Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 268cb38e authored by Adam Nielsen's avatar Adam Nielsen Committed by Patrick McHardy
Browse files

netfilter: x_tables: add LED trigger target 



Kernel module providing implementation of LED netfilter target.  Each
instance of the target appears as a led-trigger device, which can be
associated with one or more LEDs in /sys/class/leds/

Signed-off-by: default avatarAdam Nielsen <a.nielsen@shikadi.net>
Acked-by: default avatarRichard Purdie <rpurdie@linux.intel.com>
Signed-off-by: default avatarPatrick McHardy <kaber@trash.net>
parent af07d241

drivers/leds/Kconfig

+3 −0
Original line number Diff line number Diff line
@@ -223,4 +223,7 @@ config LEDS_TRIGGER_DEFAULT_ON 
	  This allows LEDs to be initialised in the ON state.

	  If unsure, say Y.



comment "iptables trigger is under Netfilter config (LED target)"

	depends on LEDS_TRIGGERS



endif # NEW_LEDS

include/linux/netfilter/Kbuild

+1 −0
Original line number Diff line number Diff line
@@ -7,6 +7,7 @@ header-y += xt_CLASSIFY.h 
header-y += xt_CONNMARK.h

header-y += xt_CONNSECMARK.h

header-y += xt_DSCP.h

header-y += xt_LED.h

header-y += xt_MARK.h

header-y += xt_NFLOG.h

header-y += xt_NFQUEUE.h

include/linux/netfilter/xt_LED.h

0 → 100644
+13 −0
Original line number Diff line number Diff line 
#ifndef _XT_LED_H

#define _XT_LED_H



struct xt_led_info {

	char id[27];        /* Unique ID for this trigger in the LED class */

	__u8 always_blink;  /* Blink even if the LED is already on */

	__u32 delay;        /* Delay until LED is switched off after trigger */



	/* Kernel data used in the module */

	void *internal_data __attribute__((aligned(8)));

};



#endif /* _XT_LED_H */

net/netfilter/Kconfig

+24 −0
Original line number Diff line number Diff line
@@ -372,6 +372,30 @@ config NETFILTER_XT_TARGET_HL 
	since you can easily create immortal packets that loop

	forever on the network.



config NETFILTER_XT_TARGET_LED

	tristate '"LED" target support'

	depends on LEDS_CLASS

	depends on NETFILTER_ADVANCED

	help

	  This option adds a `LED' target, which allows you to blink LEDs in

	  response to particular packets passing through your machine.



	  This can be used to turn a spare LED into a network activity LED,

	  which only flashes in response to FTP transfers, for example.  Or

	  you could have an LED which lights up for a minute or two every time

	  somebody connects to your machine via SSH.



	  You will need support for the "led" class to make this work.



	  To create an LED trigger for incoming SSH traffic:

	    iptables -A INPUT -p tcp --dport 22 -j LED --led-trigger-id ssh --led-delay 1000



	  Then attach the new trigger to an LED on your system:

	    echo netfilter-ssh > /sys/class/leds/<ledname>/trigger



	  For more information on the LEDs available on your system, see

	  Documentation/leds-class.txt



config NETFILTER_XT_TARGET_MARK

	tristate '"MARK" target support'

	default m if NETFILTER_ADVANCED=n

net/netfilter/Makefile

+1 −0
Original line number Diff line number Diff line
@@ -46,6 +46,7 @@ obj-$(CONFIG_NETFILTER_XT_TARGET_CONNMARK) += xt_CONNMARK.o 
obj-$(CONFIG_NETFILTER_XT_TARGET_CONNSECMARK) += xt_CONNSECMARK.o

obj-$(CONFIG_NETFILTER_XT_TARGET_DSCP) += xt_DSCP.o

obj-$(CONFIG_NETFILTER_XT_TARGET_HL) += xt_HL.o

obj-$(CONFIG_NETFILTER_XT_TARGET_LED) += xt_LED.o

obj-$(CONFIG_NETFILTER_XT_TARGET_MARK) += xt_MARK.o

obj-$(CONFIG_NETFILTER_XT_TARGET_NFLOG) += xt_NFLOG.o

obj-$(CONFIG_NETFILTER_XT_TARGET_NFQUEUE) += xt_NFQUEUE.o