Home | History | Annotate | Download | only in extensions 
      1 /* Shared library add-on to xtables for AUDIT
      2  *
      3  * (C) 2010-2011, Thomas Graf <tgraf (at) redhat.com>
      4  * (C) 2010-2011, Red Hat, Inc.
      5  *
      6  * This program is distributed under the terms of GNU GPL v2, 1991
      7  */
      8 #include <stdio.h>
      9 #include <string.h>
     10 #include <xtables.h>
     11 #include <linux/netfilter/xt_AUDIT.h>
     12 
     13 enum {
     14 	O_AUDIT_TYPE = 0,
     15 };
     16 
     17 static void audit_help(void)
     18 {
     19 	printf(
     20 "AUDIT target options\n"
     21 "  --type TYPE		Action type to be recorded.\n");
     22 }
     23 
     24 static const struct xt_option_entry audit_opts[] = {
     25 	{.name = "type", .id = O_AUDIT_TYPE, .type = XTTYPE_STRING,
     26 	 .flags = XTOPT_MAND},
     27 	XTOPT_TABLEEND,
     28 };
     29 
     30 static void audit_parse(struct xt_option_call *cb)
     31 {
     32 	struct xt_audit_info *einfo = cb->data;
     33 
     34 	xtables_option_parse(cb);
     35 	if (strcasecmp(cb->arg, "accept") == 0)
     36 		einfo->type = XT_AUDIT_TYPE_ACCEPT;
     37 	else if (strcasecmp(cb->arg, "drop") == 0)
     38 		einfo->type = XT_AUDIT_TYPE_DROP;
     39 	else if (strcasecmp(cb->arg, "reject") == 0)
     40 		einfo->type = XT_AUDIT_TYPE_REJECT;
     41 	else
     42 		xtables_error(PARAMETER_PROBLEM,
     43 			   "Bad action type value \"%s\"", cb->arg);
     44 }
     45 
     46 static void audit_print(const void *ip, const struct xt_entry_target *target,
     47                       int numeric)
     48 {
     49 	const struct xt_audit_info *einfo =
     50 		(const struct xt_audit_info *)target->data;
     51 
     52 	printf(" AUDIT ");
     53 
     54 	switch(einfo->type) {
     55 	case XT_AUDIT_TYPE_ACCEPT:
     56 		printf("accept");
     57 		break;
     58 	case XT_AUDIT_TYPE_DROP:
     59 		printf("drop");
     60 		break;
     61 	case XT_AUDIT_TYPE_REJECT:
     62 		printf("reject");
     63 		break;
     64 	}
     65 }
     66 
     67 static void audit_save(const void *ip, const struct xt_entry_target *target)
     68 {
     69 	const struct xt_audit_info *einfo =
     70 		(const struct xt_audit_info *)target->data;
     71 
     72 	switch(einfo->type) {
     73 	case XT_AUDIT_TYPE_ACCEPT:
     74 		printf(" --type accept");
     75 		break;
     76 	case XT_AUDIT_TYPE_DROP:
     77 		printf(" --type drop");
     78 		break;
     79 	case XT_AUDIT_TYPE_REJECT:
     80 		printf(" --type reject");
     81 		break;
     82 	}
     83 }
     84 
     85 static struct xtables_target audit_tg_reg = {
     86 	.name		= "AUDIT",
     87 	.version	= XTABLES_VERSION,
     88 	.family		= NFPROTO_UNSPEC,
     89 	.size		= XT_ALIGN(sizeof(struct xt_audit_info)),
     90 	.userspacesize	= XT_ALIGN(sizeof(struct xt_audit_info)),
     91 	.help		= audit_help,
     92 	.print		= audit_print,
     93 	.save		= audit_save,
     94 	.x6_parse	= audit_parse,
     95 	.x6_options	= audit_opts,
     96 };
     97 
     98 void _init(void)
     99 {
    100 	xtables_register_target(&audit_tg_reg);
    101 }
    102