lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 15 Dec 2008 14:32:46 +0100 From: Patrick McHardy <kaber@...sh.net> To: Jozsef Kadlecsik <kadlec@...ckhole.kfki.hu> CC: Jan Engelhardt <jengelh@...ozas.de>, David Miller <davem@...emloft.net>, ajax@...hat.com, linux-kernel@...r.kernel.org, davej@...hat.com, netdev@...r.kernel.org, netfilter-devel@...r.kernel.org Subject: Re: [PATCH] net: Remove a noisy printk Jozsef Kadlecsik wrote: > On Mon, 15 Dec 2008, Patrick McHardy wrote: > >> I agree that it doesn't belong to the generic networking code. >> But the way its handled in netfilter is far from perfect as well. >> Currently multiple modules will spam the ringbuffer repeatedly, >> but offer no possibility to change anything in the behaviour of >> how these packets are treated. Unfortunately we can't handle this >> in the ruleset (which is exactly the reason why we're spamming >> the ringbuffer), so how about we add a module option controlling >> how to treat those packets and remove the printk? > > How about this: let the printk be removed from conntrack and the mangle > table but put (back) into the filter table with a module option, which > controls the behaviour (drop/accept & log/nolog)? Sounds fine to me. We can't log it in the usual way though (ipt_LOG/nfnetlink_log) and spamming the ringbuffer should really be a last resort, so I'd prefer to limit it to print the message exactly once. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists