diff options
author | Eric Leblond <eric@inl.fr> | 2008-06-02 01:42:44 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2008-06-02 01:42:44 +0200 |
commit | dc613507f4425d703de8e56596c9cd8d5d9d5424 (patch) | |
tree | e9b21b9d47443f04de1af9704c37cf44968fc8fb /doc | |
parent | e3cfb9dd26ad18cf5437a368aa015a2f8d4bdef5 (diff) |
This patch adds a new function which insert or update connection tracking
entries depending on the event type parameter.
Diffstat (limited to 'doc')
-rw-r--r-- | doc/pgsql-ulogd2.sql | 61 |
1 files changed, 61 insertions, 0 deletions
diff --git a/doc/pgsql-ulogd2.sql b/doc/pgsql-ulogd2.sql index d174d49..20f5014 100644 --- a/doc/pgsql-ulogd2.sql +++ b/doc/pgsql-ulogd2.sql @@ -559,6 +559,67 @@ RETURNS bigint AS $$ SELECT currval('ulog2_ct__ct_id_seq'); $$ LANGUAGE SQL SECURITY INVOKER; +CREATE OR REPLACE FUNCTION INSERT_OR_REPLACE_CT( + IN _oob_family integer, + IN _orig_ip_saddr inet, + IN _orig_ip_daddr inet, + IN _orig_ip_protocol integer, + IN _orig_l4_sport integer, + IN _orig_l4_dport integer, + IN _orig_raw_pktlen bigint, + IN _orig_raw_pktcount bigint, + IN _reply_ip_saddr inet, + IN _reply_ip_daddr inet, + IN _reply_ip_protocol integer, + IN _reply_l4_sport integer, + IN _reply_l4_dport integer, + IN _reply_raw_pktlen bigint, + IN _reply_raw_pktcount bigint, + IN _icmp_code integer, + IN _icmp_type integer, + IN _ct_mark bigint, + IN _flow_start_sec bigint, + IN _flow_start_usec bigint, + IN _flow_end_sec bigint, + IN _flow_end_usec bigint, + IN _ct_event integer + ) +RETURNS bigint AS $$ +DECLARE + _id bigint; +BEGIN + IF (_ct_event = 4) THEN + if (_orig_ip_protocol = 1) THEN + UPDATE ulog2_ct SET (orig_raw_pktlen, orig_raw_pktcount, + reply_raw_pktlen, reply_raw_pktcount, + ct_mark, flow_end_sec, flow_end_usec, ct_event) + = ($7,$8,$14,$15,$18,$21,$22,$23) + WHERE oob_family=$1 AND orig_ip_saddr_str = $2 + AND orig_ip_daddr_str = $3 AND orig_ip_protocol = $4 + AND reply_ip_saddr_str = $9 AND reply_ip_daddr_str = $10 + AND reply_ip_protocol = $11 + AND icmp_code = $16 AND icmp_type = $17 + AND ct_event < 4; + ELSE + UPDATE ulog2_ct SET (orig_raw_pktlen, orig_raw_pktcount, + reply_raw_pktlen, reply_raw_pktcount, + ct_mark, flow_end_sec, flow_end_usec, ct_event) + = ($7,$8,$14,$15,$18,$21,$22,$23) + WHERE oob_family=$1 AND orig_ip_saddr_str = $2 + AND orig_ip_daddr_str = $3 AND orig_ip_protocol = $4 + AND orig_l4_sport = $5 AND orig_l4_dport = $6 + AND reply_ip_saddr_str = $9 AND reply_ip_daddr_str = $10 + AND reply_ip_protocol = $11 AND reply_l4_sport = $12 + AND reply_l4_dport = $13 + AND ct_event < 4; + END IF; + ELSE + _id := INSERT_CT($1,$2,$3,$4,$5,$6,$7,$8,$9,$10,$11,$12,$13,$14,$15,$16,$17,$18,$19,$20,$21,$22,$23); + END IF; + RETURN _id; +END +$$ LANGUAGE plpgsql SECURITY INVOKER; + |