patch ulogd2 to capture only packet headers (without payload)

ulogd2/default.nix

@@ -8,6 +8,9 @@ pkgs.stdenv.mkDerivation {
     libnfnetlink automake autoconf autogen libtool pkg-config libpcap
   ];
 
+  # hack to capture TCP and UDP port numbers (first 8 bytes) but omit rest of payload
+  patches = [ ./onlyports.patch ];
+
   preConfigure = ''
     echo running autogen
     ./autogen.sh
@@ -18,9 +21,6 @@ pkgs.stdenv.mkDerivation {
 
   src = pkgs.fetchgit {
     url = "https://git.netfilter.org/ulogd2/";
-    #rev = "4d5f038350d42aac883fb9ea924ee96ba739907d";
-    #sha256 = "0spwddz5yb6s0x5y616914lx1mzs3nbfjnjmrbpa7m0yfwhhc2xv";
-
     rev = "63135e73fd878cb71b1eebf8e877c4d4c34feba7";
     sha256 = "1ccfb8l7q9k4fy9s0sgab49ma9xphr4x4ap0v52xfrnwx57h87s2";
   };

ulogd2/onlyports.patch

@@ -0,0 +1,23 @@
+diff --git a/output/pcap/ulogd_output_PCAP.c b/output/pcap/ulogd_output_PCAP.c
+index e7798f2..51c4ceb 100644
+--- a/output/pcap/ulogd_output_PCAP.c
++++ b/output/pcap/ulogd_output_PCAP.c
+@@ -154,9 +154,15 @@ static int interp_pcap(struct ulogd_pluginstance *upi)
+ 	switch (ikey_get_u8(&res[5])) {
+ 	case 2: /* INET */
+ 		pchdr.len = ikey_get_u16(&res[2]);
++		if (pchdr.caplen > 20 + 8) {
++			pchdr.caplen = 20 + 8;
++		}
+ 		break;
+ 	case 10: /* INET6 -- payload length + header length */
+ 		pchdr.len = ikey_get_u16(&res[6]) + 40;
++		if (pchdr.caplen > 40 + 8) {
++			pchdr.caplen = 40 + 8;
++		}
+ 		break;
+ 	default:
+ 		pchdr.len = pchdr.caplen;
+-- 
+2.25.4
+