diff --git a/app/src/main/res/raw/nflog_arm b/app/src/main/res/raw/nflog_arm index 14da9b4b5..6e11b6ef8 100644 Binary files a/app/src/main/res/raw/nflog_arm and b/app/src/main/res/raw/nflog_arm differ diff --git a/app/src/main/res/raw/nflog_mips b/app/src/main/res/raw/nflog_mips index b24ce99c2..b0eaae197 100644 Binary files a/app/src/main/res/raw/nflog_mips and b/app/src/main/res/raw/nflog_mips differ diff --git a/app/src/main/res/raw/nflog_x86 b/app/src/main/res/raw/nflog_x86 index 3b677047a..ffef8212b 100644 Binary files a/app/src/main/res/raw/nflog_x86 and b/app/src/main/res/raw/nflog_x86 differ diff --git a/external/Makefile b/external/Makefile index 94aa123a2..ecb2ee532 100644 --- a/external/Makefile +++ b/external/Makefile @@ -8,23 +8,20 @@ GCCVER := 4.9 # You should be able to just 'make ARCH=x86' and it should DTRT. ARCH_LIST := arm x86 mips -#ARCH_LIST := arm +APIVER := 21 ifeq ($(ARCH),arm) TRIPLET := arm-linux-androideabi TOOLCHAIN := $(TRIPLET)-$(GCCVER) -APIVER := 8 NDK_ABINAME := armeabi endif ifeq ($(ARCH),x86) TRIPLET := i686-linux-android TOOLCHAIN := x86-$(GCCVER) -APIVER := 9 NDK_ABINAME := x86 endif ifeq ($(ARCH),mips) TRIPLET := mipsel-linux-android TOOLCHAIN := $(TRIPLET)-$(GCCVER) -APIVER := 9 NDK_ABINAME := mips endif @@ -126,9 +123,10 @@ busybox-unpack: $(BUSYBOX_BUILD)/.configured # NDK_OUTDIR := ../libs/$(NDK_ABINAME) -$(NDK_OUTDIR)/nflog: - ndk-build APP_ABI=$(NDK_ABINAME) +$(NDK_OUTDIR)/nflog: .FORCE + ndk-build APP_ABI=$(NDK_ABINAME) APP_PLATFORM=$(APIVER) NDK_TOOLCHAIN=$(TOOLCHAIN) +.FORCE: .PHONY: nflog nflog-unpack nflog: $(NDK_OUTDIR)/nflog cp $< $(RESDIR)/nflog_$(ARCH) diff --git a/external/nflog/nflog.c b/external/nflog/nflog.c index c3f023a80..368991dbb 100644 --- a/external/nflog/nflog.c +++ b/external/nflog/nflog.c @@ -16,10 +16,14 @@ #include #include #include +#include +#include +#include #include #include #include -#include +#include +#include #include #include #include @@ -48,6 +52,12 @@ static int parse_attr_cb(const struct nlattr *attr, void *data) return MNL_CB_OK; switch(type) { + case NFULA_HWTYPE: + if (mnl_attr_validate(attr, MNL_TYPE_U16) < 0) { + perror("mnl_attr_validate"); + return MNL_CB_ERROR; + } + break; case NFULA_MARK: case NFULA_IFINDEX_INDEV: case NFULA_IFINDEX_OUTDEV: @@ -72,6 +82,13 @@ static int parse_attr_cb(const struct nlattr *attr, void *data) return MNL_CB_ERROR; } break; + case NFULA_PACKET_HDR: + if (mnl_attr_validate2(attr, MNL_TYPE_UNSPEC, + sizeof(struct nfulnl_msg_packet_hdr)) < 0) { + perror("mnl_attr_validate"); + return MNL_CB_ERROR; + } + break; case NFULA_PREFIX: if (mnl_attr_validate(attr, MNL_TYPE_NUL_STRING) < 0) { perror("mnl_attr_validate"); @@ -173,48 +190,91 @@ static int log_cb(const struct nlmsghdr *nlh, void *data) printf("OUT= "); } + uint16_t hwProtocol = 0; + if (tb[NFULA_PACKET_HDR]) { + struct nfulnl_msg_packet_hdr* pktHdr = (struct nfulnl_msg_packet_hdr*)mnl_attr_get_payload(tb[NFULA_PACKET_HDR]); + hwProtocol = ntohs(pktHdr->hw_protocol); + } + if (tb[NFULA_PAYLOAD]) { - struct iphdr *iph = (struct iphdr *) mnl_attr_get_payload(tb[NFULA_PAYLOAD]); - - printf("SRC=%u.%u.%u.%u DST=%u.%u.%u.%u ", - ((unsigned char *)&iph->saddr)[0], - ((unsigned char *)&iph->saddr)[1], - ((unsigned char *)&iph->saddr)[2], - ((unsigned char *)&iph->saddr)[3], - ((unsigned char *)&iph->daddr)[0], - ((unsigned char *)&iph->daddr)[1], - ((unsigned char *)&iph->daddr)[2], - ((unsigned char *)&iph->daddr)[3]); - - printf("LEN=%u ", ntohs(iph->tot_len)); - - switch(iph->protocol) - { - case IPPROTO_TCP: - { - struct tcphdr *th = (struct tcphdr *) ((__u32 *) iph + iph->ihl); - printf("PROTO=TCP SPT=%u DPT=%u ", - ntohs(th->source), ntohs(th->dest)); - break; - } - case IPPROTO_UDP: - { - struct udphdr *uh = (struct udphdr *) ((__u32 *) iph + iph->ihl); - printf("PROTO=UDP SPT=%u DPT=%u LEN=%u ", - ntohs(uh->source), ntohs(uh->dest), ntohs(uh->len)); - break; - } - case IPPROTO_ICMP: + + switch (hwProtocol) { + case ETH_P_IP: { + struct iphdr *iph = (struct iphdr *) mnl_attr_get_payload(tb[NFULA_PAYLOAD]); + + char addressStr[INET_ADDRSTRLEN]; + inet_ntop(AF_INET, &iph->saddr, addressStr, sizeof(addressStr)); + printf("SRC=%s ", addressStr); + inet_ntop(AF_INET, &iph->daddr, addressStr, sizeof(addressStr)); + printf("DST=%s ", addressStr); + + printf("LEN=%u ", ntohs(iph->tot_len)); + + switch(iph->protocol) { - struct icmphdr *ich = (struct icmphdr *) ((__u32 *) iph + iph->ihl); - printf("PROTO=ICMP TYPE=%u CODE=%u ", - ich->type, ich->code); - break; + case IPPROTO_TCP: + { + struct tcphdr *th = (struct tcphdr *) ((__u32 *) iph + iph->ihl); + printf("PROTO=TCP SPT=%u DPT=%u ", + ntohs(th->source), ntohs(th->dest)); + break; + } + case IPPROTO_UDP: + { + struct udphdr *uh = (struct udphdr *) ((__u32 *) iph + iph->ihl); + printf("PROTO=UDP SPT=%u DPT=%u LEN=%u ", + ntohs(uh->source), ntohs(uh->dest), ntohs(uh->len)); + break; + } + case IPPROTO_ICMP: + { + struct icmphdr *ich = (struct icmphdr *) ((__u32 *) iph + iph->ihl); + printf("PROTO=ICMP TYPE=%u CODE=%u ", + ich->type, ich->code); + break; + } + default: + { + printf("PROTO=%u ", iph->protocol); + } } - default: - { - printf("PROTO=%u ", iph->protocol); + break; + } + case ETH_P_IPV6: { + struct ipv6hdr *iph = (struct ipv6hdr *) mnl_attr_get_payload(tb[NFULA_PAYLOAD]); + + char addressStr[INET6_ADDRSTRLEN]; + inet_ntop(AF_INET6, &iph->saddr, addressStr, sizeof(addressStr)); + printf("SRC=%s ", addressStr); + inet_ntop(AF_INET6, &iph->daddr, addressStr, sizeof(addressStr)); + printf("DST=%s ", addressStr); + + switch (iph->nexthdr) { + case IPPROTO_TCP: { + struct tcphdr *th = (struct tcphdr *) ((uint8_t*) iph + sizeof(*iph)); + printf("PROTO=TCP SPT=%u DPT=%u ", + ntohs(th->source), ntohs(th->dest)); + break; + } + case IPPROTO_UDP: { + struct udphdr *uh = (struct udphdr *) ((uint8_t *) iph + sizeof(*iph)); + printf("PROTO=UDP SPT=%u DPT=%u LEN=%u ", + ntohs(uh->source), ntohs(uh->dest), ntohs(uh->len)); + break; + } + case IPPROTO_ICMPV6: { + struct icmp6hdr *icmpv6h = (struct icmp6hdr *) ((uint8_t *) iph + sizeof(*iph)); + printf("PROTO=ICMP6 TYPE=%u CODE=%u ", icmpv6h->icmp6_type, icmpv6h->icmp6_code); + break; + } + default: { + printf("PROTO=%d ", iph->nexthdr); + break; + } } + } + default: + break; } } diff --git a/jni/Application.mk b/jni/Application.mk index 8746642a8..7d875afc8 100644 --- a/jni/Application.mk +++ b/jni/Application.mk @@ -1,2 +1,2 @@ APP_BUILD_SCRIPT = $(APP_PROJECT_PATH)/external/Android.mk -APP_PLATFORM = android-8 +#APP_PLATFORM = android-21 \ No newline at end of file