Class: Netfilter::Log

Inherits:

Object

• Object
• Netfilter::Log

Extended by:

FFI::Library

Defined in:

lib/nflog.rb

Defined Under Namespace

Modules: CopyMode

Instance Attribute Summary

• #net_interfaces ⇒ Object readonly

  Returns the value of attribute net_interfaces.

• #nflog_group ⇒ Object readonly

  Returns the value of attribute nflog_group.

Class Method Summary

• .create(group, mode = CopyMode::PACKET, &callback) ⇒ Object

  Creates a new Log instance and binds onto a group with the provided callback.

Instance Method Summary

• #destroy ⇒ Object

  Unbinds the log group.

• #initialize(group, mode = CopyMode::PACKET) ⇒ Log constructor

  Creates a new NFLOG userspace handler for group.

• #process(&callback) ⇒ Object

  Processes logged packets, passing them through the provided callback.

• #set_buffer_size(size) ⇒ Object

  Changes the buffer size to stack log messages for this group.

• #set_mode(mode, range = 0xffff_ffff) ⇒ Object

  Changes the copy mode for the group.

• #set_queue_size(thres) ⇒ Object

  Changes the maximum number of NFLOG entries before packet are sent to userspace.

• #set_timeout(timeout) ⇒ Object

  Changes the maximum time for NFLOG to send packet to userspace.

Constructor Details

#initialize(group, mode = CopyMode::PACKET) ⇒ Log

Creates a new NFLOG userspace handler for group.

Raises:

• (LogError)

# File 'lib/nflog.rb', line 297

def initialize(group, mode = CopyMode::PACKET)
    @nflog_group = group
    @net_interfaces = Netfilter::Netlink.interfaces

    @nflog_handle = Log.nflog_open()
    raise LogError, "nflog_open has failed" if @nflog_handle.null?

    if Log.nflog_unbind_pf(@nflog_handle, Socket::AF_INET) < 0
        close
        raise LogError, "nflog_unbind_pf has failed"
    end

    if Log.nflog_bind_pf(@nflog_handle, Socket::AF_INET) < 0
        close
        raise LogError, "nflog_bind_pf has failed"
    end

    @nflog_group = Log.nflog_bind_group(@nflog_handle, group)
    if @nflog_group.null?
        close
        raise LogError, "nflog_bind_group has failed"
    end

    set_mode(mode)

    @callback = Proc.new {|packet| raise LogError, "Undefined callback method."}
    @callback_handler =
        FFI::Function.new(:int, [:pointer, :pointer, :pointer, :buffer_in]) do |nflog_group, nfmsg, nfad, data|
            packet = Packet.new(self, nfad)

            @callback[packet]
        end

    Log.nflog_callback_register(@nflog_group, @callback_handler, nil)
end

Instance Attribute Details

#net_interfaces ⇒ Object (readonly)

Returns the value of attribute net_interfaces.

# File 'lib/nflog.rb', line 292

def net_interfaces
  @net_interfaces
end

#nflog_group ⇒ Object (readonly)

Returns the value of attribute nflog_group.

# File 'lib/nflog.rb', line 291

def nflog_group
  @nflog_group
end

Class Method Details

.create(group, mode = CopyMode::PACKET, &callback) ⇒ Object

Creates a new Log instance and binds onto a group with the provided callback. The instance will be automatically destroyed at return.

# File 'lib/nflog.rb', line 402

def self.create(group, mode = CopyMode::PACKET, &callback)
    nflog = self.new(group, mode)

    begin
        nflog.process(&callback)
    ensure
        nflog.destroy
    end
end

Instance Method Details

#destroy ⇒ Object

Unbinds the log group.

# File 'lib/nflog.rb', line 393

def destroy
    Log.nflog_unbind_group(@nflog_group)
    close
end

#process(&callback) ⇒ Object

Processes logged packets, passing them through the provided callback.

Raises:

• (LogError)

# File 'lib/nflog.rb', line 372

def process(&callback)
    @callback = callback

    fd = Log.nflog_fd(@nflog_handle)
    raise LogError, "nfq_fd has failed" if fd < 0

    io = IO.new(fd)
    io.autoclose = false

    begin
        while data = io.sysread(4096)
            Log.nflog_handle_packet(@nflog_handle, data, data.size)
        end
    ensure
        io.close
    end
end

#set_buffer_size(size) ⇒ Object

Changes the buffer size to stack log messages for this group.

# File 'lib/nflog.rb', line 345

def set_buffer_size(size)
    if Log.nflog_set_nlbufsiz(@nflog_group, size) < 0
        raise LogError, "nflog_set_nlbufsiz has failed"
    end
end

#set_mode(mode, range = 0xffff_ffff) ⇒ Object

Changes the copy mode for the group.

# File 'lib/nflog.rb', line 336

def set_mode(mode, range = 0xffff_ffff)
    if Log.nflog_set_mode(@nflog_group, mode, range) < 0
        raise LogError, "nflog_set_mode has failed"
    end 
end

#set_queue_size(thres) ⇒ Object

Changes the maximum number of NFLOG entries before packet are sent to userspace.

# File 'lib/nflog.rb', line 354

def set_queue_size(thres)
    if Log.nflog_set_qthresh(@nflog_group, thres) < 0
        raise LogError, "nflog_set_qthresh has failed"
    end 
end

#set_timeout(timeout) ⇒ Object

Changes the maximum time for NFLOG to send packet to userspace.

# File 'lib/nflog.rb', line 363

def set_timeout(timeout)
    if Log.nflog_set_timeout(@nflog_group, timeout) < 0
        raise LogError, "nflog_set_timeout has failed"
    end
end