netfilter: quota2: add support to log quota limit reached.

This uses the NETLINK NETLINK_NFLOG family to log a single message when the quota limit is reached. It uses the same packet type as ipt_ULOG, but - never copies skb data, - uses 112 as the event number (ULOG's +1) It doesn't log if the module param "event_num" is 0. Change-Id: I6f31736b568bb31a4ff0b9ac2ee58380e6b675ca Signed-off-by: JP Abgrall <jpa@google.com>
author: JP Abgrall <jpa@google.com> 2011-07-13 16:02:31 -0700
committer: JP Abgrall <jpa@google.com> 2011-07-21 18:04:45 -0700
commit: f0e215b07c40e8fbf4ae842d8b33f4a285c0b3e1 (patch)
tree: 6855559e3afdba12842856679c330b5a5d05118c /net/netfilter/Kconfig
parent: 5d89db9f307306cae7a356c8af44e12fefdc87e9 (diff)
1 files changed, 12 insertions, 0 deletions
diff --git a/net/netfilter/Kconfig b/net/netfilter/Kconfig
index ddb7bb507bd..5bd5c612a9b 100644
--- a/net/netfilter/Kconfig
+++ b/net/netfilter/Kconfig
@@ -975,6 +975,18 @@ config NETFILTER_XT_MATCH_QUOTA2
 	  If you want to compile it as a module, say M here and read
 	  <file:Documentation/kbuild/modules.txt>.  If unsure, say `N'.
 
+config NETFILTER_XT_MATCH_QUOTA2_LOG
+	bool '"quota2" Netfilter LOG support'
+	depends on NETFILTER_XT_MATCH_QUOTA2
+	depends on IP_NF_TARGET_ULOG=n    # not yes, not module, just no
+	default n
+	help
+	  This option allows `quota2' to log ONCE when a quota limit
+	  is passed. It logs via NETLINK using the NETLINK_NFLOG family.
+	  It logs similarly to how ipt_ULOG would without data.
+
+	  If unsure, say `N'.
+
 config NETFILTER_XT_MATCH_RATEEST
 	tristate '"rateest" match support'
 	depends on NETFILTER_ADVANCED
author	JP Abgrall <jpa@google.com>	2011-07-13 16:02:31 -0700
committer	JP Abgrall <jpa@google.com>	2011-07-21 18:04:45 -0700
commit	f0e215b07c40e8fbf4ae842d8b33f4a285c0b3e1 (patch)
tree	6855559e3afdba12842856679c330b5a5d05118c /net/netfilter/Kconfig
parent	5d89db9f307306cae7a356c8af44e12fefdc87e9 (diff)