android/android_kernel_asus_sm8350
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

netfilter: nf_ct_tcp: extend log message for invalid ignored packets

Browse Source 
Extend log message if packets are ignored to include the TCP state, ie.
replace:

[ 3968.070196] nf_ct_tcp: invalid packet ignored IN= OUT= SRC=...

by:

[ 3968.070196] nf_ct_tcp: invalid packet ignored in state ESTABLISHED IN= OUT= SRC=...

This information is useful to know in what state we were while ignoring the
packet.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Acked-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
This commit is contained in:
Pablo Neira Ayuso
2012-05-14 10:55:03 +02:00
parent c44f5faa8e
commit 1a4ac9870f
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
net/netfilter/nf_conntrack_proto_tcp.c
View File

@ -952,7 +952,8 @@ static int tcp_packet(struct nf_conn *ct,
spin_unlock_bh(&ct->lock); spin_unlock_bh(&ct->lock);
if (LOG_INVALID(net, IPPROTO_TCP)) if (LOG_INVALID(net, IPPROTO_TCP))
nf_log_packet(pf, 0, skb, NULL, NULL, NULL, nf_log_packet(pf, 0, skb, NULL, NULL, NULL,
"nf_ct_tcp: invalid packet ignored "); "nf_ct_tcp: invalid packet ignored in "
"state %s ", tcp_conntrack_names[old_state]);
return NF_ACCEPT; return NF_ACCEPT;
case TCP_CONNTRACK_MAX: case TCP_CONNTRACK_MAX:
/* Invalid packet */ /* Invalid packet */