From 36e2a1b0f7f2598e38952494b91490f58aa221c8 Mon Sep 17 00:00:00 2001 From: Patrick McHardy Date: Thu, 20 Mar 2008 15:15:45 +0100 Subject: [NETFILTER]: {ip,ip6}t_LOG: print MARK value in log output Dump the mark value in log messages similar to nfnetlink_log. This is useful for debugging complex setups where marks are used for routing or traffic classification. Signed-off-by: Patrick McHardy diff --git a/net/ipv4/netfilter/ipt_LOG.c b/net/ipv4/netfilter/ipt_LOG.c index b38d785..c40e233 100644 --- a/net/ipv4/netfilter/ipt_LOG.c +++ b/net/ipv4/netfilter/ipt_LOG.c @@ -338,12 +338,16 @@ static void dump_packet(const struct nf_loginfo *info, if ((logflags & IPT_LOG_UID) && !iphoff && skb->sk) { read_lock_bh(&skb->sk->sk_callback_lock); if (skb->sk->sk_socket && skb->sk->sk_socket->file) - printk("UID=%u GID=%u", + printk("UID=%u GID=%u ", skb->sk->sk_socket->file->f_uid, skb->sk->sk_socket->file->f_gid); read_unlock_bh(&skb->sk->sk_callback_lock); } + /* Max length: 16 "MARK=0xFFFFFFFF " */ + if (!iphoff && skb->mark) + printk("MARK=0x%x ", skb->mark); + /* Proto Max log string length */ /* IP: 40+46+6+11+127 = 230 */ /* TCP: 10+max(25,20+30+13+9+32+11+127) = 252 */ diff --git a/net/ipv6/netfilter/ip6t_LOG.c b/net/ipv6/netfilter/ip6t_LOG.c index 86a6138..3a23169 100644 --- a/net/ipv6/netfilter/ip6t_LOG.c +++ b/net/ipv6/netfilter/ip6t_LOG.c @@ -363,11 +363,15 @@ static void dump_packet(const struct nf_loginfo *info, if ((logflags & IP6T_LOG_UID) && recurse && skb->sk) { read_lock_bh(&skb->sk->sk_callback_lock); if (skb->sk->sk_socket && skb->sk->sk_socket->file) - printk("UID=%u GID=%u", + printk("UID=%u GID=%u ", skb->sk->sk_socket->file->f_uid, skb->sk->sk_socket->file->f_gid); read_unlock_bh(&skb->sk->sk_callback_lock); } + + /* Max length: 16 "MARK=0xFFFFFFFF " */ + if (!recurse && skb->mark) + printk("MARK=0x%x ", skb->mark); } static struct nf_loginfo default_loginfo = { -- cgit v0.10.2