leandrof/linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

netfilter: nf_conntrack: remove net_ratelimit() for LOG_INVALID()

Browse Source 
Logging of invalid packets has to be explicitly enabled. Rate-limiting these
messages is inconsistent with other netfilter logging features and makes
debugging harder.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
This commit is contained in:
Patrick McHardy 2013-07-28 22:54:07 +02:00 committed by Pablo Neira Ayuso
parent 5774c94ace
commit 6704af53fc
1 changed files with 0 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
include/net/netfilter/nf_conntrack_l4proto.h
View File

@ -148,17 +148,10 @@ extern int nf_ct_port_nlattr_tuple_size(void);
extern const struct nla_policy nf_ct_port_nla_policy[]; extern const struct nla_policy nf_ct_port_nla_policy[];
#ifdef CONFIG_SYSCTL #ifdef CONFIG_SYSCTL
#ifdef DEBUG_INVALID_PACKETS
#define LOG_INVALID(net, proto) \ #define LOG_INVALID(net, proto) \
((net)->ct.sysctl_log_invalid == (proto) || \ ((net)->ct.sysctl_log_invalid == (proto) || \
(net)->ct.sysctl_log_invalid == IPPROTO_RAW) (net)->ct.sysctl_log_invalid == IPPROTO_RAW)
#else #else
#define LOG_INVALID(net, proto) \
(((net)->ct.sysctl_log_invalid == (proto) || \
(net)->ct.sysctl_log_invalid == IPPROTO_RAW) \
&& net_ratelimit())
#endif
#else
static inline int LOG_INVALID(struct net *net, int proto) { return 0; } static inline int LOG_INVALID(struct net *net, int proto) { return 0; }
#endif /* CONFIG_SYSCTL */ #endif /* CONFIG_SYSCTL */