log: Add support for audit logging

This is implemented via a pseudo log level. The kernel ignores any other parameter, so reject those at evaluation stage. Audit logging is therefore simply a matter of: | log level audit Signed-off-by: Phil Sutter <phil@nwl.cc> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Phil Sutter <phil@nwl.cc> 2018-06-01 17:15:07 +0200
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2018-06-03 11:53:06 +0200
commit: a24552c165346f087e82a52807d134e3910387a8 (patch)
tree: 378f69e8fe6c10ac6fd0d111313c3b0ed14371d5 /src/statement.c
parent: efc8a83e943d54e0ca88548a0eaff056ad2a650d (diff)
1 files changed, 4 insertions, 3 deletions
diff --git a/src/statement.c b/src/statement.c
index ff4c8eb6..4a646e06 100644
--- a/src/statement.c
+++ b/src/statement.c
@@ -220,7 +220,7 @@ struct stmt *objref_stmt_alloc(const struct location *loc)
 	return stmt;
 }
 
-static const char *syslog_level[LOG_DEBUG + 1] = {
+static const char *syslog_level[LOGLEVEL_AUDIT + 1] = {
 	[LOG_EMERG]	= "emerg",
 	[LOG_ALERT]	= "alert",
 	[LOG_CRIT]	= "crit",
@@ -229,11 +229,12 @@ static const char *syslog_level[LOG_DEBUG + 1] = {
 	[LOG_NOTICE]	= "notice",
 	[LOG_INFO]	= "info",
 	[LOG_DEBUG]	= "debug",
+	[LOGLEVEL_AUDIT] = "audit"
 };
 
 const char *log_level(uint32_t level)
 {
-	if (level > LOG_DEBUG)
+	if (level > LOGLEVEL_AUDIT)
 		return "unknown";
 
 	return syslog_level[level];
@@ -243,7 +244,7 @@ int log_level_parse(const char *level)
 {
 	int i;
 
-	for (i = 0; i <= LOG_DEBUG; i++) {
+	for (i = 0; i <= LOGLEVEL_AUDIT; i++) {
 		if (syslog_level[i] &&
 		    !strcmp(level, syslog_level[i]))
 			return i;
author	Phil Sutter <phil@nwl.cc>	2018-06-01 17:15:07 +0200
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2018-06-03 11:53:06 +0200
commit	a24552c165346f087e82a52807d134e3910387a8 (patch)
tree	378f69e8fe6c10ac6fd0d111313c3b0ed14371d5 /src/statement.c
parent	efc8a83e943d54e0ca88548a0eaff056ad2a650d (diff)