Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
tjh.dev
kernel
os
linux
1// SPDX-License-Identifier: GPL-2.0-only
2/* This is a module which is used to mark packets for tracing.
3 */
4#include <linux/module.h>
5#include <linux/skbuff.h>
6
7#include <linux/netfilter/x_tables.h>
8#include <net/netfilter/nf_log.h>
9
10MODULE_DESCRIPTION("Xtables: packet flow tracing");
11MODULE_LICENSE("GPL");
12MODULE_ALIAS("ipt_TRACE");
13MODULE_ALIAS("ip6t_TRACE");
14
15static int trace_tg_check(const struct xt_tgchk_param *par)
16{
17 return nf_logger_find_get(par->family, NF_LOG_TYPE_LOG);
18}
19
20static void trace_tg_destroy(const struct xt_tgdtor_param *par)
21{
22 nf_logger_put(par->family, NF_LOG_TYPE_LOG);
23}
24
25static unsigned int
26trace_tg(struct sk_buff *skb, const struct xt_action_param *par)
27{
28 skb->nf_trace = 1;
29 return XT_CONTINUE;
30}
31
32static struct xt_target trace_tg_reg[] __read_mostly = {
33 {
34 .name = "TRACE",
35 .revision = 0,
36 .family = NFPROTO_IPV4,
37 .table = "raw",
38 .target = trace_tg,
39 .checkentry = trace_tg_check,
40 .destroy = trace_tg_destroy,
41 .me = THIS_MODULE,
42 },
43#if IS_ENABLED(CONFIG_IP6_NF_IPTABLES)
44 {
45 .name = "TRACE",
46 .revision = 0,
47 .family = NFPROTO_IPV6,
48 .table = "raw",
49 .target = trace_tg,
50 .checkentry = trace_tg_check,
51 .destroy = trace_tg_destroy,
52 .me = THIS_MODULE,
53 },
54#endif
55};
56
57static int __init trace_tg_init(void)
58{
59 return xt_register_targets(trace_tg_reg, ARRAY_SIZE(trace_tg_reg));
60}
61
62static void __exit trace_tg_exit(void)
63{
64 xt_unregister_targets(trace_tg_reg, ARRAY_SIZE(trace_tg_reg));
65}
66
67module_init(trace_tg_init);
68module_exit(trace_tg_exit);
69MODULE_SOFTDEP("pre: nf_log_syslog");