From 6dad06ec56eeb942a1785246bf91fe7100a21c7e Mon Sep 17 00:00:00 2001 From: Pablo Neira Ayuso Date: Thu, 11 Jun 2009 19:34:54 +0200 Subject: conntrackd: use a permanent handler for flush operations In 6f5666a29cb7cbff08ce926ee1edb84a311ff6ee, I moved the flush operation into a child process and to use a disposable handler to perform flush requests. This patch adds a dedicated flush handler since there is a possible race condition that can happen if the child process ends before we have received all the event messages that the flush request has triggered. Signed-off-by: Pablo Neira Ayuso --- src/sync-mode.c | 23 ++--------------------- 1 file changed, 2 insertions(+), 21 deletions(-) (limited to 'src/sync-mode.c') diff --git a/src/sync-mode.c b/src/sync-mode.c index 2da3604..102ecac 100644 --- a/src/sync-mode.c +++ b/src/sync-mode.c @@ -203,35 +203,16 @@ static void interface_handler(void) interface_candidate(); } -/* this is called once the flusher process has finished */ -static void flush_done_cb(void *data) -{ - struct nfct_handle *h = data; - origin_unregister(h); - nfct_close(h); -} - static void do_reset_cache_alarm(struct alarm_block *a, void *data) { - struct nfct_handle *h; - - /* disposable flusher handler */ - h = nfct_open(CONNTRACK, 0); - if (h == NULL) { - dlog(LOG_ERR, "cannot open flusher handler"); - return; - } - /* register this handler as the origin of a flush operation */ - origin_register(h, CTD_ORIGIN_FLUSH); - STATE(stats).nl_kernel_table_flush++; dlog(LOG_NOTICE, "flushing kernel conntrack table (scheduled)"); /* fork a child process that performs the flush operation, * meanwhile the parent process handles events. */ if (fork_process_new(CTD_PROC_FLUSH, CTD_PROC_F_EXCL, - flush_done_cb, h) == 0) { - nl_flush_conntrack_table(h); + NULL, NULL) == 0) { + nl_flush_conntrack_table(STATE(flush)); exit(EXIT_SUCCESS); } /* this is not required if events don't get lost */ -- cgit v1.2.3