From ef047d03613bf9fa105db009773136817e2ec4c6 Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Sat, 23 May 2009 12:54:51 +0200
Subject: conntrackd: detect where the events comes from

Since Linux kernel 2.6.29, ctnetlink reports the changes that have
been done using ctnetlink. With this patch, conntrackd can recognize
who is the origin of the event messages. For example, this is
interesting to avoid a messy implicit bulk send during the commit
of entries.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 src/run.c | 18 ++++++++++++------
 1 file changed, 12 insertions(+), 6 deletions(-)

(limited to 'src/run.c')

diff --git a/src/run.c b/src/run.c
index 09e2ae9..e54764c 100644
--- a/src/run.c
+++ b/src/run.c
@@ -26,6 +26,7 @@
 #include "fds.h"
 #include "traffic_stats.h"
 #include "process.h"
+#include "origin.h"
 
 #include <errno.h>
 #include <signal.h>
@@ -228,10 +229,13 @@ static void do_polling_alarm(struct alarm_block *a, void *data)
 	add_alarm(&STATE(polling_alarm), CONFIG(poll_kernel_secs), 0);
 }
 
-static int event_handler(enum nf_conntrack_msg_type type,
+static int event_handler(const struct nlmsghdr *nlh,
+			 enum nf_conntrack_msg_type type,
 			 struct nf_conntrack *ct,
 			 void *data)
 {
+	int origin_type;
+
 	STATE(stats).nl_events_received++;
 
 	/* skip user-space filtering if already do it in the kernel */
@@ -240,15 +244,17 @@ static int event_handler(enum nf_conntrack_msg_type type,
 		goto out;
 	}
 
+	origin_type = origin_find(nlh);
+
 	switch(type) {
 	case NFCT_T_NEW:
-		STATE(mode)->event_new(ct);
+		STATE(mode)->event_new(ct, origin_type);
 		break;
 	case NFCT_T_UPDATE:
-		STATE(mode)->event_upd(ct);
+		STATE(mode)->event_upd(ct, origin_type);
 		break;
 	case NFCT_T_DESTROY:
-		if (STATE(mode)->event_dst(ct))
+		if (STATE(mode)->event_dst(ct, origin_type))
 			update_traffic_stats(ct);
 		break;
 	default:
@@ -334,8 +340,8 @@ init(void)
 			dlog(LOG_ERR, "no ctnetlink kernel support?");
 			return -1;
 		}
-		nfct_callback_register(STATE(event), NFCT_T_ALL,
-				       event_handler, NULL);
+		nfct_callback_register2(STATE(event), NFCT_T_ALL,
+				        event_handler, NULL);
 		register_fd(nfct_fd(STATE(event)), STATE(fds));
 	}
 
-- 
cgit v1.2.3