suricata
source-nfq.h
Go to the documentation of this file.
1 /* Copyright (C) 2007-2010 Open Information Security Foundation
2  *
3  * You can copy, redistribute or modify this Program under the terms of
4  * the GNU General Public License version 2 as published by the Free
5  * Software Foundation.
6  *
7  * This program is distributed in the hope that it will be useful,
8  * but WITHOUT ANY WARRANTY; without even the implied warranty of
9  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10  * GNU General Public License for more details.
11  *
12  * You should have received a copy of the GNU General Public License
13  * version 2 along with this program; if not, write to the Free Software
14  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
15  * 02110-1301, USA.
16  */
17 
18 /**
19  * \file
20  *
21  * \author Victor Julien <victor@inliniac.net>
22  */
23 
24 #ifndef SURICATA_SOURCE_NFQ_H
25 #define SURICATA_SOURCE_NFQ_H
26 
27 #ifdef NFQ
28 
29 #include "threads.h"
30 #include <linux/netfilter.h> /* for NF_ACCEPT */
31 #include <libnetfilter_queue/libnetfilter_queue.h>
32 
33 // Netfilter's limit
34 #define NFQ_MAX_QUEUE 65535
35 
36 /* idea: set the recv-thread id in the packet to
37  * select an verdict-queue */
38 
39 typedef struct NFQPacketVars_
40 {
41  int id; /* this nfq packets id */
42  uint16_t nfq_index; /* index in NFQ array */
43  bool verdicted;
44  bool mark_modified;
45 
46  uint32_t mark;
47  uint32_t ifi;
48  uint32_t ifo;
49  uint16_t hw_protocol;
50 } NFQPacketVars;
51 
52 typedef struct NFQQueueVars_
53 {
54  struct nfq_handle *h;
55  struct nfnl_handle *nh;
56  int fd;
57  uint8_t use_mutex;
58  /* 2 threads deal with the queue handle, so add a mutex */
59  struct nfq_q_handle *qh;
60  SCMutex mutex_qh;
61  /* this one should be not changing after init */
62  uint16_t queue_num;
63  /* position into the NFQ queue var array */
64  uint16_t nfq_index;
65 
66 #ifdef DBG_PERF
67  int dbg_maxreadsize;
68 #endif /* DBG_PERF */
69 
70  /* counters */
71  uint32_t pkts;
72  uint64_t bytes;
73  uint32_t errs;
74  uint32_t accepted;
75  uint32_t dropped;
76  uint32_t replaced;
77  struct {
78  uint32_t packet_id; /* id of last processed packet */
79  uint32_t verdict;
80  uint32_t mark;
81  uint8_t mark_valid:1;
82  uint8_t len;
83  uint8_t maxlen;
84  } verdict_cache;
85 
86 } NFQQueueVars;
87 
88 typedef struct NFQGlobalVars_
89 {
90  char unbind;
91 } NFQGlobalVars;
92 
93 void NFQInitConfig(bool quiet);
94 int NFQRegisterQueue(const uint16_t number);
95 int NFQParseAndRegisterQueues(const char *queues);
96 void *NFQGetQueue(int number);
97 void *NFQGetThread(int number);
98 void NFQContextsClean(void);
99 #endif /* NFQ */
100 #endif /* SURICATA_SOURCE_NFQ_H */
NFQQueueVars
struct NFQQueueVars_ NFQQueueVars
NFQQueueVars_::errs
uint32_t errs
Definition: source-nfq.h:73
NFQGetThread
void * NFQGetThread(int number)
Get a pointer to the NFQ thread at index.
Definition: source-nfq.c:962
NFQQueueVars_::bytes
uint64_t bytes
Definition: source-nfq.h:72
NFQGetQueue
void * NFQGetQueue(int number)
Get a pointer to the NFQ queue at index.
Definition: source-nfq.c:944
NFQPacketVars_::ifi
uint32_t ifi
Definition: source-nfq.h:47
NFQQueueVars_::h
struct nfq_handle * h
Definition: source-nfq.h:54
NFQGlobalVars_
Definition: source-nfq.h:89
threads.h
NFQQueueVars_
Definition: source-nfq.h:53
NFQParseAndRegisterQueues
int NFQParseAndRegisterQueues(const char *queues)
Parses and adds Netfilter queue(s).
Definition: source-nfq.c:879
NFQContextsClean
void NFQContextsClean(void)
Clean global contexts. Must be called on exit.
Definition: source-nfq.c:1300
NFQPacketVars_::mark
uint32_t mark
Definition: source-nfq.h:46
NFQGlobalVars
struct NFQGlobalVars_ NFQGlobalVars
NFQQueueVars_::packet_id
uint32_t packet_id
Definition: source-nfq.h:78
NFQQueueVars_::nh
struct nfnl_handle * nh
Definition: source-nfq.h:55
NFQPacketVars_::ifo
uint32_t ifo
Definition: source-nfq.h:48
NFQQueueVars_::maxlen
uint8_t maxlen
Definition: source-nfq.h:83
NFQQueueVars_::accepted
uint32_t accepted
Definition: source-nfq.h:74
NFQPacketVars_::id
int id
Definition: source-nfq.h:41
NFQQueueVars_::pkts
uint32_t pkts
Definition: source-nfq.h:71
NFQInitConfig
void NFQInitConfig(bool quiet)
To initialize the NFQ global configuration data.
Definition: source-nfq.c:206
NFQQueueVars_::replaced
uint32_t replaced
Definition: source-nfq.h:76
NFQQueueVars_::fd
int fd
Definition: source-nfq.h:56
NFQPacketVars
struct NFQPacketVars_ NFQPacketVars
NFQPacketVars_
Definition: source-nfq.h:40
NFQQueueVars_::mark
uint32_t mark
Definition: source-nfq.h:80
NFQQueueVars_::nfq_index
uint16_t nfq_index
Definition: source-nfq.h:64
NFQQueueVars_::qh
struct nfq_q_handle * qh
Definition: source-nfq.h:59
NFQQueueVars_::verdict_cache
struct NFQQueueVars_::@133 verdict_cache
NFQPacketVars_::nfq_index
uint16_t nfq_index
Definition: source-nfq.h:42
NFQQueueVars_::len
uint8_t len
Definition: source-nfq.h:82
NFQQueueVars_::queue_num
uint16_t queue_num
Definition: source-nfq.h:62
NFQQueueVars_::mark_valid
uint8_t mark_valid
Definition: source-nfq.h:81
NFQPacketVars_::mark_modified
bool mark_modified
Definition: source-nfq.h:44
NFQQueueVars_::verdict
uint32_t verdict
Definition: source-nfq.h:79
NFQPacketVars_::verdicted
bool verdicted
Definition: source-nfq.h:43
NFQRegisterQueue
int NFQRegisterQueue(const uint16_t number)
Add a single Netfilter queue.
Definition: source-nfq.c:823
NFQGlobalVars_::unbind
char unbind
Definition: source-nfq.h:90
NFQQueueVars_::mutex_qh
SCMutex mutex_qh
Definition: source-nfq.h:60
NFQPacketVars_::hw_protocol
uint16_t hw_protocol
Definition: source-nfq.h:49
SCMutex
#define SCMutex
Definition: threads-debug.h:114
NFQQueueVars_::use_mutex
uint8_t use_mutex
Definition: source-nfq.h:57
NFQQueueVars_::dropped
uint32_t dropped
Definition: source-nfq.h:75