From af231769266c79f6255b93568401143e8611588c Mon Sep 17 00:00:00 2001 From: Denis Ovsienko Date: Mon, 9 Sep 2013 14:45:31 +0400 Subject: [PATCH] NFLOG: remove header dependency, add a test case This change removes detection of linux/netfilter/nfnetlink_log.h, which was only used to provide two constants. The constants are now defined in print-nflog.c, making it possible to compile (and test) the NFLOG decoder on all systems, not only Linux. There is now a test case for the decoder, it was produced on a Linux host with: iptables -A INPUT -p udp --source 74.82.42.42 -j NFLOG --nflog-group 20 dig @74.82.42.42 ... --- configure.in | 2 +- netdissect.h | 4 ---- print-nflog.c | 6 +++--- tcpdump.c | 2 -- tests/TESTLIST | 3 +++ tests/nflog-e.out | 4 ++++ tests/nflog.pcap | Bin 0 -> 840 bytes 7 files changed, 11 insertions(+), 10 deletions(-) create mode 100644 tests/nflog-e.out create mode 100644 tests/nflog.pcap diff --git a/configure.in b/configure.in index 2d22d1c9..4c8059b8 100644 --- a/configure.in +++ b/configure.in @@ -33,7 +33,7 @@ if test "$ac_cv___attribute__" = "yes"; then AC_C___ATTRIBUTE___FORMAT_FUNCTION_POINTER fi fi -AC_CHECK_HEADERS(fcntl.h rpc/rpc.h rpc/rpcent.h netdnet/dnetdb.h linux/netfilter/nfnetlink_log.h) +AC_CHECK_HEADERS(fcntl.h rpc/rpc.h rpc/rpcent.h netdnet/dnetdb.h) AC_CHECK_HEADERS(net/pfvar.h, , , [#include #include #include ]) diff --git a/netdissect.h b/netdissect.h index 29c2e6f5..4fd47264 100644 --- a/netdissect.h +++ b/netdissect.h @@ -482,11 +482,7 @@ extern void pptp_print(netdissect_options *,const u_char *, u_int); extern u_int ipnet_if_print(netdissect_options *,const struct pcap_pkthdr *, const u_char *); extern u_int ppi_if_print(netdissect_options *,const struct pcap_pkthdr *, const u_char *); - -#ifdef HAVE_LINUX_NETFILTER_NFNETLINK_LOG_H extern u_int nflog_if_print(netdissect_options *,const struct pcap_pkthdr *, const u_char *); -#endif - extern u_int ieee802_15_4_if_print(netdissect_options *,const struct pcap_pkthdr *, const u_char *); #ifdef INET6 diff --git a/print-nflog.c b/print-nflog.c index fdd21e69..238226e1 100644 --- a/print-nflog.c +++ b/print-nflog.c @@ -37,12 +37,13 @@ #include "netdissect.h" #include "interface.h" -#ifdef HAVE_LINUX_NETFILTER_NFNETLINK_LOG_H -#include #include "nflog.h" #ifdef DLT_NFLOG +#define NFULA_PAYLOAD 9 +#define NFULA_MAX 17 + const struct tok nflog_values[] = { { AF_INET, "IPv4" }, { AF_INET6, "IPv6" }, @@ -150,5 +151,4 @@ nflog_if_print(struct netdissect_options *ndo, return (sizeof(nflog_hdr_t)); } -#endif /* HAVE_LINUX_NETFILTER_NFNETLINK_LOG_H */ #endif /* DLT_NFLOG */ diff --git a/tcpdump.c b/tcpdump.c index c4b287c6..6a9c26a8 100644 --- a/tcpdump.c +++ b/tcpdump.c @@ -332,9 +332,7 @@ static struct ndo_printer ndo_printers[] = { { netanalyzer_transparent_if_print, DLT_NETANALYZER_TRANSPARENT }, #endif #ifdef DLT_NFLOG -#ifdef HAVE_LINUX_NETFILTER_NFNETLINK_LOG_H { nflog_if_print, DLT_NFLOG}, -#endif #endif { NULL, 0 }, }; diff --git a/tests/TESTLIST b/tests/TESTLIST index 271d7b1c..c2688aeb 100644 --- a/tests/TESTLIST +++ b/tests/TESTLIST @@ -134,3 +134,6 @@ of10_pf5240-vv of10_pf5240.pcap of10_pf5240-vv.out -t -vv # GeoNetworking and CALM FAST tests geonet-calm-fast geonet_and_calm_fast.pcap geonet_and_calm_fast.out -t -vv -n + +# NFLOG test case +nflog-e nflog.pcap nflog-e.out -t -e diff --git a/tests/nflog-e.out b/tests/nflog-e.out new file mode 100644 index 00000000..636d38ec --- /dev/null +++ b/tests/nflog-e.out @@ -0,0 +1,4 @@ +version 0, resource ID 20, family IPv4 (2), length 180: 74.82.42.42.53 > 10.0.0.20.42585: 17265 1/0/0 A 93.184.216.119 (45) +version 0, resource ID 20, family IPv4 (2), length 192: 74.82.42.42.53 > 10.0.0.20.45190: 52954 1/0/0 AAAA 2606:2800:220:6d:26bf:1447:1097:aa7 (57) +version 0, resource ID 20, family IPv4 (2), length 184: 74.82.42.42.53 > 10.0.0.20.44031: 8279 1/0/0 A 93.184.216.119 (49) +version 0, resource ID 20, family IPv4 (2), length 196: 74.82.42.42.53 > 10.0.0.20.48736: 2122 1/0/0 AAAA 2606:2800:220:6d:26bf:1447:1097:aa7 (61) diff --git a/tests/nflog.pcap b/tests/nflog.pcap new file mode 100644 index 0000000000000000000000000000000000000000..9151d6a1a5695660233c197bb7e1fa5c63b0779a GIT binary patch literal 840 zcmca|c+)~A1{MYw`2U}Q;XRNuUtTN7Dvgt23y=-MObiSn91M&MK&;Nnzy(&$0nx`K z02F0l`~QE(;yn?i}fHsLRm@bQCFwMR1T-ewEG#6+x0|R?%MPhD2 zPAYS9elEx|#sfSMDg9{-EU`Oolmpd({NMoe!vP>0gpvHPfF^$6iphwC_#qVP2M&ZE zHncG~rkpu<3zr{cz?`KJ%R zfByd`D^B?Ib_7EF;|ukV0Kz}3|1(&sS}TMj{KH&cUXCkX7y}zn;>8gdFGqlW0AVD5 u5J+1j`(r-Pcwq8qTM-NKMOJHzyjN|aa=MSW~0r~@5+yDS|%$jEa literal 0 HcmV?d00001