summaryrefslogtreecommitdiff
path: root/net
diff options
context:
space:
mode:
authorGao feng <gaofeng@cn.fujitsu.com>2013-03-04 04:29:12 +0400
committerPablo Neira Ayuso <pablo@netfilter.org>2013-03-04 17:45:25 +0400
commited018fa4dfc3d26da56b9ee7dc75e9d39a39a02b (patch)
treeecb910ff5080b35dc1fdae81337bbdb1d2b54841 /net
parentf9caed59f801f77a2844ab04d2dea8df33ac862b (diff)
downloadlinux-ed018fa4dfc3d26da56b9ee7dc75e9d39a39a02b.tar.xz
netfilter: xt_AUDIT: only generate audit log when audit enabled
We should stop generting audit log if audit is disabled. Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com> Acked-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net')
-rw-r--r--net/netfilter/xt_AUDIT.c3
1 files changed, 3 insertions, 0 deletions
diff --git a/net/netfilter/xt_AUDIT.c b/net/netfilter/xt_AUDIT.c
index ba92824086f3..3228d7f24eb4 100644
--- a/net/netfilter/xt_AUDIT.c
+++ b/net/netfilter/xt_AUDIT.c
@@ -124,6 +124,9 @@ audit_tg(struct sk_buff *skb, const struct xt_action_param *par)
const struct xt_audit_info *info = par->targinfo;
struct audit_buffer *ab;
+ if (audit_enabled == 0)
+ goto errout;
+
ab = audit_log_start(NULL, GFP_ATOMIC, AUDIT_NETFILTER_PKT);
if (ab == NULL)
goto errout;