summaryrefslogtreecommitdiffstats
path: root/extensions
diff options
context:
space:
mode:
authorShivani Bhardwaj <shivanib134@gmail.com>2015-12-23 01:32:46 +0530
committerPablo Neira Ayuso <pablo@netfilter.org>2016-02-16 19:30:22 +0100
commitd0125f890698dd84553db3d27eea7e36ebbdbf88 (patch)
tree387c38ec32b0c83b7cd2c2e2e4bafd7d163432c2 /extensions
parent4eb2c9ca79fb38352b3de500f9eb10f1578ef83f (diff)
extensions: libxt_NFLOG: Add group_info and remove multiple keywords
Add group_info with every rule as it is mandatory to consider logging to be same type as NFLOG. Remove multiple log keywords to avoid loading multiple log expressions at a time. Examples: $ sudo iptables-translate -I INPUT -j NFLOG --nflog-threshold 2 nft insert rule ip filter INPUT counter log queue-threshold 2 group 0 $ sudo iptables-translate -A FORWARD -j NFLOG --nflog-group 32 --nflog-prefix "Prefix 1.0" nft add rule ip filter FORWARD counter log prefix \"Prefix 1.0\" group 32 Reported-by: Arturo Borrero <arturoborreroglez@gmail.com> Signed-off-by: Shivani Bhardwaj <shivanib134@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'extensions')
-rw-r--r--extensions/libxt_NFLOG.c10
1 files changed, 5 insertions, 5 deletions
diff --git a/extensions/libxt_NFLOG.c b/extensions/libxt_NFLOG.c
index 53976d2f..4f9024ab 100644
--- a/extensions/libxt_NFLOG.c
+++ b/extensions/libxt_NFLOG.c
@@ -89,14 +89,14 @@ static void NFLOG_save(const void *ip, const struct xt_entry_target *target)
static void nflog_print_xlate(const struct xt_nflog_info *info,
struct xt_buf *buf)
{
+ xt_buf_add(buf, "log ");
if (info->prefix[0] != '\0')
- xt_buf_add(buf, "log prefix \\\"%s\\\" ", info->prefix);
- if (info->group)
- xt_buf_add(buf, "log group %u ", info->group);
+ xt_buf_add(buf, "prefix \\\"%s\\\" ", info->prefix);
if (info->len)
- xt_buf_add(buf, "log snaplen %u ", info->len);
+ xt_buf_add(buf, "snaplen %u ", info->len);
if (info->threshold != XT_NFLOG_DEFAULT_THRESHOLD)
- xt_buf_add(buf, "log queue-threshold %u ", info->threshold);
+ xt_buf_add(buf, "queue-threshold %u ", info->threshold);
+ xt_buf_add(buf, "group %u ", info->group);
}
static int NFLOG_xlate(const struct xt_entry_target *target,