/*
* Copyright (C) 2017 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef NFLOG_LISTENER_H
#define NFLOG_LISTENER_H
#include <netdutils/Netfilter.h>
#include "NetlinkListener.h"
#include "netdutils/StatusOr.h"
namespace android {
namespace net {
class NFLogListenerInterface {
public:
using DispatchFn =
std::function<void(const nlmsghdr& nlmsg, const nfgenmsg& nfmsg,
const netdutils::Slice msg)>;
virtual ~NFLogListenerInterface() = default;
// Similar to NetlinkListener::subscribe() but performs an additional
// level of deserialization and dispatch.
//
// Threadsafe.
// All dispatch functions invoked on a single service thread.
// subscribe() and join() must not be called from the stack of fn().
virtual netdutils::Status subscribe(uint16_t nfLogGroup, const DispatchFn& fn) = 0;
// Overloaded version of subscribe which allows to specify a copyRange for obtaining packet
// payloads.
virtual netdutils::Status subscribe(
uint16_t nfLogGroup, uint32_t copyRange, const DispatchFn& fn) = 0;
// Halt delivery of messages from a nfLogGroup previously subscribed to above.
//
// Threadsafe.
virtual netdutils::Status unsubscribe(uint16_t nfLogGroup) = 0;
};
// NFLogListener manages a single netlink socket with specialized
// settings required for processing of NFLOG messages.
//
// NFLogListener currently assumes that it is ok to drop messages
// generated by the kernel when under heavy load. This makes the
// class most suitable for advisory tasks and statistics.
class NFLogListener : public NFLogListenerInterface {
public:
using DispatchFn = NFLogListenerInterface::DispatchFn;
// Do not invoke this constructor directly outside of tests. Use
// makeNFLogListener() instead.
NFLogListener(std::shared_ptr<NetlinkListenerInterface> listener);
~NFLogListener() override;
netdutils::Status subscribe(uint16_t nfLogGroup, const DispatchFn& fn) override;
netdutils::Status subscribe(
uint16_t nfLogGroup, uint32_t copyRange, const DispatchFn& fn) override;
netdutils::Status unsubscribe(uint16_t nfLogGroup) override;
private:
std::shared_ptr<NetlinkListenerInterface> mListener;
std::mutex mMutex;
std::map<uint16_t, DispatchFn> mDispatchMap; // guarded by mMutex
};
// Allocate and return a new NFLogListener. On success, the returned
// listener is ready to use with a running service thread.
netdutils::StatusOr<std::unique_ptr<NFLogListener>> makeNFLogListener();
} // namespace net
} // namespace android
#endif /* NFLOG_LISTENER_H */