diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2009-05-23 12:54:51 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2009-05-23 12:54:51 +0200 |
commit | ef047d03613bf9fa105db009773136817e2ec4c6 (patch) | |
tree | 7bdeaa64da5ebe1aeb79bdfaa8c24fa8de2cfad7 /src/cache_iterators.c | |
parent | 0374398fd14bf587d80d9d31e361e266e69387c8 (diff) | |
download | conntrack-tools-ef047d03613bf9fa105db009773136817e2ec4c6.tar.gz conntrack-tools-ef047d03613bf9fa105db009773136817e2ec4c6.zip |
conntrackd: detect where the events comes from
Since Linux kernel 2.6.29, ctnetlink reports the changes that have
been done using ctnetlink. With this patch, conntrackd can recognize
who is the origin of the event messages. For example, this is
interesting to avoid a messy implicit bulk send during the commit
of entries.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/cache_iterators.c')
-rw-r--r-- | src/cache_iterators.c | 15 |
1 files changed, 5 insertions, 10 deletions
diff --git a/src/cache_iterators.c b/src/cache_iterators.c index dfccc68..542ab91 100644 --- a/src/cache_iterators.c +++ b/src/cache_iterators.c @@ -175,20 +175,16 @@ static int do_commit_master(void *data, struct hashtable_node *n) } /* no need to clone, called from child process */ -void cache_commit(struct cache *c) +void cache_commit(struct cache *c, struct nfct_handle *h) { unsigned int commit_ok = c->stats.commit_ok; unsigned int commit_fail = c->stats.commit_fail; - struct __commit_container tmp; + struct __commit_container tmp = { + .h = h, + .c = c, + }; struct timeval commit_start, commit_stop, res; - tmp.h = nfct_open(CONNTRACK, 0); - if (tmp.h == NULL) { - dlog(LOG_ERR, "can't create handler to commit entries"); - return; - } - tmp.c = c; - gettimeofday(&commit_start, NULL); /* commit master conntrack first, then related ones */ hashtable_iterate(c->h, &tmp, do_commit_master); @@ -206,7 +202,6 @@ void cache_commit(struct cache *c) if (commit_fail) dlog(LOG_NOTICE, "%u entries can't be " "committed", commit_fail); - nfct_close(tmp.h); dlog(LOG_NOTICE, "commit has taken %lu.%06lu seconds", res.tv_sec, res.tv_usec); |