summaryrefslogtreecommitdiffstats
path: root/src/read_config_yy.y
diff options
context:
space:
mode:
authorPablo Neira Ayuso <pablo@netfilter.org>2012-09-10 13:17:24 +0200
committerPablo Neira Ayuso <pablo@netfilter.org>2012-09-10 13:24:59 +0200
commitfebb3cceac1889fb6558b8ef40ac733072fdcd47 (patch)
tree30c4174e6ff8a83826d17928d0c9409d41dd4859 /src/read_config_yy.y
parent46faeab56cf4117f41cb6f1f1c40a9c18a81372f (diff)
conntrackd: cthelper: add QueueLen option
This patch adds the QueueLen option, that allows you to increase the maximum number of packets waiting in the nfnetlink_queue to receive a verdict from userspace. Rising the default value (1024) is useful to avoid hitting the following error message: "nf_queue: full at X entries, dropping packets(s)". Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/read_config_yy.y')
-rw-r--r--src/read_config_yy.y23
1 files changed, 21 insertions, 2 deletions
diff --git a/src/read_config_yy.y b/src/read_config_yy.y
index c9235d3..72a9654 100644
--- a/src/read_config_yy.y
+++ b/src/read_config_yy.y
@@ -56,6 +56,7 @@ struct stack symbol_stack;
enum {
SYMBOL_HELPER_QUEUE_NUM,
+ SYMBOL_HELPER_QUEUE_LEN,
SYMBOL_HELPER_POLICY_EXPECT_ROOT,
SYMBOL_HELPER_EXPECT_POLICY_LEAF,
};
@@ -86,8 +87,8 @@ enum {
%token T_SCHEDULER T_TYPE T_PRIO T_NETLINK_EVENTS_RELIABLE
%token T_DISABLE_INTERNAL_CACHE T_DISABLE_EXTERNAL_CACHE T_ERROR_QUEUE_LENGTH
%token T_OPTIONS T_TCP_WINDOW_TRACKING T_EXPECT_SYNC
-%token T_HELPER T_HELPER_QUEUE_NUM T_HELPER_POLICY T_HELPER_EXPECT_MAX
-%token T_HELPER_EXPECT_TIMEOUT
+%token T_HELPER T_HELPER_QUEUE_NUM T_HELPER_QUEUE_LEN T_HELPER_POLICY
+%token T_HELPER_EXPECT_TIMEOUT T_HELPER_EXPECT_MAX
%token <string> T_IP T_PATH_VAL
%token <val> T_NUMBER
@@ -1639,6 +1640,13 @@ helper_type: T_TYPE T_STRING T_STRING T_STRING '{' helper_type_list '}'
stack_item_free(e);
break;
}
+ case SYMBOL_HELPER_QUEUE_LEN: {
+ int *qlen = (int *) &e->data;
+
+ helper_inst->queue_len = *qlen;
+ stack_item_free(e);
+ break;
+ }
case SYMBOL_HELPER_POLICY_EXPECT_ROOT: {
struct ctd_helper_policy *pol =
(struct ctd_helper_policy *) &e->data;
@@ -1696,6 +1704,17 @@ helper_type: T_HELPER_QUEUE_NUM T_NUMBER
stack_item_push(&symbol_stack, e);
};
+helper_type: T_HELPER_QUEUE_LEN T_NUMBER
+{
+ int *qlen;
+ struct stack_item *e;
+
+ e = stack_item_alloc(SYMBOL_HELPER_QUEUE_LEN, sizeof(int));
+ qlen = (int *) e->data;
+ *qlen = $2;
+ stack_item_push(&symbol_stack, e);
+};
+
helper_type: T_HELPER_POLICY T_STRING '{' helper_policy_list '}'
{
struct stack_item *e;