diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2009-07-22 20:17:28 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2009-07-22 20:17:28 +0200 |
commit | f4a480e7cb3ed06b004e9d37f803ca35a7f334e1 (patch) | |
tree | ecd0214ff4a79cbe3d7aa6fbbe86675508f768b2 /input/flow | |
parent | de30adc389621c49e7b77bfdf550d0b1c0804448 (diff) |
NFCT: add configurable option to set the value of the resynchronization timer
This patch adds `netlink_resync_timeout' that allows you to set
the number of seconds that we wait to perform a resynchronization
due to a netlink overrun. This patch changes the default timeout
from 2 to 60 seconds (less agressive).
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'input/flow')
-rw-r--r-- | input/flow/ulogd_inpflow_NFCT.c | 23 |
1 files changed, 15 insertions, 8 deletions
diff --git a/input/flow/ulogd_inpflow_NFCT.c b/input/flow/ulogd_inpflow_NFCT.c index deaf887..f7e84ac 100644 --- a/input/flow/ulogd_inpflow_NFCT.c +++ b/input/flow/ulogd_inpflow_NFCT.c @@ -114,6 +114,12 @@ static struct config_keyset nfct_kset = { .options = CONFIG_OPT_NONE, .u.value = 0, }, + { + .key = "netlink_resync_timeout", + .type = CONFIG_TYPE_INT, + .options = CONFIG_OPT_NONE, + .u.value = 60, + }, }, }; #define pollint_ce(x) (x->ces[0]) @@ -123,6 +129,7 @@ static struct config_keyset nfct_kset = { #define eventmask_ce(x) (x->ces[4]) #define nlsockbufsize_ce(x) (x->ces[5]) #define nlsockbufmaxsize_ce(x) (x->ces[6]) +#define nlresynctimeout_ce(x) (x->ces[7]) enum nfct_keys { NFCT_ORIG_IP_SADDR = 0, @@ -687,13 +694,13 @@ static int read_cb_nfct(int fd, unsigned int what, void *param) /* internal hash can deal with refresh */ if (usehash_ce(upi->config_kset).u.value != 0) { - /* TODO: schedule a resynchronization in - * two seconds, this parameter should be - * configurable via config. Note that we - * don't re-schedule a resync if it's - * already in progress. */ + /* schedule a resynchronization in N + * seconds, this parameter is configurable + * via config. Note that we don't re-schedule + * a resync if it's already in progress. */ if (!ulogd_timer_pending(&cpi->ov_timer)) { - ulogd_add_timer(&cpi->ov_timer, 2); + ulogd_add_timer(&cpi->ov_timer, + nlresynctimeout_ce(upi->config_kset).u.value); } } } @@ -767,9 +774,9 @@ static int read_cb_ovh(int fd, unsigned int what, void *param) if (nfct_catch(cpi->ovh) == -1) { /* enobufs in the overrun buffer? very rare */ if (errno == ENOBUFS) { - /* TODO: configurable resync timer */ if (!ulogd_timer_pending(&cpi->ov_timer)) { - ulogd_add_timer(&cpi->ov_timer, 2); + ulogd_add_timer(&cpi->ov_timer, + nlresynctimeout_ce(upi->config_kset).u.value); } } } |