From ace1f6a61b6842e2b49ec7a08f368a2d9f433be0 Mon Sep 17 00:00:00 2001
From: "/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org"
 </C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org>
Date: Tue, 29 Apr 2008 14:18:17 +0000
Subject: Fix reorder possible reordering of destroy messages under message
 omission. This patch introduces the TimeoutDestroy clause to determine how
 long a conntrack remains in the internal cache once it has been destroy from
 the kernel table.

---
 include/cache.h        | 1 +
 include/conntrackd.h   | 1 +
 include/us-conntrack.h | 5 +++--
 3 files changed, 5 insertions(+), 2 deletions(-)

(limited to 'include')

diff --git a/include/cache.h b/include/cache.h
index f5afbe5..442a563 100644
--- a/include/cache.h
+++ b/include/cache.h
@@ -82,6 +82,7 @@ struct us_conntrack *cache_add(struct cache *c, struct nf_conntrack *ct);
 struct us_conntrack *cache_update(struct cache *c, struct nf_conntrack *ct);
 struct us_conntrack *cache_update_force(struct cache *c, struct nf_conntrack *ct);
 int cache_del(struct cache *c, struct nf_conntrack *ct);
+struct us_conntrack *cache_del_timeout(struct cache *c, struct nf_conntrack *ct, int timeout);
 int cache_test(struct cache *c, struct nf_conntrack *ct);
 void cache_stats(const struct cache *c, int fd);
 struct us_conntrack *cache_get_conntrack(struct cache *, void *);
diff --git a/include/conntrackd.h b/include/conntrackd.h
index 57ac7e4..b266289 100644
--- a/include/conntrackd.h
+++ b/include/conntrackd.h
@@ -76,6 +76,7 @@ struct ct_conf {
 	int refresh;
 	int cache_timeout;		/* cache entries timeout */
 	int commit_timeout;		/* committed entries timeout */
+	int del_timeout;
 	unsigned int netlink_buffer_size;
 	unsigned int netlink_buffer_size_max_grown;
 	unsigned char ignore_protocol[IPPROTO_MAX];
diff --git a/include/us-conntrack.h b/include/us-conntrack.h
index 3d71e22..9eafa3b 100644
--- a/include/us-conntrack.h
+++ b/include/us-conntrack.h
@@ -1,12 +1,13 @@
 #ifndef _US_CONNTRACK_H_
 #define _US_CONNTRACK_H_
 
+#include "alarm.h"
 #include <libnetfilter_conntrack/libnetfilter_conntrack.h>
 
-/* be careful, do not modify the layout */
 struct us_conntrack {
 	struct 	nf_conntrack *ct;
-	struct  cache *cache;          /* add new attributes here */
+	struct  cache *cache; 
+	struct	alarm_block alarm;
 	char 	data[0];
 };
 
-- 
cgit v1.2.3