netfilter: ebtables: create audit records for replaces (c55fbbb4) · Commits · e / devices / android_kernel_teracube_emerald

net/bridge/netfilter/ebtables.c

+15 −0

Original line number	Diff line number	Diff line
		@@ -26,6 +26,7 @@
		#include <asm/uaccess.h>
		#include <linux/smp.h>
		#include <linux/cpumask.h>
		#include <linux/audit.h>
		#include <net/sock.h>
		/* needed for logical [in,out]-dev filtering */
		#include "../br_private.h"
		@@ -1058,6 +1059,20 @@ static int do_replace_finish(struct net net, struct ebt_replace repl,
		vfree(table);

		vfree(counterstmp);

		#ifdef CONFIG_AUDIT
		if (audit_enabled) {
		struct audit_buffer *ab;

		ab = audit_log_start(current->audit_context, GFP_KERNEL,
		AUDIT_NETFILTER_CFG);
		if (ab) {
		audit_log_format(ab, "table=%s family=%u entries=%u",
		repl->name, AF_BRIDGE, repl->nentries);
		audit_log_end(ab);
		}
		}
		#endif
		return ret;

		free_unlock: