[linux-block.git] / net / netfilter / xt_NFLOG.c

// SPDX-License-Identifier: GPL-2.0-only
/*
 * Copyright (c) 2006 Patrick McHardy <kaber@trash.net>
 */

#include <linux/module.h>
#include <linux/init.h>
#include <linux/skbuff.h>

#include <linux/netfilter/x_tables.h>
#include <linux/netfilter/xt_NFLOG.h>
#include <net/netfilter/nf_log.h>

MODULE_AUTHOR("Patrick McHardy <kaber@trash.net>");
MODULE_DESCRIPTION("Xtables: packet logging to netlink using NFLOG");
MODULE_LICENSE("GPL");
MODULE_ALIAS("ipt_NFLOG");
MODULE_ALIAS("ip6t_NFLOG");

static unsigned int
nflog_tg(struct sk_buff *skb, const struct xt_action_param *par)
{
	const struct xt_nflog_info *info = par->targinfo;
	struct net *net = xt_net(par);
	struct nf_loginfo li;

	li.type		     = NF_LOG_TYPE_ULOG;
	li.u.ulog.copy_len   = info->len;
	li.u.ulog.group	     = info->group;
	li.u.ulog.qthreshold = info->threshold;
	li.u.ulog.flags	     = 0;

	if (info->flags & XT_NFLOG_F_COPY_LEN)
		li.u.ulog.flags |= NF_LOG_F_COPY_LEN;

	nf_log_packet(net, xt_family(par), xt_hooknum(par), skb, xt_in(par),
		      xt_out(par), &li, "%s", info->prefix);

	return XT_CONTINUE;
}

static int nflog_tg_check(const struct xt_tgchk_param *par)
{
	const struct xt_nflog_info *info = par->targinfo;
	int ret;

	if (info->flags & ~XT_NFLOG_MASK)
		return -EINVAL;
	if (info->prefix[sizeof(info->prefix) - 1] != '\0')
		return -EINVAL;

	ret = nf_logger_find_get(par->family, NF_LOG_TYPE_ULOG);
	if (ret != 0 && !par->nft_compat) {
		request_module("%s", "nfnetlink_log");

		ret = nf_logger_find_get(par->family, NF_LOG_TYPE_ULOG);
	}

	return ret;
}

static void nflog_tg_destroy(const struct xt_tgdtor_param *par)
{
	nf_logger_put(par->family, NF_LOG_TYPE_ULOG);
}

static struct xt_target nflog_tg_reg __read_mostly = {
	.name       = "NFLOG",
	.revision   = 0,
	.family     = NFPROTO_UNSPEC,
	.checkentry = nflog_tg_check,
	.destroy    = nflog_tg_destroy,
	.target     = nflog_tg,
	.targetsize = sizeof(struct xt_nflog_info),
	.me         = THIS_MODULE,
};

static int __init nflog_tg_init(void)
{
	return xt_register_target(&nflog_tg_reg);
}

static void __exit nflog_tg_exit(void)
{
	xt_unregister_target(&nflog_tg_reg);
}

module_init(nflog_tg_init);
module_exit(nflog_tg_exit);
MODULE_SOFTDEP("pre: nfnetlink_log");
Commit	Line	Data
d2912cb1	1	// SPDX-License-Identifier: GPL-2.0-only
baf7b1e1 PM	2	/*
baf7b1e1 PM	3	* Copyright (c) 2006 Patrick McHardy <kaber@trash.net>
baf7b1e1 PM	4	*/
	5
	6	#include <linux/module.h>
	7	#include <linux/init.h>
	8	#include <linux/skbuff.h>
	9
	10	#include <linux/netfilter/x_tables.h>
	11	#include <linux/netfilter/xt_NFLOG.h>
f01ffbd6	12	#include <net/netfilter/nf_log.h>
baf7b1e1 PM	13
baf7b1e1 PM	14	MODULE_AUTHOR("Patrick McHardy <kaber@trash.net>");
2ae15b64	15	MODULE_DESCRIPTION("Xtables: packet logging to netlink using NFLOG");
baf7b1e1 PM	16	MODULE_LICENSE("GPL");
	17	MODULE_ALIAS("ipt_NFLOG");
	18	MODULE_ALIAS("ip6t_NFLOG");
	19
	20	static unsigned int
4b560b44	21	nflog_tg(struct sk_buff skb, const struct xt_action_param par)
baf7b1e1	22	{
7eb35586	23	const struct xt_nflog_info *info = par->targinfo;
613dbd95	24	struct net *net = xt_net(par);
baf7b1e1 PM	25	struct nf_loginfo li;
	26
	27	li.type = NF_LOG_TYPE_ULOG;
	28	li.u.ulog.copy_len = info->len;
	29	li.u.ulog.group = info->group;
	30	li.u.ulog.qthreshold = info->threshold;
6d19375b	31	li.u.ulog.flags = 0;
baf7b1e1	32
7643507f VP	33	if (info->flags & XT_NFLOG_F_COPY_LEN)
	34	li.u.ulog.flags \|= NF_LOG_F_COPY_LEN;
	35
ce20cdf4 TY	36	nf_log_packet(net, xt_family(par), xt_hooknum(par), skb, xt_in(par),
	37	xt_out(par), &li, "%s", info->prefix);
	38
baf7b1e1 PM	39	return XT_CONTINUE;
	40	}
	41
135367b8	42	static int nflog_tg_check(const struct xt_tgchk_param *par)
baf7b1e1	43	{
af5d6dc2	44	const struct xt_nflog_info *info = par->targinfo;
b53deef0	45	int ret;
baf7b1e1 PM	46
baf7b1e1 PM	47	if (info->flags & ~XT_NFLOG_MASK)
d6b00a53	48	return -EINVAL;
baf7b1e1	49	if (info->prefix[sizeof(info->prefix) - 1] != '\0')
d6b00a53	50	return -EINVAL;
ce20cdf4	51
b53deef0 FW	52	ret = nf_logger_find_get(par->family, NF_LOG_TYPE_ULOG);
	53	if (ret != 0 && !par->nft_compat) {
	54	request_module("%s", "nfnetlink_log");
	55
	56	ret = nf_logger_find_get(par->family, NF_LOG_TYPE_ULOG);
	57	}
	58
	59	return ret;
ce20cdf4 TY	60	}
	61
	62	static void nflog_tg_destroy(const struct xt_tgdtor_param *par)
	63	{
	64	nf_logger_put(par->family, NF_LOG_TYPE_ULOG);
baf7b1e1 PM	65	}
baf7b1e1 PM	66
92f3b2b1 JE	67	static struct xt_target nflog_tg_reg __read_mostly = {
	68	.name = "NFLOG",
	69	.revision = 0,
	70	.family = NFPROTO_UNSPEC,
	71	.checkentry = nflog_tg_check,
ce20cdf4	72	.destroy = nflog_tg_destroy,
92f3b2b1 JE	73	.target = nflog_tg,
	74	.targetsize = sizeof(struct xt_nflog_info),
	75	.me = THIS_MODULE,
baf7b1e1 PM	76	};
baf7b1e1 PM	77
d3c5ee6d	78	static int __init nflog_tg_init(void)
baf7b1e1	79	{
92f3b2b1	80	return xt_register_target(&nflog_tg_reg);
baf7b1e1 PM	81	}
baf7b1e1 PM	82
d3c5ee6d	83	static void __exit nflog_tg_exit(void)
baf7b1e1	84	{
92f3b2b1	85	xt_unregister_target(&nflog_tg_reg);
baf7b1e1 PM	86	}
baf7b1e1 PM	87
d3c5ee6d JE	88	module_init(nflog_tg_init);
d3c5ee6d JE	89	module_exit(nflog_tg_exit);
a38b5b56	90	MODULE_SOFTDEP("pre: nfnetlink_log");