From mboxrd@z Thu Jan  1 00:00:00 1970
From: Roberto Nibali <ratz@drugphish.ch>
Subject: Re: Patch to avoid MAC header logging
Date: Mon, 05 Jul 2004 12:49:18 +0200
Sender: netfilter-devel-admin@lists.netfilter.org
Message-ID: <40E9322E.8080704@drugphish.ch>
References: <658614730.20040705101241@net.ipl.pt>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Cc: netfilter development <netfilter-devel@lists.netfilter.org>
Return-path: <netfilter-devel-admin@lists.netfilter.org>
To: "PedroRibeiro (B)" <pribeiro-bulk@net.ipl.pt>
In-Reply-To: <658614730.20040705101241@net.ipl.pt>
Errors-To: netfilter-devel-admin@lists.netfilter.org
List-Help: <mailto:netfilter-devel-request@lists.netfilter.org?subject=help>
List-Post: <mailto:netfilter-devel@lists.netfilter.org>
List-Subscribe: <https://lists.netfilter.org/mailman/listinfo/netfilter-devel>,
	<mailto:netfilter-devel-request@lists.netfilter.org?subject=subscribe>
List-Unsubscribe: <https://lists.netfilter.org/mailman/listinfo/netfilter-devel>,
	<mailto:netfilter-devel-request@lists.netfilter.org?subject=unsubscribe>
List-Archive: <https://lists.netfilter.org/pipermail/netfilter-devel/>
List-Id: netfilter-devel.vger.kernel.org

Hello,

just my two cents ...

> I hope this is the right place to post this patch I'v made ...

Yes.

> My problem was that logs generated by "-j LOG" being full of mac
> headers that didn't have any information to me (the machine is after a
> router, so the MAC source is always from the router).

Fair enough.

> Excess of redundant information is misinformation to me ...

Ok.

> So I'v decided to make this small (tiny) modifications to the LOG
> module, adding a flag to disable MAC headers logging.

Hmm, the way I see it you added a feature to enable MAC header logging 
and disabled it by default.

> I'm sure this will make other people happy too.

Not me ;).

> +       case '4':
> +               if (*flags & IPT_LOG_MAC)
> +                       exit_error(PARAMETER_PROBLEM,
> +                                  "Can't specify --log-mac-header twice");

Side comment: Why? I mean you just copied what was there already, but 
why is this a problem? Setting a flag a thousand times doesn't change 
the end result of the flag being set. Am I missing something design wise?

> diff -wurNbB linux-2.4.22/net/ipv4/netfilter/ipt_LOG.c linux-2.4.22pr1/net/ipv4/netfilter/ipt_LOG.c
> --- linux-2.4.22/net/ipv4/netfilter/ipt_LOG.c   2002-02-25 19:38:14.000000000 +0000
> +++ linux-2.4.22pr1/net/ipv4/netfilter/ipt_LOG.c        2003-11-12 22:37:27.000000000 +0000
> @@ -289,7 +289,7 @@
>                loginfo->prefix,
>                in ? in->name : "",
>                out ? out->name : "");
> -       if (in && !out) {
> +       if (in && !out && (loginfo->logflags & IPT_LOG_MAC)) {

Your new default (IPT_LOG_MAC unset) breaks existing userland tools that 
depend on this output for parsing and further correlation.

Best regards,
Roberto Nibali, ratz
-- 
echo 
'[q]sa[ln0=aln256%Pln256/snlbx]sb3135071790101768542287578439snlbxq' | dc