From d26c538b9a549082c1696221282c007692261a35 Mon Sep 17 00:00:00 2001 From: Florian Westphal Date: Wed, 9 May 2018 01:15:10 +0200 Subject: xtables: add xtables-monitor This is a partial revert of commit 7462e4aa757dc28e74b4a731b3ee13079b04ef23 ("iptables-compat: Keep xtables-config and xtables-events out from tree") and re-adds xtables-events under a new name, with a few enhancements, this is --trace mode, which replaces printk-based tracing, and an imroved event mode which will now also display pid/name and new generation id at the end of a batch. Example output of xtables-monitor --event --trace PACKET: 10 fa6b77e1 IN=wlan0 MACSRC=51:14:31:51:XX:XX MACDST=1c:b6:b0:ac:XX:XX MACPROTO=86dd SRC=2a00:3a0:2::1 DST=2b00:bf0:c001::1 LEN=1440 TC=18 HOPLIMIT=61 FLOWLBL=1921 SPORT=22 DPORT=13024 ACK PSH TRACE: 10 fa6b77e1 raw:PREROUTING:return: TRACE: 10 fa6b77e1 raw:PREROUTING:policy:DROP EVENT: -6 -t mangle -A PREROUTING -j DNPT --src-pfx dead::/64 --dst-pfx 1c3::/64 NEWGEN: GENID=6581 PID=15601 NAME=xtables-multi Signed-off-by: Florian Westphal --- iptables/Makefile.am | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'iptables/Makefile.am') diff --git a/iptables/Makefile.am b/iptables/Makefile.am index 2de14208..95e67b83 100644 --- a/iptables/Makefile.am +++ b/iptables/Makefile.am @@ -41,6 +41,7 @@ xtables_compat_multi_SOURCES += xtables-config-parser.y xtables-config-syntax.l xtables_compat_multi_SOURCES += xtables-save.c xtables-restore.c \ xtables-standalone.c xtables.c nft.c \ nft-shared.c nft-ipv4.c nft-ipv6.c nft-arp.c \ + xtables-monitor.c \ xtables-arp-standalone.c xtables-arp.c \ getethertype.c nft-bridge.c \ xtables-eb-standalone.c xtables-eb.c \ @@ -60,8 +61,9 @@ endif man_MANS = iptables.8 iptables-restore.8 iptables-save.8 \ iptables-xml.1 ip6tables.8 ip6tables-restore.8 \ ip6tables-save.8 iptables-extensions.8 \ - xtables-compat.8 xtables-translate.8 -CLEANFILES = iptables.8 \ + xtables-compat.8 xtables-translate.8 \ + xtables-monitor.8 +CLEANFILES = iptables.8 xtables-monitor.8 \ xtables-config-parser.c xtables-config-syntax.c vx_bin_links = iptables-xml @@ -76,7 +78,7 @@ x_sbin_links = iptables-compat iptables-compat-restore iptables-compat-save \ ip6tables-compat ip6tables-compat-restore ip6tables-compat-save \ iptables-translate ip6tables-translate \ iptables-restore-translate ip6tables-restore-translate \ - arptables-compat ebtables-compat + arptables-compat ebtables-compat xtables-monitor endif iptables-extensions.8: iptables-extensions.8.tmpl ../extensions/matches.man ../extensions/targets.man -- cgit v1.2.3