aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPatrick McHardy <kaber@trash.net>2007-12-18 01:41:52 -0500
committerDavid S. Miller <davem@davemloft.net>2008-01-28 17:59:04 -0500
commit76aa1ce139f649e432272f6ad75204b763ef13bd (patch)
treef5d5337fdbdc6ca8a9df57169966f7f3aefddb90
parent0dfedd28746266a35b3008cb6bb03466115e95b9 (diff)
[NETFILTER]: nfnetlink_log: include GID in netlink message
Similar to Maciej Soltysiak's ipt_LOG patch, include GID in addition to UID in netlink message. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r--include/linux/netfilter/nfnetlink_log.h1
-rw-r--r--net/netfilter/nfnetlink_log.c3
2 files changed, 4 insertions, 0 deletions
diff --git a/include/linux/netfilter/nfnetlink_log.h b/include/linux/netfilter/nfnetlink_log.h
index 5966afa026e9..a85721332924 100644
--- a/include/linux/netfilter/nfnetlink_log.h
+++ b/include/linux/netfilter/nfnetlink_log.h
@@ -47,6 +47,7 @@ enum nfulnl_attr_type {
47 NFULA_UID, /* user id of socket */ 47 NFULA_UID, /* user id of socket */
48 NFULA_SEQ, /* instance-local sequence number */ 48 NFULA_SEQ, /* instance-local sequence number */
49 NFULA_SEQ_GLOBAL, /* global sequence number */ 49 NFULA_SEQ_GLOBAL, /* global sequence number */
50 NFULA_GID, /* group id of socket */
50 51
51 __NFULA_MAX 52 __NFULA_MAX
52}; 53};
diff --git a/net/netfilter/nfnetlink_log.c b/net/netfilter/nfnetlink_log.c
index 950b1f0713dd..5013cb97ce2b 100644
--- a/net/netfilter/nfnetlink_log.c
+++ b/net/netfilter/nfnetlink_log.c
@@ -467,9 +467,11 @@ __build_packet_message(struct nfulnl_instance *inst,
467 read_lock_bh(&skb->sk->sk_callback_lock); 467 read_lock_bh(&skb->sk->sk_callback_lock);
468 if (skb->sk->sk_socket && skb->sk->sk_socket->file) { 468 if (skb->sk->sk_socket && skb->sk->sk_socket->file) {
469 __be32 uid = htonl(skb->sk->sk_socket->file->f_uid); 469 __be32 uid = htonl(skb->sk->sk_socket->file->f_uid);
470 __be32 gid = htons(skb->sk->sk_socket->file->f_gid);
470 /* need to unlock here since NLA_PUT may goto */ 471 /* need to unlock here since NLA_PUT may goto */
471 read_unlock_bh(&skb->sk->sk_callback_lock); 472 read_unlock_bh(&skb->sk->sk_callback_lock);
472 NLA_PUT_BE32(inst->skb, NFULA_UID, uid); 473 NLA_PUT_BE32(inst->skb, NFULA_UID, uid);
474 NLA_PUT_BE32(inst->skb, NFULA_GID, gid);
473 } else 475 } else
474 read_unlock_bh(&skb->sk->sk_callback_lock); 476 read_unlock_bh(&skb->sk->sk_callback_lock);
475 } 477 }
@@ -564,6 +566,7 @@ nfulnl_log_packet(unsigned int pf,
564#endif 566#endif
565 + nla_total_size(sizeof(u_int32_t)) /* mark */ 567 + nla_total_size(sizeof(u_int32_t)) /* mark */
566 + nla_total_size(sizeof(u_int32_t)) /* uid */ 568 + nla_total_size(sizeof(u_int32_t)) /* uid */
569 + nla_total_size(sizeof(u_int32_t)) /* gid */
567 + nla_total_size(plen) /* prefix */ 570 + nla_total_size(plen) /* prefix */
568 + nla_total_size(sizeof(struct nfulnl_msg_packet_hw)) 571 + nla_total_size(sizeof(struct nfulnl_msg_packet_hw))
569 + nla_total_size(sizeof(struct nfulnl_msg_packet_timestamp)); 572 + nla_total_size(sizeof(struct nfulnl_msg_packet_timestamp));