nflog-bindings

Introduction

nflog-bindings is a set of high-level modules for several languages (Python and Perl, for the moment), for libnetfilter_log. The project is similar to nfqueue-bindings.

The goal is to provide a library to gain access to packets queued by the kernel packet filter.

It is important to note that these bindings will not follow blindly libnetfilter_log API. For ex., some higher-level wrappers will be provided for the open/bind/create mechanism (using one function call instead of three).

Since libraries to decode ip packets are already available, the bindings will use them.

Remember that an application connection to libnetfilter_log must run as root to be able to create the queue. Some extra steps may be required to drop privileges after if you need more security.

You must add rules in netfilter to send packets to the userspace queue. The number of the queue (--nflog-group option in netfilter) must match the number provided to create_queue().

Example of iptables rules:: 

iptables -A OUTPUT --destination 1.2.3.4 -j NFLOG --nflog-group 1

Of course, you should be more restrictive, depending on your needs.

Download

Releases

Latest releases are available from the Downloads page

Version 0.1: 

nflog-bindings-0.1.tgz: 19325 bytes
MD5 : c4b46e57d7a572f2542fad15cb344af2
SHA1: 69edb5dd412292d7d2edcf95e8f5e704d0e0b993

Source Code

Latest source code is available from git: 

git clone http://git.inl.fr/git/nflog-bindings.git

or for browsing http://git.inl.fr/cgi-bin/gitweb.cgi?p=nflog-bindings.git;a=summary

Using nflog-bindings

Prerequisites

  • cmake
  • libnetfilter-log
  • swig
  • python development files
  • perl development files

Compilation

A Makefile has been written to wrap cmake call

Running 'make' will:

  • Create a subdirectory build/
  • Go in that directory and call cmake ..
  • Call make to build the librairies

If the pkg-config files for libnetfilter-log are in a non-standard directory, export the following variable before calling make: 

export PKG_CONFIG_PATH=/path/to/prefix/lib/pkgconfig/

To remove the build files, run 'make clean' or just remove the build directory.

Installation

Edit the toplevel makefile, and set the PREFIX variable: 

 PREFIX = /usr/local

or, alternatively, set the contents of the value when running make: 

 make
 make PREFIX=/usr/local install

License

nflog-bindings is licensed under the GPLv3 terms.

Authors

nflog-bindings is written by Pierre Chifflier.