diff options
author | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org </C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org> | 2007-05-21 15:18:58 +0000 |
---|---|---|
committer | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org </C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org> | 2007-05-21 15:18:58 +0000 |
commit | 1af6ff8f04bf4db0a9d9207797bca8eaf660cbe2 (patch) | |
tree | 15a18396ddb740f5f2a3c73242fb9124a475a9ea | |
parent | 9f1b4b2d028129966f7e6f23cec6ac0712c2b1b6 (diff) | |
download | conntrack-tools-1af6ff8f04bf4db0a9d9207797bca8eaf660cbe2.tar.gz conntrack-tools-1af6ff8f04bf4db0a9d9207797bca8eaf660cbe2.zip |
add missing ignore_conntrack in the overrun handler
-rw-r--r-- | src/netlink.c | 2 | ||||
-rw-r--r-- | src/stats-mode.c | 3 | ||||
-rw-r--r-- | src/sync-mode.c | 3 |
3 files changed, 7 insertions, 1 deletions
diff --git a/src/netlink.c b/src/netlink.c index 94200b9..b1f9fd7 100644 --- a/src/netlink.c +++ b/src/netlink.c @@ -25,7 +25,7 @@ #include <stdlib.h> #include "network.h" -static int ignore_conntrack(struct nf_conntrack *ct) +int ignore_conntrack(struct nf_conntrack *ct) { /* ignore a certain protocol */ if (CONFIG(ignore_protocol)[nfct_get_attr_u8(ct, ATTR_ORIG_L4PROTO)]) diff --git a/src/stats-mode.c b/src/stats-mode.c index 581c07d..22474e2 100644 --- a/src/stats-mode.c +++ b/src/stats-mode.c @@ -96,6 +96,9 @@ static int overrun_cb(enum nf_conntrack_msg_type type, struct nf_conntrack *ct, void *data) { + if (ignore_conntrack(ct)) + return NFCT_CB_CONTINUE; + /* This is required by kernels < 2.6.20 */ nfct_attr_unset(ct, ATTR_TIMEOUT); nfct_attr_unset(ct, ATTR_ORIG_COUNTER_BYTES); diff --git a/src/sync-mode.c b/src/sync-mode.c index 65a3c5b..d7bee9d 100644 --- a/src/sync-mode.c +++ b/src/sync-mode.c @@ -299,6 +299,9 @@ static int overrun_cb(enum nf_conntrack_msg_type type, { struct us_conntrack *u; + if (ignore_conntrack(ct)) + return NFCT_CB_CONTINUE; + /* This is required by kernels < 2.6.20 */ nfct_attr_unset(ct, ATTR_TIMEOUT); nfct_attr_unset(ct, ATTR_ORIG_COUNTER_BYTES); |