netfilter: xt_AUDIT: only generate audit log when audit enabled

We should stop generting audit log if audit is disabled. Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com> Acked-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
git-mirror · Mar 4, 2013 · ed018fa · ed018fa
1 parent f9caed5
commit ed018fa
Showing 1 changed file with 3 additions and 0 deletions.
diff --git a/net/netfilter/xt_AUDIT.c b/net/netfilter/xt_AUDIT.c
@@ -124,6 +124,9 @@ audit_tg(struct sk_buff *skb, const struct xt_action_param *par)
 	const struct xt_audit_info *info = par->targinfo;
 	struct audit_buffer *ab;
 
+	if (audit_enabled == 0)
+		goto errout;
+
 	ab = audit_log_start(NULL, GFP_ATOMIC, AUDIT_NETFILTER_PKT);
 	if (ab == NULL)
 		goto errout;