[ebtables/f19] add AUDIT module

Thu Mar 21 18:52:19 UTC 2013

commit 695c2e3db7070f5ab4823e0518b90941ee2caf90
Author: Tom Callaway <spot at fedoraproject.org>
Date:   Thu Mar 21 14:55:32 2013 -0400

    add AUDIT module

 ebtables-2.0.0-audit.patch |  157 ++++++++++++++++++++++++++++++++++++++++++++
 ebtables.spec              |    7 ++-
 2 files changed, 163 insertions(+), 1 deletions(-)
---

diff --git a/ebtables-2.0.0-audit.patch b/ebtables-2.0.0-audit.patch
new file mode 100644
index 0000000..c1d85e9
--- /dev/null
+++ b/ebtables-2.0.0-audit.patch
@@ -0,0 +1,157 @@
+--- ebtables2.orig/extensions/ebt_AUDIT.c	1970-01-01 01:00:00.000000000 +0100
++++ ebtables2.orig/extensions/ebt_AUDIT.c	2011-01-07 10:53:46.680329228 +0100
+@@ -0,0 +1,110 @@ 
++
++#include <stdio.h>
++#include <stdlib.h>
++#include <string.h>
++#include <getopt.h>
++#include "../include/ebtables_u.h"
++#include <linux/netfilter/xt_AUDIT.h>
++
++#define AUDIT_TYPE  '1'
++static struct option opts[] =
++{
++	{ "audit-type" , required_argument, 0, AUDIT_TYPE },
++	{ 0 }
++};
++
++static void print_help()
++{
++	printf(
++	"AUDIT target options:\n"
++	" --audit-type TYPE          : Set action type to record.\n");
++}
++
++static void init(struct ebt_entry_target *target)
++{
++	struct xt_AUDIT_info *info = (struct xt_AUDIT_info *) target->data;
++
++	info->type = 0;
++}
++
++static int parse(int c, char **argv, int argc,
++   const struct ebt_u_entry *entry, unsigned int *flags,
++   struct ebt_entry_target **target)
++{
++	struct xt_AUDIT_info *info = (struct xt_AUDIT_info *) (*target)->data;
++
++	switch (c) {
++	case AUDIT_TYPE:
++		ebt_check_option2(flags, AUDIT_TYPE);
++
++		if (!strcasecmp(optarg, "accept"))
++			info->type = XT_AUDIT_TYPE_ACCEPT;
++		else if (!strcasecmp(optarg, "drop"))
++			info->type = XT_AUDIT_TYPE_DROP;
++		else if (!strcasecmp(optarg, "reject"))
++			info->type = XT_AUDIT_TYPE_REJECT;
++		else
++			ebt_print_error2("Bad action type value `%s'", optarg);
++
++		break;
++	 default:
++		return 0;
++	}
++	return 1;
++}
++
++static void final_check(const struct ebt_u_entry *entry,
++   const struct ebt_entry_match *match, const char *name,
++   unsigned int hookmask, unsigned int time)
++{
++}
++
++static void print(const struct ebt_u_entry *entry,
++   const struct ebt_entry_target *target)
++{
++	const struct xt_AUDIT_info *info =
++		(const struct xt_AUDIT_info *) target->data;
++
++	printf("--audit-type ");
++
++	switch(info->type) {
++	case XT_AUDIT_TYPE_ACCEPT:
++		printf("accept");
++		break;
++	case XT_AUDIT_TYPE_DROP:
++		printf("drop");
++		break;
++	case XT_AUDIT_TYPE_REJECT:
++		printf("reject");
++		break;
++	}
++}
++
++static int compare(const struct ebt_entry_target *t1,
++   const struct ebt_entry_target *t2)
++{
++	const struct xt_AUDIT_info *info1 =
++		(const struct xt_AUDIT_info *) t1->data;
++	const struct xt_AUDIT_info *info2 =
++		(const struct xt_AUDIT_info *) t2->data;
++
++	return info1->type == info2->type;
++}
++
++static struct ebt_u_target AUDIT_target =
++{
++	.name		= "AUDIT",
++	.size		= sizeof(struct xt_AUDIT_info),
++	.help		= print_help,
++	.init		= init,
++	.parse		= parse,
++	.final_check	= final_check,
++	.print		= print,
++	.compare	= compare,
++	.extra_ops	= opts,
++};
++
++void _init(void)
++{
++	ebt_register_target(&AUDIT_target);
++}
+--- ebtables2.orig/extensions/Makefile	2011-01-07 10:55:28.077246240 +0100
++++ ebtables2.orig/extensions/Makefile	2011-01-07 10:53:46.686329230 +0100
+@@ -1,7 +1,7 @@ 
+ #! /usr/bin/make
+ 
+ EXT_FUNC+=802_3 nat arp arpreply ip ip6 standard log redirect vlan mark_m mark \
+-          pkttype stp among limit ulog nflog
++          pkttype stp among limit ulog nflog AUDIT
+ EXT_TABLES+=filter nat broute
+ EXT_OBJS+=$(foreach T,$(EXT_FUNC), extensions/ebt_$(T).o)
+ EXT_OBJS+=$(foreach T,$(EXT_TABLES), extensions/ebtable_$(T).o)
+--- a/include/linux/netfilter/xt_AUDIT.h	
++++ a/include/linux/netfilter/xt_AUDIT.h	
+@@ -0,0 +1,30 @@ 
++/*
++ * Header file for iptables xt_AUDIT target
++ *
++ * (C) 2010-2011 Thomas Graf <tgraf at redhat.com>
++ * (C) 2010-2011 Red Hat, Inc.
++ *
++ * This program is free software; you can redistribute it and/or modify
++ * it under the terms of the GNU General Public License version 2 as
++ * published by the Free Software Foundation.
++ */
++
++#ifndef _XT_AUDIT_TARGET_H
++#define _XT_AUDIT_TARGET_H
++
++#include <linux/types.h>
++
++enum {
++	XT_AUDIT_TYPE_ACCEPT = 0,
++	XT_AUDIT_TYPE_DROP,
++	XT_AUDIT_TYPE_REJECT,
++	__XT_AUDIT_TYPE_MAX,
++};
++
++#define XT_AUDIT_TYPE_MAX (__XT_AUDIT_TYPE_MAX - 1)
++
++struct xt_AUDIT_info {
++	__u8 type; /* XT_AUDIT_TYPE_* */
++};
++
++#endif /* _XT_AUDIT_TARGET_H */
diff --git a/ebtables.spec b/ebtables.spec
index 6bee2c8..789c706 100644
--- a/ebtables.spec
+++ b/ebtables.spec
@@ -2,7 +2,7 @@
 
 Name:			ebtables
 Version:		2.0.10
-Release:		7%{?dist}
+Release:		8%{?dist}
 Summary:		Ethernet Bridge frame table administration tool
 License:		GPLv2+
 Group:			System Environment/Base
@@ -14,6 +14,7 @@ Requires(postun):	/sbin/service
 Patch0:			ebtables-2.0.10-norootinst.patch
 Patch3:			ebtables-2.0.9-lsb.patch
 Patch4:			ebtables-2.0.10-linkfix.patch
+Patch5:			ebtables-2.0.0-audit.patch
 
 %description
 Ethernet bridge tables is a firewalling tool to transparently filter network
@@ -32,6 +33,7 @@ like iptables. There are no known incompatibility issues.
 %patch3 -p1 -b .lsb
 # extension modules need to link to libebtc.so for ebt_errormsg
 %patch4 -p1 -b .linkfix
+%patch5 -p1 -b .AUDIT
 
 # Convert to UTF-8
 f=THANKS; iconv -f iso-8859-1 -t utf-8 $f -o $f.utf8 ; mv $f.utf8 $f
@@ -86,6 +88,9 @@ fi
 %ghost %{_sysconfdir}/sysconfig/ebtables.broute
 
 %changelog
+* Thu Mar 21 2013 Tom Callaway <spot at fedoraproject.org> - 2.0.10-8
+- add audit module
+
 * Wed Feb 13 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.0.10-7
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
 
