| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch improves the overrun handling. The logic behind this patch
consists of two steps:
1) duplicate the netlink buffer size if the size does not goes after the
upper boundary.
2) scheduling a resynchronization (in two seconds) with the kernel conntrack
table if we hit ENOBUFS. During the resynchronization, the NFCT plugin dumps
the current table and purges the objects that do not exist anymore.
This patch also introduces two new clauses, the netlink_socket_buffer_size
and netlink_socket_buffer_maxsize that set the size of the netlink socket
buffer.
|
|
|
|
|
|
|
|
| |
This patch introduces a generic hashtable to store the nf_conntrack objects.
The objects are identified by the original and reply tuples instead of the
conntrack ID which is not dumped in the event message of linux kernel < 2.6.25.
This patch also fixes the NFCT_MSG_* by NFCT_T_* which is the appropriate
message type tag.
|
|
|
|
|
|
|
| |
plugin. To be able to send IP addresses to the IP2STR and IP2BIN module
oob.family and oob.protocol keys have been added.
Signed-off-by: Eric Leblond <eric@inl.fr>
|
|
|
|
|
|
|
|
|
| |
- event mask is now configurable though the event_mask configuration variable
- event type is now stored in the ct.event output key. This can be used to
display the information or to use it to implement some tracking algorithm in
userspace.
Signed-off-by: Eric Leblond <eric@inl.fr>
|
|
|
|
|
|
| |
able to use multiple time the same instance of NFCT.
Signed-off-by: Eric Leblond <eric@inl.fr>
|
|
|
|
| |
- fix crash when enabling pollinterval clause in flow-based accounting
|
|
|
|
| |
Signed-off-by: Eric Leblond <eric@inl.fr>
|
|
|
|
|
|
|
| |
The following patch fixes some indenting and typo in various ulogd2
files.
Eric Leblond <eric@inl.fr>
|
|
|
|
| |
output is compatible with the SYSLOG and LOGEMU plugins. (Philip Craig)
|
|
|
|
|
|
|
| |
1) correctly name flow.end.usec
2) initialize 'idle' list_head
3) don't allocate hash table in case hash_use=0
4) fix invalid pointer arithmetic
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
original patch by Christian Hentschel, amended like:
1) the hash table has to be per-instance, since [at least in the future]
we can have nfnetlink messages routed from other machines over the
network, thus every NFCT instance has to have it's own hash table.
2) Whether or not to use a preallocated table is now a configuration
value, as is the number of buckets and max_entries
3) configure_nfct was not used in the struct ulogd_plugin.configure
4) don't put the hashtable buckets in BSS, but rather allocate them
dynamically
5) allocate all ct_timestamps (in the preallocated case) at once, rather
than malloc()ing each on its own.
6) use official IPFIX fields for flow start and flow end instead of
private numbers
7) use llist instead of list (linuxlist.h adds an additional 'l')
8) add lots of TODO items
9) add IPFIX_NF_conntrack_id to header file
|
|
|
|
| |
- Rename "tcp.[sd]port" into "l4.[sd]port" (Christian Hentschel)
|
| |
|
| |
|
|
|
|
| |
version
|
|
|
|
| |
- fix segfault due to missing priv_size
|
| |
|
| |
|
|
|