commit 2c2e8051726fb34980d1e7b72c15d0a6eba4cfc0 Author: Patrick McHardy <kaber@xxxxxxxxx> Date: Fri Jan 18 17:44:52 2008 +0100 [LIBNL]: nfnetlink_log: support NUFLA_GID attribute The NUFLA_GID attribute (currently only in net-2.6.25) contains the gid of the sending process for locally generated packets. Signed-off-by: Patrick McHardy <kaber@xxxxxxxxx> diff --git a/include/linux/netfilter/nfnetlink_log.h b/include/linux/netfilter/nfnetlink_log.h index 2de5df9..38fafc1 100644 --- a/include/linux/netfilter/nfnetlink_log.h +++ b/include/linux/netfilter/nfnetlink_log.h @@ -51,6 +51,7 @@ enum nfulnl_attr_type { NFULA_UID, /* user id of socket */ NFULA_SEQ, /* instance-local sequence number */ NFULA_SEQ_GLOBAL, /* global sequence number */ + NFULA_GID, /* group id of socket */ __NFULA_MAX }; diff --git a/include/netlink-types.h b/include/netlink-types.h index f7bddca..cbf903e 100644 --- a/include/netlink-types.h +++ b/include/netlink-types.h @@ -751,6 +751,7 @@ struct nfnl_log { int log_payload_len; char * log_prefix; uint32_t log_uid; + uint32_t log_gid; uint32_t log_seq; uint32_t log_seq_global; }; diff --git a/include/netlink/netfilter/log.h b/include/netlink/netfilter/log.h index e65cc58..817de2d 100644 --- a/include/netlink/netfilter/log.h +++ b/include/netlink/netfilter/log.h @@ -89,6 +89,10 @@ extern void nfnl_log_set_uid(struct nfnl_log *, uint32_t); extern int nfnl_log_test_uid(const struct nfnl_log *); extern uint32_t nfnl_log_get_uid(const struct nfnl_log *); +extern void nfnl_log_set_gid(struct nfnl_log *, uint32_t); +extern int nfnl_log_test_gid(const struct nfnl_log *); +extern uint32_t nfnl_log_get_gid(const struct nfnl_log *); + extern void nfnl_log_set_seq(struct nfnl_log *, uint32_t); extern int nfnl_log_test_seq(const struct nfnl_log *); extern uint32_t nfnl_log_get_seq(const struct nfnl_log *); diff --git a/lib/netfilter/log.c b/lib/netfilter/log.c index a900927..8d70e7f 100644 --- a/lib/netfilter/log.c +++ b/lib/netfilter/log.c @@ -58,6 +58,7 @@ static struct nla_policy log_policy[NFULA_MAX+1] = { //[NFULA_PAYLOAD] [NFULA_PREFIX] = { .type = NLA_STRING, }, [NFULA_UID] = { .type = NLA_U32 }, + [NFULA_GID] = { .type = NLA_U32 }, [NFULA_SEQ] = { .type = NLA_U32 }, [NFULA_SEQ_GLOBAL] = { .type = NLA_U32 }, }; @@ -146,6 +147,10 @@ struct nfnl_log *nfnlmsg_log_parse(struct nlmsghdr *nlh) if (attr) nfnl_log_set_uid(log, ntohl(nla_get_u32(attr))); + attr = tb[NFULA_GID]; + if (attr) + nfnl_log_set_gid(log, ntohl(nla_get_u32(attr))); + attr = tb[NFULA_SEQ]; if (attr) nfnl_log_set_seq(log, ntohl(nla_get_u32(attr))); diff --git a/lib/netfilter/log_obj.c b/lib/netfilter/log_obj.c index c3adc51..0e4411e 100644 --- a/lib/netfilter/log_obj.c +++ b/lib/netfilter/log_obj.c @@ -29,8 +29,9 @@ #define LOG_ATTR_PAYLOAD (1UL << 10) #define LOG_ATTR_PREFIX (1UL << 11) #define LOG_ATTR_UID (1UL << 12) -#define LOG_ATTR_SEQ (1UL << 13) -#define LOG_ATTR_SEQ_GLOBAL (1UL << 14) +#define LOG_ATTR_GID (1UL << 13) +#define LOG_ATTR_SEQ (1UL << 14) +#define LOG_ATTR_SEQ_GLOBAL (1UL << 15) /** @endcond */ static void log_free_data(struct nl_object *c) @@ -144,6 +145,12 @@ static int log_dump(struct nl_object *a, struct nl_dump_params *p) if (log->ce_mask & LOG_ATTR_PAYLOAD) dp_dump(p, "PAYLOADLEN=%d ", log->log_payload_len); + if (log->ce_mask & LOG_ATTR_UID) + dp_dump(p, "UID=%u ", log->log_uid); + + if (log->ce_mask & LOG_ATTR_GID) + dp_dump(p, "GID=%u ", log->log_gid); + if (log->ce_mask & LOG_ATTR_SEQ) dp_dump(p, "SEQ=%d ", log->log_seq); @@ -378,6 +385,23 @@ uint32_t nfnl_log_get_uid(const struct nfnl_log *log) return log->log_uid; } +void nfnl_log_set_gid(struct nfnl_log *log, uint32_t gid) +{ + log->log_gid = gid; + log->ce_mask |= LOG_ATTR_GID; +} + +int nfnl_log_test_gid(const struct nfnl_log *log) +{ + return !!(log->ce_mask & LOG_ATTR_GID); +} + +uint32_t nfnl_log_get_gid(const struct nfnl_log *log) +{ + return log->log_gid; +} + + void nfnl_log_set_seq(struct nfnl_log *log, uint32_t seq) { log->log_seq = seq; - To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html