|
 |
05e71a |
From 2fdf17ff85c1a3044d0e139642237bbc964ee494 Mon Sep 17 00:00:00 2001
|
|
|
05e71a |
From: Phil Sutter <phil@nwl.cc>
|
|
|
05e71a |
Date: Tue, 19 Mar 2019 20:09:38 +0100
|
|
|
05e71a |
Subject: [PATCH] extensions: Add AUDIT target
|
|
|
05e71a |
|
|
|
05e71a |
This is a barn find from Fedora package, actually spooking around in
|
|
|
05e71a |
various places in the internet. No idea who wrote it, but it seems to be
|
|
|
05e71a |
used. So add it for the time being.
|
|
|
05e71a |
|
|
|
05e71a |
Signed-off-by: Phil Sutter <phil@nwl.cc>
|
|
|
05e71a |
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
05e71a |
Signed-off-by: Phil Sutter <psutter@redhat.com>
|
|
|
05e71a |
---
|
|
|
05e71a |
Makefile.am | 2 +-
|
|
|
05e71a |
extensions/ebt_AUDIT.c | 110 +++++++++++++++++++++++++++++
|
|
|
05e71a |
include/linux/netfilter/xt_AUDIT.h | 30 ++++++++
|
|
|
05e71a |
3 files changed, 141 insertions(+), 1 deletion(-)
|
|
|
05e71a |
create mode 100644 extensions/ebt_AUDIT.c
|
|
|
05e71a |
create mode 100644 include/linux/netfilter/xt_AUDIT.h
|
|
|
05e71a |
|
|
|
05e71a |
diff --git a/Makefile.am b/Makefile.am
|
|
|
05e71a |
index 53fcbadbca7b4..904de12773a84 100644
|
|
|
05e71a |
--- a/Makefile.am
|
|
|
05e71a |
+++ b/Makefile.am
|
|
|
05e71a |
@@ -40,7 +40,7 @@ libebtc_la_SOURCES = \
|
|
|
05e71a |
extensions/ebt_mark_m.c extensions/ebt_nat.c extensions/ebt_nflog.c \
|
|
|
05e71a |
extensions/ebt_pkttype.c extensions/ebt_redirect.c \
|
|
|
05e71a |
extensions/ebt_standard.c extensions/ebt_stp.c extensions/ebt_string.c \
|
|
|
05e71a |
- extensions/ebt_ulog.c extensions/ebt_vlan.c \
|
|
|
05e71a |
+ extensions/ebt_ulog.c extensions/ebt_vlan.c extensions/ebt_AUDIT.c \
|
|
|
05e71a |
extensions/ebtable_broute.c extensions/ebtable_filter.c \
|
|
|
05e71a |
extensions/ebtable_nat.c
|
|
|
05e71a |
# Make sure ebtables.c can be built twice
|
|
|
05e71a |
diff --git a/extensions/ebt_AUDIT.c b/extensions/ebt_AUDIT.c
|
|
|
05e71a |
new file mode 100644
|
|
|
05e71a |
index 0000000000000..c9befccca94db
|
|
|
05e71a |
--- /dev/null
|
|
|
05e71a |
+++ b/extensions/ebt_AUDIT.c
|
|
|
05e71a |
@@ -0,0 +1,110 @@
|
|
|
05e71a |
+
|
|
|
05e71a |
+#include <stdio.h>
|
|
|
05e71a |
+#include <stdlib.h>
|
|
|
05e71a |
+#include <string.h>
|
|
|
05e71a |
+#include <getopt.h>
|
|
|
05e71a |
+#include "../include/ebtables_u.h"
|
|
|
05e71a |
+#include <linux/netfilter/xt_AUDIT.h>
|
|
|
05e71a |
+
|
|
|
05e71a |
+#define AUDIT_TYPE '1'
|
|
|
05e71a |
+static struct option opts[] =
|
|
|
05e71a |
+{
|
|
|
05e71a |
+ { "audit-type" , required_argument, 0, AUDIT_TYPE },
|
|
|
05e71a |
+ { 0 }
|
|
|
05e71a |
+};
|
|
|
05e71a |
+
|
|
|
05e71a |
+static void print_help()
|
|
|
05e71a |
+{
|
|
|
05e71a |
+ printf(
|
|
|
05e71a |
+ "AUDIT target options:\n"
|
|
|
05e71a |
+ " --audit-type TYPE : Set action type to record.\n");
|
|
|
05e71a |
+}
|
|
|
05e71a |
+
|
|
|
05e71a |
+static void init(struct ebt_entry_target *target)
|
|
|
05e71a |
+{
|
|
|
05e71a |
+ struct xt_AUDIT_info *info = (struct xt_AUDIT_info *) target->data;
|
|
|
05e71a |
+
|
|
|
05e71a |
+ info->type = 0;
|
|
|
05e71a |
+}
|
|
|
05e71a |
+
|
|
|
05e71a |
+static int parse(int c, char **argv, int argc,
|
|
|
05e71a |
+ const struct ebt_u_entry *entry, unsigned int *flags,
|
|
|
05e71a |
+ struct ebt_entry_target **target)
|
|
|
05e71a |
+{
|
|
|
05e71a |
+ struct xt_AUDIT_info *info = (struct xt_AUDIT_info *) (*target)->data;
|
|
|
05e71a |
+
|
|
|
05e71a |
+ switch (c) {
|
|
|
05e71a |
+ case AUDIT_TYPE:
|
|
|
05e71a |
+ ebt_check_option2(flags, AUDIT_TYPE);
|
|
|
05e71a |
+
|
|
|
05e71a |
+ if (!strcasecmp(optarg, "accept"))
|
|
|
05e71a |
+ info->type = XT_AUDIT_TYPE_ACCEPT;
|
|
|
05e71a |
+ else if (!strcasecmp(optarg, "drop"))
|
|
|
05e71a |
+ info->type = XT_AUDIT_TYPE_DROP;
|
|
|
05e71a |
+ else if (!strcasecmp(optarg, "reject"))
|
|
|
05e71a |
+ info->type = XT_AUDIT_TYPE_REJECT;
|
|
|
05e71a |
+ else
|
|
|
05e71a |
+ ebt_print_error2("Bad action type value `%s'", optarg);
|
|
|
05e71a |
+
|
|
|
05e71a |
+ break;
|
|
|
05e71a |
+ default:
|
|
|
05e71a |
+ return 0;
|
|
|
05e71a |
+ }
|
|
|
05e71a |
+ return 1;
|
|
|
05e71a |
+}
|
|
|
05e71a |
+
|
|
|
05e71a |
+static void final_check(const struct ebt_u_entry *entry,
|
|
|
05e71a |
+ const struct ebt_entry_target *target, const char *name,
|
|
|
05e71a |
+ unsigned int hookmask, unsigned int time)
|
|
|
05e71a |
+{
|
|
|
05e71a |
+}
|
|
|
05e71a |
+
|
|
|
05e71a |
+static void print(const struct ebt_u_entry *entry,
|
|
|
05e71a |
+ const struct ebt_entry_target *target)
|
|
|
05e71a |
+{
|
|
|
05e71a |
+ const struct xt_AUDIT_info *info =
|
|
|
05e71a |
+ (const struct xt_AUDIT_info *) target->data;
|
|
|
05e71a |
+
|
|
|
05e71a |
+ printf("--audit-type ");
|
|
|
05e71a |
+
|
|
|
05e71a |
+ switch(info->type) {
|
|
|
05e71a |
+ case XT_AUDIT_TYPE_ACCEPT:
|
|
|
05e71a |
+ printf("accept");
|
|
|
05e71a |
+ break;
|
|
|
05e71a |
+ case XT_AUDIT_TYPE_DROP:
|
|
|
05e71a |
+ printf("drop");
|
|
|
05e71a |
+ break;
|
|
|
05e71a |
+ case XT_AUDIT_TYPE_REJECT:
|
|
|
05e71a |
+ printf("reject");
|
|
|
05e71a |
+ break;
|
|
|
05e71a |
+ }
|
|
|
05e71a |
+}
|
|
|
05e71a |
+
|
|
|
05e71a |
+static int compare(const struct ebt_entry_target *t1,
|
|
|
05e71a |
+ const struct ebt_entry_target *t2)
|
|
|
05e71a |
+{
|
|
|
05e71a |
+ const struct xt_AUDIT_info *info1 =
|
|
|
05e71a |
+ (const struct xt_AUDIT_info *) t1->data;
|
|
|
05e71a |
+ const struct xt_AUDIT_info *info2 =
|
|
|
05e71a |
+ (const struct xt_AUDIT_info *) t2->data;
|
|
|
05e71a |
+
|
|
|
05e71a |
+ return info1->type == info2->type;
|
|
|
05e71a |
+}
|
|
|
05e71a |
+
|
|
|
05e71a |
+static struct ebt_u_target AUDIT_target =
|
|
|
05e71a |
+{
|
|
|
05e71a |
+ .name = "AUDIT",
|
|
|
05e71a |
+ .size = sizeof(struct xt_AUDIT_info),
|
|
|
05e71a |
+ .help = print_help,
|
|
|
05e71a |
+ .init = init,
|
|
|
05e71a |
+ .parse = parse,
|
|
|
05e71a |
+ .final_check = final_check,
|
|
|
05e71a |
+ .print = print,
|
|
|
05e71a |
+ .compare = compare,
|
|
|
05e71a |
+ .extra_ops = opts,
|
|
|
05e71a |
+};
|
|
|
05e71a |
+
|
|
|
05e71a |
+static void _INIT(void)
|
|
|
05e71a |
+{
|
|
|
05e71a |
+ ebt_register_target(&AUDIT_target);
|
|
|
05e71a |
+}
|
|
|
05e71a |
diff --git a/include/linux/netfilter/xt_AUDIT.h b/include/linux/netfilter/xt_AUDIT.h
|
|
|
05e71a |
new file mode 100644
|
|
|
05e71a |
index 0000000000000..44111b242b531
|
|
|
05e71a |
--- /dev/null
|
|
|
05e71a |
+++ b/include/linux/netfilter/xt_AUDIT.h
|
|
|
05e71a |
@@ -0,0 +1,30 @@
|
|
|
05e71a |
+/*
|
|
|
05e71a |
+ * Header file for iptables xt_AUDIT target
|
|
|
05e71a |
+ *
|
|
|
05e71a |
+ * (C) 2010-2011 Thomas Graf <tgraf@redhat.com>
|
|
|
05e71a |
+ * (C) 2010-2011 Red Hat, Inc.
|
|
|
05e71a |
+ *
|
|
|
05e71a |
+ * This program is free software; you can redistribute it and/or modify
|
|
|
05e71a |
+ * it under the terms of the GNU General Public License version 2 as
|
|
|
05e71a |
+ * published by the Free Software Foundation.
|
|
|
05e71a |
+ */
|
|
|
05e71a |
+
|
|
|
05e71a |
+#ifndef _XT_AUDIT_TARGET_H
|
|
|
05e71a |
+#define _XT_AUDIT_TARGET_H
|
|
|
05e71a |
+
|
|
|
05e71a |
+#include <linux/types.h>
|
|
|
05e71a |
+
|
|
|
05e71a |
+enum {
|
|
|
05e71a |
+ XT_AUDIT_TYPE_ACCEPT = 0,
|
|
|
05e71a |
+ XT_AUDIT_TYPE_DROP,
|
|
|
05e71a |
+ XT_AUDIT_TYPE_REJECT,
|
|
|
05e71a |
+ __XT_AUDIT_TYPE_MAX,
|
|
|
05e71a |
+};
|
|
|
05e71a |
+
|
|
|
05e71a |
+#define XT_AUDIT_TYPE_MAX (__XT_AUDIT_TYPE_MAX - 1)
|
|
|
05e71a |
+
|
|
|
05e71a |
+struct xt_AUDIT_info {
|
|
|
05e71a |
+ __u8 type; /* XT_AUDIT_TYPE_* */
|
|
|
05e71a |
+};
|
|
|
05e71a |
+
|
|
|
05e71a |
+#endif /* _XT_AUDIT_TARGET_H */
|
|
|
05e71a |
--
|
|
|
05e71a |
2.21.0
|
|
|
05e71a |
|