From 3e6852f806c4368eda451b39f12b2ac2f2b5d33b Mon Sep 17 00:00:00 2001 From: Pablo Neira Ayuso Date: Wed, 19 Aug 2009 16:59:38 +0200 Subject: conntrackd: add `DisableExternalCache' clause This patch adds the clause `DisableExternalCache' that allows you to disable the external cache and to directly inject the entries into the kernel conntrack table. As a result, the CPU consumption of conntrackd increases. This clause can only be used with the FT-FW and the notrack synchronization modes, but not with the alarm mode. Signed-off-by: Pablo Neira Ayuso --- src/read_config_yy.y | 13 +++++++++++++ 1 file changed, 13 insertions(+) (limited to 'src/read_config_yy.y') diff --git a/src/read_config_yy.y b/src/read_config_yy.y index f3f4730..38c5929 100644 --- a/src/read_config_yy.y +++ b/src/read_config_yy.y @@ -72,6 +72,7 @@ static void __max_dedicated_links_reached(void); %token T_FROM T_USERSPACE T_KERNELSPACE T_EVENT_ITER_LIMIT T_DEFAULT %token T_NETLINK_OVERRUN_RESYNC T_NICE T_IPV4_DEST_ADDR T_IPV6_DEST_ADDR %token T_SCHEDULER T_TYPE T_PRIO T_NETLINK_EVENTS_RELIABLE +%token T_DISABLE_EXTERNAL_CACHE %token T_IP T_PATH_VAL %token T_NUMBER @@ -698,6 +699,7 @@ sync_mode_ftfw_line: resend_queue_size | timeout | purge | window_size + | disable_external_cache ; sync_mode_notrack_list: @@ -705,8 +707,19 @@ sync_mode_notrack_list: sync_mode_notrack_line: timeout | purge + | disable_external_cache ; +disable_external_cache: T_DISABLE_EXTERNAL_CACHE T_ON +{ + conf.sync.external_cache_disable = 1; +}; + +disable_external_cache: T_DISABLE_EXTERNAL_CACHE T_OFF +{ + conf.sync.external_cache_disable = 0; +}; + resend_buffer_size: T_RESEND_BUFFER_SIZE T_NUMBER { print_err(CTD_CFG_WARN, "`ResendBufferSize' is deprecated. " -- cgit v1.2.3