Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / iptables / bb50942a62b2d76810babc0b1150895d9e5ef229
commitbb50942a62b2d76810babc0b1150895d9e5ef229[log] [tgz]
authorLiping Zhang <zlpnobody@gmail.com>Sun Nov 27 20:08:29 2016 +0800
committerPablo Neira Ayuso <pablo@netfilter.org>Tue Nov 29 23:30:10 2016 +0100
treeb1589bcad8673504a5c6228cdc1cf0c50b271b71
parent6de5f08a33fc4503b7199cece736979b4be91ef3 [diff]
extensions: LOG: add log flags translation to nft

For example:
 # iptables-translate -A OUTPUT -j LOG --log-uid
 nft add rule ip filter OUTPUT counter log flags skuid

 # iptables-translate -A OUTPUT -j LOG --log-tcp-sequence \
 --log-tcp-options
 nft add rule ip filter OUTPUT counter log flags tcp sequence,options

 # iptables-translate -A OUTPUT -j LOG --log-level debug --log-uid
 nft add rule ip filter OUTPUT counter log level debug flags skuid

 # ip6tables-translate -A OUTPUT -j LOG --log-ip-options --log-macdecode
 nft add rule ip6 filter OUTPUT counter log flags ip options flags ether

 # ip6tables-translate -A OUTPUT -j LOG --log-ip-options --log-uid \
 --log-tcp-sequence --log-tcp-options --log-macdecode
 nft add rule ip6 filter OUTPUT counter log flags all

Signed-off-by: Liping Zhang <zlpnobody@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2 files changed
tree: b1589bcad8673504a5c6228cdc1cf0c50b271b71
  1. etc/
  2. extensions/
  3. include/
  4. iptables/
  5. libipq/
  6. libiptc/
  7. libxtables/
  8. m4/
  9. utils/
  10. .gitignore
  11. autogen.sh
  12. COMMIT_NOTES
  13. configure.ac
  14. COPYING
  15. INCOMPATIBILITIES
  16. INSTALL
  17. iptables-test.py
  18. Makefile.am
  19. release.sh