diff options
| -rw-r--r-- | include/conntrackd.h | 1 | ||||
| -rw-r--r-- | src/main.c | 4 | ||||
| -rw-r--r-- | src/netlink.c | 17 |
3 files changed, 12 insertions, 10 deletions
diff --git a/include/conntrackd.h b/include/conntrackd.h index 23f5306..c0bb4bb 100644 --- a/include/conntrackd.h +++ b/include/conntrackd.h @@ -90,6 +90,7 @@ struct ct_conf { unsigned int resend_queue_size; /* FTFW protocol */ unsigned int window_size; int cache_write_through; + int kernel_support_netlink_bsf; struct { char logfile[FILENAME_MAXLEN]; int syslog_facility; @@ -95,6 +95,10 @@ int main(int argc, char *argv[]) exit(EXIT_FAILURE); } + /* BSF filter attaching does not report unsupported operations */ + if (version >= 2 && major >= 6 && minor >= 26) + CONFIG(kernel_support_netlink_bsf) = 1; + for (i=1; i<argc; i++) { switch(argv[i][1]) { case 'd': diff --git a/src/netlink.c b/src/netlink.c index a4b94dd..ad26201 100644 --- a/src/netlink.c +++ b/src/netlink.c @@ -112,16 +112,13 @@ int nl_init_event_handler(void) return -1; if (STATE(filter)) { - if (nfct_filter_attach(nfct_fd(STATE(event)), - STATE(filter)) == -1) { - dlog(LOG_NOTICE, "cannot set netlink kernel-space " - "event filtering, defaulting to " - "user-space. We suggest you to " - "upgrade your Linux kernel to " - ">= 2.6.26. Operation returns: %s", - strerror(errno)); - /* don't fail here, old kernels don't support this */ - } + if (CONFIG(kernel_support_netlink_bsf)) { + if (nfct_filter_attach(nfct_fd(STATE(event)), + STATE(filter)) == -1) { + dlog(LOG_ERR, "cannot set event filtering: %s", + strerror(errno)); + } + } nfct_filter_destroy(STATE(filter)); } |