From ef047d03613bf9fa105db009773136817e2ec4c6 Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Sat, 23 May 2009 12:54:51 +0200
Subject: conntrackd: detect where the events comes from

Since Linux kernel 2.6.29, ctnetlink reports the changes that have
been done using ctnetlink. With this patch, conntrackd can recognize
who is the origin of the event messages. For example, this is
interesting to avoid a messy implicit bulk send during the commit
of entries.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 include/Makefile.am  |  2 +-
 include/cache.h      |  4 +++-
 include/conntrackd.h |  6 +++---
 include/origin.h     | 14 ++++++++++++++
 4 files changed, 21 insertions(+), 5 deletions(-)
 create mode 100644 include/origin.h

(limited to 'include')

diff --git a/include/Makefile.am b/include/Makefile.am
index 0ea056c..b72fb36 100644
--- a/include/Makefile.am
+++ b/include/Makefile.am
@@ -4,5 +4,5 @@ noinst_HEADERS = alarm.h jhash.h cache.h linux_list.h linux_rbtree.h \
 		 debug.h log.h hash.h mcast.h conntrack.h \
 		 network.h filter.h queue.h vector.h cidr.h \
 		 traffic_stats.h netlink.h fds.h event.h bitops.h channel.h \
-		 process.h
+		 process.h origin.h
 
diff --git a/include/cache.h b/include/cache.h
index 371170d..b6facdc 100644
--- a/include/cache.h
+++ b/include/cache.h
@@ -121,8 +121,10 @@ void *cache_get_extra(struct cache *, void *);
 void cache_iterate(struct cache *c, void *data, int (*iterate)(void *data1, void *data2));
 
 /* iterators */
+struct nfct_handle;
+
 void cache_dump(struct cache *c, int fd, int type);
-void cache_commit(struct cache *c);
+void cache_commit(struct cache *c, struct nfct_handle *h);
 void cache_flush(struct cache *c);
 void cache_bulk(struct cache *c);
 
diff --git a/include/conntrackd.h b/include/conntrackd.h
index 013ec4f..81cfd51 100644
--- a/include/conntrackd.h
+++ b/include/conntrackd.h
@@ -218,9 +218,9 @@ struct ct_mode {
 		      struct nf_conntrack *ct,
 		      void *data);
 	int (*purge)(void);
-	void (*event_new)(struct nf_conntrack *ct);
-	void (*event_upd)(struct nf_conntrack *ct);
-	int (*event_dst)(struct nf_conntrack *ct);
+	void (*event_new)(struct nf_conntrack *ct, int origin);
+	void (*event_upd)(struct nf_conntrack *ct, int origin);
+	int (*event_dst)(struct nf_conntrack *ct, int origin);
 };
 
 /* conntrackd modes */
diff --git a/include/origin.h b/include/origin.h
new file mode 100644
index 0000000..b2d1823
--- /dev/null
+++ b/include/origin.h
@@ -0,0 +1,14 @@
+#ifndef _ORIGIN_H_
+#define _ORIGIN_H_
+
+enum {
+	CTD_ORIGIN_NOT_ME = 0,		/* this event comes from the kernel or
+					   any process, but not conntrackd */
+	CTD_ORIGIN_COMMIT,		/* event comes from committer */
+};
+
+int origin_register(struct nfct_handle *h, int origin_type);
+int origin_find(const struct nlmsghdr *nlh);
+int origin_unregister(struct nfct_handle *h);
+
+#endif
-- 
cgit v1.2.3