git://ftp.safe.ca
/
safe
/
jmp
/
linux-2.6
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
netfilter: net/ipv[46]/netfilter: Move && and || to end of previous line
[safe/jmp/linux-2.6]
/
net
/
ipv4
/
netfilter
/
ipt_ULOG.c
diff --git
a/net/ipv4/netfilter/ipt_ULOG.c
b/net/ipv4/netfilter/ipt_ULOG.c
index
5b25ca6
..
399061c
100644
(file)
--- a/
net/ipv4/netfilter/ipt_ULOG.c
+++ b/
net/ipv4/netfilter/ipt_ULOG.c
@@
-43,25
+43,19
@@
#include <linux/netfilter.h>
#include <linux/netfilter/x_tables.h>
#include <linux/netfilter_ipv4/ipt_ULOG.h>
#include <linux/netfilter.h>
#include <linux/netfilter/x_tables.h>
#include <linux/netfilter_ipv4/ipt_ULOG.h>
+#include <net/netfilter/nf_log.h>
#include <net/sock.h>
#include <linux/bitops.h>
#include <asm/unaligned.h>
MODULE_LICENSE("GPL");
MODULE_AUTHOR("Harald Welte <laforge@gnumonks.org>");
#include <net/sock.h>
#include <linux/bitops.h>
#include <asm/unaligned.h>
MODULE_LICENSE("GPL");
MODULE_AUTHOR("Harald Welte <laforge@gnumonks.org>");
-MODULE_DESCRIPTION("
iptables userspace logging module
");
+MODULE_DESCRIPTION("
Xtables: packet logging to netlink using ULOG
");
MODULE_ALIAS_NET_PF_PROTO(PF_NETLINK, NETLINK_NFLOG);
#define ULOG_NL_EVENT 111 /* Harald's favorite number */
#define ULOG_MAXNLGROUPS 32 /* numer of nlgroups */
MODULE_ALIAS_NET_PF_PROTO(PF_NETLINK, NETLINK_NFLOG);
#define ULOG_NL_EVENT 111 /* Harald's favorite number */
#define ULOG_MAXNLGROUPS 32 /* numer of nlgroups */
-#if 0
-#define DEBUGP(format, args...) printk("%s:%s:" format, \
- __FILE__, __FUNCTION__ , ## args)
-#else
-#define DEBUGP(format, args...)
-#endif
-
#define PRINTR(format, args...) do { if (net_ratelimit()) printk(format , ## args); } while (0)
static unsigned int nlbufsiz = NLMSG_GOODSIZE;
#define PRINTR(format, args...) do { if (net_ratelimit()) printk(format , ## args); } while (0)
static unsigned int nlbufsiz = NLMSG_GOODSIZE;
@@
-96,12
+90,12
@@
static void ulog_send(unsigned int nlgroupnum)
ulog_buff_t *ub = &ulog_buffers[nlgroupnum];
if (timer_pending(&ub->timer)) {
ulog_buff_t *ub = &ulog_buffers[nlgroupnum];
if (timer_pending(&ub->timer)) {
-
DEBUGP
("ipt_ULOG: ulog_send: timer was pending, deleting\n");
+
pr_debug
("ipt_ULOG: ulog_send: timer was pending, deleting\n");
del_timer(&ub->timer);
}
if (!ub->skb) {
del_timer(&ub->timer);
}
if (!ub->skb) {
-
DEBUGP
("ipt_ULOG: ulog_send: nothing to send\n");
+
pr_debug
("ipt_ULOG: ulog_send: nothing to send\n");
return;
}
return;
}
@@
-110,8
+104,8
@@
static void ulog_send(unsigned int nlgroupnum)
ub->lastnlh->nlmsg_type = NLMSG_DONE;
NETLINK_CB(ub->skb).dst_group = nlgroupnum + 1;
ub->lastnlh->nlmsg_type = NLMSG_DONE;
NETLINK_CB(ub->skb).dst_group = nlgroupnum + 1;
-
DEBUGP
("ipt_ULOG: throwing %d packets to netlink group %u\n",
- ub->qlen, nlgroupnum + 1);
+
pr_debug
("ipt_ULOG: throwing %d packets to netlink group %u\n",
+
ub->qlen, nlgroupnum + 1);
netlink_broadcast(nflognl, ub->skb, 0, nlgroupnum + 1, GFP_ATOMIC);
ub->qlen = 0;
netlink_broadcast(nflognl, ub->skb, 0, nlgroupnum + 1, GFP_ATOMIC);
ub->qlen = 0;
@@
-123,7
+117,7
@@
static void ulog_send(unsigned int nlgroupnum)
/* timer function to flush queue in flushtimeout time */
static void ulog_timer(unsigned long data)
{
/* timer function to flush queue in flushtimeout time */
static void ulog_timer(unsigned long data)
{
-
DEBUGP
("ipt_ULOG: timer function called, calling ulog_send\n");
+
pr_debug
("ipt_ULOG: timer function called, calling ulog_send\n");
/* lock to protect against somebody modifying our structure
* from ipt_ulog_target at the same time */
/* lock to protect against somebody modifying our structure
* from ipt_ulog_target at the same time */
@@
-204,8
+198,8
@@
static void ipt_ulog_packet(unsigned int hooknum,
goto alloc_failure;
}
goto alloc_failure;
}
-
DEBUGP("ipt_ULOG: qlen %d, qthreshold %d
\n", ub->qlen,
- loginfo->qthreshold);
+
pr_debug("ipt_ULOG: qlen %d, qthreshold %Zu
\n", ub->qlen,
+
loginfo->qthreshold);
/* NLMSG_PUT contains a hidden goto nlmsg_failure !!! */
nlh = NLMSG_PUT(ub->skb, 0, ub->qlen, ULOG_NL_EVENT,
/* NLMSG_PUT contains a hidden goto nlmsg_failure !!! */
nlh = NLMSG_PUT(ub->skb, 0, ub->qlen, ULOG_NL_EVENT,
@@
-232,9
+226,9
@@
static void ipt_ulog_packet(unsigned int hooknum,
else
*(pm->prefix) = '\0';
else
*(pm->prefix) = '\0';
- if (in && in->hard_header_len > 0
- && skb->mac_header != skb->network_header
-
&&
in->hard_header_len <= ULOG_MAC_LEN) {
+ if (in && in->hard_header_len > 0
&&
+ skb->mac_header != skb->network_header &&
+ in->hard_header_len <= ULOG_MAC_LEN) {
memcpy(pm->mac, skb_mac_header(skb), in->hard_header_len);
pm->mac_len = in->hard_header_len;
} else
memcpy(pm->mac, skb_mac_header(skb), in->hard_header_len);
pm->mac_len = in->hard_header_len;
} else
@@
-286,21
+280,15
@@
alloc_failure:
spin_unlock_bh(&ulog_lock);
}
spin_unlock_bh(&ulog_lock);
}
-static unsigned int ipt_ulog_target(struct sk_buff **pskb,
- const struct net_device *in,
- const struct net_device *out,
- unsigned int hooknum,
- const struct xt_target *target,
- const void *targinfo)
+static unsigned int
+ulog_tg(struct sk_buff *skb, const struct xt_target_param *par)
{
{
- struct ipt_ulog_info *loginfo = (struct ipt_ulog_info *) targinfo;
-
- ipt_ulog_packet(hooknum, *pskb, in, out, loginfo, NULL);
-
+ ipt_ulog_packet(par->hooknum, skb, par->in, par->out,
+ par->targinfo, NULL);
return XT_CONTINUE;
}
return XT_CONTINUE;
}
-static void ipt_logfn(u
nsigned in
t pf,
+static void ipt_logfn(u
_int8_
t pf,
unsigned int hooknum,
const struct sk_buff *skb,
const struct net_device *in,
unsigned int hooknum,
const struct sk_buff *skb,
const struct net_device *in,
@@
-325,22
+313,18
@@
static void ipt_logfn(unsigned int pf,
ipt_ulog_packet(hooknum, skb, in, out, &loginfo, prefix);
}
ipt_ulog_packet(hooknum, skb, in, out, &loginfo, prefix);
}
-static bool ipt_ulog_checkentry(const char *tablename,
- const void *e,
- const struct xt_target *target,
- void *targinfo,
- unsigned int hookmask)
+static bool ulog_tg_check(const struct xt_tgchk_param *par)
{
{
- const struct ipt_ulog_info *loginfo = targinfo;
+ const struct ipt_ulog_info *loginfo =
par->
targinfo;
if (loginfo->prefix[sizeof(loginfo->prefix) - 1] != '\0') {
if (loginfo->prefix[sizeof(loginfo->prefix) - 1] != '\0') {
-
DEBUGP
("ipt_ULOG: prefix term %i\n",
- loginfo->prefix[sizeof(loginfo->prefix) - 1]);
+
pr_debug
("ipt_ULOG: prefix term %i\n",
+
loginfo->prefix[sizeof(loginfo->prefix) - 1]);
return false;
}
if (loginfo->qthreshold > ULOG_MAX_QLEN) {
return false;
}
if (loginfo->qthreshold > ULOG_MAX_QLEN) {
-
DEBUGP("ipt_ULOG: queue threshold %i
> MAX_QLEN\n",
- loginfo->qthreshold);
+
pr_debug("ipt_ULOG: queue threshold %Zu
> MAX_QLEN\n",
+
loginfo->qthreshold);
return false;
}
return true;
return false;
}
return true;
@@
-354,7
+338,7
@@
struct compat_ipt_ulog_info {
char prefix[ULOG_PREFIX_LEN];
};
char prefix[ULOG_PREFIX_LEN];
};
-static void compat_from_user(void *dst, void *src)
+static void
ulog_tg_
compat_from_user(void *dst, void *src)
{
const struct compat_ipt_ulog_info *cl = src;
struct ipt_ulog_info l = {
{
const struct compat_ipt_ulog_info *cl = src;
struct ipt_ulog_info l = {
@@
-367,7
+351,7
@@
static void compat_from_user(void *dst, void *src)
memcpy(dst, &l, sizeof(l));
}
memcpy(dst, &l, sizeof(l));
}
-static int compat_to_user(void __user *dst, void *src)
+static int
ulog_tg_
compat_to_user(void __user *dst, void *src)
{
const struct ipt_ulog_info *l = src;
struct compat_ipt_ulog_info cl = {
{
const struct ipt_ulog_info *l = src;
struct compat_ipt_ulog_info cl = {
@@
-381,31
+365,31
@@
static int compat_to_user(void __user *dst, void *src)
}
#endif /* CONFIG_COMPAT */
}
#endif /* CONFIG_COMPAT */
-static struct xt_target
ipt_ulog_reg
= {
+static struct xt_target
ulog_tg_reg __read_mostly
= {
.name = "ULOG",
.name = "ULOG",
- .family =
AF_INET
,
- .target =
ipt_ulog_target
,
+ .family =
NFPROTO_IPV4
,
+ .target =
ulog_tg
,
.targetsize = sizeof(struct ipt_ulog_info),
.targetsize = sizeof(struct ipt_ulog_info),
- .checkentry =
ipt_ulog_checkentry
,
+ .checkentry =
ulog_tg_check
,
#ifdef CONFIG_COMPAT
.compatsize = sizeof(struct compat_ipt_ulog_info),
#ifdef CONFIG_COMPAT
.compatsize = sizeof(struct compat_ipt_ulog_info),
- .compat_from_user = compat_from_user,
- .compat_to_user = compat_to_user,
+ .compat_from_user =
ulog_tg_
compat_from_user,
+ .compat_to_user =
ulog_tg_
compat_to_user,
#endif
.me = THIS_MODULE,
};
#endif
.me = THIS_MODULE,
};
-static struct nf_logger ipt_ulog_logger = {
+static struct nf_logger ipt_ulog_logger
__read_mostly
= {
.name = "ipt_ULOG",
.logfn = ipt_logfn,
.me = THIS_MODULE,
};
.name = "ipt_ULOG",
.logfn = ipt_logfn,
.me = THIS_MODULE,
};
-static int __init
ipt_ulo
g_init(void)
+static int __init
ulog_t
g_init(void)
{
int ret, i;
{
int ret, i;
-
DEBUGP
("ipt_ULOG: init module\n");
+
pr_debug
("ipt_ULOG: init module\n");
if (nlbufsiz > 128*1024) {
printk("Netlink buffer has to be <= 128kB\n");
if (nlbufsiz > 128*1024) {
printk("Netlink buffer has to be <= 128kB\n");
@@
-416,39
+400,40
@@
static int __init ipt_ulog_init(void)
for (i = 0; i < ULOG_MAXNLGROUPS; i++)
setup_timer(&ulog_buffers[i].timer, ulog_timer, i);
for (i = 0; i < ULOG_MAXNLGROUPS; i++)
setup_timer(&ulog_buffers[i].timer, ulog_timer, i);
- nflognl = netlink_kernel_create(NETLINK_NFLOG, ULOG_MAXNLGROUPS, NULL,
+ nflognl = netlink_kernel_create(&init_net,
+ NETLINK_NFLOG, ULOG_MAXNLGROUPS, NULL,
NULL, THIS_MODULE);
if (!nflognl)
return -ENOMEM;
NULL, THIS_MODULE);
if (!nflognl)
return -ENOMEM;
- ret = xt_register_target(&
ipt_ulo
g_reg);
+ ret = xt_register_target(&
ulog_t
g_reg);
if (ret < 0) {
if (ret < 0) {
-
sock_release(nflognl->sk_socket
);
+
netlink_kernel_release(nflognl
);
return ret;
}
if (nflog)
return ret;
}
if (nflog)
- nf_log_register(
PF_INET
, &ipt_ulog_logger);
+ nf_log_register(
NFPROTO_IPV4
, &ipt_ulog_logger);
return 0;
}
return 0;
}
-static void __exit
ipt_ulog_fini
(void)
+static void __exit
ulog_tg_exit
(void)
{
ulog_buff_t *ub;
int i;
{
ulog_buff_t *ub;
int i;
-
DEBUGP
("ipt_ULOG: cleanup_module\n");
+
pr_debug
("ipt_ULOG: cleanup_module\n");
if (nflog)
nf_log_unregister(&ipt_ulog_logger);
if (nflog)
nf_log_unregister(&ipt_ulog_logger);
- xt_unregister_target(&
ipt_ulo
g_reg);
-
sock_release(nflognl->sk_socket
);
+ xt_unregister_target(&
ulog_t
g_reg);
+
netlink_kernel_release(nflognl
);
/* remove pending timers and free allocated skb's */
for (i = 0; i < ULOG_MAXNLGROUPS; i++) {
ub = &ulog_buffers[i];
if (timer_pending(&ub->timer)) {
/* remove pending timers and free allocated skb's */
for (i = 0; i < ULOG_MAXNLGROUPS; i++) {
ub = &ulog_buffers[i];
if (timer_pending(&ub->timer)) {
-
DEBUGP
("timer was pending, deleting\n");
+
pr_debug
("timer was pending, deleting\n");
del_timer(&ub->timer);
}
del_timer(&ub->timer);
}
@@
-459,5
+444,5
@@
static void __exit ipt_ulog_fini(void)
}
}
}
}
-module_init(
ipt_ulo
g_init);
-module_exit(
ipt_ulog_fini
);
+module_init(
ulog_t
g_init);
+module_exit(
ulog_tg_exit
);