[ebtables] add AUDIT module
Tom Callaway
spot at fedoraproject.org
Thu Mar 21 18:52:41 UTC 2013
commit 8e0f4acb351adfaeac45ce609a50880832f517ed
Author: Tom Callaway <spot at fedoraproject.org>
Date: Thu Mar 21 14:55:54 2013 -0400
add AUDIT module
ebtables-2.0.0-audit.patch | 157 ++++++++++++++++++++++++++++++++++++++++++++
ebtables.spec | 7 ++-
2 files changed, 163 insertions(+), 1 deletions(-)
---
diff --git a/ebtables-2.0.0-audit.patch b/ebtables-2.0.0-audit.patch
new file mode 100644
index 0000000..c1d85e9
--- /dev/null
+++ b/ebtables-2.0.0-audit.patch
@@ -0,0 +1,157 @@
+--- ebtables2.orig/extensions/ebt_AUDIT.c 1970-01-01 01:00:00.000000000 +0100
++++ ebtables2.orig/extensions/ebt_AUDIT.c 2011-01-07 10:53:46.680329228 +0100
+@@ -0,0 +1,110 @@
++
++#include <stdio.h>
++#include <stdlib.h>
++#include <string.h>
++#include <getopt.h>
++#include "../include/ebtables_u.h"
++#include <linux/netfilter/xt_AUDIT.h>
++
++#define AUDIT_TYPE '1'
++static struct option opts[] =
++{
++ { "audit-type" , required_argument, 0, AUDIT_TYPE },
++ { 0 }
++};
++
++static void print_help()
++{
++ printf(
++ "AUDIT target options:\n"
++ " --audit-type TYPE : Set action type to record.\n");
++}
++
++static void init(struct ebt_entry_target *target)
++{
++ struct xt_AUDIT_info *info = (struct xt_AUDIT_info *) target->data;
++
++ info->type = 0;
++}
++
++static int parse(int c, char **argv, int argc,
++ const struct ebt_u_entry *entry, unsigned int *flags,
++ struct ebt_entry_target **target)
++{
++ struct xt_AUDIT_info *info = (struct xt_AUDIT_info *) (*target)->data;
++
++ switch (c) {
++ case AUDIT_TYPE:
++ ebt_check_option2(flags, AUDIT_TYPE);
++
++ if (!strcasecmp(optarg, "accept"))
++ info->type = XT_AUDIT_TYPE_ACCEPT;
++ else if (!strcasecmp(optarg, "drop"))
++ info->type = XT_AUDIT_TYPE_DROP;
++ else if (!strcasecmp(optarg, "reject"))
++ info->type = XT_AUDIT_TYPE_REJECT;
++ else
++ ebt_print_error2("Bad action type value `%s'", optarg);
++
++ break;
++ default:
++ return 0;
++ }
++ return 1;
++}
++
++static void final_check(const struct ebt_u_entry *entry,
++ const struct ebt_entry_match *match, const char *name,
++ unsigned int hookmask, unsigned int time)
++{
++}
++
++static void print(const struct ebt_u_entry *entry,
++ const struct ebt_entry_target *target)
++{
++ const struct xt_AUDIT_info *info =
++ (const struct xt_AUDIT_info *) target->data;
++
++ printf("--audit-type ");
++
++ switch(info->type) {
++ case XT_AUDIT_TYPE_ACCEPT:
++ printf("accept");
++ break;
++ case XT_AUDIT_TYPE_DROP:
++ printf("drop");
++ break;
++ case XT_AUDIT_TYPE_REJECT:
++ printf("reject");
++ break;
++ }
++}
++
++static int compare(const struct ebt_entry_target *t1,
++ const struct ebt_entry_target *t2)
++{
++ const struct xt_AUDIT_info *info1 =
++ (const struct xt_AUDIT_info *) t1->data;
++ const struct xt_AUDIT_info *info2 =
++ (const struct xt_AUDIT_info *) t2->data;
++
++ return info1->type == info2->type;
++}
++
++static struct ebt_u_target AUDIT_target =
++{
++ .name = "AUDIT",
++ .size = sizeof(struct xt_AUDIT_info),
++ .help = print_help,
++ .init = init,
++ .parse = parse,
++ .final_check = final_check,
++ .print = print,
++ .compare = compare,
++ .extra_ops = opts,
++};
++
++void _init(void)
++{
++ ebt_register_target(&AUDIT_target);
++}
+--- ebtables2.orig/extensions/Makefile 2011-01-07 10:55:28.077246240 +0100
++++ ebtables2.orig/extensions/Makefile 2011-01-07 10:53:46.686329230 +0100
+@@ -1,7 +1,7 @@
+ #! /usr/bin/make
+
+ EXT_FUNC+=802_3 nat arp arpreply ip ip6 standard log redirect vlan mark_m mark \
+- pkttype stp among limit ulog nflog
++ pkttype stp among limit ulog nflog AUDIT
+ EXT_TABLES+=filter nat broute
+ EXT_OBJS+=$(foreach T,$(EXT_FUNC), extensions/ebt_$(T).o)
+ EXT_OBJS+=$(foreach T,$(EXT_TABLES), extensions/ebtable_$(T).o)
+--- a/include/linux/netfilter/xt_AUDIT.h
++++ a/include/linux/netfilter/xt_AUDIT.h
+@@ -0,0 +1,30 @@
++/*
++ * Header file for iptables xt_AUDIT target
++ *
++ * (C) 2010-2011 Thomas Graf <tgraf at redhat.com>
++ * (C) 2010-2011 Red Hat, Inc.
++ *
++ * This program is free software; you can redistribute it and/or modify
++ * it under the terms of the GNU General Public License version 2 as
++ * published by the Free Software Foundation.
++ */
++
++#ifndef _XT_AUDIT_TARGET_H
++#define _XT_AUDIT_TARGET_H
++
++#include <linux/types.h>
++
++enum {
++ XT_AUDIT_TYPE_ACCEPT = 0,
++ XT_AUDIT_TYPE_DROP,
++ XT_AUDIT_TYPE_REJECT,
++ __XT_AUDIT_TYPE_MAX,
++};
++
++#define XT_AUDIT_TYPE_MAX (__XT_AUDIT_TYPE_MAX - 1)
++
++struct xt_AUDIT_info {
++ __u8 type; /* XT_AUDIT_TYPE_* */
++};
++
++#endif /* _XT_AUDIT_TARGET_H */
diff --git a/ebtables.spec b/ebtables.spec
index 6bee2c8..789c706 100644
--- a/ebtables.spec
+++ b/ebtables.spec
@@ -2,7 +2,7 @@
Name: ebtables
Version: 2.0.10
-Release: 7%{?dist}
+Release: 8%{?dist}
Summary: Ethernet Bridge frame table administration tool
License: GPLv2+
Group: System Environment/Base
@@ -14,6 +14,7 @@ Requires(postun): /sbin/service
Patch0: ebtables-2.0.10-norootinst.patch
Patch3: ebtables-2.0.9-lsb.patch
Patch4: ebtables-2.0.10-linkfix.patch
+Patch5: ebtables-2.0.0-audit.patch
%description
Ethernet bridge tables is a firewalling tool to transparently filter network
@@ -32,6 +33,7 @@ like iptables. There are no known incompatibility issues.
%patch3 -p1 -b .lsb
# extension modules need to link to libebtc.so for ebt_errormsg
%patch4 -p1 -b .linkfix
+%patch5 -p1 -b .AUDIT
# Convert to UTF-8
f=THANKS; iconv -f iso-8859-1 -t utf-8 $f -o $f.utf8 ; mv $f.utf8 $f
@@ -86,6 +88,9 @@ fi
%ghost %{_sysconfdir}/sysconfig/ebtables.broute
%changelog
+* Thu Mar 21 2013 Tom Callaway <spot at fedoraproject.org> - 2.0.10-8
+- add audit module
+
* Wed Feb 13 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.0.10-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
More information about the scm-commits
mailing list