aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorEric Leblond <eric@inl.fr>2008-11-04 08:21:08 -0500
committerPatrick McHardy <kaber@trash.net>2008-11-04 08:21:08 -0500
commit5f7340eff8f68f41b7e5c7ad47ec4cd1ea1afb40 (patch)
tree4c59b833f6a4d31b1535aa49e078deaa83b10327
parentd2ad3ca88da02baeccd5216780f1fe983c6953ba (diff)
netfilter: xt_NFLOG: don't call nf_log_packet in NFLOG module.
This patch modifies xt_NFLOG to suppress the call to nf_log_packet() function. The call of this wrapper in xt_NFLOG was causing NFLOG to use the first initialized module. Thus, if ipt_ULOG is loaded before nfnetlink_log all NFLOG rules are treated as plain LOG rules. Signed-off-by: Eric Leblond <eric@inl.fr> Signed-off-by: Patrick McHardy <kaber@trash.net>
Diffstat
-rw-r--r--include/net/netfilter/nfnetlink_log.h14
-rw-r--r--net/netfilter/nfnetlink_log.c3
-rw-r--r--net/netfilter/xt_NFLOG.c5
3 files changed, 19 insertions, 3 deletions
diff --git a/include/net/netfilter/nfnetlink_log.h b/include/net/netfilter/nfnetlink_log.h
new file mode 100644
index 000000000000..9b67f948a8d7
--- /dev/null
+++ b/include/net/netfilter/nfnetlink_log.h
@@ -0,0 +1,14 @@
1#ifndef _KER_NFNETLINK_LOG_H
2#define _KER_NFNETLINK_LOG_H
3
4void
5nfulnl_log_packet(unsigned int pf,
6 unsigned int hooknum,
7 const struct sk_buff *skb,
8 const struct net_device *in,
9 const struct net_device *out,
10 const struct nf_loginfo *li_user,
11 const char *prefix);
12
13#endif /* _KER_NFNETLINK_LOG_H */
14
diff --git a/net/netfilter/nfnetlink_log.c b/net/netfilter/nfnetlink_log.c
index 41e0105d3828..a51892b3f01a 100644
--- a/net/netfilter/nfnetlink_log.c
+++ b/net/netfilter/nfnetlink_log.c
@@ -533,7 +533,7 @@ static struct nf_loginfo default_loginfo = {
533}; 533};
534 534
535/* log handler for internal netfilter logging api */ 535/* log handler for internal netfilter logging api */
536static void 536void
537nfulnl_log_packet(u_int8_t pf, 537nfulnl_log_packet(u_int8_t pf,
538 unsigned int hooknum, 538 unsigned int hooknum,
539 const struct sk_buff *skb, 539 const struct sk_buff *skb,
@@ -648,6 +648,7 @@ alloc_failure:
648 /* FIXME: statistics */ 648 /* FIXME: statistics */
649 goto unlock_and_release; 649 goto unlock_and_release;
650} 650}
651EXPORT_SYMBOL_GPL(nfulnl_log_packet);
651 652
652static int 653static int
653nfulnl_rcv_nl_event(struct notifier_block *this, 654nfulnl_rcv_nl_event(struct notifier_block *this,
diff --git a/net/netfilter/xt_NFLOG.c b/net/netfilter/xt_NFLOG.c
index 50e3a52d3b31..a57c5cf018ec 100644
--- a/net/netfilter/xt_NFLOG.c
+++ b/net/netfilter/xt_NFLOG.c
@@ -13,6 +13,7 @@
13#include <linux/netfilter/x_tables.h> 13#include <linux/netfilter/x_tables.h>
14#include <linux/netfilter/xt_NFLOG.h> 14#include <linux/netfilter/xt_NFLOG.h>
15#include <net/netfilter/nf_log.h> 15#include <net/netfilter/nf_log.h>
16#include <net/netfilter/nfnetlink_log.h>
16 17
17MODULE_AUTHOR("Patrick McHardy <kaber@trash.net>"); 18MODULE_AUTHOR("Patrick McHardy <kaber@trash.net>");
18MODULE_DESCRIPTION("Xtables: packet logging to netlink using NFLOG"); 19MODULE_DESCRIPTION("Xtables: packet logging to netlink using NFLOG");
@@ -31,8 +32,8 @@ nflog_tg(struct sk_buff *skb, const struct xt_target_param *par)
31 li.u.ulog.group = info->group; 32 li.u.ulog.group = info->group;
32 li.u.ulog.qthreshold = info->threshold; 33 li.u.ulog.qthreshold = info->threshold;
33 34
34 nf_log_packet(par->family, par->hooknum, skb, par->in, 35 nfulnl_log_packet(par->family, par->hooknum, skb, par->in,
35 par->out, &li, "%s", info->prefix); 36 par->out, &li, info->prefix);
36 return XT_CONTINUE; 37 return XT_CONTINUE;
37} 38}
38 39
generated by cgit v1.2.2 (git 2.25.0) at 2025-09-20 06:50:15 -0400