diff options
| author | Pablo Neira Ayuso <pablo@netfilter.org> | 2009-05-23 12:54:51 +0200 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2009-05-23 12:54:51 +0200 |
| commit | ef047d03613bf9fa105db009773136817e2ec4c6 (patch) | |
| tree | 7bdeaa64da5ebe1aeb79bdfaa8c24fa8de2cfad7 /include | |
| parent | 0374398fd14bf587d80d9d31e361e266e69387c8 (diff) | |
conntrackd: detect where the events comes from
Since Linux kernel 2.6.29, ctnetlink reports the changes that have
been done using ctnetlink. With this patch, conntrackd can recognize
who is the origin of the event messages. For example, this is
interesting to avoid a messy implicit bulk send during the commit
of entries.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include')
| -rw-r--r-- | include/Makefile.am | 2 | ||||
| -rw-r--r-- | include/cache.h | 4 | ||||
| -rw-r--r-- | include/conntrackd.h | 6 | ||||
| -rw-r--r-- | include/origin.h | 14 |
4 files changed, 21 insertions, 5 deletions
diff --git a/include/Makefile.am b/include/Makefile.am index 0ea056c..b72fb36 100644 --- a/include/Makefile.am +++ b/include/Makefile.am @@ -4,5 +4,5 @@ noinst_HEADERS = alarm.h jhash.h cache.h linux_list.h linux_rbtree.h \ debug.h log.h hash.h mcast.h conntrack.h \ network.h filter.h queue.h vector.h cidr.h \ traffic_stats.h netlink.h fds.h event.h bitops.h channel.h \ - process.h + process.h origin.h diff --git a/include/cache.h b/include/cache.h index 371170d..b6facdc 100644 --- a/include/cache.h +++ b/include/cache.h @@ -121,8 +121,10 @@ void *cache_get_extra(struct cache *, void *); void cache_iterate(struct cache *c, void *data, int (*iterate)(void *data1, void *data2)); /* iterators */ +struct nfct_handle; + void cache_dump(struct cache *c, int fd, int type); -void cache_commit(struct cache *c); +void cache_commit(struct cache *c, struct nfct_handle *h); void cache_flush(struct cache *c); void cache_bulk(struct cache *c); diff --git a/include/conntrackd.h b/include/conntrackd.h index 013ec4f..81cfd51 100644 --- a/include/conntrackd.h +++ b/include/conntrackd.h @@ -218,9 +218,9 @@ struct ct_mode { struct nf_conntrack *ct, void *data); int (*purge)(void); - void (*event_new)(struct nf_conntrack *ct); - void (*event_upd)(struct nf_conntrack *ct); - int (*event_dst)(struct nf_conntrack *ct); + void (*event_new)(struct nf_conntrack *ct, int origin); + void (*event_upd)(struct nf_conntrack *ct, int origin); + int (*event_dst)(struct nf_conntrack *ct, int origin); }; /* conntrackd modes */ diff --git a/include/origin.h b/include/origin.h new file mode 100644 index 0000000..b2d1823 --- /dev/null +++ b/include/origin.h @@ -0,0 +1,14 @@ +#ifndef _ORIGIN_H_ +#define _ORIGIN_H_ + +enum { + CTD_ORIGIN_NOT_ME = 0, /* this event comes from the kernel or + any process, but not conntrackd */ + CTD_ORIGIN_COMMIT, /* event comes from committer */ +}; + +int origin_register(struct nfct_handle *h, int origin_type); +int origin_find(const struct nlmsghdr *nlh); +int origin_unregister(struct nfct_handle *h); + +#endif |