Documentation
¶
Overview ¶
Go bindings for the NFLOG netfilter target libnetfilter_log is a userspace library providing an API to access packets that have been queued by the Linux kernel packet filter.
This provides an easy way to receive packets from userspace, and use tools or libraries that are not accessible from kernelspace.
BUG(nflog): This package currently displays lots of debug information
Index ¶
- Variables
- func GoCallbackWrapper(ptr_q *unsafe.Pointer, ptr_nfad *unsafe.Pointer) int
- type Callback
- type Payload
- type Queue
- func (q *Queue) Bind(af_family int) error
- func (q *Queue) Close()
- func (q *Queue) CreateQueue(queue_num int) error
- func (q *Queue) Init() error
- func (q *Queue) SetCallback(cb Callback) error
- func (q *Queue) SetMode(mode uint8) error
- func (q *Queue) TryRun() error
- func (q *Queue) Unbind(af_family int) error
- Bugs
Constants ¶
This section is empty.
Variables ¶
var ErrNotInitialized = errors.New("nflog: queue not initialized")
var ErrOpenFailed = errors.New("nflog: open failed")
var ErrRuntime = errors.New("nflog: runtime error")
var NFULNL_COPY_META uint8 = C.NFULNL_COPY_META
var NFULNL_COPY_NONE uint8 = C.NFULNL_COPY_NONE
var NFULNL_COPY_PACKET uint8 = C.NFULNL_COPY_PACKET
var NF_ACCEPT = C.NF_ACCEPT
var NF_DROP = C.NF_DROP
var NF_QUEUE = C.NF_QUEUE
var NF_REPEAT = C.NF_REPEAT
var NF_STOP = C.NF_STOP
Functions ¶
func GoCallbackWrapper ¶
Cast argument to Queue* before calling the real callback
Notes:
- export cannot be done in the same file (nflog.go) else it fails to build (multiple definitions of C functions) See https://github.com/golang/go/issues/3497 See https://github.com/golang/go/wiki/cgo
- this cast is caused by the fact that cgo does not support exporting structs See https://github.com/golang/go/wiki/cgo
This function must _nerver_ be called directly.
Types ¶
type Callback ¶
Prototype for a NFLOG callback. The callback receives the packet payload. Packet data start from the IP layer (ethernet information are not included). It must return the verdict for the packet.
type Payload ¶
type Payload struct {
// Packet data
Data []byte
// contains filtered or unexported fields
}
Payload is a structure describing a packet received from the kernel
func (*Payload) GetPhysInDev ¶
Returns the physical interface that the packet was received through
func (*Payload) GetPhysOutDev ¶
Returns the physical interface that the packet will be routed out
type Queue ¶
type Queue struct {
// contains filtered or unexported fields
}
Queue is an opaque structure describing a connection to a kernel NFLOG, and the associated Go callback.
func (*Queue) Bind ¶
Bind binds a Queue to a given protocol family.
Usually, the family is syscall.AF_INET for IPv4, and syscall.AF_INET6 for IPv6
func (*Queue) CreateQueue ¶
Create a new queue handle
The queue must be initialized (using Init) and bound (using Bind), and a callback function must be set (using SetCallback).
func (*Queue) Init ¶
Init creates a netfilter queue which can be used to receive packets from the kernel.
func (*Queue) SetCallback ¶
SetCallback sets the callback function, fired when a packet is received.
func (*Queue) SetMode ¶
SetMode sets the amount of packet data that nflog copies to userspace
Default mode is NFULNL_COPY_PACKET
Notes ¶
Bugs ¶
This package currently displays lots of debug information
The TryRun function really is an infinite loop.
Source Files
Directories