This is a hopefully correct implementation of what I wanted to achieve in the same named RFC sent before: Instead of relying on the netlink msgid to be equal to the sender's PID, make use of the kernel infrastructure added in a previous patch. Note that this implementation does not use libnftnl like other parts of the code. I skipped that because handling of NFT_MSG_PROC_INFO type messages is unidirectional only and they contain just two attributes - the amount of code to add to libnftnl to parse them there seemed not feasible just to follow coding-style. The first patch is probably redundant since it's changes will be imported by a generic kernel header update anyway, but it allows for quickly testing the implementation so left here for reference. Phil Sutter (2): include: Add proc_info symbols to nf_tables.h monitor: Support printing processes which caused the event include/linux/netfilter/nf_tables.h | 15 ++++++++ include/nftables.h | 1 + src/main.c | 12 +++++- src/netlink.c | 76 ++++++++++++++++++++++++++++++++++--- src/rule.c | 2 - 5 files changed, 98 insertions(+), 8 deletions(-) -- 2.11.0 -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
