netfilter: create audit records for x_tables replaces The setsockopt() syscall to replace tables is already recorded in the audit logs. This patch stores additional information such as table name and netfilter protocol. Cc: Patrick McHardy <kaber@trash.net> Cc: Eric Paris <eparis@parisplace.org> Cc: Al Viro <viro@ZenIV.linux.org.uk> Signed-off-by: Thomas Graf <tgraf@redhat.com> Signed-off-by: Patrick McHardy <kaber@trash.net>

commit: fbabf31e4d482149b5e2704eb0287cf9117bdcf3 [log] [tgz]
author: Thomas Graf <tgraf@infradead.org> Sun Jan 16 18:12:59 2011 +0100
committer: Patrick McHardy <kaber@trash.net> Sun Jan 16 18:12:59 2011 +0100
tree: b12a1123474ab9aa566fc1a6e57e050653588ba0
parent: 43f393caec0362abe03c72799d3f342af3973070 [diff] [blame]
diff --git a/include/linux/audit.h b/include/linux/audit.h
index ae227df..32b5c62 100644
--- a/include/linux/audit.h
+++ b/include/linux/audit.h

@@ -104,6 +104,7 @@
 #define AUDIT_CAPSET		1322	/* Record showing argument to sys_capset */
 #define AUDIT_MMAP		1323	/* Record showing descriptor and flags in mmap */
 #define AUDIT_NETFILTER_PKT	1324	/* Packets traversing netfilter chains */
+#define AUDIT_NETFILTER_CFG	1325	/* Netfilter chain modifications */
 
 #define AUDIT_AVC		1400	/* SE Linux avc denial or grant */
 #define AUDIT_SELINUX_ERR	1401	/* Internal SE Linux Errors */
commit	fbabf31e4d482149b5e2704eb0287cf9117bdcf3	[log] [tgz]
author	Thomas Graf <tgraf@infradead.org>	Sun Jan 16 18:12:59 2011 +0100
committer	Patrick McHardy <kaber@trash.net>	Sun Jan 16 18:12:59 2011 +0100
tree	b12a1123474ab9aa566fc1a6e57e050653588ba0
parent	43f393caec0362abe03c72799d3f342af3973070 [diff] [blame]