net/netfilter/nf_log.c at v2.6.25-rc1

tjh.dev / kernel
fork
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork
kernel / net / netfilter / nf_log.c
at v2.6.25-rc1 180 lines 3.8 kB view raw
wrap content
  1#include <linux/kernel.h>
  2#include <linux/init.h>
  3#include <linux/module.h>
  4#include <linux/proc_fs.h>
  5#include <linux/skbuff.h>
  6#include <linux/netfilter.h>
  7#include <linux/seq_file.h>
  8#include <net/protocol.h>
  9#include <net/netfilter/nf_log.h>
 10
 11#include "nf_internals.h"
 12
 13/* Internal logging interface, which relies on the real
 14   LOG target modules */
 15
 16#define NF_LOG_PREFIXLEN		128
 17
 18static const struct nf_logger *nf_loggers[NPROTO] __read_mostly;
 19static DEFINE_MUTEX(nf_log_mutex);
 20
 21/* return EBUSY if somebody else is registered, EEXIST if the same logger
 22 * is registred, 0 on success. */
 23int nf_log_register(int pf, const struct nf_logger *logger)
 24{
 25	int ret;
 26
 27	if (pf >= NPROTO)
 28		return -EINVAL;
 29
 30	/* Any setup of logging members must be done before
 31	 * substituting pointer. */
 32	ret = mutex_lock_interruptible(&nf_log_mutex);
 33	if (ret < 0)
 34		return ret;
 35
 36	if (!nf_loggers[pf])
 37		rcu_assign_pointer(nf_loggers[pf], logger);
 38	else if (nf_loggers[pf] == logger)
 39		ret = -EEXIST;
 40	else
 41		ret = -EBUSY;
 42
 43	mutex_unlock(&nf_log_mutex);
 44	return ret;
 45}
 46EXPORT_SYMBOL(nf_log_register);
 47
 48void nf_log_unregister_pf(int pf)
 49{
 50	if (pf >= NPROTO)
 51		return;
 52	mutex_lock(&nf_log_mutex);
 53	rcu_assign_pointer(nf_loggers[pf], NULL);
 54	mutex_unlock(&nf_log_mutex);
 55
 56	/* Give time to concurrent readers. */
 57	synchronize_rcu();
 58}
 59EXPORT_SYMBOL(nf_log_unregister_pf);
 60
 61void nf_log_unregister(const struct nf_logger *logger)
 62{
 63	int i;
 64
 65	mutex_lock(&nf_log_mutex);
 66	for (i = 0; i < NPROTO; i++) {
 67		if (nf_loggers[i] == logger)
 68			rcu_assign_pointer(nf_loggers[i], NULL);
 69	}
 70	mutex_unlock(&nf_log_mutex);
 71
 72	synchronize_rcu();
 73}
 74EXPORT_SYMBOL(nf_log_unregister);
 75
 76void nf_log_packet(int pf,
 77		   unsigned int hooknum,
 78		   const struct sk_buff *skb,
 79		   const struct net_device *in,
 80		   const struct net_device *out,
 81		   const struct nf_loginfo *loginfo,
 82		   const char *fmt, ...)
 83{
 84	va_list args;
 85	char prefix[NF_LOG_PREFIXLEN];
 86	const struct nf_logger *logger;
 87
 88	rcu_read_lock();
 89	logger = rcu_dereference(nf_loggers[pf]);
 90	if (logger) {
 91		va_start(args, fmt);
 92		vsnprintf(prefix, sizeof(prefix), fmt, args);
 93		va_end(args);
 94		logger->logfn(pf, hooknum, skb, in, out, loginfo, prefix);
 95	} else if (net_ratelimit()) {
 96		printk(KERN_WARNING "nf_log_packet: can\'t log since "
 97		       "no backend logging module loaded in! Please either "
 98		       "load one, or disable logging explicitly\n");
 99	}
100	rcu_read_unlock();
101}
102EXPORT_SYMBOL(nf_log_packet);
103
104#ifdef CONFIG_PROC_FS
105static void *seq_start(struct seq_file *seq, loff_t *pos)
106	__acquires(RCU)
107{
108	rcu_read_lock();
109
110	if (*pos >= NPROTO)
111		return NULL;
112
113	return pos;
114}
115
116static void *seq_next(struct seq_file *s, void *v, loff_t *pos)
117{
118	(*pos)++;
119
120	if (*pos >= NPROTO)
121		return NULL;
122
123	return pos;
124}
125
126static void seq_stop(struct seq_file *s, void *v)
127	__releases(RCU)
128{
129	rcu_read_unlock();
130}
131
132static int seq_show(struct seq_file *s, void *v)
133{
134	loff_t *pos = v;
135	const struct nf_logger *logger;
136
137	logger = rcu_dereference(nf_loggers[*pos]);
138
139	if (!logger)
140		return seq_printf(s, "%2lld NONE\n", *pos);
141
142	return seq_printf(s, "%2lld %s\n", *pos, logger->name);
143}
144
145static const struct seq_operations nflog_seq_ops = {
146	.start	= seq_start,
147	.next	= seq_next,
148	.stop	= seq_stop,
149	.show	= seq_show,
150};
151
152static int nflog_open(struct inode *inode, struct file *file)
153{
154	return seq_open(file, &nflog_seq_ops);
155}
156
157static const struct file_operations nflog_file_ops = {
158	.owner	 = THIS_MODULE,
159	.open	 = nflog_open,
160	.read	 = seq_read,
161	.llseek	 = seq_lseek,
162	.release = seq_release,
163};
164
165#endif /* PROC_FS */
166
167
168int __init netfilter_log_init(void)
169{
170#ifdef CONFIG_PROC_FS
171	struct proc_dir_entry *pde;
172
173	pde = create_proc_entry("nf_log", S_IRUGO, proc_net_netfilter);
174	if (!pde)
175		return -1;
176
177	pde->proc_fops = &nflog_file_ops;
178#endif
179	return 0;
180}
Configure Feed

Configure Feed
