|author||Vishwanath Pai <firstname.lastname@example.org>||2016-06-24 16:42:31 -0400|
|committer||Pablo Neira Ayuso <email@example.com>||2016-07-01 16:29:11 +0200|
extensions: libxt_NFLOG: nflog-range does not truncate packets
The option --nflog-range has never worked, but we cannot just fix this because users might be using this feature option and their behavior would change. Instead add a new option --nflog-size. This option works the same way nflog-range should have, and both of them are mutually exclusive. When someone uses --nflog-range we print a warning message informing them that this feature has no effect. To indicate the kernel that the user has set --nflog-size we have to pass a new flag XT_NFLOG_F_COPY_LEN. Also updated the man page to reflect the new option and added tests to extensions/libxt_NFLOG.t Reported-by: Joe Dollard <firstname.lastname@example.org> Reviewed-by: Josh Hunt <email@example.com> Signed-off-by: Vishwanath Pai <firstname.lastname@example.org> Signed-off-by: Pablo Neira Ayuso <email@example.com>
Diffstat (limited to 'extensions/libxt_NFLOG.man')
1 files changed, 3 insertions, 0 deletions
diff --git a/extensions/libxt_NFLOG.man b/extensions/libxt_NFLOG.man
index 1b6dbf16..318e6305 100644
@@ -17,6 +17,9 @@ A prefix string to include in the log message, up to 64 characters
long, useful for distinguishing messages in the logs.
+This option has never worked, use --nflog-size instead
The number of bytes to be copied to userspace (only applicable for
nfnetlink_log). nfnetlink_log instances may specify their own
range, this option overrides it.