Am 15.01.2011 00:48, schrieb Thomas Graf: > [Save the planet and make Jan happy by returning EDOM instead of ERANGE] > > This patch adds a new netfilter target which creates audit records > for packets traversing a certain chain. > > It can be used to record packets which are rejected administraively > as follows: > > -N AUDIT_DROP > -A AUDIT_DROP -j AUDIT --type DROP > -A AUDIT_DROP -j DROP > > a rule which would typically drop or reject a packet would then > invoke the new chain to record packets before dropping them. > > -j AUDIT_DROP > > The module is protocol independant and works for iptables, ip6tables > and ebtables. > > The following information is logged: > - netfilter hook > - packet length > - incomming/outgoing interface > - MAC src/dst/proto for ethernet packets > - src/dst/protocol address for IPv4/IPv6 > - src/dst port for TCP/UDP/UDPLITE > - icmp type/code Looks fine to me, if there are no further objections, I'll apply this tommorrow. > -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
