Re: [PATCH] add support for --log-uid in LOG target

[Martin Josefsson]

On Thu, 2002-05-09 at 23:24, Martin Josefsson wrote:
> Hi,
> 
> Here's a patch that implements UID logging for locally generated
> packets.

sigh, one more try...

-- 
/Martin

Never argue with an idiot. They drag you down to their level, then beat
you with experience.

diff -urN netfilter/userspace/patch-o-matic/extra.orig/ipt_LOG-uid.patch netfilter/userspace/patch-o-matic/extra/ipt_LOG-uid.patch
--- netfilter/userspace/patch-o-matic/extra.orig/ipt_LOG-uid.patch	Thu Jan  1 01:00:00 1970
+++ netfilter/userspace/patch-o-matic/extra/ipt_LOG-uid.patch	Thu May  9 22:56:41 2002
@@ -0,0 +1,25 @@
+--- linux/include/linux/netfilter_ipv4/ipt_LOG.h.orig	Thu May  9 22:18:09 2002
++++ linux/include/linux/netfilter_ipv4/ipt_LOG.h	Thu May  9 22:20:51 2002
+@@ -4,7 +4,8 @@
+ #define IPT_LOG_TCPSEQ		0x01	/* Log TCP sequence numbers */
+ #define IPT_LOG_TCPOPT		0x02	/* Log TCP options */
+ #define IPT_LOG_IPOPT		0x04	/* Log IP options */
+-#define IPT_LOG_MASK		0x07
++#define IPT_LOG_UID		0x08	/* Log UID owning local socket */
++#define IPT_LOG_MASK		0x0f
+ 
+ struct ipt_log_info {
+ 	unsigned char level;
+--- linux/net/ipv4/netfilter/ipt_LOG.c.orig	Thu May  9 21:22:15 2002
++++ linux/net/ipv4/netfilter/ipt_LOG.c	Thu May  9 22:47:47 2002
+@@ -304,6 +304,10 @@
+ 	}
+ 
+ 	dump_packet(loginfo, iph, (*pskb)->len, 1);
++	
++	if ((loginfo->logflags & IPT_LOG_UID) && (*pskb)->sk && (*pskb)->sk->socket && (*pskb)->sk->socket->file)
++		printk("UID=%u ", (*pskb)->sk->socket->file->f_uid);
++
+ 	printk("\n");
+ 	spin_unlock_bh(&log_lock);
+ 
diff -urN netfilter/userspace/patch-o-matic/extra.orig/ipt_LOG-uid.patch.help netfilter/userspace/patch-o-matic/extra/ipt_LOG-uid.patch.help
--- netfilter/userspace/patch-o-matic/extra.orig/ipt_LOG-uid.patch.help	Thu Jan  1 01:00:00 1970
+++ netfilter/userspace/patch-o-matic/extra/ipt_LOG-uid.patch.help	Thu May  9 23:20:45 2002
@@ -0,0 +1,12 @@
+Author: Martin Josefsson <[EMAIL PROTECTED]>
+Status: Seems to work.
+
+***** NOTE *****
+Iptables compiled with this patch will work with an unpatched kernel
+but the UID-logging will of course not work, and vice versa.
+But a patched iptables will not compile unless the kernel is also patched.
+***** NOTE *****
+
+This adds the ability to log the UID that owns the local socket the packets
+originate from (if the packet isn't locally generated nothing will happen).
+
diff -urN netfilter/userspace/patch-o-matic/extra.orig/ipt_LOG-uid.patch.userspace netfilter/userspace/patch-o-matic/extra/ipt_LOG-uid.patch.userspace
--- netfilter/userspace/patch-o-matic/extra.orig/ipt_LOG-uid.patch.userspace	Thu Jan  1 01:00:00 1970
+++ netfilter/userspace/patch-o-matic/extra/ipt_LOG-uid.patch.userspace	Thu May  9 22:57:20 2002
@@ -0,0 +1,62 @@
+--- extensions/libipt_LOG.c.orig	Thu May  9 22:21:15 2002
++++ extensions/libipt_LOG.c	Thu May  9 22:30:04 2002
+@@ -21,7 +21,8 @@
+ " --log-prefix prefix		Prefix log messages with this prefix.\n\n"
+ " --log-tcp-sequence		Log TCP sequence numbers.\n\n"
+ " --log-tcp-options		Log TCP options.\n\n"
+-" --log-ip-options		Log IP options.\n\n",
++" --log-ip-options		Log IP options.\n\n"
++" --log-uid			Log UID owning the local socket.\n\n",
+ NETFILTER_VERSION);
+ }
+ 
+@@ -31,6 +32,7 @@
+ 	{ "log-tcp-sequence", 0, 0, '1' },
+ 	{ "log-tcp-options", 0, 0, '2' },
+ 	{ "log-ip-options", 0, 0, '3' },
++	{ "log-uid", 0, 0, '4' },
+ 	{ 0 }
+ };
+ 
+@@ -98,6 +100,7 @@
+ #define IPT_LOG_OPT_TCPSEQ 0x04
+ #define IPT_LOG_OPT_TCPOPT 0x08
+ #define IPT_LOG_OPT_IPOPT 0x10
++#define IPT_LOG_OPT_UID 0x20
+ 
+ /* Function which parses command options; returns true if it
+    ate an option */
+@@ -168,6 +171,15 @@
+ 		*flags |= IPT_LOG_OPT_IPOPT;
+ 		break;
+ 
++	case '4':
++		if (*flags & IPT_LOG_OPT_UID)
++			exit_error(PARAMETER_PROBLEM,
++				   "Can't specify --log-uid twice");
++
++		loginfo->logflags |= IPT_LOG_UID;
++		*flags |= IPT_LOG_OPT_UID;
++		break;
++
+ 	default:
+ 		return 0;
+ 	}
+@@ -211,6 +223,8 @@
+ 			printf("tcp-options ");
+ 		if (loginfo->logflags & IPT_LOG_IPOPT)
+ 			printf("ip-options ");
++		if (loginfo->logflags & IPT_LOG_UID)
++			printf("uid ");
+ 		if (loginfo->logflags & ~(IPT_LOG_MASK))
+ 			printf("unknown-flags ");
+ 	}
+@@ -238,6 +252,8 @@
+ 		printf("--log-tcp-options ");
+ 	if (loginfo->logflags & IPT_LOG_IPOPT)
+ 		printf("--log-ip-options ");
++	if (loginfo->logflags & IPT_LOG_UID)
++		printf("--log-uid ");
+ }
+ 
+ static