diff options
Diffstat (limited to 'kernel-ULOG-2.4.0-test4.diff')
-rw-r--r-- | kernel-ULOG-2.4.0-test4.diff | 229 |
1 files changed, 229 insertions, 0 deletions
diff --git a/kernel-ULOG-2.4.0-test4.diff b/kernel-ULOG-2.4.0-test4.diff new file mode 100644 index 0000000..f4a5501 --- /dev/null +++ b/kernel-ULOG-2.4.0-test4.diff @@ -0,0 +1,229 @@ +diff -Nru linux-2.4.0-test4-plain/Documentation/Configure.help linux-2.4.0-test4-work/Documentation/Configure.help +--- linux-2.4.0-test4-plain/Documentation/Configure.help Thu Jul 13 18:42:51 2000 ++++ linux-2.4.0-test4-work/Documentation/Configure.help Sun Jul 30 21:56:01 2000 +@@ -2010,6 +2010,16 @@ + If you want to compile it as a module, say M here and read + Documentation/modules.txt. If unsure, say `N'. + ++ULOG target support ++CONFIG_IP_NF_TARGET_ULOG ++ This option adds a `ULOG' target, which allows you to create rules in ++ any iptables table. The packet is passed to one or more userspace logging ++ daemon using netlink multicast sockets. Logging is no longer forced to ++ be in syslog, but can be done by any userspace process. ++ ++ If you want to compile it as a module, say M here and read ++ Documentation/modules.txt. If unsure, say `N'. ++ + ipchains (2.2-style) support + CONFIG_IP_NF_COMPAT_IPCHAINS + This option places ipchains (with masquerading and redirection +diff -Nru linux-2.4.0-test4-plain/include/linux/netfilter_ipv4/ipt_ULOG.h linux-2.4.0-test4-work/include/linux/netfilter_ipv4/ipt_ULOG.h +--- linux-2.4.0-test4-plain/include/linux/netfilter_ipv4/ipt_ULOG.h Thu Jan 1 01:00:00 1970 ++++ linux-2.4.0-test4-work/include/linux/netfilter_ipv4/ipt_ULOG.h Sun Jul 30 22:11:07 2000 +@@ -0,0 +1,36 @@ ++#ifndef _IPT_ULOG_H ++#define _IPT_ULOG_H ++ ++#ifdef __KERNEL__ ++#include <linux/netdevice.h> ++#endif ++ ++#define ULOG_MAC_LEN 80 ++ ++ ++/* just until this is in netfilter.h */ ++#ifndef NETLINK_NFLOG ++#define NETLINK_NFLOG 25 ++#endif ++ ++struct ipt_ulog_info { ++ unsigned char logflags; ++ unsigned int nl_group; ++ char prefix[30]; ++}; ++ ++typedef struct ulog_packet_msg { ++ unsigned long mark; ++ long timestamp_sec; ++ long timestamp_usec; ++ unsigned int hook; ++ char indev_name[IFNAMSIZ]; ++ char outdev_name[IFNAMSIZ]; ++ size_t data_len; ++ char prefix[30]; ++ unsigned char mac_len; ++ unsigned char mac[ULOG_MAC_LEN]; ++ unsigned char payload[0]; ++} ulog_packet_msg_t; ++ ++#endif /*_IPT_ULOG_H*/ +diff -Nru linux-2.4.0-test4-plain/net/ipv4/netfilter/Config.in linux-2.4.0-test4-work/net/ipv4/netfilter/Config.in +--- linux-2.4.0-test4-plain/net/ipv4/netfilter/Config.in Mon Mar 27 20:35:56 2000 ++++ linux-2.4.0-test4-work/net/ipv4/netfilter/Config.in Sun Jul 30 21:47:35 2000 +@@ -51,6 +51,7 @@ + dep_tristate ' MARK target support' CONFIG_IP_NF_TARGET_MARK $CONFIG_IP_NF_MANGLE + fi + dep_tristate ' LOG target support' CONFIG_IP_NF_TARGET_LOG $CONFIG_IP_NF_IPTABLES ++ dep_tristate ' ULOG target support' CONFIG_IP_NF_TARGET_ULOG $CONFIG_IP_NF_IPTABLES + fi + + # Backwards compatibility modules: only if you don't build in the others. +diff -Nru linux-2.4.0-test4-plain/net/ipv4/netfilter/Makefile linux-2.4.0-test4-work/net/ipv4/netfilter/Makefile +--- linux-2.4.0-test4-plain/net/ipv4/netfilter/Makefile Mon Mar 27 20:35:56 2000 ++++ linux-2.4.0-test4-work/net/ipv4/netfilter/Makefile Sun Jul 30 22:02:16 2000 +@@ -197,6 +197,14 @@ + endif + endif + ++ifeq ($(CONFIG_IP_NF_TARGET_ULOG),y) ++O_OBJS += ipt_ULOG.o ++else ++ ifeq ($(CONFIG_IP_NF_TARGET_ULOG),m) ++ M_OBJS += ipt_ULOG.o ++ endif ++endif ++ + ifeq ($(CONFIG_IP_NF_COMPAT_IPCHAINS),y) + O_OBJS += ipchains_core.o $(IP_NF_COMPAT_LAYER) + else +diff -Nru linux-2.4.0-test4-plain/net/ipv4/netfilter/ipt_ULOG.c linux-2.4.0-test4-work/net/ipv4/netfilter/ipt_ULOG.c +--- linux-2.4.0-test4-plain/net/ipv4/netfilter/ipt_ULOG.c Thu Jan 1 01:00:00 1970 ++++ linux-2.4.0-test4-work/net/ipv4/netfilter/ipt_ULOG.c Sun Jul 30 21:45:44 2000 +@@ -0,0 +1,136 @@ ++/* ++ * netfilter module for userspace packet logging daemons ++ * ++ * (C) 2000 by Harald Welte <laforge@sunbeam.franken.de> ++ * ++ * Released under the terms of the GPL ++ */ ++ ++#include <linux/module.h> ++#include <linux/version.h> ++#include <linux/config.h> ++#include <linux/socket.h> ++#include <linux/skbuff.h> ++#include <linux/kernel.h> ++#include <linux/netlink.h> ++#include <linux/netdevice.h> ++#include <linux/mm.h> ++#include <linux/netfilter_ipv4/ip_tables.h> ++#include <linux/netfilter_ipv4/ipt_ULOG.h> ++ ++#define NETLINK_NFLOG 25 ++#define ULOG_NL_EVENT 111 ++ ++#if 1 ++#define DEBUGP printk ++#else ++#define DEBUGP(format, args ...) ++#endif ++ ++struct sock *nflognl; ++ ++static void nflog_rcv(struct sock *sk, int len) ++{ ++ printk("nflog_rcv: did receive netlink message ?!?\n"); ++} ++ ++static unsigned int ipt_ulog_target( ++ struct sk_buff **pskb, ++ unsigned int hooknum, ++ const struct net_device *in, ++ const struct net_device *out, ++ const void *targinfo, ++ void *userinfo) ++{ ++ ulog_packet_msg_t *pm; ++ size_t size; ++ struct sk_buff *nlskb; ++ unsigned char *old_tail; ++ struct nlmsghdr *nlh; ++ struct ipt_ulog_info *loginfo = (struct ipt_ulog_info *)targinfo; ++ ++ /* calculate the size of the skb needed */ ++ ++ size = NLMSG_SPACE(sizeof(*pm) + (*pskb)->len); ++ nlskb = alloc_skb(size, GFP_ATOMIC); ++ if (!nlskb) ++ goto nlmsg_failure; ++ ++ old_tail = nlskb->tail; ++ nlh = NLMSG_PUT(nlskb, 0, 0, ULOG_NL_EVENT, size - sizeof(*nlh)); ++ pm = NLMSG_DATA(nlh); ++ ++ /* copy hook, prefix, timestamp, payload, etc. */ ++ ++ pm->data_len = (*pskb)->len; ++ pm->timestamp_sec = (*pskb)->stamp.tv_sec; ++ pm->timestamp_usec = (*pskb)->stamp.tv_usec; ++ pm->mark = (*pskb)->nfmark; ++ pm->hook = hooknum; ++ if (loginfo->prefix) ++ strcpy(pm->prefix, loginfo->prefix); ++ ++ if (in && !out) ++ { ++ if ((*pskb)->dev && (*pskb)->dev->hard_header_len > 0 ++ && (*pskb)->dev->hard_header_len <= ULOG_MAC_LEN) ++ { ++ memcpy(pm->mac, (*pskb)->mac.raw, (*pskb)->dev->hard_header_len); ++ pm->mac_len = (*pskb)->dev->hard_header_len; ++ } ++ ++ } ++/* ++ if (in) strcpy(pm->indev_name, in->name); ++ else pm->indev_name[0] = '\0'; ++*/ ++ if ((*pskb)->len) ++ memcpy(pm->payload, (*pskb)->data, (*pskb)->len); ++ nlh->nlmsg_len = nlskb->tail - old_tail; ++ NETLINK_CB(nlskb).dst_groups = loginfo->nl_group; ++ DEBUGP("ipt_ULOG: going to throw out a packet to netlink groupmask %u\n", loginfo->nl_group); ++ netlink_broadcast(nflognl, nlskb, 0, loginfo->nl_group, GFP_ATOMIC); ++ ++ return IPT_CONTINUE; ++ ++nlmsg_failure: ++ if (nlskb) ++ kfree(nlskb); ++ printk("ipt_ULOG: Error building netlink message\n"); ++ return IPT_CONTINUE; ++ ++} ++ ++static int ipt_ulog_checkentry( ++ const char *tablename, ++ const struct ipt_entry *e, ++ void *targinfo, ++ unsigned int targinfosize, ++ unsigned int hookmask) ++{ ++ return 1; ++} ++ ++ ++static struct ipt_target ipt_ulog_reg = ++ { { NULL, NULL }, "ULOG", ipt_ulog_target, ipt_ulog_checkentry, NULL, ++ THIS_MODULE }; ++ ++static int __init init(void) ++{ ++ DEBUGP("ipt_ULOG: init module\n"); ++ nflognl = netlink_kernel_create(NETLINK_NFLOG, nflog_rcv); ++ if (ipt_register_target(&ipt_ulog_reg)) ++ return -EINVAL; ++ ++ return 0; ++} ++ ++static void __exit fini(void) ++{ ++ DEBUGP("ipt_ULOG: cleanup_module\n"); ++ ipt_unregister_target(&ipt_ulog_reg); ++} ++ ++module_init(init); ++module_exit(fini); |