summaryrefslogtreecommitdiff
path: root/include/conntrackd.h
diff options
context:
space:
mode:
authorPablo Neira Ayuso <pablo@netfilter.org>2009-07-19 15:28:34 +0200
committerPablo Neira Ayuso <pablo@netfilter.org>2009-07-19 15:28:34 +0200
commit651794575c844fe25a717d77bd088c51383067f0 (patch)
treed4dd79f189ebdb933266d354aa66f42b7571f4b4 /include/conntrackd.h
parenta1d03b775376aa8545ec9a0e89381b659e4d28ed (diff)
downloadconntrack-tools-651794575c844fe25a717d77bd088c51383067f0.tar.gz
conntrack-tools-651794575c844fe25a717d77bd088c51383067f0.zip
conntrackd: rework commit not to fork a child process
This patch reworks the commit phase to avoid the forking. This is particularly useful in active-active setups in which one node has to commit the external cache while it is receiving new entries to be added in the external cache. This results in really high commit times due to the penalty of the copy-on-write that fork performs. The default number of steps in one run loop is limited to 64 by now. No option to tune this parameter is still available via the configuration file. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include/conntrackd.h')
-rw-r--r--include/conntrackd.h22
1 files changed, 20 insertions, 2 deletions
diff --git a/include/conntrackd.h b/include/conntrackd.h
index 417bac6..12fd17f 100644
--- a/include/conntrackd.h
+++ b/include/conntrackd.h
@@ -96,6 +96,9 @@ struct ct_conf {
int filter_from_kernelspace;
int event_iterations_limit;
struct {
+ int commit_steps;
+ } general;
+ struct {
int type;
int prio;
} sched;
@@ -168,12 +171,27 @@ struct ct_sync_state {
struct cache *internal; /* internal events cache (netlink) */
struct cache *external; /* external events cache (mcast) */
- struct nfct_handle *commit;
-
struct multichannel *channel;
struct nlif_handle *interface;
struct queue *tx_queue;
+#define COMMIT_STATE_INACTIVE 0
+#define COMMIT_STATE_MASTER 1
+#define COMMIT_STATE_RELATED 2
+
+ struct {
+ int state;
+ int clientfd;
+ struct nfct_handle *h;
+ struct evfd *evfd;
+ int current;
+ struct {
+ int ok;
+ int fail;
+ struct timeval start;
+ } stats;
+ } commit;
+
struct alarm_block reset_cache_alarm;
struct sync_mode *sync; /* sync mode */