rpms / iptables

Clone
Source Code
GIT

Blame SOURCES/0062-extensions-AUDIT-Document-ineffective-type-option.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8s c9 c9-beta
  1.   1dc35b9e66315dee6f954690d97855f152af6aed
  2.   SOURCES
  3.   0062-extensions-AUDIT-Document-ineffective-type-option.patch
Blob History Raw
1dc35b 
From 31695c75575f3998ac0c5d466d0b85276289a730 Mon Sep 17 00:00:00 2001
1dc35b 
From: Phil Sutter <phil@nwl.cc>
1dc35b 
Date: Thu, 21 Feb 2019 15:38:47 +0100
1dc35b 
Subject: [PATCH] extensions: AUDIT: Document ineffective --type option
1dc35b
1dc35b 
Signed-off-by: Phil Sutter <phil@nwl.cc>
1dc35b 
Signed-off-by: Florian Westphal <fw@strlen.de>
1dc35b 
(cherry picked from commit dffb5ec2a8c7f91351e2a1029a757cb1f41f2d02)
1dc35b 
Signed-off-by: Phil Sutter <psutter@redhat.com>
1dc35b 
---
1dc35b 
 extensions/libxt_AUDIT.man | 6 ++++--
1dc35b 
 1 file changed, 4 insertions(+), 2 deletions(-)
1dc35b
1dc35b 
diff --git a/extensions/libxt_AUDIT.man b/extensions/libxt_AUDIT.man
1dc35b 
index cd796967c431a..4f5562e8ca425 100644
1dc35b 
--- a/extensions/libxt_AUDIT.man
1dc35b 
+++ b/extensions/libxt_AUDIT.man
1dc35b 
@@ -3,12 +3,14 @@ It can be used to record accepted, dropped, and rejected packets. See
1dc35b 
 auditd(8) for additional details.
1dc35b 
 .TP
1dc35b 
 \fB\-\-type\fP {\fBaccept\fP|\fBdrop\fP|\fBreject\fP}
1dc35b 
-Set type of audit record.
1dc35b 
+Set type of audit record. Starting with linux-4.12, this option has no effect
1dc35b 
+on generated audit messages anymore. It is still accepted by iptables for
1dc35b 
+compatibility reasons, but ignored.
1dc35b 
 .PP
1dc35b 
 Example:
1dc35b 
 .IP
1dc35b 
 iptables \-N AUDIT_DROP
1dc35b 
 .IP
1dc35b 
-iptables \-A AUDIT_DROP \-j AUDIT \-\-type drop
1dc35b 
+iptables \-A AUDIT_DROP \-j AUDIT
1dc35b 
 .IP
1dc35b 
 iptables \-A AUDIT_DROP \-j DROP
1dc35b 
--
1dc35b 
2.21.0
1dc35b

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation