Re: [PATCH v6] Netfilter ring buffer support
From: Richard Weinberger
Date: Mon Mar 12 2012 - 14:00:58 EST
On 12.03.2012 15:12, Pablo Neira Ayuso wrote:
On Mon, Mar 12, 2012 at 02:27:13PM +0100, Richard Weinberger wrote:
[...]
Looking at the code, those are included if bridging is enabled.
Otherwise, I'll be happy to take a patch for this.
Doesn't NFLOG just pass the packet header to userspace?
It also passes several interesting metainformation regarding the
packet to user-space as well. And it can be easily extended to add
more metainformation without breaking backward compatibility.
How can you derive meta-information like "PHYSIN" and "PHYSOUT" from
the packet header?
See nflog_get_physindev and nflog_get_physoutdev in libnetfilter_log.
Oh. This sounds great.
Iff NFLOG is able to produce same log string like LOG does I'm fine.
This is a patch yet incomplete for libnetfilter_log:
http://1984.lsi.us.es/git/rlogd/tree/libnflog.patch
It allows you to print in LOG output format. It still need to add
support for UDP, UDPlite, and so on, but that shouldn't be hard to
make.
I'd be happy if someone takes it over and finish it.
Okay. I'll take over it.
Stay tuned!
Thanks,
//richard
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/