diff -urN netfilter/userspace/patch-o-matic/extra.orig/ipt_LOG-uid.patch netfilter/userspace/patch-o-matic/extra/ipt_LOG-uid.patch --- netfilter/userspace/patch-o-matic/extra.orig/ipt_LOG-uid.patch Thu Jan 1 01:00:00 1970 +++ netfilter/userspace/patch-o-matic/extra/ipt_LOG-uid.patch Thu May 9 22:56:41 2002 @@ -0,0 +1,25 @@ +--- linux/include/linux/netfilter_ipv4/ipt_LOG.h.orig Thu May 9 22:18:09 2002 ++++ linux/include/linux/netfilter_ipv4/ipt_LOG.h Thu May 9 22:20:51 2002 +@@ -4,7 +4,8 @@ + #define IPT_LOG_TCPSEQ 0x01 /* Log TCP sequence numbers */ + #define IPT_LOG_TCPOPT 0x02 /* Log TCP options */ + #define IPT_LOG_IPOPT 0x04 /* Log IP options */ +-#define IPT_LOG_MASK 0x07 ++#define IPT_LOG_UID 0x08 /* Log UID owning local socket */ ++#define IPT_LOG_MASK 0x0f + + struct ipt_log_info { + unsigned char level; +--- linux/net/ipv4/netfilter/ipt_LOG.c.orig Thu May 9 21:22:15 2002 ++++ linux/net/ipv4/netfilter/ipt_LOG.c Thu May 9 22:47:47 2002 +@@ -304,6 +304,10 @@ + } + + dump_packet(loginfo, iph, (*pskb)->len, 1); ++ ++ if ((loginfo->logflags & IPT_LOG_UID) && (*pskb)->sk && (*pskb)->sk->socket && (*pskb)->sk->socket->file) ++ printk("UID=%u ", (*pskb)->sk->socket->file->f_uid); ++ + printk("\n"); + spin_unlock_bh(&log_lock); + diff -urN netfilter/userspace/patch-o-matic/extra.orig/ipt_LOG-uid.patch.help netfilter/userspace/patch-o-matic/extra/ipt_LOG-uid.patch.help --- netfilter/userspace/patch-o-matic/extra.orig/ipt_LOG-uid.patch.help Thu Jan 1 01:00:00 1970 +++ netfilter/userspace/patch-o-matic/extra/ipt_LOG-uid.patch.help Thu May 9 23:20:45 2002 @@ -0,0 +1,12 @@ +Author: Martin Josefsson +Status: Seems to work. + +***** NOTE ***** +Iptables compiled with this patch will work with an unpatched kernel +but the UID-logging will of course not work, and vice versa. +But a patched iptables will not compile unless the kernel is also patched. +***** NOTE ***** + +This adds the ability to log the UID that owns the local socket the packets +originate from (if the packet isn't locally generated nothing will happen). + diff -urN netfilter/userspace/patch-o-matic/extra.orig/ipt_LOG-uid.patch.userspace netfilter/userspace/patch-o-matic/extra/ipt_LOG-uid.patch.userspace --- netfilter/userspace/patch-o-matic/extra.orig/ipt_LOG-uid.patch.userspace Thu Jan 1 01:00:00 1970 +++ netfilter/userspace/patch-o-matic/extra/ipt_LOG-uid.patch.userspace Thu May 9 22:57:20 2002 @@ -0,0 +1,62 @@ +--- extensions/libipt_LOG.c.orig Thu May 9 22:21:15 2002 ++++ extensions/libipt_LOG.c Thu May 9 22:30:04 2002 +@@ -21,7 +21,8 @@ + " --log-prefix prefix Prefix log messages with this prefix.\n\n" + " --log-tcp-sequence Log TCP sequence numbers.\n\n" + " --log-tcp-options Log TCP options.\n\n" +-" --log-ip-options Log IP options.\n\n", ++" --log-ip-options Log IP options.\n\n" ++" --log-uid Log UID owning the local socket.\n\n", + NETFILTER_VERSION); + } + +@@ -31,6 +32,7 @@ + { "log-tcp-sequence", 0, 0, '1' }, + { "log-tcp-options", 0, 0, '2' }, + { "log-ip-options", 0, 0, '3' }, ++ { "log-uid", 0, 0, '4' }, + { 0 } + }; + +@@ -98,6 +100,7 @@ + #define IPT_LOG_OPT_TCPSEQ 0x04 + #define IPT_LOG_OPT_TCPOPT 0x08 + #define IPT_LOG_OPT_IPOPT 0x10 ++#define IPT_LOG_OPT_UID 0x20 + + /* Function which parses command options; returns true if it + ate an option */ +@@ -168,6 +171,15 @@ + *flags |= IPT_LOG_OPT_IPOPT; + break; + ++ case '4': ++ if (*flags & IPT_LOG_OPT_UID) ++ exit_error(PARAMETER_PROBLEM, ++ "Can't specify --log-uid twice"); ++ ++ loginfo->logflags |= IPT_LOG_UID; ++ *flags |= IPT_LOG_OPT_UID; ++ break; ++ + default: + return 0; + } +@@ -211,6 +223,8 @@ + printf("tcp-options "); + if (loginfo->logflags & IPT_LOG_IPOPT) + printf("ip-options "); ++ if (loginfo->logflags & IPT_LOG_UID) ++ printf("uid "); + if (loginfo->logflags & ~(IPT_LOG_MASK)) + printf("unknown-flags "); + } +@@ -238,6 +252,8 @@ + printf("--log-tcp-options "); + if (loginfo->logflags & IPT_LOG_IPOPT) + printf("--log-ip-options "); ++ if (loginfo->logflags & IPT_LOG_UID) ++ printf("--log-uid "); + } + + static