diff options
| author | Pablo Neira Ayuso <pablo@netfilter.org> | 2008-08-07 14:53:12 +0200 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2008-08-07 14:53:12 +0200 |
| commit | 6cb33c62c8007593d8a85aa202fa173043877135 (patch) | |
| tree | c3fbcdbffb912d1abcff20846773f0663195c5ab /src/sync-mode.c | |
| parent | a4f4647b4b7f32f2d1caab98544802c8cdd7b4d6 (diff) | |
| download | conntrack-tools-6cb33c62c8007593d8a85aa202fa173043877135.tar.gz conntrack-tools-6cb33c62c8007593d8a85aa202fa173043877135.zip | |
cache iterators: rework cache_reset_timers
This patch adds the clause PurgeTimeout that sets the new timer
when conntrackd -t is called. This command is particularly useful
when the sysadmin triggers hand-overs between several nodes without
rebooting as it reduces the timers of the remaining entries in
the kernel. Thus, avoiding clashes between new and old entries that
may trigger INVALID packets.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/sync-mode.c')
| -rw-r--r-- | src/sync-mode.c | 15 |
1 files changed, 0 insertions, 15 deletions
diff --git a/src/sync-mode.c b/src/sync-mode.c index 297a500..db199bc 100644 --- a/src/sync-mode.c +++ b/src/sync-mode.c @@ -378,9 +378,6 @@ static int local_handler_sync(int fd, int type, void *data) static void dump_sync(struct nf_conntrack *ct) { - if (!CONFIG(cache_write_through)) - nfct_attr_unset(ct, ATTR_TIMEOUT); - /* This is required by kernels < 2.6.20 */ nfct_attr_unset(ct, ATTR_ORIG_COUNTER_BYTES); nfct_attr_unset(ct, ATTR_ORIG_COUNTER_PACKETS); @@ -438,9 +435,6 @@ static int overrun_sync(enum nf_conntrack_msg_type type, if (ignore_conntrack(ct)) return NFCT_CB_CONTINUE; - if (!CONFIG(cache_write_through)) - nfct_attr_unset(ct, ATTR_TIMEOUT); - /* This is required by kernels < 2.6.20 */ nfct_attr_unset(ct, ATTR_ORIG_COUNTER_BYTES); nfct_attr_unset(ct, ATTR_ORIG_COUNTER_PACKETS); @@ -462,9 +456,6 @@ static void event_new_sync(struct nf_conntrack *ct) { struct us_conntrack *u; - if (!CONFIG(cache_write_through)) - nfct_attr_unset(ct, ATTR_TIMEOUT); - /* required by linux kernel <= 2.6.20 */ nfct_attr_unset(ct, ATTR_ORIG_COUNTER_BYTES); nfct_attr_unset(ct, ATTR_ORIG_COUNTER_PACKETS); @@ -490,9 +481,6 @@ static void event_update_sync(struct nf_conntrack *ct) { struct us_conntrack *u; - if (!CONFIG(cache_write_through)) - nfct_attr_unset(ct, ATTR_TIMEOUT); - if ((u = cache_update_force(STATE_SYNC(internal), ct)) == NULL) { debug_ct(ct, "can't update"); return; @@ -505,9 +493,6 @@ static int event_destroy_sync(struct nf_conntrack *ct) { struct us_conntrack *u; - if (!CONFIG(cache_write_through)) - nfct_attr_unset(ct, ATTR_TIMEOUT); - u = cache_find(STATE_SYNC(internal), ct); if (u == NULL) { debug_ct(ct, "can't destroy"); |