diff options
| author | Liping Zhang <liping.zhang@spreadtrum.com> | 2016-06-08 08:43:19 -0400 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2016-06-23 07:26:49 -0400 |
| commit | 36f959c491abc7e0acf94b631a6d7a3e2e3699b0 (patch) | |
| tree | 0d6eb4e18c1127aa6b5fa3f64c9afdad597f70c2 /net/netfilter | |
| parent | f3bb53338e0965c3084c185020e821ac49015832 (diff) | |
netfilter: xt_TRACE: add explicitly nf_logger_find_get call
Consider such situation, if nf_log_ipv4 kernel module is not installed,
and the user add a following iptables rule:
# iptables -t raw -I PREROUTING -j TRACE
There will be no trace log generated until the user install nf_log_ipv4
module manully. So we should add request related nf_log module
appropriately here.
Signed-off-by: Liping Zhang <liping.zhang@spreadtrum.com>
Acked-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net/netfilter')
| -rw-r--r-- | net/netfilter/xt_TRACE.c | 25 |
1 files changed, 19 insertions, 6 deletions
diff --git a/net/netfilter/xt_TRACE.c b/net/netfilter/xt_TRACE.c index df48967af382..858d189a1303 100644 --- a/net/netfilter/xt_TRACE.c +++ b/net/netfilter/xt_TRACE.c | |||
| @@ -4,12 +4,23 @@ | |||
| 4 | #include <linux/skbuff.h> | 4 | #include <linux/skbuff.h> |
| 5 | 5 | ||
| 6 | #include <linux/netfilter/x_tables.h> | 6 | #include <linux/netfilter/x_tables.h> |
| 7 | #include <net/netfilter/nf_log.h> | ||
| 7 | 8 | ||
| 8 | MODULE_DESCRIPTION("Xtables: packet flow tracing"); | 9 | MODULE_DESCRIPTION("Xtables: packet flow tracing"); |
| 9 | MODULE_LICENSE("GPL"); | 10 | MODULE_LICENSE("GPL"); |
| 10 | MODULE_ALIAS("ipt_TRACE"); | 11 | MODULE_ALIAS("ipt_TRACE"); |
| 11 | MODULE_ALIAS("ip6t_TRACE"); | 12 | MODULE_ALIAS("ip6t_TRACE"); |
| 12 | 13 | ||
| 14 | static int trace_tg_check(const struct xt_tgchk_param *par) | ||
| 15 | { | ||
| 16 | return nf_logger_find_get(par->family, NF_LOG_TYPE_LOG); | ||
| 17 | } | ||
| 18 | |||
| 19 | static void trace_tg_destroy(const struct xt_tgdtor_param *par) | ||
| 20 | { | ||
| 21 | nf_logger_put(par->family, NF_LOG_TYPE_LOG); | ||
| 22 | } | ||
| 23 | |||
| 13 | static unsigned int | 24 | static unsigned int |
| 14 | trace_tg(struct sk_buff *skb, const struct xt_action_param *par) | 25 | trace_tg(struct sk_buff *skb, const struct xt_action_param *par) |
| 15 | { | 26 | { |
| @@ -18,12 +29,14 @@ trace_tg(struct sk_buff *skb, const struct xt_action_param *par) | |||
| 18 | } | 29 | } |
| 19 | 30 | ||
| 20 | static struct xt_target trace_tg_reg __read_mostly = { | 31 | static struct xt_target trace_tg_reg __read_mostly = { |
| 21 | .name = "TRACE", | 32 | .name = "TRACE", |
| 22 | .revision = 0, | 33 | .revision = 0, |
| 23 | .family = NFPROTO_UNSPEC, | 34 | .family = NFPROTO_UNSPEC, |
| 24 | .table = "raw", | 35 | .table = "raw", |
| 25 | .target = trace_tg, | 36 | .target = trace_tg, |
| 26 | .me = THIS_MODULE, | 37 | .checkentry = trace_tg_check, |
| 38 | .destroy = trace_tg_destroy, | ||
| 39 | .me = THIS_MODULE, | ||
| 27 | }; | 40 | }; |
| 28 | 41 | ||
| 29 | static int __init trace_tg_init(void) | 42 | static int __init trace_tg_init(void) |