diff options
author | JP Abgrall <jpa@google.com> | 2011-07-13 16:02:31 -0700 |
---|---|---|
committer | Dan Willemsen <dwillemsen@nvidia.com> | 2011-11-30 21:38:54 -0800 |
commit | 8a24076faab49f9093a2e1dff216a6be5a9ba620 (patch) | |
tree | 6daca8b1d5fad69d2d2dacb39d057e1f3a560504 /net/netfilter/Kconfig | |
parent | b05d94b13918c95f2038dcc61617b6d6aa03e29a (diff) |
netfilter: quota2: add support to log quota limit reached.
This uses the NETLINK NETLINK_NFLOG family to log a single message
when the quota limit is reached.
It uses the same packet type as ipt_ULOG, but
- never copies skb data,
- uses 112 as the event number (ULOG's +1)
It doesn't log if the module param "event_num" is 0.
Change-Id: I6f31736b568bb31a4ff0b9ac2ee58380e6b675ca
Signed-off-by: JP Abgrall <jpa@google.com>
Diffstat (limited to 'net/netfilter/Kconfig')
-rw-r--r-- | net/netfilter/Kconfig | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/net/netfilter/Kconfig b/net/netfilter/Kconfig index ddb7bb507bd5..5bd5c612a9bf 100644 --- a/net/netfilter/Kconfig +++ b/net/netfilter/Kconfig @@ -975,6 +975,18 @@ config NETFILTER_XT_MATCH_QUOTA2 If you want to compile it as a module, say M here and read <file:Documentation/kbuild/modules.txt>. If unsure, say `N'. +config NETFILTER_XT_MATCH_QUOTA2_LOG + bool '"quota2" Netfilter LOG support' + depends on NETFILTER_XT_MATCH_QUOTA2 + depends on IP_NF_TARGET_ULOG=n # not yes, not module, just no + default n + help + This option allows `quota2' to log ONCE when a quota limit + is passed. It logs via NETLINK using the NETLINK_NFLOG family. + It logs similarly to how ipt_ULOG would without data. + + If unsure, say `N'. + config NETFILTER_XT_MATCH_RATEEST tristate '"rateest" match support' depends on NETFILTER_ADVANCED |