diff options
| author | Phil Sutter <phil@nwl.cc> | 2018-05-30 05:06:22 -0400 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2018-06-01 03:46:21 -0400 |
| commit | 1a893b44de4528887e7dabcdce7151ca2a8ee238 (patch) | |
| tree | fbfad17596fd8a2d5fd63428cb76108e793cb409 /include/uapi/linux | |
| parent | 554ced0a6e2946562c20d9fffdbaf2aa7da36b1b (diff) | |
netfilter: nf_tables: Add audit support to log statement
This extends log statement to support the behaviour achieved with
AUDIT target in iptables.
Audit logging is enabled via a pseudo log level 8. In this case any
other settings like log prefix are ignored since audit log format is
fixed.
Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include/uapi/linux')
| -rw-r--r-- | include/uapi/linux/netfilter/nf_tables.h | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/include/uapi/linux/netfilter/nf_tables.h b/include/uapi/linux/netfilter/nf_tables.h index 3d46c82a5ebd..5c7eb9b9f6d6 100644 --- a/include/uapi/linux/netfilter/nf_tables.h +++ b/include/uapi/linux/netfilter/nf_tables.h | |||
| @@ -1081,6 +1081,11 @@ enum nft_log_attributes { | |||
| 1081 | #define NFTA_LOG_MAX (__NFTA_LOG_MAX - 1) | 1081 | #define NFTA_LOG_MAX (__NFTA_LOG_MAX - 1) |
| 1082 | 1082 | ||
| 1083 | /** | 1083 | /** |
| 1084 | * LOGLEVEL_AUDIT - a pseudo log level enabling audit logging | ||
| 1085 | */ | ||
| 1086 | #define LOGLEVEL_AUDIT 8 | ||
| 1087 | |||
| 1088 | /** | ||
| 1084 | * enum nft_queue_attributes - nf_tables queue expression netlink attributes | 1089 | * enum nft_queue_attributes - nf_tables queue expression netlink attributes |
| 1085 | * | 1090 | * |
| 1086 | * @NFTA_QUEUE_NUM: netlink queue to send messages to (NLA_U16) | 1091 | * @NFTA_QUEUE_NUM: netlink queue to send messages to (NLA_U16) |