projects / packages / ebtables.git / blame
| Commit | Line | Data |
|---|---|---|
| 3b11dff3 JR |
1 | --- ebtables2.orig/extensions/ebt_AUDIT.c 1970-01-01 01:00:00.000000000 +0100 |
| 2 | +++ ebtables2.orig/extensions/ebt_AUDIT.c 2011-01-07 10:53:46.680329228 +0100 | |
| 3 | @@ -0,0 +1,110 @@ | |
| 4 | + | |
| 5 | +#include <stdio.h> | |
| 6 | +#include <stdlib.h> | |
| 7 | +#include <string.h> | |
| 8 | +#include <getopt.h> | |
| 9 | +#include "../include/ebtables_u.h" | |
| 10 | +#include <linux/netfilter/xt_AUDIT.h> | |
| 11 | + | |
| 12 | +#define AUDIT_TYPE '1' | |
| 13 | +static struct option opts[] = | |
| 14 | +{ | |
| 15 | + { "audit-type" , required_argument, 0, AUDIT_TYPE }, | |
| 16 | + { 0 } | |
| 17 | +}; | |
| 18 | + | |
| 19 | +static void print_help() | |
| 20 | +{ | |
| 21 | + printf( | |
| 22 | + "AUDIT target options:\n" | |
| 23 | + " --audit-type TYPE : Set action type to record.\n"); | |
| 24 | +} | |
| 25 | + | |
| 26 | +static void init(struct ebt_entry_target *target) | |
| 27 | +{ | |
| 28 | + struct xt_AUDIT_info *info = (struct xt_AUDIT_info *) target->data; | |
| 29 | + | |
| 30 | + info->type = 0; | |
| 31 | +} | |
| 32 | + | |
| 33 | +static int parse(int c, char **argv, int argc, | |
| 34 | + const struct ebt_u_entry *entry, unsigned int *flags, | |
| 35 | + struct ebt_entry_target **target) | |
| 36 | +{ | |
| 37 | + struct xt_AUDIT_info *info = (struct xt_AUDIT_info *) (*target)->data; | |
| 38 | + | |
| 39 | + switch (c) { | |
| 40 | + case AUDIT_TYPE: | |
| 41 | + ebt_check_option2(flags, AUDIT_TYPE); | |
| 42 | + | |
| 43 | + if (!strcasecmp(optarg, "accept")) | |
| 44 | + info->type = XT_AUDIT_TYPE_ACCEPT; | |
| 45 | + else if (!strcasecmp(optarg, "drop")) | |
| 46 | + info->type = XT_AUDIT_TYPE_DROP; | |
| 47 | + else if (!strcasecmp(optarg, "reject")) | |
| 48 | + info->type = XT_AUDIT_TYPE_REJECT; | |
| 49 | + else | |
| 50 | + ebt_print_error2("Bad action type value `%s'", optarg); | |
| 51 | + | |
| 52 | + break; | |
| 53 | + default: | |
| 54 | + return 0; | |
| 55 | + } | |
| 56 | + return 1; | |
| 57 | +} | |
| 58 | + | |
| 59 | +static void final_check(const struct ebt_u_entry *entry, | |
| 60 | + const struct ebt_entry_match *match, const char *name, | |
| 61 | + unsigned int hookmask, unsigned int time) | |
| 62 | +{ | |
| 63 | +} | |
| 64 | + | |
| 65 | +static void print(const struct ebt_u_entry *entry, | |
| 66 | + const struct ebt_entry_target *target) | |
| 67 | +{ | |
| 68 | + const struct xt_AUDIT_info *info = | |
| 69 | + (const struct xt_AUDIT_info *) target->data; | |
| 70 | + | |
| 71 | + printf("--audit-type "); | |
| 72 | + | |
| 73 | + switch(info->type) { | |
| 74 | + case XT_AUDIT_TYPE_ACCEPT: | |
| 75 | + printf("accept"); | |
| 76 | + break; | |
| 77 | + case XT_AUDIT_TYPE_DROP: | |
| 78 | + printf("drop"); | |
| 79 | + break; | |
| 80 | + case XT_AUDIT_TYPE_REJECT: | |
| 81 | + printf("reject"); | |
| 82 | + break; | |
| 83 | + } | |
| 84 | +} | |
| 85 | + | |
| 86 | +static int compare(const struct ebt_entry_target *t1, | |
| 87 | + const struct ebt_entry_target *t2) | |
| 88 | +{ | |
| 89 | + const struct xt_AUDIT_info *info1 = | |
| 90 | + (const struct xt_AUDIT_info *) t1->data; | |
| 91 | + const struct xt_AUDIT_info *info2 = | |
| 92 | + (const struct xt_AUDIT_info *) t2->data; | |
| 93 | + | |
| 94 | + return info1->type == info2->type; | |
| 95 | +} | |
| 96 | + | |
| 97 | +static struct ebt_u_target AUDIT_target = | |
| 98 | +{ | |
| 99 | + .name = "AUDIT", | |
| 100 | + .size = sizeof(struct xt_AUDIT_info), | |
| 101 | + .help = print_help, | |
| 102 | + .init = init, | |
| 103 | + .parse = parse, | |
| 104 | + .final_check = final_check, | |
| 105 | + .print = print, | |
| 106 | + .compare = compare, | |
| 107 | + .extra_ops = opts, | |
| 108 | +}; | |
| 109 | + | |
| 110 | +void _init(void) | |
| 111 | +{ | |
| 112 | + ebt_register_target(&AUDIT_target); | |
| 113 | +} | |
| 114 | --- ebtables2.orig/extensions/Makefile 2011-01-07 10:55:28.077246240 +0100 | |
| 115 | +++ ebtables2.orig/extensions/Makefile 2011-01-07 10:53:46.686329230 +0100 | |
| 116 | @@ -1,7 +1,7 @@ | |
| 117 | #! /usr/bin/make | |
| 118 | ||
| 119 | EXT_FUNC+=802_3 nat arp arpreply ip ip6 standard log redirect vlan mark_m mark \ | |
| 120 | - pkttype stp among limit ulog nflog | |
| 121 | + pkttype stp among limit ulog nflog AUDIT | |
| 122 | EXT_TABLES+=filter nat broute | |
| 123 | EXT_OBJS+=$(foreach T,$(EXT_FUNC), extensions/ebt_$(T).o) | |
| 124 | EXT_OBJS+=$(foreach T,$(EXT_TABLES), extensions/ebtable_$(T).o) | |
| 125 | --- a/include/linux/netfilter/xt_AUDIT.h | |
| 126 | +++ a/include/linux/netfilter/xt_AUDIT.h | |
| 127 | @@ -0,0 +1,30 @@ | |
| 128 | +/* | |
| 129 | + * Header file for iptables xt_AUDIT target | |
| 130 | + * | |
| 131 | + * (C) 2010-2011 Thomas Graf <tgraf@redhat.com> | |
| 132 | + * (C) 2010-2011 Red Hat, Inc. | |
| 133 | + * | |
| 134 | + * This program is free software; you can redistribute it and/or modify | |
| 135 | + * it under the terms of the GNU General Public License version 2 as | |
| 136 | + * published by the Free Software Foundation. | |
| 137 | + */ | |
| 138 | + | |
| 139 | +#ifndef _XT_AUDIT_TARGET_H | |
| 140 | +#define _XT_AUDIT_TARGET_H | |
| 141 | + | |
| 142 | +#include <linux/types.h> | |
| 143 | + | |
| 144 | +enum { | |
| 145 | + XT_AUDIT_TYPE_ACCEPT = 0, | |
| 146 | + XT_AUDIT_TYPE_DROP, | |
| 147 | + XT_AUDIT_TYPE_REJECT, | |
| 148 | + __XT_AUDIT_TYPE_MAX, | |
| 149 | +}; | |
| 150 | + | |
| 151 | +#define XT_AUDIT_TYPE_MAX (__XT_AUDIT_TYPE_MAX - 1) | |
| 152 | + | |
| 153 | +struct xt_AUDIT_info { | |
| 154 | + __u8 type; /* XT_AUDIT_TYPE_* */ | |
| 155 | +}; | |
| 156 | + | |
| 157 | +#endif /* _XT_AUDIT_TARGET_H */ |