ebtables-audit.patch

   1 --- ebtables2.orig/extensions/ebt_AUDIT.c       1970-01-01 01:00:00.000000000 +0100
   2 +++ ebtables2.orig/extensions/ebt_AUDIT.c       2011-01-07 10:53:46.680329228 +0100
   3 @@ -0,0 +1,110 @@
   4 +
   5 +#include <stdio.h>
   6 +#include <stdlib.h>
   7 +#include <string.h>
   8 +#include <getopt.h>
   9 +#include "../include/ebtables_u.h"
  10 +#include <linux/netfilter/xt_AUDIT.h>
  11 +
  12 +#define AUDIT_TYPE  '1'
  13 +static struct option opts[] =
  14 +{
  15 +       { "audit-type" , required_argument, 0, AUDIT_TYPE },
  16 +       { 0 }
  17 +};
  18 +
  19 +static void print_help()
  20 +{
  21 +       printf(
  22 +       "AUDIT target options:\n"
  23 +       " --audit-type TYPE          : Set action type to record.\n");
  24 +}
  25 +
  26 +static void init(struct ebt_entry_target *target)
  27 +{
  28 +       struct xt_AUDIT_info *info = (struct xt_AUDIT_info *) target->data;
  29 +
  30 +       info->type = 0;
  31 +}
  32 +
  33 +static int parse(int c, char **argv, int argc,
  34 +   const struct ebt_u_entry *entry, unsigned int *flags,
  35 +   struct ebt_entry_target **target)
  36 +{
  37 +       struct xt_AUDIT_info *info = (struct xt_AUDIT_info *) (*target)->data;
  38 +
  39 +       switch (c) {
  40 +       case AUDIT_TYPE:
  41 +               ebt_check_option2(flags, AUDIT_TYPE);
  42 +
  43 +               if (!strcasecmp(optarg, "accept"))
  44 +                       info->type = XT_AUDIT_TYPE_ACCEPT;
  45 +               else if (!strcasecmp(optarg, "drop"))
  46 +                       info->type = XT_AUDIT_TYPE_DROP;
  47 +               else if (!strcasecmp(optarg, "reject"))
  48 +                       info->type = XT_AUDIT_TYPE_REJECT;
  49 +               else
  50 +                       ebt_print_error2("Bad action type value `%s'", optarg);
  51 +
  52 +               break;
  53 +        default:
  54 +               return 0;
  55 +       }
  56 +       return 1;
  57 +}
  58 +
  59 +static void final_check(const struct ebt_u_entry *entry,
  60 +   const struct ebt_entry_match *match, const char *name,
  61 +   unsigned int hookmask, unsigned int time)
  62 +{
  63 +}
  64 +
  65 +static void print(const struct ebt_u_entry *entry,
  66 +   const struct ebt_entry_target *target)
  67 +{
  68 +       const struct xt_AUDIT_info *info =
  69 +               (const struct xt_AUDIT_info *) target->data;
  70 +
  71 +       printf("--audit-type ");
  72 +
  73 +       switch(info->type) {
  74 +       case XT_AUDIT_TYPE_ACCEPT:
  75 +               printf("accept");
  76 +               break;
  77 +       case XT_AUDIT_TYPE_DROP:
  78 +               printf("drop");
  79 +               break;
  80 +       case XT_AUDIT_TYPE_REJECT:
  81 +               printf("reject");
  82 +               break;
  83 +       }
  84 +}
  85 +
  86 +static int compare(const struct ebt_entry_target *t1,
  87 +   const struct ebt_entry_target *t2)
  88 +{
  89 +       const struct xt_AUDIT_info *info1 =
  90 +               (const struct xt_AUDIT_info *) t1->data;
  91 +       const struct xt_AUDIT_info *info2 =
  92 +               (const struct xt_AUDIT_info *) t2->data;
  93 +
  94 +       return info1->type == info2->type;
  95 +}
  96 +
  97 +static struct ebt_u_target AUDIT_target =
  98 +{
  99 +       .name           = "AUDIT",
 100 +       .size           = sizeof(struct xt_AUDIT_info),
 101 +       .help           = print_help,
 102 +       .init           = init,
 103 +       .parse          = parse,
 104 +       .final_check    = final_check,
 105 +       .print          = print,
 106 +       .compare        = compare,
 107 +       .extra_ops      = opts,
 108 +};
 109 +
 110 +void _init(void)
 111 +{
 112 +       ebt_register_target(&AUDIT_target);
 113 +}
 114 --- ebtables2.orig/extensions/Makefile  2011-01-07 10:55:28.077246240 +0100
 115 +++ ebtables2.orig/extensions/Makefile  2011-01-07 10:53:46.686329230 +0100
 116 @@ -1,7 +1,7 @@
 117  #! /usr/bin/make
 118
 119  EXT_FUNC+=802_3 nat arp arpreply ip ip6 standard log redirect vlan mark_m mark \
 120 -          pkttype stp among limit ulog nflog
 121 +          pkttype stp among limit ulog nflog AUDIT
 122  EXT_TABLES+=filter nat broute
 123  EXT_OBJS+=$(foreach T,$(EXT_FUNC), extensions/ebt_$(T).o)
 124  EXT_OBJS+=$(foreach T,$(EXT_TABLES), extensions/ebtable_$(T).o)
 125 --- a/include/linux/netfilter/xt_AUDIT.h
 126 +++ a/include/linux/netfilter/xt_AUDIT.h
 127 @@ -0,0 +1,30 @@
 128 +/*
 129 + * Header file for iptables xt_AUDIT target
 130 + *
 131 + * (C) 2010-2011 Thomas Graf <tgraf@redhat.com>
 132 + * (C) 2010-2011 Red Hat, Inc.
 133 + *
 134 + * This program is free software; you can redistribute it and/or modify
 135 + * it under the terms of the GNU General Public License version 2 as
 136 + * published by the Free Software Foundation.
 137 + */
 138 +
 139 +#ifndef _XT_AUDIT_TARGET_H
 140 +#define _XT_AUDIT_TARGET_H
 141 +
 142 +#include <linux/types.h>
 143 +
 144 +enum {
 145 +       XT_AUDIT_TYPE_ACCEPT = 0,
 146 +       XT_AUDIT_TYPE_DROP,
 147 +       XT_AUDIT_TYPE_REJECT,
 148 +       __XT_AUDIT_TYPE_MAX,
 149 +};
 150 +
 151 +#define XT_AUDIT_TYPE_MAX (__XT_AUDIT_TYPE_MAX - 1)
 152 +
 153 +struct xt_AUDIT_info {
 154 +       __u8 type; /* XT_AUDIT_TYPE_* */
 155 +};
 156 +
 157 +#endif /* _XT_AUDIT_TARGET_H */