Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit c6ac37d8 authored by Pavel Tikhomirov's avatar Pavel Tikhomirov Committed by Pablo Neira Ayuso
Browse files

netfilter: nf_log: fix error on write NONE to logger choice sysctl 



It is hard to unbind nf-logger:

  echo NONE > /proc/sys/net/netfilter/nf_log/0
  bash: echo: write error: No such file or directory

  sysctl -w net.netfilter.nf_log.0=NONE
  sysctl: setting key "net.netfilter.nf_log.0": No such file or directory
  net.netfilter.nf_log.0 = NONE

You need explicitly send '\0', for instance like:

  echo -e "NONE\0" > /proc/sys/net/netfilter/nf_log/0

That seem to be strange, so fix it using proc_dostring.

Now it works fine:
   modprobe nfnetlink_log
   echo nfnetlink_log > /proc/sys/net/netfilter/nf_log/0
   cat /proc/sys/net/netfilter/nf_log/0
   nfnetlink_log
   echo NONE > /proc/sys/net/netfilter/nf_log/0
   cat /proc/sys/net/netfilter/nf_log/0
   NONE

v2: add missed error check for proc_dostring

Signed-off-by: default avatarPavel Tikhomirov <ptikhomirov@virtuozzo.com>
Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
parent c37a2dfa

net/netfilter/nf_log.c

+6 −5
Original line number Diff line number Diff line
@@ -418,16 +418,17 @@ static int nf_log_proc_dostring(struct ctl_table *table, int write, 
{

	const struct nf_logger *logger;

	char buf[NFLOGGER_NAME_LEN];

	size_t size = *lenp;

	int r = 0;

	int tindex = (unsigned long)table->extra1;

	struct net *net = current->nsproxy->net_ns;



	if (write) {

		if (size > sizeof(buf))

			size = sizeof(buf);

		if (copy_from_user(buf, buffer, size))

			return -EFAULT;

		struct ctl_table tmp = *table;



		tmp.data = buf;

		r = proc_dostring(&tmp, write, buffer, lenp, ppos);

		if (r)

			return r;



		if (!strcmp(buf, "NONE")) {

			nf_log_unbind_pf(net, tindex);