summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorEric Leblond <eric@inl.fr>2008-10-20 19:05:15 +0200
committerEric Leblond <eric@inl.fr>2008-12-09 01:19:25 +0100
commit6877fecf582f1ed68e4c4692fa0329f26b04f7f3 (patch)
treef5cff4030d5dc5207b006df1a71545d461db17a0
parentd4cf078cb71a943af0dcaa51ed5f950df0fdeca3 (diff)
Modify usage of nflog_bind_pf function.
The nflog_bind_pf function was called for each NFLOG instance. This patch modifies the behaviour to have it call if and only if the nfgroup is set to 0. As the kernel uses only the 0 group to output subsystem messages, this change clarify the situation. Signed-off-by: Eric Leblond <eric@inl.fr>
-rw-r--r--input/packet/ulogd_inppkt_NFLOG.c52
1 files changed, 32 insertions, 20 deletions
diff --git a/input/packet/ulogd_inppkt_NFLOG.c b/input/packet/ulogd_inppkt_NFLOG.c
index 5d25eec..647b61c 100644
--- a/input/packet/ulogd_inppkt_NFLOG.c
+++ b/input/packet/ulogd_inppkt_NFLOG.c
@@ -463,6 +463,33 @@ static int configure(struct ulogd_pluginstance *upi,
return 0;
}
+static int become_system_logging(struct ulogd_pluginstance *upi)
+{
+ struct nflog_input *ui = (struct nflog_input *) upi->private;
+
+ if (unbind_ce(upi->config_kset).u.value > 0) {
+ ulogd_log(ULOGD_NOTICE, "forcing unbind of existing log "
+ "handler for protocol %d\n",
+ af_ce(upi->config_kset).u.value);
+ if (nflog_unbind_pf(ui->nful_h,
+ af_ce(upi->config_kset).u.value) < 0) {
+ ulogd_log(ULOGD_ERROR, "unable to force-unbind "
+ "existing log handler for protocol %d\n",
+ af_ce(upi->config_kset).u.value);
+ return -1;
+ }
+ }
+
+ ulogd_log(ULOGD_DEBUG, "binding to protocol family %d\n",
+ af_ce(upi->config_kset).u.value);
+ if (nflog_bind_pf(ui->nful_h, af_ce(upi->config_kset).u.value) < 0) {
+ ulogd_log(ULOGD_ERROR, "unable to bind to protocol family %d\n",
+ af_ce(upi->config_kset).u.value);
+ return -1;
+ }
+ return 0;
+}
+
static int start(struct ulogd_pluginstance *upi)
{
struct nflog_input *ui = (struct nflog_input *) upi->private;
@@ -477,25 +504,10 @@ static int start(struct ulogd_pluginstance *upi)
if (!ui->nful_h)
goto out_handle;
- if (unbind_ce(upi->config_kset).u.value > 0) {
- ulogd_log(ULOGD_NOTICE, "forcing unbind of existing log "
- "handler for protocol %d\n",
- af_ce(upi->config_kset).u.value);
- if (nflog_unbind_pf(ui->nful_h,
- af_ce(upi->config_kset).u.value) < 0) {
- ulogd_log(ULOGD_ERROR, "unable to force-unbind "
- "existing log handler for protocol %d\n",
- af_ce(upi->config_kset).u.value);
+ /* This is the system logging (conntrack, ...) facility */
+ if (group_ce(upi->config_kset).u.value == 0) {
+ if (become_system_logging(upi) == -1)
goto out_handle;
- }
- }
-
- ulogd_log(ULOGD_DEBUG, "binding to protocol family %d\n",
- af_ce(upi->config_kset).u.value);
- if (nflog_bind_pf(ui->nful_h, af_ce(upi->config_kset).u.value) < 0) {
- ulogd_log(ULOGD_ERROR, "unable to bind to protocol family %d\n",
- af_ce(upi->config_kset).u.value);
- goto out_bind_pf;
}
ulogd_log(ULOGD_DEBUG, "binding to log group %d\n",
@@ -542,8 +554,8 @@ static int start(struct ulogd_pluginstance *upi)
out_bind:
nflog_close(ui->nful_h);
-out_bind_pf:
- nflog_unbind_pf(ui->nful_h, af_ce(upi->config_kset).u.value);
+ if (group_ce(upi->config_kset).u.value == 0)
+ nflog_unbind_pf(ui->nful_h, af_ce(upi->config_kset).u.value);
out_handle:
free(ui->nfulog_buf);
out_buf: