summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPatrick McHardy <kaber@trash.net>2005-06-24 02:15:31 +0000
committerPatrick McHardy <kaber@trash.net>2005-06-24 02:15:31 +0000
commit0c4c91c1e30e229a1a80f044ab47d17590ece383 (patch)
tree2b6aac02612f4a8b4a1b07b5105e47375e14aeac
parent5ee88622ef8f38e5f6b6c60ca1ab61d8f93a0e82 (diff)
Add --log-uid support to libip6t_LOG (Patrick McHardy <kaber@trash.net>)
-rw-r--r--extensions/libip6t_LOG.c18
-rw-r--r--extensions/libip6t_LOG.man3
2 files changed, 20 insertions, 1 deletions
diff --git a/extensions/libip6t_LOG.c b/extensions/libip6t_LOG.c
index 7ca58e55..53860573 100644
--- a/extensions/libip6t_LOG.c
+++ b/extensions/libip6t_LOG.c
@@ -21,7 +21,8 @@ help(void)
" --log-prefix prefix Prefix log messages with this prefix.\n\n"
" --log-tcp-sequence Log TCP sequence numbers.\n\n"
" --log-tcp-options Log TCP options.\n\n"
-" --log-ip-options Log IP options.\n\n",
+" --log-ip-options Log IP options.\n\n"
+" --log-uid Log UID owning the local socket.\n\n",
IPTABLES_VERSION);
}
@@ -31,6 +32,7 @@ static struct option opts[] = {
{ .name = "log-tcp-sequence", .has_arg = 0, .flag = 0, .val = '1' },
{ .name = "log-tcp-options", .has_arg = 0, .flag = 0, .val = '2' },
{ .name = "log-ip-options", .has_arg = 0, .flag = 0, .val = '3' },
+ { .name = "log-uid", .has_arg = 0, .flag = 0, .val = '4' },
{ .name = 0 }
};
@@ -96,6 +98,7 @@ parse_level(const char *level)
#define IP6T_LOG_OPT_TCPSEQ 0x04
#define IP6T_LOG_OPT_TCPOPT 0x08
#define IP6T_LOG_OPT_IPOPT 0x10
+#define IP6T_LOG_OPT_UID 0x20
/* Function which parses command options; returns true if it
ate an option */
@@ -170,6 +173,15 @@ parse(int c, char **argv, int invert, unsigned int *flags,
*flags |= IP6T_LOG_OPT_IPOPT;
break;
+ case '4':
+ if (*flags & IP6T_LOG_OPT_UID)
+ exit_error(PARAMETER_PROBLEM,
+ "Can't specify --log-uid twice");
+
+ loginfo->logflags |= IP6T_LOG_UID;
+ *flags |= IP6T_LOG_OPT_UID;
+ break;
+
default:
return 0;
}
@@ -213,6 +225,8 @@ print(const struct ip6t_ip6 *ip,
printf("tcp-options ");
if (loginfo->logflags & IP6T_LOG_IPOPT)
printf("ip-options ");
+ if (loginfo->logflags & IP6T_LOG_UID)
+ printf("uid ");
if (loginfo->logflags & ~(IP6T_LOG_MASK))
printf("unknown-flags ");
}
@@ -240,6 +254,8 @@ save(const struct ip6t_ip6 *ip, const struct ip6t_entry_target *target)
printf("--log-tcp-options ");
if (loginfo->logflags & IP6T_LOG_IPOPT)
printf("--log-ip-options ");
+ if (loginfo->logflags & IP6T_LOG_UID)
+ printf("--log-uid ");
}
static
diff --git a/extensions/libip6t_LOG.man b/extensions/libip6t_LOG.man
index 9eb5a6ab..9d51fd41 100644
--- a/extensions/libip6t_LOG.man
+++ b/extensions/libip6t_LOG.man
@@ -26,3 +26,6 @@ Log options from the TCP packet header.
.TP
.B --log-ip-options
Log options from the IPv6 packet header.
+.TP
+.B --log-uid
+Log the userid of the process which generated the packet.