diff options
| author | Pablo Neira Ayuso <pablo@netfilter.org> | 2009-01-25 17:53:05 +0100 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2009-01-25 17:53:05 +0100 |
| commit | 50c09dec9ad0261d8fcc18d69b2c9ec74052955c (patch) | |
| tree | 143d7e278fc3f1688c60663be04f06ae2e98700f /src/build.c | |
| parent | 1c9faf8c218bc7ff4617557383e4116f1adb11e5 (diff) | |
| download | conntrack-tools-50c09dec9ad0261d8fcc18d69b2c9ec74052955c.tar.gz conntrack-tools-50c09dec9ad0261d8fcc18d69b2c9ec74052955c.zip | |
src: add support for approximate timeout calculation during commit
During the commit phase, the entries in the external cache entries
are inserted in the kernel conntrack table. Currently, we use a
fixed timeout that is specified in the config file. With this patch,
if you don't specify the fixed timeout value via CommitTimeout, the
daemon calculates the real timeout value during the commit phase.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/build.c')
| -rw-r--r-- | src/build.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/src/build.c b/src/build.c index e094aa0..63a85db 100644 --- a/src/build.c +++ b/src/build.c @@ -19,6 +19,7 @@ #include <string.h> #include <libnetfilter_conntrack/libnetfilter_conntrack.h> #include "network.h" +#include "conntrackd.h" static inline void * put_header(struct nethdr *n, int attr, size_t len) @@ -117,6 +118,8 @@ void build_payload(const struct nf_conntrack *ct, struct nethdr *n) if (nfct_attr_is_set(ct, ATTR_TCP_STATE)) __build_u8(ct, ATTR_TCP_STATE, n, NTA_STATE); + if (!CONFIG(commit_timeout) && nfct_attr_is_set(ct, ATTR_TIMEOUT)) + __build_u32(ct, ATTR_TIMEOUT, n, NTA_TIMEOUT); if (nfct_attr_is_set(ct, ATTR_MARK)) __build_u32(ct, ATTR_MARK, n, NTA_MARK); |