This is go-nflog
and it is written in golang. It provides a C-binding free API to the netfilter based log subsystem of the Linux kernel.
func main() {
// Send outgoing pings to nflog group 100
// # sudo iptables -I OUTPUT -p icmp -j NFLOG --nflog-group 100
//Set configuration parameters
config := nflog.Config{
Group: 100,
Copymode: nflog.NfUlnlCopyPacket,
}
nf, err := nflog.Open(&config)
if err != nil {
fmt.Println("could not open nflog socket:", err)
return
}
defer nf.Close()
ctx, _ := context.WithTimeout(context.Background(), 10*time.Second)
fn := func(m nflog.Msg) int {
fmt.Printf("%v\n", m[nflog.NfUlaAttrPayload])
return 0
}
// Register your function to listen on nflog group 100
err = nf.Register(ctx, fn)
if err != nil {
fmt.Println(err)
return
}
// Block till the context expires
<-ctx.Done()
}