diff options
author | Eric Leblond <eric@regit.org> | 2014-02-22 14:05:56 +0100 |
---|---|---|
committer | Eric Leblond <eric@regit.org> | 2014-02-22 22:50:09 +0100 |
commit | eff7b4ef1bed285e54de85d9109aec0f2dbb7c4b (patch) | |
tree | 980fbe09c33badcefa7d784694244c8d7082e83c | |
parent | 5719f2713a8ce512d0361a5c0bc4d0e878117469 (diff) |
nfct: use start timestamp if provided
When hash table is not used, the start timestamp was not used even
if the kernel is sending it. This patch modifies the code to use it
when available. This allows to log connection with start and end
with a single message per connection and without the cost of
maintaining the hash table.
-rw-r--r-- | input/flow/ulogd_inpflow_NFCT.c | 18 |
1 files changed, 14 insertions, 4 deletions
diff --git a/input/flow/ulogd_inpflow_NFCT.c b/input/flow/ulogd_inpflow_NFCT.c index ab2bc10..899b7e3 100644 --- a/input/flow/ulogd_inpflow_NFCT.c +++ b/input/flow/ulogd_inpflow_NFCT.c @@ -621,7 +621,7 @@ do_propagate_ct(struct ulogd_pluginstance *upi, propagate_ct(upi, upi, ct, type, ts); } -static void set_timestamp_from_ct(struct ct_timestamp *ts, +static int set_timestamp_from_ct_try(struct ct_timestamp *ts, struct nf_conntrack *ct, int name) { int attr_name; @@ -636,7 +636,15 @@ static void set_timestamp_from_ct(struct ct_timestamp *ts, nfct_get_attr_u64(ct, attr_name) / NSEC_PER_SEC; ts->time[name].tv_usec = (nfct_get_attr_u64(ct, attr_name) % NSEC_PER_SEC) / 1000; - } else + return 1; + } + return 0; +} + +static void set_timestamp_from_ct(struct ct_timestamp *ts, + struct nf_conntrack *ct, int name) +{ + if (!set_timestamp_from_ct_try(ts, ct, name)) gettimeofday(&ts->time[name], NULL); } @@ -732,8 +740,10 @@ event_handler_no_hashtable(enum nf_conntrack_msg_type type, break; case NFCT_T_DESTROY: set_timestamp_from_ct(&tmp, ct, STOP); - tmp.time[START].tv_sec = 0; - tmp.time[START].tv_usec = 0; + if (!set_timestamp_from_ct_try(&tmp, ct, START)) { + tmp.time[START].tv_sec = 0; + tmp.time[START].tv_usec = 0; + } break; default: ulogd_log(ULOGD_NOTICE, "unsupported message type\n"); |