Age | Commit message (Collapse) | Author |
|
This patch documents the `-B' command in conntrackd that allows you
to force a bulk send to other firewall nodes in the cluster.
Reported-by: Tino Keitel <tkeitel@innominate.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
This patch re-introduces `-s queue' but now it displays generic
queue statistics.
# conntrackd -s queue
active queue objects: 0
queue txqueue:
current elements: 0
maximum elements: 2147483647
not enough space errors: 0
queue rsqueue:
current elements: 72
maximum elements: 128
not enough space errors: 0
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
This patch renames the statistics option that displays the content
of the resend queue which is used by the ftfw mode.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
This patch adds the ability to dump the list of existing child
processes. In general, it would be hard to display one since
child processes are generally forked for very specific tasks,
like commit and flush operations, and they have very limited
lifetime. However, this can be handy for debugging problems.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
This patch obsoletes `-s multicast' by `-s link' to display the
dedicated link statistics, as the current dedicated link protocol
use can be unicast UDP or multicast. The term "link" is more
generic.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
This patch also adds missing `-v' information to the manpage.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
This patch allows flushing the internal and/or the external cache.
The `-f' with no extra parameters still works to flush both the
internal and the external cache.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
This patch adds run-time statistics that you can check via
`conntrackd -s runtime'. This information is useful for
trouble-shooting.
This patch replaces several log messages that can be triggered in
runtime. The idea behind this patch is to avoid log message flooding
under errors.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
This patch adds cache statistics that you can check via
`conntrackd -s cache'. This information is useful for
trouble-shooting.
This patch replaces several log messages that can be triggered in
runtime. The idea behind this patch is to avoid log message flooding
under errors.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
This patch adds networks statistics that you can check via
`conntrackd -s network'. This information is useful for
trouble-shooting.
This patch replaces several log messages that can be triggered in
runtime. The idea behind this patch is to avoid log message flooding
under errors.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
This patch recovers the option -F for conntrackd. This will be
particularly useful to flush the kernel conntrack table without
getting the event notification of the conntrack deletions
(that will happen with Linux kernel >= 2.6.29).
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
This patch documents the incompatibilities introduced by the recent
changes in the message format. I don't like breaking backward, but
we are still in development stage, and those changes result in more
efficient message building according to oprofile (see previous
commits in conntrack-tools' git tree).
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
This patch updates the conntrackd manpage some re-writes, missing
options and new dependencies.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
o fix missing `-g' and `-n' options in getopt_long control string
o add support for secmark (requires Linux kernel >= 2.6.25)
o add mark and secmark information to the manpage
o cleanup error message
= conntrackd =
o add support for secmark (requires Linux kernel >= 2.6.25)
o add conntrackd (8) manpage
|