bugzilla-daemon at netfilter.org
2021-Mar-03 15:52 UTC
[Bug 1505] New: No support for PHYSDEV within NFLOG stack
https://bugzilla.netfilter.org/show_bug.cgi?id=1505
Bug ID: 1505
Summary: No support for PHYSDEV within NFLOG stack
Product: ulogd
Version: 2.0.0beta1
Hardware: x86_64
OS: Ubuntu
Status: NEW
Severity: enhancement
Priority: P5
Component: ulogd
Assignee: netfilter-buglog at lists.netfilter.org
Reporter: aidan.walton at gmail.com
Hi,
I have tried to inspect the various elements involved in the NFLOG target when
defined inside iptables. Specifically I am trying to understand what happens to
information about the physdev selected during the route process. When the older
nflog_ipv4 module is used and messages from iptables TRACE target are viewed
via dmesg. The input and output types PHYSIN and PHYSOUT can be seen:
as exmaple:
IN=int_br0 OUT= PHYSIN=int_eth0.
However when using the nfnetfilter_log module and ulogd this information is not
parsed. I can only see IN/OUT and not PHYSIN/PHYSOUT
Looking at the libnetfilter_log code, I see functions such as:
uint32_t nflog_get_physindev(struct nflog_data *nfad)
This would appear to suggest that this data is handled by the kernel module.
However in the ulogd plugin ulogd_inppkt_NFLOG, I can not find any reference to
this object or any object of a similar name.
The outputs from ulogd never contain any references to physdev.
Either I misunderstand the usage or the data is not actually coming from the
kernel module, or the plugins do not support it.
Either way, if I want to trace traffic with iptables and see the data about
physdev-in or physdev-out I am forced to swap back to the nflog_ipv4 module,
inspect dmesg and then drop back into nfnetfilter_log for ongoing logging.
Hmmmm, any suggestions?
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20210303/42d87ba4/attachment.html>