[nf PATCH 1/2] netfilter: nf_tables: Audit log setelem reset
Pablo Neira Ayuso
pablo at netfilter.org
Wed Aug 30 15:46:53 UTC 2023
On Tue, Aug 29, 2023 at 07:51:57PM +0200, Phil Sutter wrote:
> Since set element reset is not integrated into nf_tables' transaction
> logic, an explicit log call is needed, similar to NFT_MSG_GETOBJ_RESET
> handling.
>
> For the sake of simplicity, catchall element reset will always generate
> a dedicated log entry. This relieves nf_tables_dump_set() from having to
> adjust the logged element count depending on whether a catchall element
> was found or not.
Applied, thanks Phil
More information about the Linux-audit
mailing list