Skip to content

L
linux
Commit b93ff783 authored by Daniel De Graaf's avatar Daniel De Graaf Committed by David S. Miller
Browse files
Options

[NETFILTER]: ipt_recent: add module parameter for changing ownership of /proc/net/ipt_recent/* 

Signed-off-by: default avatarDaniel De Graaf <danield@iastate.edu>
Signed-off-by: default avatarPatrick McHardy <kaber@trash.net>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent a468701d
Hide whitespace changes
Inline Side-by-side
Showing with 8 additions and 0 deletions
net/ipv4/netfilter/ipt_recent.c
View file @ b93ff783
...@@ -35,14 +35,20 @@ static unsigned int ip_list_tot = 100; ...@@ -35,14 +35,20 @@ static unsigned int ip_list_tot = 100;
static unsigned int ip_pkt_list_tot = 20; static unsigned int ip_pkt_list_tot = 20;
static unsigned int ip_list_hash_size = 0; static unsigned int ip_list_hash_size = 0;
static unsigned int ip_list_perms = 0644; static unsigned int ip_list_perms = 0644;
static unsigned int ip_list_uid = 0;
static unsigned int ip_list_gid = 0;
module_param(ip_list_tot, uint, 0400); module_param(ip_list_tot, uint, 0400);
module_param(ip_pkt_list_tot, uint, 0400); module_param(ip_pkt_list_tot, uint, 0400);
module_param(ip_list_hash_size, uint, 0400); module_param(ip_list_hash_size, uint, 0400);
module_param(ip_list_perms, uint, 0400); module_param(ip_list_perms, uint, 0400);
module_param(ip_list_uid, uint, 0400);
module_param(ip_list_gid, uint, 0400);
MODULE_PARM_DESC(ip_list_tot, "number of IPs to remember per list"); MODULE_PARM_DESC(ip_list_tot, "number of IPs to remember per list");
MODULE_PARM_DESC(ip_pkt_list_tot, "number of packets per IP to remember (max. 255)"); MODULE_PARM_DESC(ip_pkt_list_tot, "number of packets per IP to remember (max. 255)");
MODULE_PARM_DESC(ip_list_hash_size, "size of hash table used to look up IPs"); MODULE_PARM_DESC(ip_list_hash_size, "size of hash table used to look up IPs");
MODULE_PARM_DESC(ip_list_perms, "permissions on /proc/net/ipt_recent/* files"); MODULE_PARM_DESC(ip_list_perms, "permissions on /proc/net/ipt_recent/* files");
MODULE_PARM_DESC(ip_list_uid,"owner of /proc/net/ipt_recent/* files");
MODULE_PARM_DESC(ip_list_gid,"owning group of /proc/net/ipt_recent/* files");
struct recent_entry { struct recent_entry {
...@@ -274,6 +280,8 @@ ipt_recent_checkentry(const char *tablename, const void *ip, ...@@ -274,6 +280,8 @@ ipt_recent_checkentry(const char *tablename, const void *ip,
goto out; goto out;
} }
t->proc->proc_fops = &recent_fops; t->proc->proc_fops = &recent_fops;
t->proc->uid = ip_list_uid;
t->proc->gid = ip_list_gid;
t->proc->data = t; t->proc->data = t;
#endif #endif
spin_lock_bh(&recent_lock); spin_lock_bh(&recent_lock);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7