nf_logger *logger);
0067 void nf_log_unbind_pf(struct net *net, u_int8_t pf);
0068
0069 int nf_logger_find_get(int pf, enum nf_log_type type);
0070 void nf_logger_put(int pf, enum nf_log_type type);
0071
0072 #define MODULE_ALIAS_NF_LOGGER(family, type) \
0073     MODULE_ALIAS("nf-logger-" __stringify(family) "-" __stringify(type))
0074
0075 /* Calls the registered backend logging function */
0076 __printf(8, 9)
0077 void nf_log_packet(struct net *net,
0078            u_int8_t pf,
0079            unsigned int hooknum,
0080            const struct sk_buff *skb,
0081            const struct net_device *in,
0082            const struct net_device *out,
0083            const struct nf_loginfo *li,
0084            const char *fmt, ...);
0085
0086 __printf(8, 9)
0087 void nf_log_trace(struct net *net,
0088           u_int8_t pf,
0089           unsigned int hooknum,
0090           const struct sk_buff *skb,
0091           const struct net_device *in,
0092           const struct net_device *out,
0093           const struct nf_loginfo *li,
0094           const char *fmt, ...);
0095
0096 struct nf_log_buf;
0097
0098 struct nf_log_buf *nf_log_buf_open(void);
0099 __printf(2, 3) int nf_log_buf_add(struct nf_log_buf *m, const char *f, ...);
0100 void nf_log_buf_close(struct nf_log_buf *m);
0101 #endif /* _NF_LOG_H */