diff options
author | Phil Sutter <phil@nwl.cc> | 2018-05-30 11:06:22 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2018-06-01 09:46:21 +0200 |
commit | 1a893b44de4528887e7dabcdce7151ca2a8ee238 (patch) | |
tree | fbfad17596fd8a2d5fd63428cb76108e793cb409 /include | |
parent | 554ced0a6e2946562c20d9fffdbaf2aa7da36b1b (diff) | |
download | linux-stable-1a893b44de4528887e7dabcdce7151ca2a8ee238.tar.gz linux-stable-1a893b44de4528887e7dabcdce7151ca2a8ee238.tar.bz2 linux-stable-1a893b44de4528887e7dabcdce7151ca2a8ee238.zip |
netfilter: nf_tables: Add audit support to log statement
This extends log statement to support the behaviour achieved with
AUDIT target in iptables.
Audit logging is enabled via a pseudo log level 8. In this case any
other settings like log prefix are ignored since audit log format is
fixed.
Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include')
-rw-r--r-- | include/uapi/linux/netfilter/nf_tables.h | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/include/uapi/linux/netfilter/nf_tables.h b/include/uapi/linux/netfilter/nf_tables.h index 3d46c82a5ebd..5c7eb9b9f6d6 100644 --- a/include/uapi/linux/netfilter/nf_tables.h +++ b/include/uapi/linux/netfilter/nf_tables.h @@ -1081,6 +1081,11 @@ enum nft_log_attributes { #define NFTA_LOG_MAX (__NFTA_LOG_MAX - 1) /** + * LOGLEVEL_AUDIT - a pseudo log level enabling audit logging + */ +#define LOGLEVEL_AUDIT 8 + +/** * enum nft_queue_attributes - nf_tables queue expression netlink attributes * * @NFTA_QUEUE_NUM: netlink queue to send messages to (NLA_U16) |