1 // SPDX-License-Identifier: GPL-2.0-only 2 /* This is a module which is used to mark packets for tracing. 3 */ 4 #include <linux/module.h> 5 #include <linux/skbuff.h> 6 7 #include <linux/netfilter/x_tables.h> 8 #include <net/netfilter/nf_log.h> 9 10 MODULE_DESCRIPTION("Xtables: packet flow tracing"); 11 MODULE_LICENSE("GPL"); 12 MODULE_ALIAS("ipt_TRACE"); 13 MODULE_ALIAS("ip6t_TRACE"); 14 15 static int trace_tg_check(const struct xt_tgchk_param *par) 16 { 17 return nf_logger_find_get(par->family, NF_LOG_TYPE_LOG); 18 } 19 20 static void trace_tg_destroy(const struct xt_tgdtor_param *par) 21 { 22 nf_logger_put(par->family, NF_LOG_TYPE_LOG); 23 } 24 25 static unsigned int 26 trace_tg(struct sk_buff *skb, const struct xt_action_param *par) 27 { 28 skb->nf_trace = 1; 29 return XT_CONTINUE; 30 } 31 32 static struct xt_target trace_tg_reg[] __read_mostly = { 33 { 34 .name = "TRACE", 35 .revision = 0, 36 .family = NFPROTO_IPV4, 37 .table = "raw", 38 .target = trace_tg, 39 .checkentry = trace_tg_check, 40 .destroy = trace_tg_destroy, 41 .me = THIS_MODULE, 42 }, 43 #if IS_ENABLED(CONFIG_IP6_NF_IPTABLES) 44 { 45 .name = "TRACE", 46 .revision = 0, 47 .family = NFPROTO_IPV6, 48 .table = "raw", 49 .target = trace_tg, 50 .checkentry = trace_tg_check, 51 .destroy = trace_tg_destroy, 52 }, 53 #endif 54 }; 55 56 static int __init trace_tg_init(void) 57 { 58 return xt_register_targets(trace_tg_reg, ARRAY_SIZE(trace_tg_reg)); 59 } 60 61 static void __exit trace_tg_exit(void) 62 { 63 xt_unregister_targets(trace_tg_reg, ARRAY_SIZE(trace_tg_reg)); 64 } 65 66 module_init(trace_tg_init); 67 module_exit(trace_tg_exit); 68 MODULE_SOFTDEP("pre: nf_log_syslog"); 69