[ULOGD PATCH, RFC] Modify NFLOG to be able to use it with older libnetfilter_log

NFLOG has been modified to support GID display. There is a problem as this
feature is only available in latest subversion of libnetfilter_log. This
patch made this feature optional:
 * It detects if system support the nflog_get_gid() function
 * Compilation of nflog_get_gid() related code is conditional

diff --git a/configure.in b/configure.in
index a70848c8808bab82dfcc69536119b7df30382919..7a6d7056931d10c9afbfd7e0c8ee9fe99b4f18f6 100644 (file)
--- a/configure.in
+++ b/configure.in
@@ -41,6 +41,10 @@ AC_CHECK_HEADER([libnetfilter_log/linux_nfnetlink_log.h], [AC_MSG_RESULT([found]
 AC_CHECK_HEADER([libnetfilter_conntrack/libnetfilter_conntrack.h], [AC_MSG_RESULT([found])],
                [AC_MSG_ERROR([libnetfilter_conntrack Version 0.0.11 or later needed])])
 
+AC_CHECK_LIB([netfilter_log], [nflog_get_gid],
+            AC_DEFINE_UNQUOTED([HAVE_NFLOG_GET_GID],[1],[libnetfilter_log has GID support]),,
+            [-lnfnetlink])
+
 
 CT_CHECK_POSTGRES_DB()
 AM_CONDITIONAL(HAVE_PGSQL, test "x$PQLIBPATH" != "x")

diff --git a/input/packet/ulogd_inppkt_NFLOG.c b/input/packet/ulogd_inppkt_NFLOG.c
index b0827a83180e234061070d736cf0b43142461ac5..c7ca10a9165d7f9d3b08bb8d5591a10863334e04 100644 (file)
--- a/input/packet/ulogd_inppkt_NFLOG.c
+++ b/input/packet/ulogd_inppkt_NFLOG.c
@@ -335,11 +335,12 @@ interp_packet(struct ulogd_pluginstance *upi, struct nflog_data *ldata)
                ret[NFLOG_KEY_OOB_UID].u.value.ui32 = uid;
                ret[NFLOG_KEY_OOB_UID].flags |= ULOGD_RETF_VALID;
        }
+#ifdef HAVE_NFLOG_GET_GID
        if (nflog_get_gid(ldata, &gid) == 0) {
                ret[NFLOG_KEY_OOB_GID].u.value.ui32 = gid;
                ret[NFLOG_KEY_OOB_GID].flags |= ULOGD_RETF_VALID;
        }
-
+#endif
        if (nflog_get_seq(ldata, &seq) == 0) {
                ret[NFLOG_KEY_OOB_SEQ_LOCAL].u.value.ui32 = seq;
                ret[NFLOG_KEY_OOB_SEQ_LOCAL].flags |= ULOGD_RETF_VALID;