diff options
| author | Eric Leblond <eric@inl.fr> | 2009-01-04 23:29:50 +0100 |
|---|---|---|
| committer | Eric Leblond <eric@inl.fr> | 2009-01-05 00:17:47 +0100 |
| commit | 6bcbe0e967b1339c308d4e14d027b562ff179f7d (patch) | |
| tree | fef221e6b161378d49a454a43148bfe6c42379bd /input/packet | |
| parent | 52dea8af4763e3e0a5a32476d25e7130885ddf49 (diff) | |
Add variable to force binding of nfnetlink_log.
This patch updates the behaviour of the NFLOG input plugin to fix an
issue related to kernel older than 2.6.29. The call to nflog_bind_pf()
that can be necessary to receive packet from the nfnetlink_log was only
done if the used group was 0 (system logging). This is logic for the
newest kernel (NFLOG really sends message to nfnetlink_log and not to
the nf_log logger). But this is unsufficient for older one. By forcing
the binding with the new configuration variable bind, it is now possible
to trigger the binding from the ulogd2 configuration file. This gives
users a way to be sure that ulogd will receive packets if the NFLOG
input plugin is used.
Diffstat (limited to 'input/packet')
| -rw-r--r-- | input/packet/ulogd_inppkt_NFLOG.c | 23 |
1 files changed, 16 insertions, 7 deletions
diff --git a/input/packet/ulogd_inppkt_NFLOG.c b/input/packet/ulogd_inppkt_NFLOG.c index 70e9f77..36f11d7 100644 --- a/input/packet/ulogd_inppkt_NFLOG.c +++ b/input/packet/ulogd_inppkt_NFLOG.c @@ -31,7 +31,7 @@ struct nflog_input { /* configuration entries */ static struct config_keyset libulog_kset = { - .num_ces = 10, + .num_ces = 9, .ces = { { .key = "bufsize", @@ -52,6 +52,13 @@ static struct config_keyset libulog_kset = { .u.value = 1, }, { + .key = "bind", + .type = CONFIG_TYPE_INT, + .options = CONFIG_OPT_NONE, + .u.value = 0, + }, + + { .key = "seq_local", .type = CONFIG_TYPE_INT, .options = CONFIG_OPT_NONE, @@ -87,11 +94,12 @@ static struct config_keyset libulog_kset = { #define bufsiz_ce(x) (x->ces[0]) #define group_ce(x) (x->ces[1]) #define unbind_ce(x) (x->ces[2]) -#define seq_ce(x) (x->ces[3]) -#define seq_global_ce(x) (x->ces[4]) -#define label_ce(x) (x->ces[5]) -#define nlsockbufsize_ce(x) (x->ces[6]) -#define nlsockbufmaxsize_ce(x) (x->ces[7]) +#define bind_ce(x) (x->ces[3]) +#define seq_ce(x) (x->ces[4]) +#define seq_global_ce(x) (x->ces[5]) +#define label_ce(x) (x->ces[6]) +#define nlsockbufsize_ce(x) (x->ces[7]) +#define nlsockbufmaxsize_ce(x) (x->ces[8]) enum nflog_keys { NFLOG_KEY_RAW_MAC = 0, @@ -497,7 +505,8 @@ static int start(struct ulogd_pluginstance *upi) goto out_handle; /* This is the system logging (conntrack, ...) facility */ - if (group_ce(upi->config_kset).u.value == 0) { + if ((group_ce(upi->config_kset).u.value == 0) || + (bind_ce(upi->config_kset).u.value > 0)) { if (become_system_logging(upi, AF_INET) == -1) goto out_handle; if (become_system_logging(upi, AF_INET6) == -1) |