diff options
| -rw-r--r-- | src/netlink.c | 2 | ||||
| -rw-r--r-- | src/stats-mode.c | 3 | ||||
| -rw-r--r-- | src/sync-mode.c | 3 |
3 files changed, 7 insertions, 1 deletions
diff --git a/src/netlink.c b/src/netlink.c index 94200b9..b1f9fd7 100644 --- a/src/netlink.c +++ b/src/netlink.c @@ -25,7 +25,7 @@ #include <stdlib.h> #include "network.h" -static int ignore_conntrack(struct nf_conntrack *ct) +int ignore_conntrack(struct nf_conntrack *ct) { /* ignore a certain protocol */ if (CONFIG(ignore_protocol)[nfct_get_attr_u8(ct, ATTR_ORIG_L4PROTO)]) diff --git a/src/stats-mode.c b/src/stats-mode.c index 581c07d..22474e2 100644 --- a/src/stats-mode.c +++ b/src/stats-mode.c @@ -96,6 +96,9 @@ static int overrun_cb(enum nf_conntrack_msg_type type, struct nf_conntrack *ct, void *data) { + if (ignore_conntrack(ct)) + return NFCT_CB_CONTINUE; + /* This is required by kernels < 2.6.20 */ nfct_attr_unset(ct, ATTR_TIMEOUT); nfct_attr_unset(ct, ATTR_ORIG_COUNTER_BYTES); diff --git a/src/sync-mode.c b/src/sync-mode.c index 65a3c5b..d7bee9d 100644 --- a/src/sync-mode.c +++ b/src/sync-mode.c @@ -299,6 +299,9 @@ static int overrun_cb(enum nf_conntrack_msg_type type, { struct us_conntrack *u; + if (ignore_conntrack(ct)) + return NFCT_CB_CONTINUE; + /* This is required by kernels < 2.6.20 */ nfct_attr_unset(ct, ATTR_TIMEOUT); nfct_attr_unset(ct, ATTR_ORIG_COUNTER_BYTES); |