Redirected from github.com/cloudlinux/go-nflog.

The highest tagged major version is v2.

nflog

package module

v1.1.0 Latest Latest Go to latest Published: Jan 14, 2019 License: MIT Imports: 10 Imported by: 1

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/florianl/go-nflog

Links

Open Source Insights

README ¶

go-nflog

This is go-nflog and it is written in golang. It provides a C-binding free API to the netfilter based log subsystem of the Linux kernel.

Example

func main() {
	// Send outgoing pings to nflog group 100
	// # sudo iptables -I OUTPUT -p icmp -j NFLOG --nflog-group 100

	//Set configuration parameters
	config := nflog.Config{
		Group:    100,
		Copymode: nflog.NfUlnlCopyPacket,
	}

	nf, err := nflog.Open(&config)
	if err != nil {
		fmt.Println("could not open nflog socket:", err)
		return
	}
	defer nf.Close()

	ctx, _ := context.WithTimeout(context.Background(), 10*time.Second)

	fn := func(m nflog.Msg) int {
		fmt.Printf("%v\n", m[nflog.NfUlaAttrPayload])
		return 0
	}

	// Register your function to listen on nflog group 100
	err = nf.Register(ctx, fn)
	if err != nil {
		fmt.Println(err)
		return
	}

	// Block till the context expires
	<-ctx.Done()
}

For documentation and more examples please take a look at

Documentation ¶

Rendered for

Overview ¶

Package nflog provides an API to interact with the log subsystem of the netfilter family from the linux kernel.

Index ¶

Constants
Variables
type Config
type HookFunc
type Msg
type Nflog
- func Open(config *Config) (*Nflog, error)
- func (nflog *Nflog) Close() error
- func (nflog *Nflog) Register(ctx context.Context, fn HookFunc) error

Examples ¶

Nflog.Register

Constants ¶

View Source

const (
	// Available copy modes for Config.Copymode.
	NfUlnlCopyNone byte = 0x00
	NfUlnlCopyMeta byte = 0x01
	// Provides a complete copy of the packet in the Msg map.
	// But can be limited by setting Config.Bufsize.
	NfUlnlCopyPacket byte = 0x02

	// Flags that can be set on a connection
	NfUlnlCfgFSeq       uint16 = 0x0001
	NfUlnlCfgFSeqGlobal uint16 = 0x0002
	// Requires Kernel configuration of CONFIG_NETFILTER_NETLINK_GLUE_CT
	NfUlnlCfgFConntrack uint16 = 0x0004
)

Various constants

View Source

const (
	AttrHwProtocol = iota
	AttrHook
	AttrMark
	AttrTimestamp
	AttrIfindexIndev
	AttrIfindexOutdev
	AttrIfindexPhysIndev
	AttrIfindexPhysOutdev
	AttrHwAddr
	AttrPayload
	AttrPrefix
	AttrUID
	AttrSeq
	AttrSeqGlobal
	AttrGID
	AttrHwType
	AttrHwHeader
	AttrHwLen
	AttrCt
	AttrCtInfo
)

Various identifier,that can be the key of Msg map A Msg map don't need to contain all of these keys.

Variables ¶

View Source

var (
	ErrCopyMode    = errors.New("Unsupported copy mode")
	ErrUnknownFlag = errors.New("Unsupported flag")
)

Various errors

Functions ¶

This section is empty.

Types ¶

type Config ¶

type Config struct {
	// Network namespace the Nflog needs to operate in. If set to 0 (default),
	// no network namespace will be entered.
	NetNS int

	// Optional flags
	Flags uint16

	// Specifies the number of packets in the group,
	// until they will be pushed to userspace.
	QThresh uint32

	// Maximum time in 1/100s that a packet in the nflog group will be queued,
	// until it is pushed to userspace.
	Timeout uint32

	// Nflog group this socket will be assigned to.
	Group uint16

	// Specifies how the kernel handles a packet in the nflog group.
	Copymode uint8

	// If NfUlnlCopyPacket is set as CopyMode,
	// this parameter specifies the maximum number of bytes,
	// that will be copied to userspace.
	Bufsize uint32

	// Interface to log internals.
	Logger *log.Logger
}

Config contains options for a Conn.

type HookFunc ¶

type HookFunc func(m Msg) int

HookFunc is a function, that receives events from a Netlinkgroup To stop receiving messages on this HookFunc, return something different than 0

type Msg ¶

type Msg map[int]interface{}

Msg contains all the information of a connection

type Nflog ¶

type Nflog struct {
	// Con is the pure representation of a netlink socket
	Con *netlink.Conn
	// contains filtered or unexported fields
}

Nflog represents a netfilter log handler

func Open ¶

func Open(config *Config) (*Nflog, error)

Open a connection to the netfilter log subsystem

func (*Nflog) Close ¶

func (nflog *Nflog) Close() error

Close the connection to the netfilter log subsystem

func (*Nflog) Register ¶

func (nflog *Nflog) Register(ctx context.Context, fn HookFunc) error

Register your own function as callback for a netfilter log group

Example ¶

// Send outgoing pings to nflog group 100
// # sudo iptables -I OUTPUT -p icmp -j NFLOG --nflog-group 100

//Set configuration parameters
config := nflog.Config{
	Group:    100,
	Copymode: nflog.NfUlnlCopyPacket,
}

nf, err := nflog.Open(&config)
if err != nil {
	fmt.Println("could not open nflog socket:", err)
	return
}
defer nf.Close()

ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
defer cancel()

fn := func(m nflog.Msg) int {
	fmt.Printf("%v\n", m[nflog.AttrPayload])
	return 0
}

// Register your function to listen on nflog group 100
err = nf.Register(ctx, fn)
if err != nil {
	fmt.Println(err)
	return
}

// Block till the context expires
<-ctx.Done()

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL