[NETFILTER]: nf_log: move logging stuff to seperate header
Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
parent
cc01dcbd26
commit
f01ffbd6e7
|
@ -124,61 +124,6 @@ extern struct ctl_table nf_net_ipv4_netfilter_sysctl_path[];
|
||||||
|
|
||||||
extern struct list_head nf_hooks[NPROTO][NF_MAX_HOOKS];
|
extern struct list_head nf_hooks[NPROTO][NF_MAX_HOOKS];
|
||||||
|
|
||||||
/* those NF_LOG_* defines and struct nf_loginfo are legacy definitios that will
|
|
||||||
* disappear once iptables is replaced with pkttables. Please DO NOT use them
|
|
||||||
* for any new code! */
|
|
||||||
#define NF_LOG_TCPSEQ 0x01 /* Log TCP sequence numbers */
|
|
||||||
#define NF_LOG_TCPOPT 0x02 /* Log TCP options */
|
|
||||||
#define NF_LOG_IPOPT 0x04 /* Log IP options */
|
|
||||||
#define NF_LOG_UID 0x08 /* Log UID owning local socket */
|
|
||||||
#define NF_LOG_MASK 0x0f
|
|
||||||
|
|
||||||
#define NF_LOG_TYPE_LOG 0x01
|
|
||||||
#define NF_LOG_TYPE_ULOG 0x02
|
|
||||||
|
|
||||||
struct nf_loginfo {
|
|
||||||
u_int8_t type;
|
|
||||||
union {
|
|
||||||
struct {
|
|
||||||
u_int32_t copy_len;
|
|
||||||
u_int16_t group;
|
|
||||||
u_int16_t qthreshold;
|
|
||||||
} ulog;
|
|
||||||
struct {
|
|
||||||
u_int8_t level;
|
|
||||||
u_int8_t logflags;
|
|
||||||
} log;
|
|
||||||
} u;
|
|
||||||
};
|
|
||||||
|
|
||||||
typedef void nf_logfn(unsigned int pf,
|
|
||||||
unsigned int hooknum,
|
|
||||||
const struct sk_buff *skb,
|
|
||||||
const struct net_device *in,
|
|
||||||
const struct net_device *out,
|
|
||||||
const struct nf_loginfo *li,
|
|
||||||
const char *prefix);
|
|
||||||
|
|
||||||
struct nf_logger {
|
|
||||||
struct module *me;
|
|
||||||
nf_logfn *logfn;
|
|
||||||
char *name;
|
|
||||||
};
|
|
||||||
|
|
||||||
/* Function to register/unregister log function. */
|
|
||||||
int nf_log_register(int pf, struct nf_logger *logger);
|
|
||||||
void nf_log_unregister(struct nf_logger *logger);
|
|
||||||
void nf_log_unregister_pf(int pf);
|
|
||||||
|
|
||||||
/* Calls the registered backend logging function */
|
|
||||||
void nf_log_packet(int pf,
|
|
||||||
unsigned int hooknum,
|
|
||||||
const struct sk_buff *skb,
|
|
||||||
const struct net_device *in,
|
|
||||||
const struct net_device *out,
|
|
||||||
struct nf_loginfo *li,
|
|
||||||
const char *fmt, ...);
|
|
||||||
|
|
||||||
int nf_hook_slow(int pf, unsigned int hook, struct sk_buff *skb,
|
int nf_hook_slow(int pf, unsigned int hook, struct sk_buff *skb,
|
||||||
struct net_device *indev, struct net_device *outdev,
|
struct net_device *indev, struct net_device *outdev,
|
||||||
int (*okfn)(struct sk_buff *), int thresh);
|
int (*okfn)(struct sk_buff *), int thresh);
|
||||||
|
|
59
include/net/netfilter/nf_log.h
Normal file
59
include/net/netfilter/nf_log.h
Normal file
|
@ -0,0 +1,59 @@
|
||||||
|
#ifndef _NF_LOG_H
|
||||||
|
#define _NF_LOG_H
|
||||||
|
|
||||||
|
/* those NF_LOG_* defines and struct nf_loginfo are legacy definitios that will
|
||||||
|
* disappear once iptables is replaced with pkttables. Please DO NOT use them
|
||||||
|
* for any new code! */
|
||||||
|
#define NF_LOG_TCPSEQ 0x01 /* Log TCP sequence numbers */
|
||||||
|
#define NF_LOG_TCPOPT 0x02 /* Log TCP options */
|
||||||
|
#define NF_LOG_IPOPT 0x04 /* Log IP options */
|
||||||
|
#define NF_LOG_UID 0x08 /* Log UID owning local socket */
|
||||||
|
#define NF_LOG_MASK 0x0f
|
||||||
|
|
||||||
|
#define NF_LOG_TYPE_LOG 0x01
|
||||||
|
#define NF_LOG_TYPE_ULOG 0x02
|
||||||
|
|
||||||
|
struct nf_loginfo {
|
||||||
|
u_int8_t type;
|
||||||
|
union {
|
||||||
|
struct {
|
||||||
|
u_int32_t copy_len;
|
||||||
|
u_int16_t group;
|
||||||
|
u_int16_t qthreshold;
|
||||||
|
} ulog;
|
||||||
|
struct {
|
||||||
|
u_int8_t level;
|
||||||
|
u_int8_t logflags;
|
||||||
|
} log;
|
||||||
|
} u;
|
||||||
|
};
|
||||||
|
|
||||||
|
typedef void nf_logfn(unsigned int pf,
|
||||||
|
unsigned int hooknum,
|
||||||
|
const struct sk_buff *skb,
|
||||||
|
const struct net_device *in,
|
||||||
|
const struct net_device *out,
|
||||||
|
const struct nf_loginfo *li,
|
||||||
|
const char *prefix);
|
||||||
|
|
||||||
|
struct nf_logger {
|
||||||
|
struct module *me;
|
||||||
|
nf_logfn *logfn;
|
||||||
|
char *name;
|
||||||
|
};
|
||||||
|
|
||||||
|
/* Function to register/unregister log function. */
|
||||||
|
int nf_log_register(int pf, struct nf_logger *logger);
|
||||||
|
void nf_log_unregister(struct nf_logger *logger);
|
||||||
|
void nf_log_unregister_pf(int pf);
|
||||||
|
|
||||||
|
/* Calls the registered backend logging function */
|
||||||
|
void nf_log_packet(int pf,
|
||||||
|
unsigned int hooknum,
|
||||||
|
const struct sk_buff *skb,
|
||||||
|
const struct net_device *in,
|
||||||
|
const struct net_device *out,
|
||||||
|
struct nf_loginfo *li,
|
||||||
|
const char *fmt, ...);
|
||||||
|
|
||||||
|
#endif /* _NF_LOG_H */
|
|
@ -17,6 +17,7 @@
|
||||||
#include <linux/in.h>
|
#include <linux/in.h>
|
||||||
#include <linux/if_arp.h>
|
#include <linux/if_arp.h>
|
||||||
#include <linux/spinlock.h>
|
#include <linux/spinlock.h>
|
||||||
|
#include <net/netfilter/nf_log.h>
|
||||||
|
|
||||||
static DEFINE_SPINLOCK(ebt_log_lock);
|
static DEFINE_SPINLOCK(ebt_log_lock);
|
||||||
|
|
||||||
|
|
|
@ -38,6 +38,7 @@
|
||||||
#include <linux/netdevice.h>
|
#include <linux/netdevice.h>
|
||||||
#include <linux/netfilter_bridge/ebtables.h>
|
#include <linux/netfilter_bridge/ebtables.h>
|
||||||
#include <linux/netfilter_bridge/ebt_ulog.h>
|
#include <linux/netfilter_bridge/ebt_ulog.h>
|
||||||
|
#include <net/netfilter/nf_log.h>
|
||||||
#include <net/sock.h>
|
#include <net/sock.h>
|
||||||
#include "../br_private.h"
|
#include "../br_private.h"
|
||||||
|
|
||||||
|
|
|
@ -26,6 +26,7 @@
|
||||||
|
|
||||||
#include <linux/netfilter/x_tables.h>
|
#include <linux/netfilter/x_tables.h>
|
||||||
#include <linux/netfilter_ipv4/ip_tables.h>
|
#include <linux/netfilter_ipv4/ip_tables.h>
|
||||||
|
#include <net/netfilter/nf_log.h>
|
||||||
|
|
||||||
MODULE_LICENSE("GPL");
|
MODULE_LICENSE("GPL");
|
||||||
MODULE_AUTHOR("Netfilter Core Team <coreteam@netfilter.org>");
|
MODULE_AUTHOR("Netfilter Core Team <coreteam@netfilter.org>");
|
||||||
|
|
|
@ -22,6 +22,7 @@
|
||||||
#include <linux/netfilter.h>
|
#include <linux/netfilter.h>
|
||||||
#include <linux/netfilter/x_tables.h>
|
#include <linux/netfilter/x_tables.h>
|
||||||
#include <linux/netfilter_ipv4/ipt_LOG.h>
|
#include <linux/netfilter_ipv4/ipt_LOG.h>
|
||||||
|
#include <net/netfilter/nf_log.h>
|
||||||
|
|
||||||
MODULE_LICENSE("GPL");
|
MODULE_LICENSE("GPL");
|
||||||
MODULE_AUTHOR("Netfilter Core Team <coreteam@netfilter.org>");
|
MODULE_AUTHOR("Netfilter Core Team <coreteam@netfilter.org>");
|
||||||
|
|
|
@ -43,6 +43,7 @@
|
||||||
#include <linux/netfilter.h>
|
#include <linux/netfilter.h>
|
||||||
#include <linux/netfilter/x_tables.h>
|
#include <linux/netfilter/x_tables.h>
|
||||||
#include <linux/netfilter_ipv4/ipt_ULOG.h>
|
#include <linux/netfilter_ipv4/ipt_ULOG.h>
|
||||||
|
#include <net/netfilter/nf_log.h>
|
||||||
#include <net/sock.h>
|
#include <net/sock.h>
|
||||||
#include <linux/bitops.h>
|
#include <linux/bitops.h>
|
||||||
#include <asm/unaligned.h>
|
#include <asm/unaligned.h>
|
||||||
|
|
|
@ -18,6 +18,7 @@
|
||||||
#include <net/netfilter/nf_conntrack_tuple.h>
|
#include <net/netfilter/nf_conntrack_tuple.h>
|
||||||
#include <net/netfilter/nf_conntrack_l4proto.h>
|
#include <net/netfilter/nf_conntrack_l4proto.h>
|
||||||
#include <net/netfilter/nf_conntrack_core.h>
|
#include <net/netfilter/nf_conntrack_core.h>
|
||||||
|
#include <net/netfilter/nf_log.h>
|
||||||
|
|
||||||
static unsigned long nf_ct_icmp_timeout __read_mostly = 30*HZ;
|
static unsigned long nf_ct_icmp_timeout __read_mostly = 30*HZ;
|
||||||
|
|
||||||
|
|
|
@ -28,6 +28,7 @@
|
||||||
|
|
||||||
#include <linux/netfilter_ipv6/ip6_tables.h>
|
#include <linux/netfilter_ipv6/ip6_tables.h>
|
||||||
#include <linux/netfilter/x_tables.h>
|
#include <linux/netfilter/x_tables.h>
|
||||||
|
#include <net/netfilter/nf_log.h>
|
||||||
|
|
||||||
MODULE_LICENSE("GPL");
|
MODULE_LICENSE("GPL");
|
||||||
MODULE_AUTHOR("Netfilter Core Team <coreteam@netfilter.org>");
|
MODULE_AUTHOR("Netfilter Core Team <coreteam@netfilter.org>");
|
||||||
|
|
|
@ -23,6 +23,7 @@
|
||||||
#include <linux/netfilter.h>
|
#include <linux/netfilter.h>
|
||||||
#include <linux/netfilter/x_tables.h>
|
#include <linux/netfilter/x_tables.h>
|
||||||
#include <linux/netfilter_ipv6/ip6_tables.h>
|
#include <linux/netfilter_ipv6/ip6_tables.h>
|
||||||
|
#include <net/netfilter/nf_log.h>
|
||||||
|
|
||||||
MODULE_AUTHOR("Jan Rekorajski <baggins@pld.org.pl>");
|
MODULE_AUTHOR("Jan Rekorajski <baggins@pld.org.pl>");
|
||||||
MODULE_DESCRIPTION("IP6 tables LOG target module");
|
MODULE_DESCRIPTION("IP6 tables LOG target module");
|
||||||
|
|
|
@ -24,6 +24,7 @@
|
||||||
#include <net/netfilter/nf_conntrack_l4proto.h>
|
#include <net/netfilter/nf_conntrack_l4proto.h>
|
||||||
#include <net/netfilter/nf_conntrack_core.h>
|
#include <net/netfilter/nf_conntrack_core.h>
|
||||||
#include <net/netfilter/ipv6/nf_conntrack_icmpv6.h>
|
#include <net/netfilter/ipv6/nf_conntrack_icmpv6.h>
|
||||||
|
#include <net/netfilter/nf_log.h>
|
||||||
|
|
||||||
static unsigned long nf_ct_icmpv6_timeout __read_mostly = 30*HZ;
|
static unsigned long nf_ct_icmpv6_timeout __read_mostly = 30*HZ;
|
||||||
|
|
||||||
|
|
|
@ -24,6 +24,7 @@
|
||||||
#include <net/netfilter/nf_conntrack.h>
|
#include <net/netfilter/nf_conntrack.h>
|
||||||
#include <net/netfilter/nf_conntrack_l4proto.h>
|
#include <net/netfilter/nf_conntrack_l4proto.h>
|
||||||
#include <net/netfilter/nf_conntrack_ecache.h>
|
#include <net/netfilter/nf_conntrack_ecache.h>
|
||||||
|
#include <net/netfilter/nf_log.h>
|
||||||
|
|
||||||
/* Protects conntrack->proto.tcp */
|
/* Protects conntrack->proto.tcp */
|
||||||
static DEFINE_RWLOCK(tcp_lock);
|
static DEFINE_RWLOCK(tcp_lock);
|
||||||
|
|
|
@ -21,6 +21,7 @@
|
||||||
#include <linux/netfilter_ipv6.h>
|
#include <linux/netfilter_ipv6.h>
|
||||||
#include <net/netfilter/nf_conntrack_l4proto.h>
|
#include <net/netfilter/nf_conntrack_l4proto.h>
|
||||||
#include <net/netfilter/nf_conntrack_ecache.h>
|
#include <net/netfilter/nf_conntrack_ecache.h>
|
||||||
|
#include <net/netfilter/nf_log.h>
|
||||||
|
|
||||||
static unsigned int nf_ct_udp_timeout __read_mostly = 30*HZ;
|
static unsigned int nf_ct_udp_timeout __read_mostly = 30*HZ;
|
||||||
static unsigned int nf_ct_udp_timeout_stream __read_mostly = 180*HZ;
|
static unsigned int nf_ct_udp_timeout_stream __read_mostly = 180*HZ;
|
||||||
|
|
|
@ -22,6 +22,7 @@
|
||||||
#include <linux/netfilter_ipv6.h>
|
#include <linux/netfilter_ipv6.h>
|
||||||
#include <net/netfilter/nf_conntrack_l4proto.h>
|
#include <net/netfilter/nf_conntrack_l4proto.h>
|
||||||
#include <net/netfilter/nf_conntrack_ecache.h>
|
#include <net/netfilter/nf_conntrack_ecache.h>
|
||||||
|
#include <net/netfilter/nf_log.h>
|
||||||
|
|
||||||
static unsigned int nf_ct_udplite_timeout __read_mostly = 30*HZ;
|
static unsigned int nf_ct_udplite_timeout __read_mostly = 30*HZ;
|
||||||
static unsigned int nf_ct_udplite_timeout_stream __read_mostly = 180*HZ;
|
static unsigned int nf_ct_udplite_timeout_stream __read_mostly = 180*HZ;
|
||||||
|
|
|
@ -6,6 +6,7 @@
|
||||||
#include <linux/netfilter.h>
|
#include <linux/netfilter.h>
|
||||||
#include <linux/seq_file.h>
|
#include <linux/seq_file.h>
|
||||||
#include <net/protocol.h>
|
#include <net/protocol.h>
|
||||||
|
#include <net/netfilter/nf_log.h>
|
||||||
|
|
||||||
#include "nf_internals.h"
|
#include "nf_internals.h"
|
||||||
|
|
||||||
|
|
|
@ -29,6 +29,7 @@
|
||||||
#include <linux/jhash.h>
|
#include <linux/jhash.h>
|
||||||
#include <linux/random.h>
|
#include <linux/random.h>
|
||||||
#include <net/sock.h>
|
#include <net/sock.h>
|
||||||
|
#include <net/netfilter/nf_log.h>
|
||||||
|
|
||||||
#include <asm/atomic.h>
|
#include <asm/atomic.h>
|
||||||
|
|
||||||
|
|
|
@ -12,6 +12,7 @@
|
||||||
|
|
||||||
#include <linux/netfilter/x_tables.h>
|
#include <linux/netfilter/x_tables.h>
|
||||||
#include <linux/netfilter/xt_NFLOG.h>
|
#include <linux/netfilter/xt_NFLOG.h>
|
||||||
|
#include <net/netfilter/nf_log.h>
|
||||||
|
|
||||||
MODULE_AUTHOR("Patrick McHardy <kaber@trash.net>");
|
MODULE_AUTHOR("Patrick McHardy <kaber@trash.net>");
|
||||||
MODULE_DESCRIPTION("x_tables NFLOG target");
|
MODULE_DESCRIPTION("x_tables NFLOG target");
|
||||||
|
|
Loading…
Reference in a new issue