static unsigned int
log_tg6(struct sk_buff *skb, const struct xt_target_param *par)
{
const struct ip6t_log_info *loginfo = par->targinfo;
struct nf_loginfo li;
li.type = NF_LOG_TYPE_LOG;
li.u.log.level = loginfo->level;
li.u.log.logflags = loginfo->logflags;
ip6t_log_packet(NFPROTO_IPV6, par->hooknum, skb, par->in, par->out,
&li, loginfo->prefix);
return XT_CONTINUE;
}
static unsigned int
log_tg6(struct sk_buff *skb, const struct net_device *in,
const struct net_device *out, unsigned int hooknum,
const struct xt_target *target, const void *targinfo)
{
const struct ip6t_log_info *loginfo = targinfo;
struct nf_loginfo li;
li.type = NF_LOG_TYPE_LOG;
li.u.log.level = loginfo->level;
li.u.log.logflags = loginfo->logflags;
ip6t_log_packet(PF_INET6, hooknum, skb, in, out, &li, loginfo->prefix);
return XT_CONTINUE;
}
static unsigned int
ip6t_log_target(struct sk_buff **pskb,
unsigned int hooknum,
const struct net_device *in,
const struct net_device *out,
const void *targinfo,
void *userinfo)
{
const struct ip6t_log_info *loginfo = targinfo;
char level_string[4] = "< >";
level_string[1] = '0' + (loginfo->level % 8);
ip6t_log_packet(hooknum, *pskb, in, out, loginfo, level_string, NULL);
return IP6T_CONTINUE;
}
static unsigned int
log_tg6(struct sk_buff *skb, const struct xt_action_param *par)
{
const struct ip6t_log_info *loginfo = par->targinfo;
struct nf_loginfo li;
li.type = NF_LOG_TYPE_LOG;
li.u.log.level = loginfo->level;
li.u.log.logflags = loginfo->logflags;
ip6t_log_packet(NFPROTO_IPV6, par->hooknum, skb, par->in, par->out,
&li, loginfo->prefix);
#ifdef CONFIG_CAMEO_LOG_PKT
skb->aclmatchtag |= (1 << CAMEOMARK_LOGGED);
#endif
return XT_CONTINUE;
}
static unsigned int
log_tg(struct sk_buff *skb, const struct xt_action_param *par)
{
const struct xt_log_info *loginfo = par->targinfo;
struct nf_loginfo li;
li.type = NF_LOG_TYPE_LOG;
li.u.log.level = loginfo->level;
li.u.log.logflags = loginfo->logflags;
if (par->family == NFPROTO_IPV4)
ipt_log_packet(NFPROTO_IPV4, par->hooknum, skb, par->in,
par->out, &li, loginfo->prefix);
#if IS_ENABLED(CONFIG_IP6_NF_IPTABLES)
else if (par->family == NFPROTO_IPV6)
ip6t_log_packet(NFPROTO_IPV6, par->hooknum, skb, par->in,
par->out, &li, loginfo->prefix);
#endif
else
WARN_ON_ONCE(1);
return XT_CONTINUE;
}
static void
ip6t_logfn(unsigned int hooknum,
const struct sk_buff *skb,
const struct net_device *in,
const struct net_device *out,
const char *prefix)
{
struct ip6t_log_info loginfo = {
.level = 0,
.logflags = IP6T_LOG_MASK,
.prefix = ""
};
ip6t_log_packet(hooknum, skb, in, out, &loginfo, KERN_WARNING, prefix);
}
static int ip6t_log_checkentry(const char *tablename,
const struct ip6t_entry *e,
void *targinfo,
unsigned int targinfosize,
unsigned int hook_mask)
{
const struct ip6t_log_info *loginfo = targinfo;
if (targinfosize != IP6T_ALIGN(sizeof(struct ip6t_log_info))) {
DEBUGP("LOG: targinfosize %u != %u\n",
targinfosize, IP6T_ALIGN(sizeof(struct ip6t_log_info)));
return 0;
}
if (loginfo->level >= 8) {
DEBUGP("LOG: level %u >= 8\n", loginfo->level);
return 0;
}
if (loginfo->prefix[sizeof(loginfo->prefix)-1] != '\0') {
DEBUGP("LOG: prefix term %i\n",
loginfo->prefix[sizeof(loginfo->prefix)-1]);
return 0;
}
return 1;
}
static struct ip6t_target ip6t_log_reg = {
.name = "LOG",
.target = ip6t_log_target,
.checkentry = ip6t_log_checkentry,
.me = THIS_MODULE,
};
static int __init init(void)
{
if (ip6t_register_target(&ip6t_log_reg))
return -EINVAL;
if (nflog)
nf_log_register(PF_INET6, &ip6t_logfn);
return 0;
}
static void __exit fini(void)
{
if (nflog)
nf_log_unregister(PF_INET6, &ip6t_logfn);
ip6t_unregister_target(&ip6t_log_reg);
}
module_init(init);
module_exit(fini);
