aboutsummaryrefslogtreecommitdiffstats
path: root/include/linux/netfilter/nfnetlink_log.h
Commit message (Collapse)AuthorAgeFilesLines
* headers: use __aligned_xx types for userspaceMike Frysinger2011-03-181-2/+2
| | | | | | | | Now that we finally have __aligned_xx exported to userspace, convert the headers that get exported over to the proper type. Signed-off-by: Mike Frysinger <vapier@gentoo.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* nfnetlink_log: do not expose NFULNL_COPY_DISABLED to user-spacePablo Neira Ayuso2010-07-151-1/+1
| | | | | | | | | | | | | | | | | | | | | This patch moves NFULNL_COPY_PACKET definition from linux/netfilter/nfnetlink_log.h to net/netfilter/nfnetlink_log.h since this copy mode is only for internal use. I have also changed the value from 0x03 to 0xff. Thus, we avoid a gap from user-space that may confuse users if we add new copy modes in the future. This change was introduced in: http://www.spinics.net/lists/netfilter-devel/msg13535.html Since this change is not included in any stable Linux kernel, I think it's safe to make this change now. Anyway, this copy mode does not make any sense from user-space, so this patch should not break any existing setup. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: Patrick McHardy <kaber@trash.net>
* netfilter: nfnetlink_log: RCU conversion, part 2Eric Dumazet2010-06-141-0/+1
| | | | | | | | | | | | | | - must use atomic_inc_not_zero() in instance_lookup_get() - must use hlist_add_head_rcu() instead of hlist_add_head() - must use hlist_del_rcu() instead of hlist_del() - Introduce NFULNL_COPY_DISABLED to stop lockless reader from using an instance, before we do final instance_put() on it. Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com> Signed-off-by: Patrick McHardy <kaber@trash.net>
* make netfilter use strict integer typesArnd Bergmann2009-03-261-16/+16
| | | | | | | | | | | | Netfilter traditionally uses BSD integer types in its interface headers. This changes it to use the Linux strict integer types, like everyone else. Cc: netfilter-devel@vger.kernel.org Signed-off-by: Arnd Bergmann <arnd@arndb.de> Acked-by: David S. Miller <davem@davemloft.net> Signed-off-by: H. Peter Anvin <hpa@linux.intel.com> Signed-off-by: Ingo Molnar <mingo@elte.hu>
* netfilter: nfnetlink_log: send complete hardware headerEric Leblond2008-07-211-0/+3
| | | | | | | | | | | | | This patch adds some fields to NFLOG to be able to send the complete hardware header with all necessary informations. It sends to userspace: * the type of hardware link * the lenght of hardware header * the hardware header Signed-off-by: Eric Leblond <eric@inl.fr> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER]: nfnetlink_log: include GID in netlink messagePatrick McHardy2008-01-281-0/+1
| | | | | | | | Similar to Maciej Soltysiak's ipt_LOG patch, include GID in addition to UID in netlink message. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER]: nfnetlink_log: remove useless prefix length limitationPatrick McHardy2006-12-021-2/+0
| | | | | | There is no reason for limiting netlink attributes in size. Signed-off-by: Patrick McHardy <kaber@trash.net>
* [NETFILTER]: trivial annotationsAl Viro2006-12-021-5/+5
| | | | | Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER]: nfnetlink: remove unnecessary packed attributesPatrick McHardy2006-09-221-3/+3
| | | | | | | | Remove unnecessary packed attributes in nfnetlink structures. Unfortunately in a few cases they have to stay to avoid changing structure sizes. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER] nfnetlink_log: add sequence numbers for log eventsHarald Welte2006-03-201-0/+6
| | | | | | | | | | | | By using a sequence number for every logged netfilter event, we can determine from userspace whether logging information was lots somewhere downstream. The user has a choice of either having per-instance local sequence counters, or using a global sequence counter, or both. Signed-off-by: Harald Welte <laforge@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER]: introduce and use aligned_u64 data typeHarald Welte2005-08-291-2/+3
| | | | | | | | | As proposed by Andi Kleen, this is required esp. for x86_64 architecture, where 64bit code needs 8byte aligned 64bit data types, but 32bit userspace apps will only align to 4bytes. Signed-off-by: Harald Welte <laforge@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER]: add correct bridging support to nfnetlink_{queue,log}Harald Welte2005-08-291-0/+2
| | | | | | | | | | | | This patch adds support for passing the real 'physical' device ifindex down to userspace via nfnetlink_log and nfnetlink_queue. This feature basically obsoletes net/bridge/netfilter/ebt_ulog.c, and it is likely ebt_ulog.c will die with one of the next couple of patches. Signed-off-by: Harald Welte <laforge@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER]: Add new "nfnetlink_log" userspace packet logging facilityHarald Welte2005-08-291-0/+85
This is a generic (layer3 independent) version of what ipt_ULOG is already doing for IPv4 today. ipt_ULOG, ebt_ulog and finally also ip[6]t_LOG will be deprecated by this mechanism in the long term. Signed-off-by: Harald Welte <laforge@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net>
generated by cgit v1.1 at 2024-09-15 20:15:46 +0000