static int __init log_tg_init(void) { int ret; ret = xt_register_targets(log_tg_regs, ARRAY_SIZE(log_tg_regs)); if (ret < 0) return ret; nf_log_register(NFPROTO_IPV4, &ipt_log_logger); #if IS_ENABLED(CONFIG_IP6_NF_IPTABLES) nf_log_register(NFPROTO_IPV6, &ip6t_log_logger); #endif return 0; }
static int __init ebt_ulog_init(void) { int ret; int i; struct netlink_kernel_cfg cfg = { .groups = EBT_ULOG_MAXNLGROUPS, }; if (nlbufsiz >= 128*1024) { pr_warning("Netlink buffer has to be <= 128kB," " please try a smaller nlbufsiz parameter.\n"); return -EINVAL; } /* initialize ulog_buffers */ for (i = 0; i < EBT_ULOG_MAXNLGROUPS; i++) { setup_timer(&ulog_buffers[i].timer, ulog_timer, i); spin_lock_init(&ulog_buffers[i].lock); } ebtulognl = netlink_kernel_create(&init_net, NETLINK_NFLOG, &cfg); if (!ebtulognl) ret = -ENOMEM; else if ((ret = xt_register_target(&ebt_ulog_tg_reg)) != 0) netlink_kernel_release(ebtulognl); if (ret == 0) nf_log_register(NFPROTO_BRIDGE, &ebt_ulog_logger); return ret; }
static int __init init(void) { int i; DEBUGP("ipt_ULOG: init module\n"); if (nlbufsiz >= 128*1024) { printk("Netlink buffer has to be <= 128kB\n"); return -EINVAL; } /* initialize ulog_buffers */ for (i = 0; i < ULOG_MAXNLGROUPS; i++) { init_timer(&ulog_buffers[i].timer); ulog_buffers[i].timer.function = ulog_timer; ulog_buffers[i].timer.data = i; } nflognl = netlink_kernel_create(NETLINK_NFLOG, ULOG_MAXNLGROUPS, NULL, THIS_MODULE); if (!nflognl) return -ENOMEM; if (ipt_register_target(&ipt_ulog_reg) != 0) { sock_release(nflognl->sk_socket); return -EINVAL; } if (nflog) nf_log_register(PF_INET, &ipt_ulog_logger); return 0; }
static int __init ebt_ulog_init(void) { int i, ret = 0; if (nlbufsiz >= 128*1024) { printk(KERN_NOTICE "ebt_ulog: Netlink buffer has to be <= 128kB," " please try a smaller nlbufsiz parameter.\n"); return -EINVAL; } /* initialize ulog_buffers */ for (i = 0; i < EBT_ULOG_MAXNLGROUPS; i++) { setup_timer(&ulog_buffers[i].timer, ulog_timer, i); spin_lock_init(&ulog_buffers[i].lock); } ebtulognl = netlink_kernel_create(NETLINK_NFLOG, EBT_ULOG_MAXNLGROUPS, NULL, NULL, THIS_MODULE); if (!ebtulognl) ret = -ENOMEM; else if ((ret = ebt_register_watcher(&ulog))) sock_release(ebtulognl->sk_socket); if (nf_log_register(PF_BRIDGE, &ebt_ulog_logger) < 0) { printk(KERN_WARNING "ebt_ulog: not logging via ulog " "since somebody else already registered for PF_BRIDGE\n"); /* we cannot make module load fail here, since otherwise * ebtables userspace would abort */ } return ret; }
static int __init ebt_ulog_init(void) { int i, ret = 0; if (nlbufsiz >= 128*1024) { printk(KERN_NOTICE "ebt_ulog: Netlink buffer has to be <= 128kB," " please try a smaller nlbufsiz parameter.\n"); return -EINVAL; } /* initialize ulog_buffers */ for (i = 0; i < EBT_ULOG_MAXNLGROUPS; i++) { setup_timer(&ulog_buffers[i].timer, ulog_timer, i); spin_lock_init(&ulog_buffers[i].lock); } ebtulognl = netlink_kernel_create(NETLINK_NFLOG, EBT_ULOG_MAXNLGROUPS, NULL, NULL, THIS_MODULE); if (!ebtulognl) ret = -ENOMEM; else if ((ret = ebt_register_watcher(&ulog))) sock_release(ebtulognl->sk_socket); if (ret == 0) nf_log_register(PF_BRIDGE, &ebt_ulog_logger); return ret; }
static int __init ebt_ulog_init(void) { int ret; if (nlbufsiz >= 128*1024) { pr_warn("Netlink buffer has to be <= 128kB," "please try a smaller nlbufsiz parameter.\n"); return -EINVAL; } ret = register_pernet_subsys(&ebt_ulog_net_ops); if (ret) goto out_pernet; ret = xt_register_target(&ebt_ulog_tg_reg); if (ret) goto out_target; nf_log_register(NFPROTO_BRIDGE, &ebt_ulog_logger); return 0; out_target: unregister_pernet_subsys(&ebt_ulog_net_ops); out_pernet: return ret; }
static int __init ebt_log_init(void) { int ret; ret = ebt_register_watcher(&log); if (ret < 0) return ret; nf_log_register(PF_BRIDGE, &ebt_log_logger); return 0; }
static int __init ipt_log_init(void) { int ret; ret = xt_register_target(&ipt_log_reg); if (ret < 0) return ret; nf_log_register(PF_INET, &ipt_log_logger); return 0; }
static int __init log_tg6_init(void) { int ret; ret = xt_register_target(&log_tg6_reg); if (ret < 0) return ret; nf_log_register(PF_INET6, &ip6t_logger); return 0; }
static int __init ebt_log_init(void) { int ret; ret = xt_register_target(&ebt_log_tg_reg); if (ret < 0) return ret; nf_log_register(NFPROTO_BRIDGE, &ebt_log_logger); return 0; }
static int __init log_tg_init(void) { int ret; ret = xt_register_target(&log_tg_reg); if (ret < 0) return ret; nf_log_register(NFPROTO_IPV4, &ipt_log_logger); return 0; }
static int __init nf_log_arp_init(void) { int ret; ret = register_pernet_subsys(&nf_log_arp_net_ops); if (ret < 0) return ret; nf_log_register(NFPROTO_ARP, &nf_arp_logger); return 0; }
static int __init ip6t_log_init(void) { int ret; ret = xt_register_target(&ip6t_log_reg); if (ret < 0) return ret; ret = nf_log_register(PF_INET6, &ip6t_logger); if (ret < 0 && ret != -EEXIST) xt_unregister_target(&ip6t_log_reg); return ret; }
static int __init init(void) { if (ipt_register_target(&ipt_log_reg)) return -EINVAL; if (nf_log_register(PF_INET, &ipt_log_logger) < 0) { printk(KERN_WARNING "ipt_LOG: not logging via system console " "since somebody else already registered for PF_INET\n"); /* we cannot make module load fail here, since otherwise * iptables userspace would abort */ } return 0; }
static int __init log_tg_init(void) { int ret; ret = register_pernet_subsys(&log_net_ops); if (ret < 0) goto err_pernet; ret = xt_register_targets(log_tg_regs, ARRAY_SIZE(log_tg_regs)); if (ret < 0) goto err_target; nf_log_register(NFPROTO_IPV4, &ipt_log_logger); #if IS_ENABLED(CONFIG_IP6_NF_IPTABLES) nf_log_register(NFPROTO_IPV6, &ip6t_log_logger); #endif return 0; err_target: unregister_pernet_subsys(&log_net_ops); err_pernet: return ret; }
static int __init nf_log_bridge_init(void) { int ret; /* Request to load the real packet loggers. */ nf_logger_request_module(NFPROTO_IPV4, NF_LOG_TYPE_LOG); nf_logger_request_module(NFPROTO_IPV6, NF_LOG_TYPE_LOG); nf_logger_request_module(NFPROTO_ARP, NF_LOG_TYPE_LOG); ret = register_pernet_subsys(&nf_log_bridge_net_ops); if (ret < 0) return ret; nf_log_register(NFPROTO_BRIDGE, &nf_bridge_logger); return 0; }
static int __init ebt_log_init(void) { int ret; ret = ebt_register_watcher(&log); if (ret < 0) return ret; if (nf_log_register(PF_BRIDGE, &ebt_log_logger) < 0) { printk(KERN_WARNING "ebt_log: not logging via system console " "since somebody else already registered for PF_INET\n"); /* we cannot make module load fail here, since otherwise * ebtables userspace would abort */ } return 0; }
static int __init nf_log_arp_init(void) { int ret; ret = register_pernet_subsys(&nf_log_arp_net_ops); if (ret < 0) return ret; ret = nf_log_register(NFPROTO_ARP, &nf_arp_logger); if (ret < 0) { pr_err("failed to register logger\n"); goto err1; } return 0; err1: unregister_pernet_subsys(&nf_log_arp_net_ops); return ret; }
static int __init ipt_log_init(void) { int ret; struct proc_dir_entry *proc; ret = xt_register_target(&ipt_log_reg); if (ret < 0) return ret; proc = create_proc_entry(STAT_PROC_FS_NAME, 0, init_net.proc_net); if (proc) { proc->owner = THIS_MODULE; proc->proc_fops = &ip_syslogstat_proc_fops; } else { printk(KERN_ERR "ip_SYSLOG: failed to create proc entry\n"); goto cleanup_target; } ret = syslog_connect(&sl_socket); if (ret < 0) { if (ret == -ECONNREFUSED) { timer.expires = jiffies + msecs_to_jiffies(reconnect_freq); add_timer(&timer); } else goto cleanup_proc; } nf_log_register(PF_INET, &ipt_log_logger); return 0; cleanup_proc: proc_net_remove(&init_net, STAT_PROC_FS_NAME); cleanup_target: xt_unregister_target(&ipt_log_reg); return ret; }
static void ip6t_logfn(unsigned int hooknum, const struct sk_buff *skb, const struct net_device *in, const struct net_device *out, const char *prefix) { struct ip6t_log_info loginfo = { .level = 0, .logflags = IP6T_LOG_MASK, .prefix = "" }; ip6t_log_packet(hooknum, skb, in, out, &loginfo, KERN_WARNING, prefix); } static int ip6t_log_checkentry(const char *tablename, const struct ip6t_entry *e, void *targinfo, unsigned int targinfosize, unsigned int hook_mask) { const struct ip6t_log_info *loginfo = targinfo; if (targinfosize != IP6T_ALIGN(sizeof(struct ip6t_log_info))) { DEBUGP("LOG: targinfosize %u != %u\n", targinfosize, IP6T_ALIGN(sizeof(struct ip6t_log_info))); return 0; } if (loginfo->level >= 8) { DEBUGP("LOG: level %u >= 8\n", loginfo->level); return 0; } if (loginfo->prefix[sizeof(loginfo->prefix)-1] != '\0') { DEBUGP("LOG: prefix term %i\n", loginfo->prefix[sizeof(loginfo->prefix)-1]); return 0; } return 1; } static struct ip6t_target ip6t_log_reg = { .name = "LOG", .target = ip6t_log_target, .checkentry = ip6t_log_checkentry, .me = THIS_MODULE, }; static int __init init(void) { if (ip6t_register_target(&ip6t_log_reg)) return -EINVAL; if (nflog) nf_log_register(PF_INET6, &ip6t_logfn); return 0; } static void __exit fini(void) { if (nflog) nf_log_unregister(PF_INET6, &ip6t_logfn); ip6t_unregister_target(&ip6t_log_reg); } module_init(init); module_exit(fini);
static void ipt_logfn(unsigned int hooknum, const struct sk_buff *skb, const struct net_device *in, const struct net_device *out, const char *prefix) { struct ipt_ulog_info loginfo = { .nl_group = ULOG_DEFAULT_NLGROUP, .copy_range = 0, .qthreshold = ULOG_DEFAULT_QTHRESHOLD, .prefix = "" }; ipt_ulog_packet(hooknum, skb, in, out, &loginfo, prefix); } static int ipt_ulog_checkentry(const char *tablename, const struct ipt_entry *e, void *targinfo, unsigned int targinfosize, unsigned int hookmask) { struct ipt_ulog_info *loginfo = (struct ipt_ulog_info *) targinfo; if (targinfosize != IPT_ALIGN(sizeof(struct ipt_ulog_info))) { DEBUGP("ipt_ULOG: targinfosize %u != 0\n", targinfosize); return 0; } if (loginfo->prefix[sizeof(loginfo->prefix) - 1] != '\0') { DEBUGP("ipt_ULOG: prefix term %i\n", loginfo->prefix[sizeof(loginfo->prefix) - 1]); return 0; } if (loginfo->qthreshold > ULOG_MAX_QLEN) { DEBUGP("ipt_ULOG: queue threshold %i > MAX_QLEN\n", loginfo->qthreshold); return 0; } return 1; } static struct ipt_target ipt_ulog_reg = { .name = "ULOG", .target = ipt_ulog_target, .checkentry = ipt_ulog_checkentry, .me = THIS_MODULE, }; static int __init init(void) { int i; DEBUGP("ipt_ULOG: init module\n"); if (nlbufsiz >= 128*1024) { printk("Netlink buffer has to be <= 128kB\n"); return -EINVAL; } /* initialize ulog_buffers */ for (i = 0; i < ULOG_MAXNLGROUPS; i++) { init_timer(&ulog_buffers[i].timer); ulog_buffers[i].timer.function = ulog_timer; ulog_buffers[i].timer.data = i; } nflognl = netlink_kernel_create(NETLINK_NFLOG, NULL); if (!nflognl) return -ENOMEM; if (ipt_register_target(&ipt_ulog_reg) != 0) { sock_release(nflognl->sk_socket); return -EINVAL; } if (nflog) nf_log_register(PF_INET, &ipt_logfn); return 0; } static void __exit fini(void) { ulog_buff_t *ub; int i; DEBUGP("ipt_ULOG: cleanup_module\n"); if (nflog) nf_log_unregister(PF_INET, &ipt_logfn); ipt_unregister_target(&ipt_ulog_reg); sock_release(nflognl->sk_socket); /* remove pending timers and free allocated skb's */ for (i = 0; i < ULOG_MAXNLGROUPS; i++) { ub = &ulog_buffers[i]; if (timer_pending(&ub->timer)) { DEBUGP("timer was pending, deleting\n"); del_timer(&ub->timer); } if (ub->skb) { kfree_skb(ub->skb); ub->skb = NULL; } } }