search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
netsniff-ng: alias lb to rr as well
[netsniff-ng.git] / proto_nlmsg.c
blob51b303f9c1994a6d2dca4c509190ec343a899afa
1 /*
2 * netsniff-ng - the packet sniffing beast
3 * Copyright 2014 Tobias Klauser.
4 * Subject to the GPL, version 2.
5 */
6
7 #include <stdio.h>
8 #include <unistd.h>
9 #include <limits.h>
10 #include <libgen.h>
11 #include <netlink/msg.h>
12
13 #include "pkt_buff.h"
14 #include "proto.h"
15 #include "protos.h"
16
17 static const char *nlmsg_family2str(uint16_t family)
18 {
19 switch (family) {
20 case NETLINK_ROUTE: return "routing";
21 case NETLINK_UNUSED: return "unused";
22 case NETLINK_USERSOCK: return "user-mode socket";
23 case NETLINK_FIREWALL: return "unused, formerly ip_queue";
24 /* NETLINK_INET_DIAG was renamed to NETLINK_SOCK_DIAG in Linux kernel 3.10 */
25 #if defined(NETLINK_SOCK_DIAG)
26 case NETLINK_SOCK_DIAG: return "socket monitoring";
27 #elif defined(NETLINK_INET_DIAG)
28 case NETLINK_INET_DIAG: return "INET socket monitoring";
29 #endif
30 case NETLINK_NFLOG: return "netfilter ULOG";
31 case NETLINK_XFRM: return "IPsec";
32 case NETLINK_SELINUX: return "SELinux event notification";
33 case NETLINK_ISCSI: return "Open-iSCSI";
34 case NETLINK_AUDIT: return "auditing";
35 case NETLINK_FIB_LOOKUP: return "FIB lookup";
36 case NETLINK_CONNECTOR: return "Kernel connector";
37 case NETLINK_NETFILTER: return "Netfilter";
38 case NETLINK_IP6_FW: return "unused, formerly ip6_queue";
39 case NETLINK_DNRTMSG: return "DECnet routing";
40 case NETLINK_KOBJECT_UEVENT: return "Kernel messages";
41 case NETLINK_GENERIC: return "Generic";
42 case NETLINK_SCSITRANSPORT: return "SCSI transports";
43 case NETLINK_ECRYPTFS: return "ecryptfs";
44 case NETLINK_RDMA: return "RDMA";
45 case NETLINK_CRYPTO: return "Crypto layer";
46 default: return "Unknown";
47 }
48 }
49
50 static void nlmsg(struct pkt_buff *pkt)
51 {
52 struct nlmsghdr *hdr = (struct nlmsghdr *) pkt_pull(pkt, sizeof(*hdr));
53 char type[32];
54 char flags[128];
55 char procname[PATH_MAX];
56
57 if (hdr == NULL)
58 return;
59
60 /* Look up the process name if message is not coming from the kernel.
61 *
62 * Note that the port id is not necessarily equal to the PID of the
63 * receiving process (e.g. if the application is multithreaded or using
64 * multiple sockets). In these cases we're not able to find a matching
65 * PID and the information will not be printed.
66 */
67 if (hdr->nlmsg_pid != 0) {
68 char path[1024];
69 int ret;
70
71 snprintf(path, sizeof(path), "/proc/%u/exe", hdr->nlmsg_pid);
72 ret = readlink(path, procname, sizeof(procname) - 1);
73 if (ret < 0)
74 ret = 0;
75 procname[ret] = '\0';
76 } else
77 snprintf(procname, sizeof(procname), "kernel");
78
79 tprintf(" [ NLMSG ");
80 tprintf("Family %d (%s%s%s), ", ntohs(pkt->proto), colorize_start(bold),
81 nlmsg_family2str(ntohs(pkt->proto)), colorize_end());
82 tprintf("Len %u, ", hdr->nlmsg_len);
83 tprintf("Type 0x%.4x (%s%s%s), ", hdr->nlmsg_type,
84 colorize_start(bold),
85 nl_nlmsgtype2str(hdr->nlmsg_type, type, sizeof(type)),
86 colorize_end());
87 tprintf("Flags 0x%.4x (%s%s%s), ", hdr->nlmsg_flags,
88 colorize_start(bold),
89 nl_nlmsg_flags2str(hdr->nlmsg_flags, flags, sizeof(flags)),
90 colorize_end());
91 tprintf("Seq-Nr %u, ", hdr->nlmsg_seq);
92 tprintf("PID %u", hdr->nlmsg_pid);
93 if (procname[0])
94 tprintf(" (%s%s%s)", colorize_start(bold), basename(procname),
95 colorize_end());
96 tprintf(" ]\n");
97 }
98
99 static void nlmsg_less(struct pkt_buff *pkt)
100 {
101 struct nlmsghdr *hdr = (struct nlmsghdr *) pkt_pull(pkt, sizeof(*hdr));
102 char type[32];
103
104 if (hdr == NULL)
105 return;
106
107 tprintf(" NLMSG %u (%s%s%s)", hdr->nlmsg_type, colorize_start(bold),
108 nl_nlmsgtype2str(hdr->nlmsg_type, type, sizeof(type)),
109 colorize_end());
110 }
111
112 struct protocol nlmsg_ops = {
113 .print_full = nlmsg,
114 .print_less = nlmsg_less,
115 };
netsniff-ng toolkit, the packet sniffing beast, staging tree