Release 4.11 net/netfilter/nfnetlink_log.c
/*
* This is a module which is used for logging packets to userspace via
* nfetlink.
*
* (C) 2005 by Harald Welte <laforge@netfilter.org>
* (C) 2006-2012 Patrick McHardy <kaber@trash.net>
*
* Based on the old ipv4-only ipt_ULOG.c:
* (C) 2000-2004 by Harald Welte <laforge@netfilter.org>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation.
*/
#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
#include <linux/module.h>
#include <linux/skbuff.h>
#include <linux/if_arp.h>
#include <linux/init.h>
#include <linux/ip.h>
#include <linux/ipv6.h>
#include <linux/netdevice.h>
#include <linux/netfilter.h>
#include <linux/netfilter_bridge.h>
#include <net/netlink.h>
#include <linux/netfilter/nfnetlink.h>
#include <linux/netfilter/nfnetlink_log.h>
#include <linux/netfilter/nf_conntrack_common.h>
#include <linux/spinlock.h>
#include <linux/sysctl.h>
#include <linux/proc_fs.h>
#include <linux/security.h>
#include <linux/list.h>
#include <linux/slab.h>
#include <net/sock.h>
#include <net/netfilter/nf_log.h>
#include <net/netns/generic.h>
#include <net/netfilter/nfnetlink_log.h>
#include <linux/atomic.h>
#if IS_ENABLED(CONFIG_BRIDGE_NETFILTER)
#include "../bridge/br_private.h"
#endif
#define NFULNL_NLBUFSIZ_DEFAULT NLMSG_GOODSIZE
#define NFULNL_TIMEOUT_DEFAULT 100
/* every second */
#define NFULNL_QTHRESH_DEFAULT 100
/* 100 packets */
/* max packet size is limited by 16-bit struct nfattr nfa_len field */
#define NFULNL_COPY_RANGE_MAX (0xFFFF - NLA_HDRLEN)
#define PRINTR(x, args...) do { if (net_ratelimit()) \
printk(x, ## args); } while (0);
struct nfulnl_instance {
struct hlist_node hlist; /* global list of instances */
spinlock_t lock;
atomic_t use; /* use count */
unsigned int qlen; /* number of nlmsgs in skb */
struct sk_buff *skb; /* pre-allocatd skb */
struct timer_list timer;
struct net *net;
struct user_namespace *peer_user_ns; /* User namespace of the peer process */
u32 peer_portid; /* PORTID of the peer process */
/* configurable parameters */
unsigned int flushtimeout; /* timeout until queue flush */
unsigned int nlbufsiz; /* netlink buffer allocation size */
unsigned int qthreshold; /* threshold of the queue */
u_int32_t copy_range;
u_int32_t seq; /* instance-local sequential counter */
u_int16_t group_num; /* number of this queue */
u_int16_t flags;
u_int8_t copy_mode;
struct rcu_head rcu;
};
#define INSTANCE_BUCKETS 16
static unsigned int nfnl_log_net_id __read_mostly;
struct nfnl_log_net {
spinlock_t instances_lock;
struct hlist_head instance_table[INSTANCE_BUCKETS];
atomic_t global_seq;
};
static struct nfnl_log_net *nfnl_log_pernet(struct net *net)
{
return net_generic(net, nfnl_log_net_id);
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| Gao Feng | 21 | 100.00% | 1 | 100.00% |
| Total | 21 | 100.00% | 1 | 100.00% |
static inline u_int8_t instance_hashfn(u_int16_t group_num)
{
return ((group_num & 0xff) % INSTANCE_BUCKETS);
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| Harald Welte | 21 | 100.00% | 1 | 100.00% |
| Total | 21 | 100.00% | 1 | 100.00% |
static struct nfulnl_instance *
__instance_lookup(struct nfnl_log_net *log, u_int16_t group_num)
{
struct hlist_head *head;
struct nfulnl_instance *inst;
head = &log->instance_table[instance_hashfn(group_num)];
hlist_for_each_entry_rcu(inst, head, hlist) {
if (inst->group_num == group_num)
return inst;
}
return NULL;
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| Harald Welte | 55 | 87.30% | 1 | 33.33% |
| Gao Feng | 7 | 11.11% | 1 | 33.33% |
| Eric Dumazet | 1 | 1.59% | 1 | 33.33% |
| Total | 63 | 100.00% | 3 | 100.00% |
static inline void
instance_get(struct nfulnl_instance *inst)
{
atomic_inc(&inst->use);
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| Harald Welte | 20 | 100.00% | 1 | 100.00% |
| Total | 20 | 100.00% | 1 | 100.00% |
static struct nfulnl_instance *
instance_lookup_get(struct nfnl_log_net *log, u_int16_t group_num)
{
struct nfulnl_instance *inst;
rcu_read_lock_bh();
inst = __instance_lookup(log, group_num);
if (inst && !atomic_inc_not_zero(&inst->use))
inst = NULL;
rcu_read_unlock_bh();
return inst;
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| Harald Welte | 35 | 62.50% | 1 | 25.00% |
| Eric Dumazet | 14 | 25.00% | 2 | 50.00% |
| Gao Feng | 7 | 12.50% | 1 | 25.00% |
| Total | 56 | 100.00% | 4 | 100.00% |
static void nfulnl_instance_free_rcu(struct rcu_head *head)
{
struct nfulnl_instance *inst =
container_of(head, struct nfulnl_instance, rcu);
put_net(inst->net);
kfree(inst);
module_put(THIS_MODULE);
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| Eric Dumazet | 27 | 62.79% | 1 | 50.00% |
| Gao Feng | 16 | 37.21% | 1 | 50.00% |
| Total | 43 | 100.00% | 2 | 100.00% |
static void
instance_put(struct nfulnl_instance *inst)
{
if (inst && atomic_dec_and_test(&inst->use))
call_rcu_bh(&inst->rcu, nfulnl_instance_free_rcu);
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| Harald Welte | 27 | 81.82% | 1 | 50.00% |
| Eric Dumazet | 6 | 18.18% | 1 | 50.00% |
| Total | 33 | 100.00% | 2 | 100.00% |
static void nfulnl_timer(unsigned long data);
static struct nfulnl_instance *
instance_create(struct net *net, u_int16_t group_num,
u32 portid, struct user_namespace *user_ns)
{
struct nfulnl_instance *inst;
struct nfnl_log_net *log = nfnl_log_pernet(net);
int err;
spin_lock_bh(&log->instances_lock);
if (__instance_lookup(log, group_num)) {
err = -EEXIST;
goto out_unlock;
}
inst = kzalloc(sizeof(*inst), GFP_ATOMIC);
if (!inst) {
err = -ENOMEM;
goto out_unlock;
}
if (!try_module_get(THIS_MODULE)) {
kfree(inst);
err = -EAGAIN;
goto out_unlock;
}
INIT_HLIST_NODE(&inst->hlist);
spin_lock_init(&inst->lock);
/* needs to be two, since we _put() after creation */
atomic_set(&inst->use, 2);
setup_timer(&inst->timer, nfulnl_timer, (unsigned long)inst);
inst->net = get_net(net);
inst->peer_user_ns = user_ns;
inst->peer_portid = portid;
inst->group_num = group_num;
inst->qthreshold = NFULNL_QTHRESH_DEFAULT;
inst->flushtimeout = NFULNL_TIMEOUT_DEFAULT;
inst->nlbufsiz = NFULNL_NLBUFSIZ_DEFAULT;
inst->copy_mode = NFULNL_COPY_PACKET;
inst->copy_range = NFULNL_COPY_RANGE_MAX;
hlist_add_head_rcu(&inst->hlist,
&log->instance_table[instance_hashfn(group_num)]);
spin_unlock_bh(&log->instances_lock);
return inst;
out_unlock:
spin_unlock_bh(&log->instances_lock);
return ERR_PTR(err);
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| Harald Welte | 164 | 61.65% | 2 | 15.38% |
| Gao Feng | 34 | 12.78% | 1 | 7.69% |
| Patrick McHardy | 26 | 9.77% | 2 | 15.38% |
| Michał Mirosław | 19 | 7.14% | 2 | 15.38% |
| Eric W. Biedermann | 14 | 5.26% | 2 | 15.38% |
| Eric Dumazet | 4 | 1.50% | 2 | 15.38% |
| Hideaki Yoshifuji / 吉藤英明 | 4 | 1.50% | 1 | 7.69% |
| Richard Weinberger | 1 | 0.38% | 1 | 7.69% |
| Total | 266 | 100.00% | 13 | 100.00% |
static void __nfulnl_flush(struct nfulnl_instance *inst);
/* called with BH disabled */
static void
__instance_destroy(struct nfulnl_instance *inst)
{
/* first pull it out of the global list */
hlist_del_rcu(&inst->hlist);
/* then flush all pending packets from skb */
spin_lock(&inst->lock);
/* lockless readers wont be able to use us */
inst->copy_mode = NFULNL_COPY_DISABLED;
if (inst->skb)
__nfulnl_flush(inst);
spin_unlock(&inst->lock);
/* and finally put the refcount */
instance_put(inst);
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| Harald Welte | 49 | 80.33% | 1 | 25.00% |
| Eric Dumazet | 10 | 16.39% | 1 | 25.00% |
| Michał Mirosław | 1 | 1.64% | 1 | 25.00% |
| Patrick McHardy | 1 | 1.64% | 1 | 25.00% |
| Total | 61 | 100.00% | 4 | 100.00% |
static inline void
instance_destroy(struct nfnl_log_net *log,
struct nfulnl_instance *inst)
{
spin_lock_bh(&log->instances_lock);
__instance_destroy(inst);
spin_unlock_bh(&log->instances_lock);
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| Harald Welte | 18 | 47.37% | 1 | 25.00% |
| Gao Feng | 9 | 23.68% | 1 | 25.00% |
| Patrick McHardy | 9 | 23.68% | 1 | 25.00% |
| Eric Dumazet | 2 | 5.26% | 1 | 25.00% |
| Total | 38 | 100.00% | 4 | 100.00% |
static int
nfulnl_set_mode(struct nfulnl_instance *inst, u_int8_t mode,
unsigned int range)
{
int status = 0;
spin_lock_bh(&inst->lock);
switch (mode) {
case NFULNL_COPY_NONE:
case NFULNL_COPY_META:
inst->copy_mode = mode;
inst->copy_range = 0;
break;
case NFULNL_COPY_PACKET:
inst->copy_mode = mode;
if (range == 0)
range = NFULNL_COPY_RANGE_MAX;
inst->copy_range = min_t(unsigned int,
range, NFULNL_COPY_RANGE_MAX);
break;
default:
status = -EINVAL;
break;
}
spin_unlock_bh(&inst->lock);
return status;
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| Harald Welte | 89 | 83.18% | 1 | 33.33% |
| Florian Westphal | 10 | 9.35% | 1 | 33.33% |
| Michał Mirosław | 8 | 7.48% | 1 | 33.33% |
| Total | 107 | 100.00% | 3 | 100.00% |
static int
nfulnl_set_nlbufsiz(struct nfulnl_instance *inst, u_int32_t nlbufsiz)
{
int status;
spin_lock_bh(&inst->lock);
if (nlbufsiz < NFULNL_NLBUFSIZ_DEFAULT)
status = -ERANGE;
else if (nlbufsiz > 131072)
status = -ERANGE;
else {
inst->nlbufsiz = nlbufsiz;
status = 0;
}
spin_unlock_bh(&inst->lock);
return status;
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| Harald Welte | 72 | 100.00% | 1 | 100.00% |
| Total | 72 | 100.00% | 1 | 100.00% |
static void
nfulnl_set_timeout(struct nfulnl_instance *inst, u_int32_t timeout)
{
spin_lock_bh(&inst->lock);
inst->flushtimeout = timeout;
spin_unlock_bh(&inst->lock);
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| Harald Welte | 35 | 97.22% | 1 | 50.00% |
| Rami Rosen | 1 | 2.78% | 1 | 50.00% |
| Total | 36 | 100.00% | 2 | 100.00% |
static void
nfulnl_set_qthresh(struct nfulnl_instance *inst, u_int32_t qthresh)
{
spin_lock_bh(&inst->lock);
inst->qthreshold = qthresh;
spin_unlock_bh(&inst->lock);
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| Harald Welte | 35 | 97.22% | 1 | 50.00% |
| Rami Rosen | 1 | 2.78% | 1 | 50.00% |
| Total | 36 | 100.00% | 2 | 100.00% |
static int
nfulnl_set_flags(struct nfulnl_instance *inst, u_int16_t flags)
{
spin_lock_bh(&inst->lock);
inst->flags = flags;
spin_unlock_bh(&inst->lock);
return 0;
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| Harald Welte | 39 | 100.00% | 1 | 100.00% |
| Total | 39 | 100.00% | 1 | 100.00% |
static struct sk_buff *
nfulnl_alloc_skb(struct net *net, u32 peer_portid, unsigned int inst_size,
unsigned int pkt_size)
{
struct sk_buff *skb;
unsigned int n;
/* alloc skb which should be big enough for a whole multipart
* message. WARNING: has to be <= 128k due to slab restrictions */
n = max(inst_size, pkt_size);
skb = alloc_skb(n, GFP_ATOMIC | __GFP_NOWARN);
if (!skb) {
if (n > pkt_size) {
/* try to allocate only as much as we need for current
* packet */
skb = alloc_skb(pkt_size, GFP_ATOMIC);
}
}
return skb;
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| Harald Welte | 47 | 57.32% | 1 | 16.67% |
| Patrick McHardy | 26 | 31.71% | 2 | 33.33% |
| Gao Feng | 5 | 6.10% | 1 | 16.67% |
| Florian Westphal | 2 | 2.44% | 1 | 16.67% |
| Calvin Owens | 2 | 2.44% | 1 | 16.67% |
| Total | 82 | 100.00% | 6 | 100.00% |
static void
__nfulnl_send(struct nfulnl_instance *inst)
{
if (inst->qlen > 1) {
struct nlmsghdr *nlh = nlmsg_put(inst->skb, 0, 0,
NLMSG_DONE,
sizeof(struct nfgenmsg),
0);
if (WARN_ONCE(!nlh, "bad nlskb size: %u, tailroom %d\n",
inst->skb->len, skb_tailroom(inst->skb))) {
kfree_skb(inst->skb);
goto out;
}
}
nfnetlink_unicast(inst->skb, inst->net, inst->peer_portid,
MSG_DONTWAIT);
out:
inst->qlen = 0;
inst->skb = NULL;
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| Harald Welte | 45 | 39.82% | 1 | 14.29% |
| Houcheng Lin | 30 | 26.55% | 1 | 14.29% |
| David S. Miller | 19 | 16.81% | 1 | 14.29% |
| Eric Leblond | 14 | 12.39% | 1 | 14.29% |
| Gao Feng | 3 | 2.65% | 1 | 14.29% |
| Eric W. Biedermann | 1 | 0.88% | 1 | 14.29% |
| Alexey Dobriyan | 1 | 0.88% | 1 | 14.29% |
| Total | 113 | 100.00% | 7 | 100.00% |
static void
__nfulnl_flush(struct nfulnl_instance *inst)
{
/* timer holds a reference */
if (del_timer(&inst->timer))
instance_put(inst);
if (inst->skb)
__nfulnl_send(inst);
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| Michał Mirosław | 38 | 100.00% | 1 | 100.00% |
| Total | 38 | 100.00% | 1 | 100.00% |
static void
nfulnl_timer(unsigned long data)
{
struct nfulnl_instance *inst = (struct nfulnl_instance *)data;
spin_lock_bh(&inst->lock);
if (inst->skb)
__nfulnl_send(inst);
spin_unlock_bh(&inst->lock);
instance_put(inst);
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| Harald Welte | 43 | 79.63% | 1 | 33.33% |
| Michał Mirosław | 11 | 20.37% | 2 | 66.67% |
| Total | 54 | 100.00% | 3 | 100.00% |
/* This is an inline function, we don't really care about a long
* list of arguments */
static inline int
__build_packet_message(struct nfnl_log_net *log,
struct nfulnl_instance *inst,
const struct sk_buff *skb,
unsigned int data_len,
u_int8_t pf,
unsigned int hooknum,
const struct net_device *indev,
const struct net_device *outdev,
const char *prefix, unsigned int plen,
const struct nfnl_ct_hook *nfnl_ct,
struct nf_conn *ct, enum ip_conntrack_info ctinfo)
{
struct nfulnl_msg_packet_hdr pmsg;
struct nlmsghdr *nlh;
struct nfgenmsg *nfmsg;
sk_buff_data_t old_tail = inst->skb->tail;
struct sock *sk;
const unsigned char *hwhdrp;
nlh = nlmsg_put(inst->skb, 0, 0,
NFNL_SUBSYS_ULOG << 8 | NFULNL_MSG_PACKET,
sizeof(struct nfgenmsg), 0);
if (!nlh)
return -1;
nfmsg = nlmsg_data(nlh);
nfmsg->nfgen_family = pf;
nfmsg->version = NFNETLINK_V0;
nfmsg->res_id = htons(inst->group_num);
memset(&pmsg, 0, sizeof(pmsg));
pmsg.hw_protocol = skb->protocol;
pmsg.hook = hooknum;
if (nla_put(inst->skb, NFULA_PACKET_HDR, sizeof(pmsg), &pmsg))
goto nla_put_failure;
if (prefix &&
nla_put(inst->skb, NFULA_PREFIX, plen, prefix))
goto nla_put_failure;
if (indev) {
#if !IS_ENABLED(CONFIG_BRIDGE_NETFILTER)
if (nla_put_be32(inst->skb, NFULA_IFINDEX_INDEV,
htonl(indev->ifindex)))
goto nla_put_failure;
#else
if (pf == PF_BRIDGE) {
/* Case 1: outdev is physical input device, we need to
* look for bridge group (when called from
* netfilter_bridge) */
if (nla_put_be32(inst->skb, NFULA_IFINDEX_PHYSINDEV,
htonl(indev->ifindex)) ||
/* this is the bridge group "brX" */
/* rcu_read_lock()ed by nf_hook_thresh or
* nf_log_packet.
*/
nla_put_be32(inst->skb, NFULA_IFINDEX_INDEV,
htonl(br_port_get_rcu(indev)->br->dev->ifindex)))
goto nla_put_failure;
} else {
struct net_device *physindev;
/* Case 2: indev is bridge group, we need to look for
* physical device (when called from ipv4) */
if (nla_put_be32(inst->skb, NFULA_IFINDEX_INDEV,
htonl(indev->ifindex)))
goto nla_put_failure;
physindev = nf_bridge_get_physindev(skb);
if (physindev &&
nla_put_be32(inst->skb, NFULA_IFINDEX_PHYSINDEV,
htonl(physindev->ifindex)))
goto nla_put_failure;
}
#endif
}
if (outdev) {
#if !IS_ENABLED(CONFIG_BRIDGE_NETFILTER)
if (nla_put_be32(inst->skb, NFULA_IFINDEX_OUTDEV,
htonl(outdev->ifindex)))
goto nla_put_failure;
#else
if (pf == PF_BRIDGE) {
/* Case 1: outdev is physical output device, we need to
* look for bridge group (when called from
* netfilter_bridge) */
if (nla_put_be32(inst->skb, NFULA_IFINDEX_PHYSOUTDEV,
htonl(outdev->ifindex)) ||
/* this is the bridge group "brX" */
/* rcu_read_lock()ed by nf_hook_thresh or
* nf_log_packet.
*/
nla_put_be32(inst->skb, NFULA_IFINDEX_OUTDEV,
htonl(br_port_get_rcu(outdev)->br->dev->ifindex)))
goto nla_put_failure;
} else {
struct net_device *physoutdev;
/* Case 2: indev is a bridge group, we need to look
* for physical device (when called from ipv4) */
if (nla_put_be32(inst->skb, NFULA_IFINDEX_OUTDEV,
htonl(outdev->ifindex)))
goto nla_put_failure;
physoutdev = nf_bridge_get_physoutdev(skb);
if (physoutdev &&
nla_put_be32(inst->skb, NFULA_IFINDEX_PHYSOUTDEV,
htonl(physoutdev->ifindex)))
goto nla_put_failure;
}
#endif
}
if (skb->mark &&
nla_put_be32(inst->skb, NFULA_MARK, htonl(skb->mark)))
goto nla_put_failure;
if (indev && skb->dev &&
skb->mac_header != skb->network_header) {
struct nfulnl_msg_packet_hw phw;
int len;
memset(&phw, 0, sizeof(phw));
len = dev_parse_header(skb, phw.hw_addr);
if (len > 0) {
phw.hw_addrlen = htons(len);
if (nla_put(inst->skb, NFULA_HWADDR, sizeof(phw), &phw))
goto nla_put_failure;
}
}
if (indev && skb_mac_header_was_set(skb)) {
if (nla_put_be16(inst->skb, NFULA_HWTYPE, htons(skb->dev->type)) ||
nla_put_be16(inst->skb, NFULA_HWLEN,
htons(skb->dev->hard_header_len)))
goto nla_put_failure;
hwhdrp = skb_mac_header(skb);
if (skb->dev->type == ARPHRD_SIT)
hwhdrp -= ETH_HLEN;
if (hwhdrp >= skb->head &&
nla_put(inst->skb, NFULA_HWHEADER,
skb->dev->hard_header_len, hwhdrp))
goto nla_put_failure;
}
if (skb->tstamp) {
struct nfulnl_msg_packet_timestamp ts;
struct timespec64 kts = ktime_to_timespec64(skb->tstamp);
ts.sec = cpu_to_be64(kts.tv_sec);
ts.usec = cpu_to_be64(kts.tv_nsec / NSEC_PER_USEC);
if (nla_put(inst->skb, NFULA_TIMESTAMP, sizeof(ts), &ts))
goto nla_put_failure;
}
/* UID */
sk = skb->sk;
if (sk && sk_fullsock(sk)) {
read_lock_bh(&sk->sk_callback_lock);
if (sk->sk_socket && sk->sk_socket->file) {
struct file *file = sk->sk_socket->file;
const struct cred *cred = file->f_cred;
struct user_namespace *user_ns = inst->peer_user_ns;
__be32 uid = htonl(from_kuid_munged(user_ns, cred->fsuid));
__be32 gid = htonl(from_kgid_munged(user_ns, cred->fsgid));
read_unlock_bh(&sk->sk_callback_lock);
if (nla_put_be32(inst->skb, NFULA_UID, uid) ||
nla_put_be32(inst->skb, NFULA_GID, gid))
goto nla_put_failure;
} else
read_unlock_bh(&sk->sk_callback_lock);
}
/* local sequence number */
if ((inst->flags & NFULNL_CFG_F_SEQ) &&
nla_put_be32(inst->skb, NFULA_SEQ, htonl(inst->seq++)))
goto nla_put_failure;
/* global sequence number */
if ((inst->flags & NFULNL_CFG_F_SEQ_GLOBAL) &&
nla_put_be32(inst->skb, NFULA_SEQ_GLOBAL,
htonl(atomic_inc_return(&log->global_seq))))
goto nla_put_failure;
if (ct && nfnl_ct->build(inst->skb, ct, ctinfo,
NFULA_CT, NFULA_CT_INFO) < 0)
goto nla_put_failure;
if (data_len) {
struct nlattr *nla;
int size = nla_attr_size(data_len);
if (skb_tailroom(inst->skb) < nla_total_size(data_len))
goto nla_put_failure;
nla = (struct nlattr *)skb_put(inst->skb, nla_total_size(data_len));
nla->nla_type = NFULA_PAYLOAD;
nla->nla_len = size;
if (skb_copy_bits(skb, 0, nla_data(nla), data_len))
BUG();
}
nlh->nlmsg_len = inst->skb->tail - old_tail;
return 0;
nla_put_failure:
PRINTR(KERN_ERR "nfnetlink_log: error creating log nlmsg\n");
return -1;
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| Harald Welte | 607 | 51.62% | 3 | 8.33% |
| David S. Miller | 138 | 11.73% | 2 | 5.56% |
| Patrick McHardy | 106 | 9.01% | 8 | 22.22% |
| Eric Leblond | 57 | 4.85% | 1 | 2.78% |
| Ken-ichirou MATSUZAWA | 41 | 3.49% | 1 | 2.78% |
| Bob Hockney | 40 | 3.40% | 1 | 2.78% |
| Dan Carpenter | 30 | 2.55% | 1 | 2.78% |
| Eric Dumazet | 25 | 2.13% | 3 | 8.33% |
| Florian Westphal | 24 | 2.04% | 1 | 2.78% |
| Linus Torvalds | 23 | 1.96% | 1 | 2.78% |
| Pablo Neira Ayuso | 15 | 1.28% | 2 | 5.56% |
| David Howells | 14 | 1.19% | 1 | 2.78% |
| Stephen Hemminger | 9 | 0.77% | 1 | 2.78% |
| Arnd Bergmann | 8 | 0.68% | 1 | 2.78% |
| Eric W. Biedermann | 8 | 0.68% | 1 | 2.78% |
| Nicolas Cavallari | 8 | 0.68% | 1 | 2.78% |
| Gao Feng | 7 | 0.60% | 1 | 2.78% |
| Jiri Pirko | 6 | 0.51% | 1 | 2.78% |
| Al Viro | 3 | 0.26% | 1 | 2.78% |
| Arnaldo Carvalho de Melo | 3 | 0.26% | 1 | 2.78% |
| Aaron Conole | 2 | 0.17% | 1 | 2.78% |
| Jan Engelhardt | 1 | 0.09% | 1 | 2.78% |
| Thomas Graf | 1 | 0.09% | 1 | 2.78% |
| Total | 1176 | 100.00% | 36 | 100.00% |
static struct nf_loginfo default_loginfo = {
.type = NF_LOG_TYPE_ULOG,
.u = {
.ulog = {
.copy_len = 0xffff,
.group = 0,
.qthreshold = 1,
},
},
};
/* log handler for internal netfilter logging api */
void
nfulnl_log_packet(struct net *net,
u_int8_t pf,
unsigned int hooknum,
const struct sk_buff *skb,
const struct net_device *in,
const struct net_device *out,
const struct nf_loginfo *li_user,
const char *prefix)
{
size_t size;
unsigned int data_len;
struct nfulnl_instance *inst;
const struct nf_loginfo *li;
unsigned int qthreshold;
unsigned int plen;
struct nfnl_log_net *log = nfnl_log_pernet(net);
const struct nfnl_ct_hook *nfnl_ct = NULL;
struct nf_conn *ct = NULL;
enum ip_conntrack_info uninitialized_var(ctinfo);
if (li_user && li_user->type == NF_LOG_TYPE_ULOG)
li = li_user;
else
li = &default_loginfo;
inst = instance_lookup_get(log, li->u.ulog.group);
if (!inst)
return;
plen = 0;
if (prefix)
plen = strlen(prefix) + 1;
/* FIXME: do we want to make the size calculation conditional based on
* what is actually present? way more branches and checks, but more
* memory efficient... */
size = nlmsg_total_size(sizeof(struct nfgenmsg))
+ nla_total_size(sizeof(struct nfulnl_msg_packet_hdr))
+ nla_total_size(sizeof(u_int32_t)) /* ifindex */
+ nla_total_size(sizeof(u_int32_t)) /* ifindex */
#if IS_ENABLED(CONFIG_BRIDGE_NETFILTER)
+ nla_total_size(sizeof(u_int32_t)) /* ifindex */
+ nla_total_size(sizeof(u_int32_t)) /* ifindex */
#endif
+ nla_total_size(sizeof(u_int32_t)) /* mark */
+ nla_total_size(sizeof(u_int32_t)) /* uid */
+ nla_total_size(sizeof(u_int32_t)) /* gid */
+ nla_total_size(plen) /* prefix */
+ nla_total_size(sizeof(struct nfulnl_msg_packet_hw))
+ nla_total_size(sizeof(struct nfulnl_msg_packet_timestamp))
+ nla_total_size(sizeof(struct nfgenmsg)); /* NLMSG_DONE */
if (in && skb_mac_header_was_set(skb)) {
size += nla_total_size(skb->dev->hard_header_len)
+ nla_total_size(sizeof(u_int16_t)) /* hwtype */
+ nla_total_size(sizeof(u_int16_t)); /* hwlen */
}
spin_lock_bh(&inst->lock);
if (inst->flags & NFULNL_CFG_F_SEQ)
size += nla_total_size(sizeof(u_int32_t));
if (inst->flags & NFULNL_CFG_F_SEQ_GLOBAL)
size += nla_total_size(sizeof(u_int32_t));
if (inst->flags & NFULNL_CFG_F_CONNTRACK) {
nfnl_ct = rcu_dereference(nfnl_ct_hook);
if (nfnl_ct != NULL) {
ct = nfnl_ct->get_ct(skb, &ctinfo);
if (ct != NULL)
size += nfnl_ct->build_size(ct);
}
}
qthreshold = inst->qthreshold;
/* per-rule qthreshold overrides per-instance */
if (li->u.ulog.qthreshold)
if (qthreshold > li->u.ulog.qthreshold)
qthreshold = li->u.ulog.qthreshold;
switch (inst->copy_mode) {
case NFULNL_COPY_META:
case NFULNL_COPY_NONE:
data_len = 0;
break;
case NFULNL_COPY_PACKET:
data_len = inst->copy_range;
if ((li->u.ulog.flags & NF_LOG_F_COPY_LEN) &&
(li->u.ulog.copy_len < data_len))
data_len = li->u.ulog.copy_len;
if (data_len > skb->len)
data_len = skb->len;
size += nla_total_size(data_len);
break;
case NFULNL_COPY_DISABLED:
default:
goto unlock_and_release;
}
if (inst->skb && size > skb_tailroom(inst->skb)) {
/* either the queue len is too high or we don't have
* enough room in the skb left. flush to userspace. */
__nfulnl_flush(inst);
}
if (!inst->skb) {
inst->skb = nfulnl_alloc_skb(net, inst->peer_portid,
inst->nlbufsiz, size);
if (!inst->skb)
goto alloc_failure;
}
inst->qlen++;
__build_packet_message(log, inst, skb, data_len, pf,
hooknum, in, out, prefix, plen,
nfnl_ct, ct, ctinfo);
if (inst->qlen >= qthreshold)
__nfulnl_flush(inst);
/* timer_pending always called within inst->lock, so there
* is no chance of a race here */
else if (!timer_pending(&inst->timer)) {
instance_get(inst);
inst->timer.expires = jiffies + (inst->flushtimeout*HZ/100);
add_timer(&inst->timer);
}
unlock_and_release:
spin_unlock_bh(&inst->lock);
instance_put(inst);
return;
alloc_failure:
/* FIXME: statistics */
goto unlock_and_release;
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| Harald Welte | 429 | 58.61% | 3 | 12.00% |
| Ken-ichirou MATSUZAWA | 83 | 11.34% | 1 | 4.00% |
| Patrick McHardy | 48 | 6.56% | 5 | 20.00% |
| Pablo Neira Ayuso | 45 | 6.15% | 2 | 8.00% |
| Vishwanath Pai | 42 | 5.74% | 1 | 4.00% |
| Michał Mirosław | 39 | 5.33% | 5 | 20.00% |
| Gao Feng | 16 | 2.19% | 2 | 8.00% |
| Eric Leblond | 10 | 1.37% | 1 | 4.00% |
| Florian Westphal | 10 | 1.37% | 1 | 4.00% |
| Hans Schillstrom | 5 | 0.68% | 1 | 4.00% |
| Eric Dumazet | 3 | 0.41% | 1 | 4.00% |
| Jan Engelhardt | 1 | 0.14% | 1 | 4.00% |
| Hong Zhi Guo | 1 | 0.14% | 1 | 4.00% |
| Total | 732 | 100.00% | 25 | 100.00% |
EXPORT_SYMBOL_GPL(nfulnl_log_packet);
static int
nfulnl_rcv_nl_event(struct notifier_block *this,
unsigned long event, void *ptr)
{
struct netlink_notify *n = ptr;
struct nfnl_log_net *log = nfnl_log_pernet(n->net);
if (event == NETLINK_URELEASE && n->protocol == NETLINK_NETFILTER) {
int i;
/* destroy all instances for this portid */
spin_lock_bh(&log->instances_lock);
for (i = 0; i < INSTANCE_BUCKETS; i++) {
struct hlist_node *t2;
struct nfulnl_instance *inst;
struct hlist_head *head = &log->instance_table[i];
hlist_for_each_entry_safe(inst, t2, head, hlist) {
if (n->portid == inst->peer_portid)
__instance_destroy(inst);
}
}
spin_unlock_bh(&log->instances_lock);
}
return NOTIFY_DONE;
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| Harald Welte | 117 | 83.57% | 1 | 25.00% |
| Gao Feng | 18 | 12.86% | 1 | 25.00% |
| Eric W. Biedermann | 3 | 2.14% | 1 | 25.00% |
| Eric Dumazet | 2 | 1.43% | 1 | 25.00% |
| Total | 140 | 100.00% | 4 | 100.00% |
static struct notifier_block nfulnl_rtnl_notifier = {
.notifier_call = nfulnl_rcv_nl_event,
};
static int nfulnl_recv_unsupp(struct net *net, struct sock *ctnl,
struct sk_buff *skb, const struct nlmsghdr *nlh,
const struct nlattr * const nfqa[])
{
return -ENOTSUPP;
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| Harald Welte | 30 | 76.92% | 1 | 25.00% |
| Pablo Neira Ayuso | 5 | 12.82% | 1 | 25.00% |
| Patrick McHardy | 4 | 10.26% | 2 | 50.00% |
| Total | 39 | 100.00% | 4 | 100.00% |
static struct nf_logger nfulnl_logger __read_mostly = {
.name = "nfnetlink_log",
.type = NF_LOG_TYPE_ULOG,
.logfn = &nfulnl_log_packet,
.me = THIS_MODULE,
};
static const struct nla_policy nfula_cfg_policy[NFULA_CFG_MAX+1] = {
[NFULA_CFG_CMD] = { .len = sizeof(struct nfulnl_msg_config_cmd) },
[NFULA_CFG_MODE] = { .len = sizeof(struct nfulnl_msg_config_mode) },
[NFULA_CFG_TIMEOUT] = { .type = NLA_U32 },
[NFULA_CFG_QTHRESH] = { .type = NLA_U32 },
[NFULA_CFG_NLBUFSIZ] = { .type = NLA_U32 },
[NFULA_CFG_FLAGS] = { .type = NLA_U16 },
};
static int nfulnl_recv_config(struct net *net, struct sock *ctnl,
struct sk_buff *skb, const struct nlmsghdr *nlh,
const struct nlattr * const nfula[])
{
struct nfgenmsg *nfmsg = nlmsg_data(nlh);
u_int16_t group_num = ntohs(nfmsg->res_id);
struct nfulnl_instance *inst;
struct nfulnl_msg_config_cmd *cmd = NULL;
struct nfnl_log_net *log = nfnl_log_pernet(net);
int ret = 0;
u16 flags = 0;
if (nfula[NFULA_CFG_CMD]) {
u_int8_t pf = nfmsg->nfgen_family;
cmd = nla_data(nfula[NFULA_CFG_CMD]);
/* Commands without queue context */
switch (cmd->command) {
case NFULNL_CFG_CMD_PF_BIND:
return nf_log_bind_pf(net, pf, &nfulnl_logger);
case NFULNL_CFG_CMD_PF_UNBIND:
nf_log_unbind_pf(net, pf);
return 0;
}
}
inst = instance_lookup_get(log, group_num);
if (inst && inst->peer_portid != NETLINK_CB(skb).portid) {
ret = -EPERM;
goto out_put;
}
/* Check if we support these flags in first place, dependencies should
* be there too not to break atomicity.
*/
if (nfula[NFULA_CFG_FLAGS]) {
flags = ntohs(nla_get_be16(nfula[NFULA_CFG_FLAGS]));
if ((flags & NFULNL_CFG_F_CONNTRACK) &&
!rcu_access_pointer(nfnl_ct_hook)) {
#ifdef CONFIG_MODULES
nfnl_unlock(NFNL_SUBSYS_ULOG);
request_module("ip_conntrack_netlink");
nfnl_lock(NFNL_SUBSYS_ULOG);
if (rcu_access_pointer(nfnl_ct_hook)) {
ret = -EAGAIN;
goto out_put;
}
#endif
ret = -EOPNOTSUPP;
goto out_put;
}
}
if (cmd != NULL) {
switch (cmd->command) {
case NFULNL_CFG_CMD_BIND:
if (inst) {
ret = -EBUSY;
goto out_put;
}
inst = instance_create(net, group_num,
NETLINK_CB(skb).portid,
sk_user_ns(NETLINK_CB(skb).sk));
if (IS_ERR(inst)) {
ret = PTR_ERR(inst);
goto out;
}
break;
case NFULNL_CFG_CMD_UNBIND:
if (!inst) {
ret = -ENODEV;
goto out;
}
instance_destroy(log, inst);
goto out_put;
default:
ret = -ENOTSUPP;
goto out_put;
}
} else if (!inst) {
ret = -ENODEV;
goto out;
}
if (nfula[NFULA_CFG_MODE]) {
struct nfulnl_msg_config_mode *params =
nla_data(nfula[NFULA_CFG_MODE]);
nfulnl_set_mode(inst, params->copy_mode,
ntohl(params->copy_range));
}
if (nfula[NFULA_CFG_TIMEOUT]) {
__be32 timeout = nla_get_be32(nfula[NFULA_CFG_TIMEOUT]);
nfulnl_set_timeout(inst, ntohl(timeout));
}
if (nfula[NFULA_CFG_NLBUFSIZ]) {
__be32 nlbufsiz = nla_get_be32(nfula[NFULA_CFG_NLBUFSIZ]);
nfulnl_set_nlbufsiz(inst, ntohl(nlbufsiz));
}
if (nfula[NFULA_CFG_QTHRESH]) {
__be32 qthresh = nla_get_be32(nfula[NFULA_CFG_QTHRESH]);
nfulnl_set_qthresh(inst, ntohl(qthresh));
}
if (nfula[NFULA_CFG_FLAGS])
nfulnl_set_flags(inst, flags);
out_put:
instance_put(inst);
out:
return ret;
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| Harald Welte | 286 | 51.72% | 2 | 7.14% |
| Pablo Neira Ayuso | 110 | 19.89% | 3 | 10.71% |
| Patrick McHardy | 106 | 19.17% | 8 | 28.57% |
| Gao Feng | 20 | 3.62% | 2 | 7.14% |
| Eric W. Biedermann | 12 | 2.17% | 2 | 7.14% |
| Michał Mirosław | 6 | 1.08% | 3 | 10.71% |
| Al Viro | 4 | 0.72% | 3 | 10.71% |
| Ken-ichirou MATSUZAWA | 3 | 0.54% | 1 | 3.57% |
| Arnd Bergmann | 2 | 0.36% | 1 | 3.57% |
| Eric Leblond | 2 | 0.36% | 1 | 3.57% |
| David S. Miller | 1 | 0.18% | 1 | 3.57% |
| Alexey Dobriyan | 1 | 0.18% | 1 | 3.57% |
| Total | 553 | 100.00% | 28 | 100.00% |
static const struct nfnl_callback nfulnl_cb[NFULNL_MSG_MAX] = {
[NFULNL_MSG_PACKET] = { .call = nfulnl_recv_unsupp,
.attr_count = NFULA_MAX, },
[NFULNL_MSG_CONFIG] = { .call = nfulnl_recv_config,
.attr_count = NFULA_CFG_MAX,
.policy = nfula_cfg_policy },
};
static const struct nfnetlink_subsystem nfulnl_subsys = {
.name = "log",
.subsys_id = NFNL_SUBSYS_ULOG,
.cb_count = NFULNL_MSG_MAX,
.cb = nfulnl_cb,
};
#ifdef CONFIG_PROC_FS
struct iter_state {
struct seq_net_private p;
unsigned int bucket;
};
static struct hlist_node *get_first(struct net *net, struct iter_state *st)
{
struct nfnl_log_net *log;
if (!st)
return NULL;
log = nfnl_log_pernet(net);
for (st->bucket = 0; st->bucket < INSTANCE_BUCKETS; st->bucket++) {
struct hlist_head *head = &log->instance_table[st->bucket];
if (!hlist_empty(head))
return rcu_dereference_bh(hlist_first_rcu(head));
}
return NULL;
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| Harald Welte | 54 | 57.45% | 1 | 20.00% |
| Gao Feng | 32 | 34.04% | 1 | 20.00% |
| Eric Dumazet | 6 | 6.38% | 2 | 40.00% |
| Michał Mirosław | 2 | 2.13% | 1 | 20.00% |
| Total | 94 | 100.00% | 5 | 100.00% |
static struct hlist_node *get_next(struct net *net, struct iter_state *st,
struct hlist_node *h)
{
h = rcu_dereference_bh(hlist_next_rcu(h));
while (!h) {
struct nfnl_log_net *log;
struct hlist_head *head;
if (++st->bucket >= INSTANCE_BUCKETS)
return NULL;
log = nfnl_log_pernet(net);
head = &log->instance_table[st->bucket];
h = rcu_dereference_bh(hlist_first_rcu(head));
}
return h;
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| Harald Welte | 50 | 53.19% | 1 | 20.00% |
| Gao Feng | 32 | 34.04% | 1 | 20.00% |
| Eric Dumazet | 10 | 10.64% | 2 | 40.00% |
| Michał Mirosław | 2 | 2.13% | 1 | 20.00% |
| Total | 94 | 100.00% | 5 | 100.00% |
static struct hlist_node *get_idx(struct net *net, struct iter_state *st,
loff_t pos)
{
struct hlist_node *head;
head = get_first(net, st);
if (head)
while (pos && (head = get_next(net, st, head)))
pos--;
return pos ? NULL : head;
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| Harald Welte | 53 | 80.30% | 1 | 33.33% |
| Gao Feng | 9 | 13.64% | 1 | 33.33% |
| Michał Mirosław | 4 | 6.06% | 1 | 33.33% |
| Total | 66 | 100.00% | 3 | 100.00% |
static void *seq_start(struct seq_file *s, loff_t *pos)
__acquires
(rcu_bh)
{
rcu_read_lock_bh();
return get_idx(seq_file_net(s), s->private, *pos);
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| Harald Welte | 24 | 61.54% | 1 | 20.00% |
| Gao Feng | 7 | 17.95% | 1 | 20.00% |
| Eric Dumazet | 3 | 7.69% | 1 | 20.00% |
| Stephen Hemminger | 3 | 7.69% | 1 | 20.00% |
| Michał Mirosław | 2 | 5.13% | 1 | 20.00% |
| Total | 39 | 100.00% | 5 | 100.00% |
static void *seq_next(struct seq_file *s, void *v, loff_t *pos)
{
(*pos)++;
return get_next(seq_file_net(s), s->private, v);
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| Harald Welte | 34 | 82.93% | 1 | 33.33% |
| Gao Feng | 5 | 12.20% | 1 | 33.33% |
| Michał Mirosław | 2 | 4.88% | 1 | 33.33% |
| Total | 41 | 100.00% | 3 | 100.00% |
static void seq_stop(struct seq_file *s, void *v)
__releases
(rcu_bh)
{
rcu_read_unlock_bh();
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| Harald Welte | 16 | 72.73% | 1 | 33.33% |
| Stephen Hemminger | 3 | 13.64% | 1 | 33.33% |
| Eric Dumazet | 3 | 13.64% | 1 | 33.33% |
| Total | 22 | 100.00% | 3 | 100.00% |
static int seq_show(struct seq_file *s, void *v)
{
const struct nfulnl_instance *inst = v;
seq_printf(s, "%5u %6u %5u %1u %5u %6u %2u\n",
inst->group_num,
inst->peer_portid, inst->qlen,
inst->copy_mode, inst->copy_range,
inst->flushtimeout, atomic_read(&inst->use));
return 0;
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| Harald Welte | 60 | 92.31% | 1 | 25.00% |
| Joe Perches | 3 | 4.62% | 1 | 25.00% |
| Eric W. Biedermann | 1 | 1.54% | 1 | 25.00% |
| Richard Weinberger | 1 | 1.54% | 1 | 25.00% |
| Total | 65 | 100.00% | 4 | 100.00% |
static const struct seq_operations nful_seq_ops = {
.start = seq_start,
.next = seq_next,
.stop = seq_stop,
.show = seq_show,
};
static int nful_open(struct inode *inode, struct file *file)
{
return seq_open_net(inode, file, &nful_seq_ops,
sizeof(struct iter_state));
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| Harald Welte | 25 | 75.76% | 1 | 33.33% |
| Pavel Emelyanov | 5 | 15.15% | 1 | 33.33% |
| Gao Feng | 3 | 9.09% | 1 | 33.33% |
| Total | 33 | 100.00% | 3 | 100.00% |
static const struct file_operations nful_file_ops = {
.owner = THIS_MODULE,
.open = nful_open,
.read = seq_read,
.llseek = seq_lseek,
.release = seq_release_net,
};
#endif /* PROC_FS */
static int __net_init nfnl_log_net_init(struct net *net)
{
unsigned int i;
struct nfnl_log_net *log = nfnl_log_pernet(net);
#ifdef CONFIG_PROC_FS
struct proc_dir_entry *proc;
kuid_t root_uid;
kgid_t root_gid;
#endif
for (i = 0; i < INSTANCE_BUCKETS; i++)
INIT_HLIST_HEAD(&log->instance_table[i]);
spin_lock_init(&log->instances_lock);
#ifdef CONFIG_PROC_FS
proc = proc_create("nfnetlink_log", 0440,
net->nf.proc_netfilter, &nful_file_ops);
if (!proc)
return -ENOMEM;
root_uid = make_kuid(net->user_ns, 0);
root_gid = make_kgid(net->user_ns, 0);
if (uid_valid(root_uid) && gid_valid(root_gid))
proc_set_user(proc, root_uid, root_gid);
#endif
return 0;
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| Philip Whineray | 66 | 43.42% | 1 | 33.33% |
| Gao Feng | 55 | 36.18% | 1 | 33.33% |
| Harald Welte | 31 | 20.39% | 1 | 33.33% |
| Total | 152 | 100.00% | 3 | 100.00% |
static void __net_exit nfnl_log_net_exit(struct net *net)
{
#ifdef CONFIG_PROC_FS
remove_proc_entry("nfnetlink_log", net->nf.proc_netfilter);
#endif
nf_log_unset(net, &nfulnl_logger);
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| Gao Feng | 31 | 86.11% | 2 | 66.67% |
| Pablo Neira Ayuso | 5 | 13.89% | 1 | 33.33% |
| Total | 36 | 100.00% | 3 | 100.00% |
static struct pernet_operations nfnl_log_net_ops = {
.init = nfnl_log_net_init,
.exit = nfnl_log_net_exit,
.id = &nfnl_log_net_id,
.size = sizeof(struct nfnl_log_net),
};
static int __init nfnetlink_log_init(void)
{
int status;
status = register_pernet_subsys(&nfnl_log_net_ops);
if (status < 0) {
pr_err("failed to register pernet ops\n");
goto out;
}
netlink_register_notifier(&nfulnl_rtnl_notifier);
status = nfnetlink_subsys_register(&nfulnl_subsys);
if (status < 0) {
pr_err("failed to create netlink socket\n");
goto cleanup_netlink_notifier;
}
status = nf_log_register(NFPROTO_UNSPEC, &nfulnl_logger);
if (status < 0) {
pr_err("failed to register logger\n");
goto cleanup_subsys;
}
return status;
cleanup_subsys:
nfnetlink_subsys_unregister(&nfulnl_subsys);
cleanup_netlink_notifier:
netlink_unregister_notifier(&nfulnl_rtnl_notifier);
unregister_pernet_subsys(&nfnl_log_net_ops);
out:
return status;
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| Harald Welte | 47 | 38.52% | 1 | 16.67% |
| Francesco Ruggeri | 28 | 22.95% | 1 | 16.67% |
| Gao Feng | 24 | 19.67% | 1 | 16.67% |
| Eric Leblond | 19 | 15.57% | 1 | 16.67% |
| Julia Lawall | 3 | 2.46% | 1 | 16.67% |
| Denis V. Lunev | 1 | 0.82% | 1 | 16.67% |
| Total | 122 | 100.00% | 6 | 100.00% |
static void __exit nfnetlink_log_fini(void)
{
nf_log_unregister(&nfulnl_logger);
nfnetlink_subsys_unregister(&nfulnl_subsys);
netlink_unregister_notifier(&nfulnl_rtnl_notifier);
unregister_pernet_subsys(&nfnl_log_net_ops);
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| Patrick McHardy | 13 | 39.39% | 1 | 20.00% |
| Harald Welte | 10 | 30.30% | 1 | 20.00% |
| Francesco Ruggeri | 6 | 18.18% | 1 | 20.00% |
| Gao Feng | 3 | 9.09% | 1 | 20.00% |
| Andrew Morton | 1 | 3.03% | 1 | 20.00% |
| Total | 33 | 100.00% | 5 | 100.00% |
MODULE_DESCRIPTION("netfilter userspace logging");
MODULE_AUTHOR("Harald Welte <laforge@netfilter.org>");
MODULE_LICENSE("GPL");
MODULE_ALIAS_NFNL_SUBSYS(NFNL_SUBSYS_ULOG);
MODULE_ALIAS_NF_LOGGER(AF_INET, 1);
MODULE_ALIAS_NF_LOGGER(AF_INET6, 1);
MODULE_ALIAS_NF_LOGGER(AF_BRIDGE, 1);
MODULE_ALIAS_NF_LOGGER(3, 1); /* NFPROTO_ARP */
MODULE_ALIAS_NF_LOGGER(5, 1); /* NFPROTO_NETDEV */
module_init(nfnetlink_log_init);
module_exit(nfnetlink_log_fini);
Overall Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| Harald Welte | 3125 | 58.80% | 6 | 4.84% |
| Gao Feng | 423 | 7.96% | 4 | 3.23% |
| Patrick McHardy | 399 | 7.51% | 25 | 20.16% |
| Pablo Neira Ayuso | 214 | 4.03% | 10 | 8.06% |
| David S. Miller | 158 | 2.97% | 2 | 1.61% |
| Michał Mirosław | 139 | 2.62% | 13 | 10.48% |
| Ken-ichirou MATSUZAWA | 130 | 2.45% | 2 | 1.61% |
| Eric Dumazet | 121 | 2.28% | 6 | 4.84% |
| Eric Leblond | 109 | 2.05% | 6 | 4.84% |
| Philip Whineray | 66 | 1.24% | 1 | 0.81% |
| Florian Westphal | 51 | 0.96% | 4 | 3.23% |
| Eric W. Biedermann | 47 | 0.88% | 2 | 1.61% |
| Vishwanath Pai | 42 | 0.79% | 1 | 0.81% |
| Bob Hockney | 40 | 0.75% | 1 | 0.81% |
| Francesco Ruggeri | 34 | 0.64% | 1 | 0.81% |
| Houcheng Lin | 30 | 0.56% | 1 | 0.81% |
| Dan Carpenter | 30 | 0.56% | 1 | 0.81% |
| Linus Torvalds | 23 | 0.43% | 1 | 0.81% |
| Liping Zhang | 16 | 0.30% | 2 | 1.61% |
| Stephen Hemminger | 15 | 0.28% | 2 | 1.61% |
| David Howells | 14 | 0.26% | 1 | 0.81% |
| Arnd Bergmann | 10 | 0.19% | 2 | 1.61% |
| Nicolas Cavallari | 8 | 0.15% | 1 | 0.81% |
| Al Viro | 7 | 0.13% | 3 | 2.42% |
| Marcelo Ricardo Leitner | 7 | 0.13% | 1 | 0.81% |
| Jiri Pirko | 6 | 0.11% | 1 | 0.81% |
| Pavel Emelyanov | 5 | 0.09% | 1 | 0.81% |
| Hans Schillstrom | 5 | 0.09% | 1 | 0.81% |
| Hideaki Yoshifuji / 吉藤英明 | 4 | 0.08% | 1 | 0.81% |
| Alexey Dobriyan | 3 | 0.06% | 3 | 2.42% |
| Tejun Heo | 3 | 0.06% | 1 | 0.81% |
| Arnaldo Carvalho de Melo | 3 | 0.06% | 1 | 0.81% |
| Julia Lawall | 3 | 0.06% | 1 | 0.81% |
| Andrew Morton | 3 | 0.06% | 1 | 0.81% |
| Joe Perches | 3 | 0.06% | 1 | 0.81% |
| Richard Weinberger | 3 | 0.06% | 2 | 1.61% |
| Jan Engelhardt | 2 | 0.04% | 1 | 0.81% |
| Aaron Conole | 2 | 0.04% | 1 | 0.81% |
| Rami Rosen | 2 | 0.04% | 1 | 0.81% |
| Hong Zhi Guo | 2 | 0.04% | 1 | 0.81% |
| Calvin Owens | 2 | 0.04% | 1 | 0.81% |
| Arjan van de Ven | 1 | 0.02% | 1 | 0.81% |
| Thomas Graf | 1 | 0.02% | 1 | 0.81% |
| Philippe De Muyter | 1 | 0.02% | 1 | 0.81% |
| Holger Eitzenberger | 1 | 0.02% | 1 | 0.81% |
| Denis V. Lunev | 1 | 0.02% | 1 | 0.81% |
| Arun Sharma | 1 | 0.02% | 1 | 0.81% |
| Total | 5315 | 100.00% | 124 | 100.00% |
Information contained on this website is for historical information purposes only and does not indicate or represent copyright ownership.