Skip to content

Commit 6290d08

Browse files
dzamlolittle-dude
authored andcommitted
Improve nflog example
1 parent a5f8bdf commit 6290d08

File tree

1 file changed

+40
-16
lines changed

1 file changed

+40
-16
lines changed

examples/nflog.rs

Lines changed: 40 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -8,20 +8,35 @@
88
// 3) run it as root:
99
// sudo ../target/debug/examples/nflog
1010

11-
use std::time::Duration;
11+
use std::{net::Ipv4Addr, time::Duration};
1212

13+
use byteorder::{ByteOrder, NetworkEndian};
1314
use netlink_packet_netfilter::{
1415
constants::*,
15-
message::NetfilterMessage,
16+
message::{NetfilterMessage, NetfilterMessageInner},
1617
nflog::{
1718
self,
1819
config::{ConfigCmd, ConfigFlags, ConfigMode, Timeout},
20+
packet::PacketNla,
21+
NfLogMessage,
1922
},
2023
NetlinkMessage,
2124
NetlinkPayload,
2225
};
2326
use netlink_sys::{constants::NETLINK_NETFILTER, Socket};
2427

28+
fn get_packet_nlas(message: &NetlinkMessage<NetfilterMessage>) -> &[PacketNla] {
29+
if let NetlinkPayload::InnerMessage(NetfilterMessage {
30+
inner: NetfilterMessageInner::NfLog(NfLogMessage::Packet(nlas)),
31+
..
32+
}) = &message.payload
33+
{
34+
nlas
35+
} else {
36+
&[]
37+
}
38+
}
39+
2540
fn main() {
2641
let mut receive_buffer = vec![0; 4096];
2742

@@ -51,7 +66,7 @@ fn main() {
5166
vec![
5267
ConfigCmd::Bind.into(),
5368
ConfigFlags::SEQ_GLOBAL.into(),
54-
ConfigMode::new_packet(16).into(),
69+
ConfigMode::PACKET_MAX.into(),
5570
timeout.into(),
5671
],
5772
);
@@ -67,23 +82,32 @@ fn main() {
6782
assert!(matches!(rx_packet.payload, NetlinkPayload::Ack(_)));
6883

6984
// And now we can receive the packets
85+
loop {
86+
match socket.recv(&mut &mut receive_buffer[..], 0) {
87+
Ok(size) => {
88+
let mut offset = 0;
89+
loop {
90+
let bytes = &receive_buffer[offset..];
7091

71-
let mut offset = 0;
72-
while let Ok(size) = socket.recv(&mut &mut receive_buffer[..], 0) {
73-
loop {
74-
let bytes = &receive_buffer[offset..];
92+
let rx_packet = <NetlinkMessage<NetfilterMessage>>::deserialize(bytes).unwrap();
7593

76-
let rx_packet = <NetlinkMessage<NetfilterMessage>>::deserialize(bytes).unwrap();
77-
println!("<<< {:?}", rx_packet);
94+
for nla in get_packet_nlas(&rx_packet) {
95+
if let nflog::packet::PacketNla::Payload(payload) = nla {
96+
let src = Ipv4Addr::from(NetworkEndian::read_u32(&payload[12..]));
97+
let dst = Ipv4Addr::from(NetworkEndian::read_u32(&payload[16..]));
98+
println!("Packet from {} to {}", src, dst);
99+
break;
100+
}
101+
}
78102

79-
match rx_packet.payload {
80-
NetlinkPayload::Error(_) | NetlinkPayload::Overrun(_) => return,
81-
_ => (),
103+
offset += rx_packet.header.length as usize;
104+
if offset == size || rx_packet.header.length == 0 {
105+
break;
106+
}
107+
}
82108
}
83-
84-
offset += rx_packet.header.length as usize;
85-
if offset == size || rx_packet.header.length == 0 {
86-
offset = 0;
109+
Err(e) => {
110+
println!("error while receiving packets: {:?}", e);
87111
break;
88112
}
89113
}

0 commit comments

Comments
 (0)