diff options
author | Shivani Bhardwaj <shivanib134@gmail.com> | 2015-12-23 01:32:46 +0530 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2016-02-16 19:30:22 +0100 |
commit | d0125f890698dd84553db3d27eea7e36ebbdbf88 (patch) | |
tree | 387c38ec32b0c83b7cd2c2e2e4bafd7d163432c2 /extensions/libxt_NFLOG.c | |
parent | 4eb2c9ca79fb38352b3de500f9eb10f1578ef83f (diff) |
extensions: libxt_NFLOG: Add group_info and remove multiple keywords
Add group_info with every rule as it is mandatory to consider logging to
be same type as NFLOG.
Remove multiple log keywords to avoid loading multiple log expressions
at a time.
Examples:
$ sudo iptables-translate -I INPUT -j NFLOG --nflog-threshold 2
nft insert rule ip filter INPUT counter log queue-threshold 2 group 0
$ sudo iptables-translate -A FORWARD -j NFLOG --nflog-group 32 --nflog-prefix "Prefix 1.0"
nft add rule ip filter FORWARD counter log prefix \"Prefix 1.0\" group 32
Reported-by: Arturo Borrero <arturoborreroglez@gmail.com>
Signed-off-by: Shivani Bhardwaj <shivanib134@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'extensions/libxt_NFLOG.c')
-rw-r--r-- | extensions/libxt_NFLOG.c | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/extensions/libxt_NFLOG.c b/extensions/libxt_NFLOG.c index 53976d2f..4f9024ab 100644 --- a/extensions/libxt_NFLOG.c +++ b/extensions/libxt_NFLOG.c @@ -89,14 +89,14 @@ static void NFLOG_save(const void *ip, const struct xt_entry_target *target) static void nflog_print_xlate(const struct xt_nflog_info *info, struct xt_buf *buf) { + xt_buf_add(buf, "log "); if (info->prefix[0] != '\0') - xt_buf_add(buf, "log prefix \\\"%s\\\" ", info->prefix); - if (info->group) - xt_buf_add(buf, "log group %u ", info->group); + xt_buf_add(buf, "prefix \\\"%s\\\" ", info->prefix); if (info->len) - xt_buf_add(buf, "log snaplen %u ", info->len); + xt_buf_add(buf, "snaplen %u ", info->len); if (info->threshold != XT_NFLOG_DEFAULT_THRESHOLD) - xt_buf_add(buf, "log queue-threshold %u ", info->threshold); + xt_buf_add(buf, "queue-threshold %u ", info->threshold); + xt_buf_add(buf, "group %u ", info->group); } static int NFLOG_xlate(const struct xt_entry_target *target, |