[Devel] [PATCH RH7 0/3] iptables LOG in CT
Dmitry Safonov
dsafonov at virtuozzo.com
Wed Dec 21 00:48:32 PST 2016
https://jira.sw.ru/browse/PSBM-54183
With these patches, iptables LOG is printed into CT's dmesg buffer.
Yet it doesn't show in /var/log/messages and I believe the reason
is the absence of /dev/kmsg in CT (and rsyslog doesn't do redirection
for log entries thou). Dev kmsg is virtualized, so looks like nothing
prevents adding it to libvzctl list of devtmpfs devices:
https://github.com/OpenVZ/libvzctl/blob/55ebf21b03d408f0faaaecaab08b74eb2dce0e70/lib/env.c#L614
Also it should fix follow-log for `dmesg -w`.
These patches make iptables LOG visible in CT's `dmesg`.
Dmitry Safonov (3):
ve/printk: add ve_log_printk() for log in !current->task_ve
netfilter: rectify nflog inside CT
netfilter: rectify ebtlog inside CT
include/linux/printk.h | 7 +++++++
include/net/netfilter/nf_log.h | 2 +-
kernel/printk.c | 16 ++++++++++++++++
net/bridge/netfilter/ebt_log.c | 35 ++++++++++++++++-------------------
net/ipv4/netfilter/nf_log_ipv4.c | 6 +-----
net/ipv6/netfilter/nf_log_ipv6.c | 6 +-----
net/netfilter/nf_log.c | 4 ++--
7 files changed, 44 insertions(+), 32 deletions(-)
--
2.11.0
More information about the Devel
mailing list