diff options
| author | Pablo Neira Ayuso <pablo@netfilter.org> | 2009-07-21 14:36:18 +0200 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2009-07-21 14:36:18 +0200 |
| commit | 0521db731c0daa417a3dfb67fba7c6f80596e553 (patch) | |
| tree | 92553f757ba63a0755225befa7c832aae10aeacb /src | |
| parent | 441342f4701a4bbc41c24721d4c60b857e1c5d1e (diff) | |
| download | conntrack-tools-0521db731c0daa417a3dfb67fba7c6f80596e553.tar.gz conntrack-tools-0521db731c0daa417a3dfb67fba7c6f80596e553.zip | |
conntrackd: add clause to enable ctnetlink reliable event delivery
This patch adds the NetlinkEventsReliable clause, this is useful
to turn on reliable Netlink event delivery. This features
requires a Linux kernel >= 2.6.31.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src')
| -rw-r--r-- | src/netlink.c | 12 | ||||
| -rw-r--r-- | src/read_config_lex.l | 1 | ||||
| -rw-r--r-- | src/read_config_yy.y | 13 |
3 files changed, 25 insertions, 1 deletions
diff --git a/src/netlink.c b/src/netlink.c index 5c07201..a43f782 100644 --- a/src/netlink.c +++ b/src/netlink.c @@ -75,6 +75,18 @@ struct nfct_handle *nl_init_event_handler(void) CONFIG(netlink_buffer_size_max_grown) = CONFIG(netlink_buffer_size); + if (CONFIG(netlink).events_reliable) { + int on = 1; + + setsockopt(nfct_fd(h), SOL_NETLINK, + NETLINK_BROADCAST_SEND_ERROR, &on, sizeof(int)); + + setsockopt(nfct_fd(h), SOL_NETLINK, + NETLINK_NO_ENOBUFS, &on, sizeof(int)); + + dlog(LOG_NOTICE, "reliable ctnetlink event delivery " + "is ENABLED."); + } return h; } diff --git a/src/read_config_lex.l b/src/read_config_lex.l index cd03ad4..dad7555 100644 --- a/src/read_config_lex.l +++ b/src/read_config_lex.l @@ -134,6 +134,7 @@ notrack [N|n][O|o][T|t][R|r][A|a][C|c][K|k] "Scheduler" { return T_SCHEDULER; } "Type" { return T_TYPE; } "Priority" { return T_PRIO; } +"NetlinkEventsReliable" { return T_NETLINK_EVENTS_RELIABLE; } {is_on} { return T_ON; } {is_off} { return T_OFF; } diff --git a/src/read_config_yy.y b/src/read_config_yy.y index 0e9b99b..87f99b6 100644 --- a/src/read_config_yy.y +++ b/src/read_config_yy.y @@ -71,7 +71,7 @@ static void __max_dedicated_links_reached(void); %token T_FILTER T_ADDRESS T_PROTOCOL T_STATE T_ACCEPT T_IGNORE %token T_FROM T_USERSPACE T_KERNELSPACE T_EVENT_ITER_LIMIT T_DEFAULT %token T_NETLINK_OVERRUN_RESYNC T_NICE T_IPV4_DEST_ADDR T_IPV6_DEST_ADDR -%token T_SCHEDULER T_TYPE T_PRIO +%token T_SCHEDULER T_TYPE T_PRIO T_NETLINK_EVENTS_RELIABLE %token <string> T_IP T_PATH_VAL %token <val> T_NUMBER @@ -873,6 +873,7 @@ general_line: hashsize | poll_secs | filter | netlink_overrun_resync + | netlink_events_reliable | nice | scheduler ; @@ -902,6 +903,16 @@ netlink_overrun_resync : T_NETLINK_OVERRUN_RESYNC T_NUMBER conf.nl_overrun_resync = $2; }; +netlink_events_reliable : T_NETLINK_EVENTS_RELIABLE T_ON +{ + conf.netlink.events_reliable = 1; +}; + +netlink_events_reliable : T_NETLINK_EVENTS_RELIABLE T_OFF +{ + conf.netlink.events_reliable = 0; +}; + nice : T_NICE T_SIGNED_NUMBER { conf.nice = $2; |