netfilter: nf_tables: Audit log rule reset

Resetting rules' stateful data happens outside of the transaction logic, so 'get' and 'dump' handlers have to emit audit log entries themselves. Fixes: 8daa8fde3fc3f ("netfilter: nf_tables: Introduce NFT_MSG_GETRULE_RESET") Signed-off-by: Phil Sutter <phil@nwl.cc> Reviewed-by: Richard Guy Briggs <rgb@redhat.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Phil Sutter <phil@nwl.cc> 2023-08-29 19:51:58 +0200
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2023-08-31 01:29:28 +0200
commit: ea078ae9108e25fc881c84369f7c03931d22e555 (patch)
tree: bc99d41f0fbd900b2b53d4d84bd77ef24e206483 /include
parent: 7e9be1124dbe7888907e82cab20164578e3f9ab7 (diff)
download: linux-stable-ea078ae9108e25fc881c84369f7c03931d22e555.tar.gz
linux-stable-ea078ae9108e25fc881c84369f7c03931d22e555.tar.bz2
linux-stable-ea078ae9108e25fc881c84369f7c03931d22e555.zip
1 files changed, 1 insertions, 0 deletions
diff --git a/include/linux/audit.h b/include/linux/audit.h
index 192bf03aacc5..51b1b7054a23 100644
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
@@ -118,6 +118,7 @@ enum audit_nfcfgop {
 	AUDIT_NFT_OP_FLOWTABLE_REGISTER,
 	AUDIT_NFT_OP_FLOWTABLE_UNREGISTER,
 	AUDIT_NFT_OP_SETELEM_RESET,
+	AUDIT_NFT_OP_RULE_RESET,
 	AUDIT_NFT_OP_INVALID,
 };
author	Phil Sutter <phil@nwl.cc>	2023-08-29 19:51:58 +0200
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2023-08-31 01:29:28 +0200
commit	ea078ae9108e25fc881c84369f7c03931d22e555 (patch)
tree	bc99d41f0fbd900b2b53d4d84bd77ef24e206483 /include
parent	7e9be1124dbe7888907e82cab20164578e3f9ab7 (diff)
download	linux-stable-ea078ae9108e25fc881c84369f7c03931d22e555.tar.gz linux-stable-ea078ae9108e25fc881c84369f7c03931d22e555.tar.bz2 linux-stable-ea078ae9108e25fc881c84369f7c03931d22e555.zip