netfilter: nf_log_netdev: merge with nf_log_syslog

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Provide netdev family support from the nf_log_syslog module.

Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

authored by

Florian Westphal and committed by

Pablo Neira Ayuso 5 years ago 1510618e f5466caa

+36 -85

4 changed files

expand all

net

netfilter

Kconfig

Makefile

nf_log_netdev.c

nf_log_syslog.c

-4

net/netfilter/Kconfig

··· 74 74 config NF_LOG_COMMON 75 75 tristate 76 76 77 - config NF_LOG_NETDEV 78 - tristate "Netdev packet logging" 79 - select NF_LOG_COMMON 80 - 81 77 config NF_LOG_SYSLOG 82 78 tristate "Syslog packet logging" 83 79 default m if NETFILTER_ADVANCED=n

-3

net/netfilter/Makefile

··· 52 52 obj-$(CONFIG_NF_LOG_COMMON) += nf_log_common.o 53 53 obj-$(CONFIG_NF_LOG_SYSLOG) += nf_log_syslog.o 54 54 55 - # packet logging for netdev family 56 - obj-$(CONFIG_NF_LOG_NETDEV) += nf_log_netdev.o 57 - 58 55 obj-$(CONFIG_NF_NAT) += nf_nat.o 59 56 nf_nat-$(CONFIG_NF_NAT_REDIRECT) += nf_nat_redirect.o 60 57 nf_nat-$(CONFIG_NF_NAT_MASQUERADE) += nf_nat_masquerade.o

-78

net/netfilter/nf_log_netdev.c

··· 1 - // SPDX-License-Identifier: GPL-2.0-only 2 - /* 3 - * (C) 2016 by Pablo Neira Ayuso <pablo@netfilter.org> 4 - */ 5 - 6 - #include <linux/module.h> 7 - #include <linux/spinlock.h> 8 - #include <linux/skbuff.h> 9 - #include <linux/ip.h> 10 - #include <net/route.h> 11 - 12 - #include <linux/netfilter.h> 13 - #include <net/netfilter/nf_log.h> 14 - 15 - static void nf_log_netdev_packet(struct net *net, u_int8_t pf, 16 - unsigned int hooknum, 17 - const struct sk_buff *skb, 18 - const struct net_device *in, 19 - const struct net_device *out, 20 - const struct nf_loginfo *loginfo, 21 - const char *prefix) 22 - { 23 - nf_log_l2packet(net, pf, skb->protocol, hooknum, skb, in, out, 24 - loginfo, prefix); 25 - } 26 - 27 - static struct nf_logger nf_netdev_logger __read_mostly = { 28 - .name = "nf_log_netdev", 29 - .type = NF_LOG_TYPE_LOG, 30 - .logfn = nf_log_netdev_packet, 31 - .me = THIS_MODULE, 32 - }; 33 - 34 - static int __net_init nf_log_netdev_net_init(struct net *net) 35 - { 36 - return nf_log_set(net, NFPROTO_NETDEV, &nf_netdev_logger); 37 - } 38 - 39 - static void __net_exit nf_log_netdev_net_exit(struct net *net) 40 - { 41 - nf_log_unset(net, &nf_netdev_logger); 42 - } 43 - 44 - static struct pernet_operations nf_log_netdev_net_ops = { 45 - .init = nf_log_netdev_net_init, 46 - .exit = nf_log_netdev_net_exit, 47 - }; 48 - 49 - static int __init nf_log_netdev_init(void) 50 - { 51 - int ret; 52 - 53 - /* Request to load the real packet loggers. */ 54 - nf_logger_request_module(NFPROTO_IPV4, NF_LOG_TYPE_LOG); 55 - nf_logger_request_module(NFPROTO_IPV6, NF_LOG_TYPE_LOG); 56 - nf_logger_request_module(NFPROTO_ARP, NF_LOG_TYPE_LOG); 57 - 58 - ret = register_pernet_subsys(&nf_log_netdev_net_ops); 59 - if (ret < 0) 60 - return ret; 61 - 62 - nf_log_register(NFPROTO_NETDEV, &nf_netdev_logger); 63 - return 0; 64 - } 65 - 66 - static void __exit nf_log_netdev_exit(void) 67 - { 68 - unregister_pernet_subsys(&nf_log_netdev_net_ops); 69 - nf_log_unregister(&nf_netdev_logger); 70 - } 71 - 72 - module_init(nf_log_netdev_init); 73 - module_exit(nf_log_netdev_exit); 74 - 75 - MODULE_AUTHOR("Pablo Neira Ayuso <pablo@netfilter.org>"); 76 - MODULE_DESCRIPTION("Netfilter netdev packet logging"); 77 - MODULE_LICENSE("GPL"); 78 - MODULE_ALIAS_NF_LOGGER(5, 0); /* NFPROTO_NETDEV */

+36

net/netfilter/nf_log_syslog.c

··· 768 768 .me = THIS_MODULE, 769 769 }; 770 770 771 + static void nf_log_netdev_packet(struct net *net, u_int8_t pf, 772 + unsigned int hooknum, 773 + const struct sk_buff *skb, 774 + const struct net_device *in, 775 + const struct net_device *out, 776 + const struct nf_loginfo *loginfo, 777 + const char *prefix) 778 + { 779 + nf_log_l2packet(net, pf, skb->protocol, hooknum, skb, in, out, 780 + loginfo, prefix); 781 + } 782 + 783 + static struct nf_logger nf_netdev_logger __read_mostly = { 784 + .name = "nf_log_netdev", 785 + .type = NF_LOG_TYPE_LOG, 786 + .logfn = nf_log_netdev_packet, 787 + .me = THIS_MODULE, 788 + }; 789 + 771 790 static int __net_init nf_log_syslog_net_init(struct net *net) 772 791 { 773 792 int ret = nf_log_set(net, NFPROTO_IPV4, &nf_ip_logger); ··· 801 782 ret = nf_log_set(net, NFPROTO_IPV6, &nf_ip6_logger); 802 783 if (ret) 803 784 goto err2; 785 + 786 + ret = nf_log_set(net, NFPROTO_NETDEV, &nf_netdev_logger); 787 + if (ret) 788 + goto err3; 804 789 return 0; 790 + err3: 791 + nf_log_unset(net, &nf_ip6_logger); 805 792 err2: 806 793 nf_log_unset(net, &nf_arp_logger); 807 794 err1: ··· 819 794 { 820 795 nf_log_unset(net, &nf_ip_logger); 821 796 nf_log_unset(net, &nf_arp_logger); 797 + nf_log_unset(net, &nf_ip6_logger); 798 + nf_log_unset(net, &nf_netdev_logger); 822 799 } 823 800 824 801 static struct pernet_operations nf_log_syslog_net_ops = { ··· 848 821 if (ret < 0) 849 822 goto err3; 850 823 824 + ret = nf_log_register(NFPROTO_NETDEV, &nf_netdev_logger); 825 + if (ret < 0) 826 + goto err4; 827 + 851 828 return 0; 829 + err4: 830 + nf_log_unregister(&nf_ip6_logger); 852 831 err3: 853 832 nf_log_unregister(&nf_arp_logger); 854 833 err2: ··· 871 838 nf_log_unregister(&nf_ip_logger); 872 839 nf_log_unregister(&nf_arp_logger); 873 840 nf_log_unregister(&nf_ip6_logger); 841 + nf_log_unregister(&nf_netdev_logger); 874 842 } 875 843 876 844 module_init(nf_log_syslog_init); ··· 883 849 MODULE_ALIAS("nf_log_arp"); 884 850 MODULE_ALIAS("nf_log_ipv4"); 885 851 MODULE_ALIAS("nf_log_ipv6"); 852 + MODULE_ALIAS("nf_log_netdev"); 886 853 MODULE_ALIAS_NF_LOGGER(AF_INET, 0); 887 854 MODULE_ALIAS_NF_LOGGER(3, 0); 855 + MODULE_ALIAS_NF_LOGGER(5, 0); /* NFPROTO_NETDEV */ 888 856 MODULE_ALIAS_NF_LOGGER(AF_INET6, 0);