diff options
| author | Gao feng <gaofeng@cn.fujitsu.com> | 2013-03-03 19:29:12 -0500 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2013-03-04 08:45:25 -0500 |
| commit | ed018fa4dfc3d26da56b9ee7dc75e9d39a39a02b (patch) | |
| tree | ecb910ff5080b35dc1fdae81337bbdb1d2b54841 /net | |
| parent | f9caed59f801f77a2844ab04d2dea8df33ac862b (diff) | |
netfilter: xt_AUDIT: only generate audit log when audit enabled
We should stop generting audit log if audit is disabled.
Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com>
Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net')
| -rw-r--r-- | net/netfilter/xt_AUDIT.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/net/netfilter/xt_AUDIT.c b/net/netfilter/xt_AUDIT.c index ba92824086f3..3228d7f24eb4 100644 --- a/net/netfilter/xt_AUDIT.c +++ b/net/netfilter/xt_AUDIT.c | |||
| @@ -124,6 +124,9 @@ audit_tg(struct sk_buff *skb, const struct xt_action_param *par) | |||
| 124 | const struct xt_audit_info *info = par->targinfo; | 124 | const struct xt_audit_info *info = par->targinfo; |
| 125 | struct audit_buffer *ab; | 125 | struct audit_buffer *ab; |
| 126 | 126 | ||
| 127 | if (audit_enabled == 0) | ||
| 128 | goto errout; | ||
| 129 | |||
| 127 | ab = audit_log_start(NULL, GFP_ATOMIC, AUDIT_NETFILTER_PKT); | 130 | ab = audit_log_start(NULL, GFP_ATOMIC, AUDIT_NETFILTER_PKT); |
| 128 | if (ab == NULL) | 131 | if (ab == NULL) |
| 129 | goto errout; | 132 | goto errout; |