diff options
author | Kyle Bowman <kbowman@cloudflare.com> | 2021-10-01 18:41:36 +0100 |
---|---|---|
committer | Florian Westphal <fw@strlen.de> | 2022-01-18 13:22:54 +0100 |
commit | db99f6019eab5f108fe1050349b3e793ea21353d (patch) | |
tree | 869eeac568efd27d8a8964ef93e4f648872f2166 /iptables/nft.h | |
parent | 30b178b9bf11e75cd5ff7310ce0f5d9c9ace3b7a (diff) |
extensions: libxt_NFLOG: use nft built-in logging instead of xt_NFLOG
Replaces the use of xt_NFLOG with the nft built-in log statement.
This additionally adds support for using longer log prefixes of 128
characters in size. Until now NFLOG has truncated the log-prefix to the
64-character limit supported by iptables-legacy. We now use the struct
xtables_target's udata member to store the longer 128-character prefix
supported by iptables-nft.
Signed-off-by: Kyle Bowman <kbowman@cloudflare.com>
Signed-off-by: Alex Forster <aforster@cloudflare.com>
Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
Signed-off-by: Florian Westphal <fw@strlen.de>
Diffstat (limited to 'iptables/nft.h')
-rw-r--r-- | iptables/nft.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/iptables/nft.h b/iptables/nft.h index f189b03f..4c78f761 100644 --- a/iptables/nft.h +++ b/iptables/nft.h @@ -194,6 +194,7 @@ int add_match(struct nft_handle *h, struct nftnl_rule *r, struct xt_entry_match int add_target(struct nftnl_rule *r, struct xt_entry_target *t); int add_jumpto(struct nftnl_rule *r, const char *name, int verdict); int add_action(struct nftnl_rule *r, struct iptables_command_state *cs, bool goto_set); +int add_log(struct nftnl_rule *r, struct iptables_command_state *cs); char *get_comment(const void *data, uint32_t data_len); enum nft_rule_print { |