diff options
author | Gao feng <gaofeng@cn.fujitsu.com> | 2013-03-04 04:29:12 +0400 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2013-03-04 17:45:25 +0400 |
commit | ed018fa4dfc3d26da56b9ee7dc75e9d39a39a02b (patch) | |
tree | ecb910ff5080b35dc1fdae81337bbdb1d2b54841 /net | |
parent | f9caed59f801f77a2844ab04d2dea8df33ac862b (diff) | |
download | linux-ed018fa4dfc3d26da56b9ee7dc75e9d39a39a02b.tar.xz |
netfilter: xt_AUDIT: only generate audit log when audit enabled
We should stop generting audit log if audit is disabled.
Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com>
Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net')
-rw-r--r-- | net/netfilter/xt_AUDIT.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/net/netfilter/xt_AUDIT.c b/net/netfilter/xt_AUDIT.c index ba92824086f3..3228d7f24eb4 100644 --- a/net/netfilter/xt_AUDIT.c +++ b/net/netfilter/xt_AUDIT.c @@ -124,6 +124,9 @@ audit_tg(struct sk_buff *skb, const struct xt_action_param *par) const struct xt_audit_info *info = par->targinfo; struct audit_buffer *ab; + if (audit_enabled == 0) + goto errout; + ab = audit_log_start(NULL, GFP_ATOMIC, AUDIT_NETFILTER_PKT); if (ab == NULL) goto errout; |