diff options
author | Patrick McHardy <kaber@trash.net> | 2007-12-18 01:41:52 -0500 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2008-01-28 17:59:04 -0500 |
commit | 76aa1ce139f649e432272f6ad75204b763ef13bd (patch) | |
tree | f5d5337fdbdc6ca8a9df57169966f7f3aefddb90 | |
parent | 0dfedd28746266a35b3008cb6bb03466115e95b9 (diff) |
[NETFILTER]: nfnetlink_log: include GID in netlink message
Similar to Maciej Soltysiak's ipt_LOG patch, include GID in addition
to UID in netlink message.
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r-- | include/linux/netfilter/nfnetlink_log.h | 1 | ||||
-rw-r--r-- | net/netfilter/nfnetlink_log.c | 3 |
2 files changed, 4 insertions, 0 deletions
diff --git a/include/linux/netfilter/nfnetlink_log.h b/include/linux/netfilter/nfnetlink_log.h index 5966afa026e9..a85721332924 100644 --- a/include/linux/netfilter/nfnetlink_log.h +++ b/include/linux/netfilter/nfnetlink_log.h | |||
@@ -47,6 +47,7 @@ enum nfulnl_attr_type { | |||
47 | NFULA_UID, /* user id of socket */ | 47 | NFULA_UID, /* user id of socket */ |
48 | NFULA_SEQ, /* instance-local sequence number */ | 48 | NFULA_SEQ, /* instance-local sequence number */ |
49 | NFULA_SEQ_GLOBAL, /* global sequence number */ | 49 | NFULA_SEQ_GLOBAL, /* global sequence number */ |
50 | NFULA_GID, /* group id of socket */ | ||
50 | 51 | ||
51 | __NFULA_MAX | 52 | __NFULA_MAX |
52 | }; | 53 | }; |
diff --git a/net/netfilter/nfnetlink_log.c b/net/netfilter/nfnetlink_log.c index 950b1f0713dd..5013cb97ce2b 100644 --- a/net/netfilter/nfnetlink_log.c +++ b/net/netfilter/nfnetlink_log.c | |||
@@ -467,9 +467,11 @@ __build_packet_message(struct nfulnl_instance *inst, | |||
467 | read_lock_bh(&skb->sk->sk_callback_lock); | 467 | read_lock_bh(&skb->sk->sk_callback_lock); |
468 | if (skb->sk->sk_socket && skb->sk->sk_socket->file) { | 468 | if (skb->sk->sk_socket && skb->sk->sk_socket->file) { |
469 | __be32 uid = htonl(skb->sk->sk_socket->file->f_uid); | 469 | __be32 uid = htonl(skb->sk->sk_socket->file->f_uid); |
470 | __be32 gid = htons(skb->sk->sk_socket->file->f_gid); | ||
470 | /* need to unlock here since NLA_PUT may goto */ | 471 | /* need to unlock here since NLA_PUT may goto */ |
471 | read_unlock_bh(&skb->sk->sk_callback_lock); | 472 | read_unlock_bh(&skb->sk->sk_callback_lock); |
472 | NLA_PUT_BE32(inst->skb, NFULA_UID, uid); | 473 | NLA_PUT_BE32(inst->skb, NFULA_UID, uid); |
474 | NLA_PUT_BE32(inst->skb, NFULA_GID, gid); | ||
473 | } else | 475 | } else |
474 | read_unlock_bh(&skb->sk->sk_callback_lock); | 476 | read_unlock_bh(&skb->sk->sk_callback_lock); |
475 | } | 477 | } |
@@ -564,6 +566,7 @@ nfulnl_log_packet(unsigned int pf, | |||
564 | #endif | 566 | #endif |
565 | + nla_total_size(sizeof(u_int32_t)) /* mark */ | 567 | + nla_total_size(sizeof(u_int32_t)) /* mark */ |
566 | + nla_total_size(sizeof(u_int32_t)) /* uid */ | 568 | + nla_total_size(sizeof(u_int32_t)) /* uid */ |
569 | + nla_total_size(sizeof(u_int32_t)) /* gid */ | ||
567 | + nla_total_size(plen) /* prefix */ | 570 | + nla_total_size(plen) /* prefix */ |
568 | + nla_total_size(sizeof(struct nfulnl_msg_packet_hw)) | 571 | + nla_total_size(sizeof(struct nfulnl_msg_packet_hw)) |
569 | + nla_total_size(sizeof(struct nfulnl_msg_packet_timestamp)); | 572 | + nla_total_size(sizeof(struct nfulnl_msg_packet_timestamp)); |