conntrackd: flush operation use the child process and origin infrastructure

With this patch, the flush operation is performed by a child process. Thus, the parent process digests destroy events that ctnetlink reports back and, thanks to the origin infrastructure, we skip the messy implicit synchronization that are triggered by such events. This patch requires a Linux kernel >= 2.6.29 to benefit from this change, otherwise it has no effect. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Pablo Neira Ayuso <pablo@netfilter.org> 2009-05-23 20:34:41 +0200
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2009-05-23 20:34:41 +0200
commit: 6f5666a29cb7cbff08ce926ee1edb84a311ff6ee (patch)
tree: 650dc13ca2677bdd1d661d10cd4f0453ca475f26 /include
parent: ef047d03613bf9fa105db009773136817e2ec4c6 (diff)
download: conntrack-tools-6f5666a29cb7cbff08ce926ee1edb84a311ff6ee.tar.gz
conntrack-tools-6f5666a29cb7cbff08ce926ee1edb84a311ff6ee.zip
1 files changed, 1 insertions, 0 deletions
diff --git a/include/origin.h b/include/origin.h
index b2d1823..89308f3 100644
--- a/include/origin.h
+++ b/include/origin.h
@@ -5,6 +5,7 @@ enum {
 	CTD_ORIGIN_NOT_ME = 0,		/* this event comes from the kernel or
 					   any process, but not conntrackd */
 	CTD_ORIGIN_COMMIT,		/* event comes from committer */
+	CTD_ORIGIN_FLUSH,		/* event comes from flush */
 };
 
 int origin_register(struct nfct_handle *h, int origin_type);
author	Pablo Neira Ayuso <pablo@netfilter.org>	2009-05-23 20:34:41 +0200
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2009-05-23 20:34:41 +0200
commit	6f5666a29cb7cbff08ce926ee1edb84a311ff6ee (patch)
tree	650dc13ca2677bdd1d661d10cd4f0453ca475f26 /include
parent	ef047d03613bf9fa105db009773136817e2ec4c6 (diff)
download	conntrack-tools-6f5666a29cb7cbff08ce926ee1edb84a311ff6ee.tar.gz conntrack-tools-6f5666a29cb7cbff08ce926ee1edb84a311ff6ee.zip