path: root/src/sync-alarm.c
Commit message (Collapse)AuthorAgeFilesLines
* conntrackd: remove cache_data_get_object and replace by direct pointerPablo Neira Ayuso2012-01-101-5/+5
| | | | | | | We now include one pointer to the object in the extra section. This is required to generalize this code for the expectation support. We consume 4-8 bytes extra, but we will not need more changes to support expectations which is a good idea.
* conntrackd: simplify cache_get_extra functionPablo Neira Ayuso2012-01-101-2/+1
| | | | | | | | This patch simplifies cache_get_extra which now takes only one parameter that is the cache_object. With it, the extra area can be calculated. Signed-off-by: Pablo Neira Ayuso <>
* conntrackd: generalize/cleanup network message building/parsingPablo Neira Ayuso2012-01-101-2/+2
| | | | | | | | | | | | | | | | | | This patch generalizes the network message building and parsing to prepare the upcoming expectation support. Basically, it renames: - NET_T_STATE_* by NET_T_STATE_CT_*, as I plan to add NET_T_STATE_EXP_* - BUILD_NETMSG by BUILD_NETMSG_FROM_CT, and build_payload by ct2msg. I plan to add exp2msg. - parse_payload by msg2ct, since I plan to add msg2exp. - modify object_status_to_network_type to prepare the support of expectations. - add prefix ct_ to all parsing functions in parse.c, as we will have similar functions to convert messages to expectation objects. Signed-off-by: Pablo Neira Ayuso <>
* conntrackd: generalize caching infrastructurePablo Neira Ayuso2012-01-101-5/+6
| | | | | | | | This patch generalizes the caching infrastructure to store different object types. This patch is the first in the series to prepare support for the synchronization of expectations. Signed-off-by: Pablo Neira Ayuso <>
* conntrackd: fix checking of return value of queue_add()Pablo Neira Ayuso2012-01-041-1/+1
| | | | | | | | | | | | | | | | Most callers of queue_add() assume that it returns != 0 in case of success. However, it may return -1 in case that the queue gets full. In that case, most callers have to: - release the object that they want to enqueue. - decrement the refcount, in case they have bumped it. However, most of these callers are using the tx_queue which currently has no limit in size at all. This fix is necessary in case that I decide to limit the size of the transmission queue in the future (which makes a lot of sense indeed). Signed-off-by: Pablo Neira Ayuso <>
* conntrackd: add `DisableInternalCache' clausePablo Neira Ayuso2009-10-211-2/+3
| | | | | | | | This patch adds the clause `DisableInternalCache' that allows you to bypass the internal cache. This clause can only be used with the notrack synchronization mode. Signed-off-by: Pablo Neira Ayuso <>
* sync-mode: rename mcast_track_*() by nethdr_track_*()Pablo Neira Ayuso2009-03-121-1/+1
| | | | | | | | This patch is a cleanup. It renames the mcast_track_*() functions by nethdr_track_*() because this functions are related to message sequence tracking. They are not stick to multicast at all. Signed-off-by: Pablo Neira Ayuso <>
* sync-mode: add abstract layer to make daemon independent of multicastPablo Neira Ayuso2009-03-121-2/+2
| | | | | | | | | This patch reworks conntrackd to make it independent of the protocol used to propagate state-changes. This patch adds the channel layer abstraction, this layer allows you to add support for different protocols like unicast UDP or TIPC. Signed-off-by: Pablo Neira Ayuso <>
* src: remove obsolete debug() and debug_ct() callsPablo Neira Ayuso2009-02-201-3/+0
| | | | | | | This patch removes debug() and debug_ct(), I haven't use the debugging information that these functions provide in years. Signed-off-by: Pablo Neira Ayuso <>
* cache: move lifetime feature to main cache codePablo Neira Ayuso2009-01-251-2/+2
| | | | | | | | The lifetime feature is used by all working modes, it is useful to know how long it has been an entry living in the cache. This patch moves the lifetime feature to the main caching code. Signed-off-by: Pablo Neira Ayuso <>
* sync: enqueue state updates to tx_queuePablo Neira Ayuso2009-01-171-11/+64
| | | | | | | | | | With this patch, all the states updates are enqueued in the tx_queue. Thus, there's a single output path. This patch adds a simple refcounting mechanism to note when an object is sitting in the txqueue. This patch also removes the alarm that is required by the ftfw approach. Signed-off-by: Pablo Neira Ayuso <>
* src: rework of the hash-cache infrastructurePablo Neira Ayuso2009-01-151-14/+13
| | | | | | | | | | | | | | | | | | | | | | | | Currently, the caching system is implemented in a two layer architecture: hashtable (inner layer) and cache (upper layer). This patch reworks the hash-cache infrastructure to solve some initial design problems to make it more flexible, the main strong points of this patch are: * Memory handling is done in the cache layer, not in the inner hashtable layer. This removes one of the main dependencies between the hashtable and the cache classes. * Remove excessive encapsulation: the former cache used to hide a lot of details of the inner hashtable implementation. * Fix over-hashing of some operations: lookup-delete-add required three hash calculations. Similarly, the update-or-add operation required two hash calculations. Now, we calculate the hash once and re-use the value how many times as we need. This patch simplifies the caching system. As a result, we save ~130 lines of code. Small code means and less complexity means less chance to have bugs. Signed-off-by: Pablo Neira Ayuso <>
* network: use NET_T_* instead of NFCT_Q_*Pablo Neira Ayuso2008-12-131-1/+1
| | | | | | | | This patch replaces the use of NFCT_Q_* in the message type by specific network message type NET_T_*. The query types are reserved for libnetfilter_conntrack operations. Signed-off-by: Pablo Neira Ayuso <>
* network: remove the netpld header from the messagesPablo Neira Ayuso2008-12-081-2/+0
| | | | | | | | | This patch simplifies the message format of the replication messages. As a result, we save four bytes. The netpld header was introduced in the early protocol design. Today, it does not have any reason to exist. Signed-off-by: Pablo Neira Ayuso <>
* network: remove length parameter of mcast_buffered_send_netmsg()Pablo Neira Ayuso2008-12-081-1/+1
| | | | | | | | This patch simplifies mcast_buffered_send_netmsg() by removing the length parameter. Instead, we use the length field in the nethdr to know the message size to be sent. Signed-off-by: Pablo Neira Ayuso <>
* revert relicensing... still we use linux_list.h code which seems to be GPLv2 ↵/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-03-081-1/+1
| | | | only which is incompatible AFAIK
* relicense conntrack-tools as GPLv3+, so far the most significant contributor ↵/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-03-081-1/+1
| | | | has been Max Kellermann and has no issues with relicensing their contributions.
* implement a rb-tree based alarm framework/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-01-291-5/+5
* Max Kellermann <>:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-01-231-1/+1
| | | | use size_t
* fix inconsistent alarm update in cache_alarm_update/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-01-221-1/+3
* Max Kellermann <>:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-01-201-1/+0
| | | | remove init_alarm() before add_alarm()
* Based on patch from Max Kellermann <>:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-01-201-10/+7
| | | | merge mod_alarm() into add_alarm(), remove alarm_set_expiration()
* yet another rework of the alarm scheduler/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-01-181-2/+2
* Max Kellermann <>:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-01-171-0/+3
| | | | import only required C headers and put local headers on top to check
* Max Kellermann <>:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-01-151-0/+2
| | | | Fix tons of gcc warnings
* Max Kellermann <>:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-01-151-6/+2
| | | | set the return type of the parse functions to "void"
* Max Kellermann <>:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-01-151-1/+1
| | | | | | the global variable "alarm" conflicts with the alarm() function from unistd.h. resolve that conflict by giving those two global variables a better name.
* improve alarm framework based on suggestions from Max Duempel/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-01-141-4/+6
* wake up the daemon iff there are real events to handle instead of polling ↵/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-01-091-3/+11
| | | | (Based on comments from Max Kellerman)
* o Use more appropriate names for the existing synchronization modes:/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2007-12-211-0/+104
o rename `persistent' mode to `alarm' o rename `nack' mode to `ftfw' o Now default synchronization mode is ftfw instead of alarm