-
Notifications
You must be signed in to change notification settings - Fork 0
/
nfq2pcap.h
55 lines (42 loc) · 1.4 KB
/
nfq2pcap.h
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
#ifndef __NFQ_2_PCAP_H__
#define __NFQ_2_PCAP_H__
#include <stdint.h>
#include <linux/netfilter.h> // For NF_ACCEPT
#include "pcap-writer.h"
#define DEFAULT_OUT_FILENAME "output.pcap"
#define DEFAULT_QUEUE_ID 0
#define DEFAULT_TARGET_ID 1
#define PACKET_BUFF_MAX 65535
#define DEFAULT_SNAPLEN 65535
#define DEFAULT_VERDICT NF_ACCEPT
#define DEFAULT_DLT_RAWIPV4 DLT_IPV4
// Helper macro to display error messages in bold red text
#define error_msg(fmt, args...) \
fprintf(stderr, "\033[1;31m"); \
fprintf(stderr, fmt, ##args); \
fprintf(stderr, "\033[0m");
// Arguments passed into the callback as user-supplied args
typedef struct _callback_args {
PcapWriter *writer;
uint32_t verdict;
uint32_t queue_num;
uint32_t target_queue; // Only relevant if verdict == NF_QUEUE
char * output_filename;
uint32_t dlt; // Here so we can send to parse_args()
} callback_args;
static inline char *verdict_to_str(uint32_t verdict)
{
switch (verdict) {
case NF_DROP:
return "NF_DROP";
case NF_ACCEPT:
return "NF_ACCEPT";
// TODO: Add appropriate code to free/dispose of packets when done
// case NF_STOLEN:
// return "NF_STOLEN";
case NF_QUEUE:
return "NF_QUEUE";
}
return "Unknown or Unsupported";
};
#endif /* __NFQ_2_PCAP_H__ */