LXR linux/net/netfilter/xt

   1// SPDX-License-Identifier: GPL-2.0-only
   2/*
   3 * Copyright (c) 2006 Patrick McHardy <kaber@trash.net>
   4 */
   5
   6#include <linux/module.h>
   7#include <linux/init.h>
   8#include <linux/skbuff.h>
   9
  10#include <linux/netfilter/x_tables.h>
  11#include <linux/netfilter/xt_NFLOG.h>
  12#include <net/netfilter/nf_log.h>
  13
  14MODULE_AUTHOR("Patrick McHardy <kaber@trash.net>");
  15MODULE_DESCRIPTION("Xtables: packet logging to netlink using NFLOG");
  16MODULE_LICENSE("GPL");
  17MODULE_ALIAS("ipt_NFLOG");
  18MODULE_ALIAS("ip6t_NFLOG");
  19
  20static unsigned int
  21nflog_tg(struct sk_buff *skb, const struct xt_action_param *par)
  22{
  23        const struct xt_nflog_info *info = par->targinfo;
  24        struct net *net = xt_net(par);
  25        struct nf_loginfo li;
  26
  27        li.type              = NF_LOG_TYPE_ULOG;
  28        li.u.ulog.copy_len   = info->len;
  29        li.u.ulog.group      = info->group;
  30        li.u.ulog.qthreshold = info->threshold;
  31        li.u.ulog.flags      = 0;
  32
  33        if (info->flags & XT_NFLOG_F_COPY_LEN)
  34                li.u.ulog.flags |= NF_LOG_F_COPY_LEN;
  35
  36        nf_log_packet(net, xt_family(par), xt_hooknum(par), skb, xt_in(par),
  37                      xt_out(par), &li, "%s", info->prefix);
  38
  39        return XT_CONTINUE;
  40}
  41
  42static int nflog_tg_check(const struct xt_tgchk_param *par)
  43{
  44        const struct xt_nflog_info *info = par->targinfo;
  45        int ret;
  46
  47        if (info->flags & ~XT_NFLOG_MASK)
  48                return -EINVAL;
  49        if (info->prefix[sizeof(info->prefix) - 1] != '\0')
  50                return -EINVAL;
  51
  52        ret = nf_logger_find_get(par->family, NF_LOG_TYPE_ULOG);
  53        if (ret != 0 && !par->nft_compat) {
  54                request_module("%s", "nfnetlink_log");
  55
  56                ret = nf_logger_find_get(par->family, NF_LOG_TYPE_ULOG);
  57        }
  58
  59        return ret;
  60}
  61
  62static void nflog_tg_destroy(const struct xt_tgdtor_param *par)
  63{
  64        nf_logger_put(par->family, NF_LOG_TYPE_ULOG);
  65}
  66
  67static struct xt_target nflog_tg_reg __read_mostly = {
  68        .name       = "NFLOG",
  69        .revision   = 0,
  70        .family     = NFPROTO_UNSPEC,
  71        .checkentry = nflog_tg_check,
  72        .destroy    = nflog_tg_destroy,
  73        .target     = nflog_tg,
  74        .targetsize = sizeof(struct xt_nflog_info),
  75        .me         = THIS_MODULE,
  76};
  77
  78static int __init nflog_tg_init(void)
  79{
  80        return xt_register_target(&nflog_tg_reg);
  81}
  82
  83static void __exit nflog_tg_exit(void)
  84{
  85        xt_unregister_target(&nflog_tg_reg);
  86}
  87
  88module_init(nflog_tg_init);
  89module_exit(nflog_tg_exit);
  90MODULE_SOFTDEP("pre: nfnetlink_log");
  91