netfilter: xt_NFLOG: use nf_log_packet instead of nfulnl_log_packet.

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

The nfulnl_log_packet() is added to make sure that the NFLOG target
works as only user-space logger. but now, nf_log_packet() can find proper
log function using NF_LOG_TYPE_ULOG and NF_LOG_TYPE_LOG.

Signed-off-by: Taehee Yoo <ap420073@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

authored by

Taehee Yoo and committed by

Pablo Neira Ayuso 8 years ago ce20cdf4 415787d7

+14 -26

3 changed files

expand all

include

net

netfilter

nfnetlink_log.h

net

netfilter

nfnetlink_log.c

xt_NFLOG.c

-17

include/net/netfilter/nfnetlink_log.h

··· 1 1 /* SPDX-License-Identifier: GPL-2.0 */ 2 - #ifndef _KER_NFNETLINK_LOG_H 3 - #define _KER_NFNETLINK_LOG_H 4 - 5 - void 6 - nfulnl_log_packet(struct net *net, 7 - u_int8_t pf, 8 - unsigned int hooknum, 9 - const struct sk_buff *skb, 10 - const struct net_device *in, 11 - const struct net_device *out, 12 - const struct nf_loginfo *li_user, 13 - const char *prefix); 14 - 15 - #define NFULNL_COPY_DISABLED 0xff 16 - 17 - #endif /* _KER_NFNETLINK_LOG_H */ 18 -

+3 -5

net/netfilter/nfnetlink_log.c

··· 37 37 #include <net/sock.h> 38 38 #include <net/netfilter/nf_log.h> 39 39 #include <net/netns/generic.h> 40 - #include <net/netfilter/nfnetlink_log.h> 41 40 42 41 #include <linux/atomic.h> 43 42 #include <linux/refcount.h> ··· 46 47 #include "../bridge/br_private.h" 47 48 #endif 48 49 50 + #define NFULNL_COPY_DISABLED 0xff 49 51 #define NFULNL_NLBUFSIZ_DEFAULT NLMSG_GOODSIZE 50 52 #define NFULNL_TIMEOUT_DEFAULT 100 /* every second */ 51 53 #define NFULNL_QTHRESH_DEFAULT 100 /* 100 packets */ ··· 618 618 }; 619 619 620 620 /* log handler for internal netfilter logging api */ 621 - void 621 + static void 622 622 nfulnl_log_packet(struct net *net, 623 623 u_int8_t pf, 624 624 unsigned int hooknum, ··· 633 633 struct nfulnl_instance *inst; 634 634 const struct nf_loginfo *li; 635 635 unsigned int qthreshold; 636 - unsigned int plen; 636 + unsigned int plen = 0; 637 637 struct nfnl_log_net *log = nfnl_log_pernet(net); 638 638 const struct nfnl_ct_hook *nfnl_ct = NULL; 639 639 struct nf_conn *ct = NULL; ··· 648 648 if (!inst) 649 649 return; 650 650 651 - plen = 0; 652 651 if (prefix) 653 652 plen = strlen(prefix) + 1; 654 653 ··· 759 760 /* FIXME: statistics */ 760 761 goto unlock_and_release; 761 762 } 762 - EXPORT_SYMBOL_GPL(nfulnl_log_packet); 763 763 764 764 static int 765 765 nfulnl_rcv_nl_event(struct notifier_block *this,

+11 -4

net/netfilter/xt_NFLOG.c

··· 13 13 #include <linux/netfilter/x_tables.h> 14 14 #include <linux/netfilter/xt_NFLOG.h> 15 15 #include <net/netfilter/nf_log.h> 16 - #include <net/netfilter/nfnetlink_log.h> 17 16 18 17 MODULE_AUTHOR("Patrick McHardy <kaber@trash.net>"); 19 18 MODULE_DESCRIPTION("Xtables: packet logging to netlink using NFLOG"); ··· 36 37 if (info->flags & XT_NFLOG_F_COPY_LEN) 37 38 li.u.ulog.flags |= NF_LOG_F_COPY_LEN; 38 39 39 - nfulnl_log_packet(net, xt_family(par), xt_hooknum(par), skb, 40 - xt_in(par), xt_out(par), &li, info->prefix); 40 + nf_log_packet(net, xt_family(par), xt_hooknum(par), skb, xt_in(par), 41 + xt_out(par), &li, "%s", info->prefix); 42 + 41 43 return XT_CONTINUE; 42 44 } 43 45 ··· 50 50 return -EINVAL; 51 51 if (info->prefix[sizeof(info->prefix) - 1] != '\0') 52 52 return -EINVAL; 53 - return 0; 53 + 54 + return nf_logger_find_get(par->family, NF_LOG_TYPE_ULOG); 55 + } 56 + 57 + static void nflog_tg_destroy(const struct xt_tgdtor_param *par) 58 + { 59 + nf_logger_put(par->family, NF_LOG_TYPE_ULOG); 54 60 } 55 61 56 62 static struct xt_target nflog_tg_reg __read_mostly = { ··· 64 58 .revision = 0, 65 59 .family = NFPROTO_UNSPEC, 66 60 .checkentry = nflog_tg_check, 61 + .destroy = nflog_tg_destroy, 67 62 .target = nflog_tg, 68 63 .targetsize = sizeof(struct xt_nflog_info), 69 64 .me = THIS_MODULE,