diff options
| author | Pablo Neira Ayuso <pablo@netfilter.org> | 2009-01-25 17:51:18 +0100 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2009-01-25 17:51:18 +0100 |
| commit | 8d689ebb67c511f5c03acdfc2226156d5f87c319 (patch) | |
| tree | c07a21e06e1b58b5ebc4cb11f28e96102064b251 /src/netlink.c | |
| parent | e6732c96ffd9baaaa84dab763ff6e600bf6abc95 (diff) | |
| download | conntrack-tools-8d689ebb67c511f5c03acdfc2226156d5f87c319.tar.gz conntrack-tools-8d689ebb67c511f5c03acdfc2226156d5f87c319.zip | |
cache: mangle timeout inside nl_*_conntrack() functions
This patch moves the timeout mangling inside nl_*_conntrack().
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/netlink.c')
| -rw-r--r-- | src/netlink.c | 14 |
1 files changed, 12 insertions, 2 deletions
diff --git a/src/netlink.c b/src/netlink.c index e538aa0..24d61a0 100644 --- a/src/netlink.c +++ b/src/netlink.c @@ -197,7 +197,9 @@ int nl_get_conntrack(struct nfct_handle *h, const struct nf_conntrack *ct) return 1; } -int nl_create_conntrack(struct nfct_handle *h, const struct nf_conntrack *orig) +int nl_create_conntrack(struct nfct_handle *h, + const struct nf_conntrack *orig, + int timeout) { int ret; struct nf_conntrack *ct; @@ -206,6 +208,9 @@ int nl_create_conntrack(struct nfct_handle *h, const struct nf_conntrack *orig) if (ct == NULL) return -1; + if (timeout > 0) + nfct_set_attr_u32(ct, ATTR_TIMEOUT, timeout); + /* we hit error if we try to change the expected bit */ if (nfct_attr_is_set(ct, ATTR_STATUS)) { uint32_t status = nfct_get_attr_u32(ct, ATTR_STATUS); @@ -233,7 +238,9 @@ int nl_create_conntrack(struct nfct_handle *h, const struct nf_conntrack *orig) return ret; } -int nl_update_conntrack(struct nfct_handle *h, const struct nf_conntrack *orig) +int nl_update_conntrack(struct nfct_handle *h, + const struct nf_conntrack *orig, + int timeout) { int ret; struct nf_conntrack *ct; @@ -242,6 +249,9 @@ int nl_update_conntrack(struct nfct_handle *h, const struct nf_conntrack *orig) if (ct == NULL) return -1; + if (timeout > 0) + nfct_set_attr_u32(ct, ATTR_TIMEOUT, timeout); + /* unset NAT info, otherwise we hit error */ nfct_attr_unset(ct, ATTR_SNAT_IPV4); nfct_attr_unset(ct, ATTR_DNAT_IPV4); |