PcapPlusPlus  Next
NflogLayer.h
Go to the documentation of this file.
1 #pragma once
2 
3 #include "Layer.h"
4 #include "TLVData.h"
5 #include "GeneralUtils.h"
6 
8 
13 namespace pcpp
14 {
19 #pragma pack(push, 1)
20  struct nflog_header
21  {
23  uint8_t addressFamily;
25  uint8_t version;
27  uint16_t resourceId;
28  };
29 #pragma pack(pop)
30 
35  enum class NflogTlvType
36  {
38  NFULA_PACKET_HDR = 1,
40  NFULA_MARK = 2,
42  NFULA_TIMESTAMP = 3,
44  NFULA_IFINDEX_INDEV = 4,
46  NFULA_IFINDEX_OUTDEV = 5,
48  NFULA_IFINDEX_PHYSINDEV = 6,
50  NFULA_IFINDEX_PHYSOUTDEV = 7,
52  NFULA_HWADDR = 8,
54  NFULA_PAYLOAD = 9,
56  NFULA_PREFIX = 10,
58  NFULA_UID = 11,
60  NFULA_SEQ = 12,
62  NFULA_SEQ_GLOBAL = 13,
64  NFULA_GID = 14,
66  NFULA_HWTYPE = 15,
68  NFULA_HWHEADER = 16,
70  NFULA_HWLEN = 17,
71  };
72 
78  class NflogTlv
79  {
80  private:
81  struct NflogTLVRawData
82  {
84  uint16_t recordLen;
86  uint16_t recordType;
88  uint8_t recordValue[];
89  };
90  NflogTLVRawData* m_Data;
91 
92  public:
97  explicit NflogTlv(uint8_t* recordRawData)
98  {
99  assign(recordRawData);
100  }
101 
105  size_t getTotalSize() const
106  {
107  // as in
108  // https://github.com/the-tcpdump-group/libpcap/blob/766b607d60d8038087b49fc4cf433dac3dcdb49c/pcap-util.c#L371-L374
109  return align<4>(m_Data->recordLen);
110  }
111 
116  void assign(uint8_t* recordRawData)
117  {
118  m_Data = reinterpret_cast<NflogTLVRawData*>(recordRawData);
119  }
120 
127  static bool canAssign(const uint8_t* recordRawData, size_t tlvDataLen)
128  {
129  return recordRawData != nullptr && tlvDataLen >= sizeof(NflogTLVRawData::recordLen);
130  }
131 
135  bool isNull() const
136  {
137  return (m_Data == nullptr);
138  }
139 
143  uint16_t getType() const
144  {
145  return m_Data->recordType;
146  }
147 
151  uint8_t* getRecordBasePtr() const
152  {
153  return reinterpret_cast<uint8_t*>(m_Data);
154  }
155 
159  uint8_t* getValue() const
160  {
161  return m_Data->recordValue;
162  }
163  };
164 
169  class NflogLayer : public Layer
170  {
171  public:
178  NflogLayer(uint8_t* data, size_t dataLen, Packet* packet) : Layer(data, dataLen, nullptr, packet, NFLOG)
179  {}
180 
181  ~NflogLayer() override = default;
182 
187  nflog_header* getNflogHeader() const
188  {
189  return reinterpret_cast<nflog_header*>(m_Data);
190  }
191 
196  uint8_t getFamily();
197 
203  uint8_t getVersion();
204 
210  uint16_t getResourceId();
211 
218  NflogTlv getTlvByType(NflogTlvType type) const;
219 
220  // implement abstract methods
221 
226  void parseNextLayer() override;
227 
231  size_t getHeaderLen() const override;
232 
236  void computeCalculateFields() override {};
237 
238  std::string toString() const override;
239 
240  OsiModelLayer getOsiModelLayer() const override
241  {
242  return OsiModelDataLinkLayer;
243  }
244 
251  static bool isDataValid(const uint8_t* data, size_t dataLen);
252 
253  private:
254  uint8_t* getTlvsBasePtr() const
255  {
256  return m_Data + sizeof(nflog_header);
257  }
258 
259  TLVRecordReader<NflogTlv> m_TlvReader;
260  };
261 
262 } // namespace pcpp
pcpp::Layer
Definition: Layer.h:69
pcpp::NflogLayer
Definition: NflogLayer.h:170
pcpp::NflogLayer::parseNextLayer
void parseNextLayer() override
pcpp::NflogLayer::NflogLayer
NflogLayer(uint8_t *data, size_t dataLen, Packet *packet)
Definition: NflogLayer.h:178
pcpp::NflogLayer::computeCalculateFields
void computeCalculateFields() override
Definition: NflogLayer.h:236
pcpp::NflogLayer::getHeaderLen
size_t getHeaderLen() const override
pcpp::NflogLayer::getNflogHeader
nflog_header * getNflogHeader() const
Definition: NflogLayer.h:187
pcpp::NflogLayer::getResourceId
uint16_t getResourceId()
pcpp::NflogLayer::isDataValid
static bool isDataValid(const uint8_t *data, size_t dataLen)
pcpp::NflogLayer::toString
std::string toString() const override
pcpp::NflogLayer::getTlvByType
NflogTlv getTlvByType(NflogTlvType type) const
pcpp::NflogLayer::getOsiModelLayer
OsiModelLayer getOsiModelLayer() const override
Definition: NflogLayer.h:240
pcpp::NflogLayer::getFamily
uint8_t getFamily()
pcpp::NflogLayer::getVersion
uint8_t getVersion()
pcpp::NflogTlv
Definition: NflogLayer.h:79
pcpp::NflogTlv::getType
uint16_t getType() const
Definition: NflogLayer.h:143
pcpp::NflogTlv::isNull
bool isNull() const
Definition: NflogLayer.h:135
pcpp::NflogTlv::getRecordBasePtr
uint8_t * getRecordBasePtr() const
Definition: NflogLayer.h:151
pcpp::NflogTlv::getTotalSize
size_t getTotalSize() const
Definition: NflogLayer.h:105
pcpp::NflogTlv::NflogTlv
NflogTlv(uint8_t *recordRawData)
Definition: NflogLayer.h:97
pcpp::NflogTlv::canAssign
static bool canAssign(const uint8_t *recordRawData, size_t tlvDataLen)
Definition: NflogLayer.h:127
pcpp::NflogTlv::assign
void assign(uint8_t *recordRawData)
Definition: NflogLayer.h:116
pcpp::NflogTlv::getValue
uint8_t * getValue() const
Definition: NflogLayer.h:159
pcpp::Packet
Definition: Packet.h:27
pcpp::TLVRecordReader
Definition: TLVData.h:246
pcpp
The main namespace for the PcapPlusPlus lib.
pcpp::OsiModelLayer
OsiModelLayer
Definition: ProtocolType.h:364
pcpp::OsiModelDataLinkLayer
@ OsiModelDataLinkLayer
Definition: ProtocolType.h:368
pcpp::NFLOG
const ProtocolType NFLOG
Definition: ProtocolType.h:303
pcpp::NflogTlvType
NflogTlvType
Definition: NflogLayer.h:36
pcpp::nflog_header
Definition: NflogLayer.h:21
pcpp::nflog_header::resourceId
uint16_t resourceId
Definition: NflogLayer.h:27
pcpp::nflog_header::version
uint8_t version
Definition: NflogLayer.h:25
pcpp::nflog_header::addressFamily
uint8_t addressFamily
Definition: NflogLayer.h:23