From 2217eb4c53a54eabbc09e043209181c483e2eace Mon Sep 17 00:00:00 2001 From: Pablo Neira Ayuso Date: Sat, 23 Oct 2010 17:35:57 +0200 Subject: conntrack: add timestamp support This patch adds the connection tracking extension that allows conntrack timestamping. This requires a Linux kernel >= 2.6.38. We have now 65 attributes, we need 96 bits to store what attributes are set in the objects. Signed-off-by: Pablo Neira Ayuso --- src/conntrack/parse.c | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) (limited to 'src/conntrack/parse.c') diff --git a/src/conntrack/parse.c b/src/conntrack/parse.c index 841693e..743e8d4 100644 --- a/src/conntrack/parse.c +++ b/src/conntrack/parse.c @@ -453,6 +453,26 @@ int __parse_message_type(const struct nlmsghdr *nlh) return ret; } +static void +__parse_timestamp(const struct nfattr *attr, struct nf_conntrack *ct) +{ + struct nfattr *tb[CTA_TIMESTAMP_MAX]; + + nfnl_parse_nested(tb, CTA_TIMESTAMP_MAX, attr); + if (tb[CTA_TIMESTAMP_START-1]) { + u_int64_t tmp; + memcpy(&tmp, NFA_DATA(tb[CTA_TIMESTAMP_START-1]), sizeof(tmp)); + ct->timestamp.start = __be64_to_cpu(tmp); + set_bit(ATTR_TIMESTAMP_START, ct->set); + } + if (tb[CTA_TIMESTAMP_STOP-1]) { + u_int64_t tmp; + memcpy(&tmp, NFA_DATA(tb[CTA_TIMESTAMP_STOP-1]), sizeof(tmp)); + ct->timestamp.stop = __be64_to_cpu(tmp); + set_bit(ATTR_TIMESTAMP_STOP, ct->set); + } +} + void __parse_conntrack(const struct nlmsghdr *nlh, struct nfattr *cda[], struct nf_conntrack *ct) @@ -538,4 +558,7 @@ void __parse_conntrack(const struct nlmsghdr *nlh, if (cda[CTA_SECCTX-1]) __parse_secctx(cda[CTA_SECCTX-1], ct); + + if (cda[CTA_TIMESTAMP-1]) + __parse_timestamp(cda[CTA_TIMESTAMP-1], ct); } -- cgit v1.2.3