[Ebtables-devel] Re: [PATCH] ebtables: Port ebt_[u]log.c to nf[netlink]_log
Brought to you by:
bdschuym
Menu
▾
▴
[Ebtables-devel] Re: [PATCH] ebtables: Port ebt_[u]log.c to nf[netlink]_log
|
From: Bart De S. <bds...@pa...> - 2005-10-17 18:59:09
|
Op za, 08-10-2005 te 01:49 +0200, schreef Harald Welte:
> Hi Bart!
>
> The patch below is totally untested (though it compiles), and updates
> ebtables to resemble the behaviour that we now have in ipv4 (and ipv6):
> {ip,ip6,eb}tables just tell the nf_log core that they want to log a
> packet, the mechanism (syslog, nfnetlink_log, ...) is actually decided
> by nf_log.
>
> By default, everything will behave like before.
>
> Please review, and test that ebt_log and ebt_ulog are still working as
> expected. Thanks!
Sorry for the late reply, some hardware problems got in the way.
Apart from the comments below, the patch is fine by me (I tested both).
Thanks a lot,
Bart
> @@ -144,6 +153,21 @@ static void ebt_log(const struct sk_buff
> out:
> printk("\n");
> spin_unlock_bh(&ebt_log_lock);
> +
> +}
> +
> +static void ebt_log(const struct sk_buff *skb, unsigned int hooknr,
> + const struct net_device *in, const struct net_device *out,
> + const void *data, unsigned int datalen)
> +{
> + struct ebt_log_info *info = (struct ebt_log_info *)data;
> + struct nf_loginfo li;
> +
> + li.type = NF_LOG_TYPE_LOG;
> + li.u.log.level = info->loglevel;
> + li.u.log.logflags = info->bitmask;
> +
> + nf_log_packet(PF_BRIDGE, hooknr, skb, in, out, &li, info->prefix);
Should be ebt_log_packet
> }
>
> static struct ebt_watcher log =
> @@ -154,13 +178,32 @@ static struct ebt_watcher log =
> .me = THIS_MODULE,
> };
>
> +static struct nf_logger ebt_log_logger = {
> + .name = "ebt_log",
> + .logfn = &ebt_log_packet,
> + .me = THIS_MODULE,
> +};
> +
> static int __init init(void)
> {
> - return ebt_register_watcher(&log);
> + int ret;
> +
> + ret = ebt_register_watcher(&log);
> + if (ret < 0)
> + return ret;
> + if (nf_log_register(PF_BRIDGE, &ebt_log_logger) < 0) {
> + printk(KERN_WARNING "ebt_log: not logging via system console "
> + "since somebody else already registered for PF_INET\n");
> + /* wecannot make module load fail here, since otherwise
> + * ebtables userspace would abort */
> + }
Since we're using PF_BRIDGE instead of PF_INET now, this if construct
can be replaced by a simple call to nf_log_register.
|
