netsniff-ng: Add netlink dissector

Add an initial implementation of a dissector to work on netlink messages
as received from an nlmon device.

Use can use it as follows to monitor netlink traffic to/from the kernel:

  modprobe nlmon
  ip link add type nlmon
  ip link set nlmon0 up

  netsniff-ng -i nlmon0

  ip link set nlmon 0 down
  ip link del dev nlmon0
  rmmod nlmon

Fixes: #89
Suggested-by: Daniel Borkmann <dborkman@redhat.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>

1 files changed, 37 insertions, 0 deletions

diff --git a/dissector_netlink.h b/dissector_netlink.h
new file mode 100644
index 0000000..185881c
--- /dev/null
+++ b/dissector_netlink.h
@@ -0,0 +1,37 @@
+/*
+ * netsniff-ng - the packet sniffing beast
+ * Copyright 2014 Tobias Klauser.
+ * Subject to the GPL, version 2.
+ */
+
+#ifndef DISSECTOR_NETLINK_H
+#define DISSECTOR_NETLINK_H
+
+#include "protos.h"
+
+extern void dissector_init_netlink(int fnttype);
+extern void dissector_cleanup_netlink(void);
+
+#ifdef HAVE_DISSECTOR_PROTOS
+static inline struct protocol *dissector_get_netlink_entry_point(void)
+{
+	return &nlmsg_ops;
+}
+
+static inline struct protocol *dissector_get_netlink_exit_point(void)
+{
+	return &none_ops;
+}
+#else
+static inline struct protocol *dissector_get_netlink_entry_point(void)
+{
+	return NULL;
+}
+
+static inline struct protocol *dissector_get_netlink_exit_point(void)
+{
+	return NULL;
+}
+#endif /* HAVE_DISSECTOR_PROTOS */
+
+#endif /* DISSECTOR_NETLINK_H */