summaryrefslogtreecommitdiffstats
path: root/src/sync-mode.c
diff options
context:
space:
mode:
authorPablo Neira Ayuso <pablo@netfilter.org>2009-06-11 19:34:54 +0200
committerPablo Neira Ayuso <pablo@netfilter.org>2009-06-11 19:34:54 +0200
commit6dad06ec56eeb942a1785246bf91fe7100a21c7e (patch)
tree230827bbdf7d19b36c23f3d2bad9ced109d57c27 /src/sync-mode.c
parent5e696e022d8383bc7abe6e6ba37c2664679fe81f (diff)
conntrackd: use a permanent handler for flush operations
In 6f5666a29cb7cbff08ce926ee1edb84a311ff6ee, I moved the flush operation into a child process and to use a disposable handler to perform flush requests. This patch adds a dedicated flush handler since there is a possible race condition that can happen if the child process ends before we have received all the event messages that the flush request has triggered. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/sync-mode.c')
-rw-r--r--src/sync-mode.c23
1 files changed, 2 insertions, 21 deletions
diff --git a/src/sync-mode.c b/src/sync-mode.c
index 2da3604..102ecac 100644
--- a/src/sync-mode.c
+++ b/src/sync-mode.c
@@ -203,35 +203,16 @@ static void interface_handler(void)
interface_candidate();
}
-/* this is called once the flusher process has finished */
-static void flush_done_cb(void *data)
-{
- struct nfct_handle *h = data;
- origin_unregister(h);
- nfct_close(h);
-}
-
static void do_reset_cache_alarm(struct alarm_block *a, void *data)
{
- struct nfct_handle *h;
-
- /* disposable flusher handler */
- h = nfct_open(CONNTRACK, 0);
- if (h == NULL) {
- dlog(LOG_ERR, "cannot open flusher handler");
- return;
- }
- /* register this handler as the origin of a flush operation */
- origin_register(h, CTD_ORIGIN_FLUSH);
-
STATE(stats).nl_kernel_table_flush++;
dlog(LOG_NOTICE, "flushing kernel conntrack table (scheduled)");
/* fork a child process that performs the flush operation,
* meanwhile the parent process handles events. */
if (fork_process_new(CTD_PROC_FLUSH, CTD_PROC_F_EXCL,
- flush_done_cb, h) == 0) {
- nl_flush_conntrack_table(h);
+ NULL, NULL) == 0) {
+ nl_flush_conntrack_table(STATE(flush));
exit(EXIT_SUCCESS);
}
/* this is not required if events don't get lost */