conntrackd: add `DisableInternalCache' clause

This patch adds the clause `DisableInternalCache' that allows you
to bypass the internal cache. This clause can only be used with
the notrack synchronization mode.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

3 files changed, 43 insertions, 10 deletions

diff --git a/include/Makefile.am b/include/Makefile.am
index a89490e..cbbca6b 100644
--- a/include/Makefile.am
+++ b/include/Makefile.am
@@ -4,5 +4,5 @@ noinst_HEADERS = alarm.h jhash.h cache.h linux_list.h linux_rbtree.h \
 		 debug.h log.h hash.h mcast.h conntrack.h \
 		 network.h filter.h queue.h vector.h cidr.h \
 		 traffic_stats.h netlink.h fds.h event.h bitops.h channel.h \
-		 process.h origin.h external.h date.h
+		 process.h origin.h internal.h external.h date.h
 
diff --git a/include/conntrackd.h b/include/conntrackd.h
index 7737532..c7f33f0 100644
--- a/include/conntrackd.h
+++ b/include/conntrackd.h
@@ -6,6 +6,7 @@
 #include "alarm.h"
 #include "filter.h"
 #include "channel.h"
+#include "internal.h"
 
 #include <stdint.h>
 #include <stdio.h>
@@ -99,6 +100,7 @@ struct ct_conf {
 		int error_queue_length;
 	} channelc;
 	struct {
+		int internal_cache_disable;
 		int external_cache_disable;
 	} sync;
 	struct {
@@ -177,7 +179,6 @@ struct ct_general_state {
 #define STATE_SYNC(x) state.sync->x
 
 struct ct_sync_state {
-	struct cache *internal; 	/* internal events cache (netlink) */
 	struct external_handler *external;
 
 	struct multichannel	*channel;
@@ -239,18 +240,11 @@ extern union ct_state state;
 extern struct ct_general_state st;
 
 struct ct_mode {
+	struct internal_handler *internal;
 	int (*init)(void);
 	void (*run)(fd_set *readfds);
 	int (*local)(int fd, int type, void *data);
 	void (*kill)(void);
-	void (*dump)(struct nf_conntrack *ct);
-	int (*resync)(enum nf_conntrack_msg_type type,
-		      struct nf_conntrack *ct,
-		      void *data);
-	int (*purge)(void);
-	void (*event_new)(struct nf_conntrack *ct, int origin);
-	void (*event_upd)(struct nf_conntrack *ct, int origin);
-	int (*event_dst)(struct nf_conntrack *ct, int origin);
 };
 
 /* conntrackd modes */
diff --git a/include/internal.h b/include/internal.h
new file mode 100644
index 0000000..1f11340
--- /dev/null
+++ b/include/internal.h
@@ -0,0 +1,39 @@
+#ifndef _INTERNAL_H_
+#define _INTERNAL_H_
+
+#include <libnetfilter_conntrack/libnetfilter_conntrack.h>
+
+struct nf_conntrack;
+
+enum {
+	INTERNAL_F_POPULATE	= (1 << 0),
+	INTERNAL_F_RESYNC	= (1 << 1),
+	INTERNAL_F_MAX		= (1 << 2)
+};
+
+struct internal_handler {
+	void	*data;
+	unsigned int flags;
+
+	int	(*init)(void);
+	void	(*close)(void);
+
+	void	(*new)(struct nf_conntrack *ct, int origin_type);
+	void	(*update)(struct nf_conntrack *ct, int origin_type);
+	int	(*destroy)(struct nf_conntrack *ct, int origin_type);
+
+	void	(*dump)(int fd, int type);
+	void	(*populate)(struct nf_conntrack *ct);
+	void	(*purge)(void);
+	int	(*resync)(enum nf_conntrack_msg_type type,
+			  struct nf_conntrack *ct, void *data);
+	void	(*flush)(void);
+
+	void	(*stats)(int fd);
+	void	(*stats_ext)(int fd);
+};
+
+extern struct internal_handler internal_cache;
+extern struct internal_handler internal_bypass;
+
+#endif