diff options
| author | Pablo Neira Ayuso <pablo@netfilter.org> | 2008-10-21 19:11:42 +0200 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2008-10-21 19:11:42 +0200 |
| commit | 50162d3c19e38a491d95ec26767438ec25bab0dc (patch) | |
| tree | ccd81e73eeb254cf6fb9ab00c35be2628fe9bc3a /src/sync-mode.c | |
| parent | 6d6ebd1247076c88ceeb8d9528d62cd38a5e909a (diff) | |
| download | conntrack-tools-50162d3c19e38a491d95ec26767438ec25bab0dc.tar.gz conntrack-tools-50162d3c19e38a491d95ec26767438ec25bab0dc.zip | |
filter: do not filter in user-space if kernel supports BSF
This patch avoids a double filtering in user-space and kernel-space if
the kernel support BSF. Since we do not use BSF for dumps and resyncs,
we add a new parameter to ignore_conntrack to indicate if we have to
perform the filtering in user-space or not.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/sync-mode.c')
| -rw-r--r-- | src/sync-mode.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/sync-mode.c b/src/sync-mode.c index db199bc..4c22745 100644 --- a/src/sync-mode.c +++ b/src/sync-mode.c @@ -432,7 +432,7 @@ static int overrun_sync(enum nf_conntrack_msg_type type, { struct us_conntrack *u; - if (ignore_conntrack(ct)) + if (ignore_conntrack(ct, 1)) return NFCT_CB_CONTINUE; /* This is required by kernels < 2.6.20 */ |