net/netfilter/xt_NFLOG.c at master · tjh.dev/kernel

tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
kernel / net / netfilter / xt_NFLOG.c
at master 2.6 kB view raw
  1// SPDX-License-Identifier: GPL-2.0-only
  2/*
  3 * Copyright (c) 2006 Patrick McHardy <kaber@trash.net>
  4 */
  5
  6#include <linux/module.h>
  7#include <linux/init.h>
  8#include <linux/skbuff.h>
  9
 10#include <linux/netfilter/x_tables.h>
 11#include <linux/netfilter/xt_NFLOG.h>
 12#include <net/netfilter/nf_log.h>
 13
 14MODULE_AUTHOR("Patrick McHardy <kaber@trash.net>");
 15MODULE_DESCRIPTION("Xtables: packet logging to netlink using NFLOG");
 16MODULE_LICENSE("GPL");
 17MODULE_ALIAS("ipt_NFLOG");
 18MODULE_ALIAS("ip6t_NFLOG");
 19
 20static unsigned int
 21nflog_tg(struct sk_buff *skb, const struct xt_action_param *par)
 22{
 23	const struct xt_nflog_info *info = par->targinfo;
 24	struct net *net = xt_net(par);
 25	struct nf_loginfo li;
 26
 27	li.type		     = NF_LOG_TYPE_ULOG;
 28	li.u.ulog.copy_len   = info->len;
 29	li.u.ulog.group	     = info->group;
 30	li.u.ulog.qthreshold = info->threshold;
 31	li.u.ulog.flags	     = 0;
 32
 33	if (info->flags & XT_NFLOG_F_COPY_LEN)
 34		li.u.ulog.flags |= NF_LOG_F_COPY_LEN;
 35
 36	nf_log_packet(net, xt_family(par), xt_hooknum(par), skb, xt_in(par),
 37		      xt_out(par), &li, "%s", info->prefix);
 38
 39	return XT_CONTINUE;
 40}
 41
 42static int nflog_tg_check(const struct xt_tgchk_param *par)
 43{
 44	const struct xt_nflog_info *info = par->targinfo;
 45	int ret;
 46
 47	if (info->flags & ~XT_NFLOG_MASK)
 48		return -EINVAL;
 49	if (info->prefix[sizeof(info->prefix) - 1] != '\0')
 50		return -EINVAL;
 51
 52	ret = nf_logger_find_get(par->family, NF_LOG_TYPE_ULOG);
 53	if (ret != 0 && !par->nft_compat) {
 54		request_module("%s", "nfnetlink_log");
 55
 56		ret = nf_logger_find_get(par->family, NF_LOG_TYPE_ULOG);
 57	}
 58
 59	return ret;
 60}
 61
 62static void nflog_tg_destroy(const struct xt_tgdtor_param *par)
 63{
 64	nf_logger_put(par->family, NF_LOG_TYPE_ULOG);
 65}
 66
 67static struct xt_target nflog_tg_reg[] __read_mostly = {
 68	{
 69		.name       = "NFLOG",
 70		.revision   = 0,
 71		.family     = NFPROTO_IPV4,
 72		.checkentry = nflog_tg_check,
 73		.destroy    = nflog_tg_destroy,
 74		.target     = nflog_tg,
 75		.targetsize = sizeof(struct xt_nflog_info),
 76		.me         = THIS_MODULE,
 77	},
 78#if IS_ENABLED(CONFIG_IP6_NF_IPTABLES)
 79	{
 80		.name       = "NFLOG",
 81		.revision   = 0,
 82		.family     = NFPROTO_IPV6,
 83		.checkentry = nflog_tg_check,
 84		.destroy    = nflog_tg_destroy,
 85		.target     = nflog_tg,
 86		.targetsize = sizeof(struct xt_nflog_info),
 87		.me         = THIS_MODULE,
 88	},
 89#endif
 90};
 91
 92static int __init nflog_tg_init(void)
 93{
 94	return xt_register_targets(nflog_tg_reg, ARRAY_SIZE(nflog_tg_reg));
 95}
 96
 97static void __exit nflog_tg_exit(void)
 98{
 99	xt_unregister_targets(nflog_tg_reg, ARRAY_SIZE(nflog_tg_reg));
100}
101
102module_init(nflog_tg_init);
103module_exit(nflog_tg_exit);
104MODULE_SOFTDEP("pre: nfnetlink_log");