Re: [PATCH] audit: log nftables configuration change events once per table

On 2021-03-19 13:52, Phil Sutter wrote: > On Thu, Mar 18, 2021 at 02:37:03PM -0400, Richard Guy Briggs wrote: > > On 2021-03-18 17:30, Phil Sutter wrote: > [...] > > > Why did you leave the object-related logs in place? They should reappear > > > at commit time just like chains and sets for

Re: [PATCH] audit: log nftables configuration change events once per table

On Thu, Mar 18, 2021 at 02:37:03PM -0400, Richard Guy Briggs wrote: > On 2021-03-18 17:30, Phil Sutter wrote: [...] > > Why did you leave the object-related logs in place? They should reappear > > at commit time just like chains and sets for instance, no? > > There are other paths that can

Re: [PATCH] audit: log nftables configuration change events once per table

Hi Richard, Thank you for the patch! Yet something to improve: [auto build test ERROR on pcmoore-audit/next] [also build test ERROR on nf/master nf-next/master linux/master linus/master v5.12-rc3 next-20210318] [If your patch is applied to the wrong git tree, kindly drop us a note. And when

Re: [PATCH] audit: log nftables configuration change events once per table

On 2021-03-18 17:30, Phil Sutter wrote: > Hi, > > On Thu, Mar 18, 2021 at 11:39:52AM -0400, Richard Guy Briggs wrote: > > Reduce logging of nftables events to a level similar to iptables. > > Restore the table field to list the table, adding the generation. > > This looks much better, a few

Re: [PATCH] audit: log nftables configuration change events once per table

Hi, On Thu, Mar 18, 2021 at 11:39:52AM -0400, Richard Guy Briggs wrote: > Reduce logging of nftables events to a level similar to iptables. > Restore the table field to list the table, adding the generation. This looks much better, a few remarks below: [...] > +static const u8 nft2audit_op[] =

Re: [PATCH] audit: log nftables configuration change events once per table

On Thu, Mar 18, 2021 at 11:39:52AM -0400, Richard Guy Briggs wrote: > Reduce logging of nftables events to a level similar to iptables. > Restore the table field to list the table, adding the generation. > > Indicate the op as the most significant operation in the event. > > A couple of sample

[PATCH] audit: log nftables configuration change events once per table

Reduce logging of nftables events to a level similar to iptables. Restore the table field to list the table, adding the generation. Indicate the op as the most significant operation in the event. A couple of sample events: type=PROCTITLE msg=audit(2021-03-18 09:30:49.801:143) :