The highest tagged major version is v2.

nflog

package module

v1.1.0 Latest Latest Go to latest Published: Jan 14, 2019 License: MIT Imports: 10 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/florianl/go-nflog

Links

Open Source Insights

README ¶

go-nflog

This is go-nflog and it is written in golang. It provides a C-binding free API to the netfilter based log subsystem of the Linux kernel.

Example

func main() {
	// Send outgoing pings to nflog group 100
	// # sudo iptables -I OUTPUT -p icmp -j NFLOG --nflog-group 100

	//Set configuration parameters
	config := nflog.Config{
		Group:    100,
		Copymode: nflog.NfUlnlCopyPacket,
	}

	nf, err := nflog.Open(&config)
	if err != nil {
		fmt.Println("could not open nflog socket:", err)
		return
	}
	defer nf.Close()

	ctx, _ := context.WithTimeout(context.Background(), 10*time.Second)

	fn := func(m nflog.Msg) int {
		fmt.Printf("%v\n", m[nflog.NfUlaAttrPayload])
		return 0
	}

	// Register your function to listen on nflog group 100
	err = nf.Register(ctx, fn)
	if err != nil {
		fmt.Println(err)
		return
	}

	// Block till the context expires
	<-ctx.Done()
}

For documentation and more examples please take a look at

Documentation ¶

Rendered for

Overview ¶

Package nflog provides an API to interact with the log subsystem of the netfilter family from the linux kernel.

Index ¶

Constants
Variables
type Config
type HookFunc
type Msg
type Nflog
- func Open(config *Config) (*Nflog, error)
- func (nflog *Nflog) Close() error
- func (nflog *Nflog) Register(ctx context.Context, fn HookFunc) error

Examples ¶

Nflog.Register

Constants ¶

View Source

const (
	// Available copy modes for Config.Copymode.
	NfUlnlCopyNone byte = 0x00
	NfUlnlCopyMeta byte = 0x01
	// Provides a complete copy of the packet in the Msg map.
	// But can be limited by setting Config.Bufsize.
	NfUlnlCopyPacket byte = 0x02

	// Flags that can be set on a connection
	NfUlnlCfgFSeq       uint16 = 0x0001
	NfUlnlCfgFSeqGlobal uint16 = 0x0002
	// Requires Kernel configuration of CONFIG_NETFILTER_NETLINK_GLUE_CT
	NfUlnlCfgFConntrack uint16 = 0x0004
)

Various constants

View Source

const (
	AttrHwProtocol = iota
	AttrHook
	AttrMark
	AttrTimestamp
	AttrIfindexIndev
	AttrIfindexOutdev
	AttrIfindexPhysIndev
	AttrIfindexPhysOutdev
	AttrHwAddr
	AttrPayload
	AttrPrefix
	AttrUID
	AttrSeq
	AttrSeqGlobal
	AttrGID
	AttrHwType
	AttrHwHeader
	AttrHwLen
	AttrCt
	AttrCtInfo
)

Various identifier,that can be the key of Msg map A Msg map don't need to contain all of these keys.

Variables ¶

View Source

var (
	ErrCopyMode    = errors.New("Unsupported copy mode")
	ErrUnknownFlag = errors.New("Unsupported flag")
)

Various errors

Functions ¶

This section is empty.

Types ¶

type Config ¶

type Config struct {
	// Network namespace the Nflog needs to operate in. If set to 0 (default),
	// no network namespace will be entered.
	NetNS int

	// Optional flags
	Flags uint16

	// Specifies the number of packets in the group,
	// until they will be pushed to userspace.
	QThresh uint32

	// Maximum time in 1/100s that a packet in the nflog group will be queued,
	// until it is pushed to userspace.
	Timeout uint32

	// Nflog group this socket will be assigned to.
	Group uint16

	// Specifies how the kernel handles a packet in the nflog group.
	Copymode uint8

	// If NfUlnlCopyPacket is set as CopyMode,
	// this parameter specifies the maximum number of bytes,
	// that will be copied to userspace.
	Bufsize uint32

	// Interface to log internals.
	Logger *log.Logger
}

Config contains options for a Conn.

type HookFunc ¶

type HookFunc func(m Msg) int

HookFunc is a function, that receives events from a Netlinkgroup To stop receiving messages on this HookFunc, return something different than 0

type Msg ¶

type Msg map[int]interface{}

Msg contains all the information of a connection

type Nflog ¶

type Nflog struct {
	// Con is the pure representation of a netlink socket
	Con *netlink.Conn
	// contains filtered or unexported fields
}

Nflog represents a netfilter log handler

func Open ¶

func Open(config *Config) (*Nflog, error)

Open a connection to the netfilter log subsystem

func (*Nflog) Close ¶

func (nflog *Nflog) Close() error

Close the connection to the netfilter log subsystem

func (*Nflog) Register ¶

func (nflog *Nflog) Register(ctx context.Context, fn HookFunc) error

Register your own function as callback for a netfilter log group

Example ¶

// Send outgoing pings to nflog group 100
// # sudo iptables -I OUTPUT -p icmp -j NFLOG --nflog-group 100

//Set configuration parameters
config := nflog.Config{
	Group:    100,
	Copymode: nflog.NfUlnlCopyPacket,
}

nf, err := nflog.Open(&config)
if err != nil {
	fmt.Println("could not open nflog socket:", err)
	return
}
defer nf.Close()

ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
defer cancel()

fn := func(m nflog.Msg) int {
	fmt.Printf("%v\n", m[nflog.AttrPayload])
	return 0
}

// Register your function to listen on nflog group 100
err = nf.Register(ctx, fn)
if err != nil {
	fmt.Println(err)
	return
}

// Block till the context expires
<-ctx.Done()

Output:

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL