netfilter: ctnetlink: support selective event delivery

Add two masks for conntrack end expectation events to struct nf_conntrack_ecache and use them to filter events. Their default value is "all events" when the event sysctl is on and "no events" when it is off. A following patch will add specific initializations. Expectation events depend on the ecache struct of their master conntrack. Signed-off-by: Patrick McHardy <kaber@trash.net>
author: Patrick McHardy <kaber@trash.net> 2010-02-03 07:51:51 -0500
committer: Patrick McHardy <kaber@trash.net> 2010-02-03 07:51:51 -0500
commit: 0cebe4b4163b6373c9d24c1a192939777bc27e55 (patch)
tree: 6a091112f27c17b7bbe8d2adcdbf45564312bba4 /net/netfilter
parent: 858b31330054a9ad259feceea0ad1ce5385c47f0 (diff)
2 files changed, 2 insertions, 2 deletions
diff --git a/net/netfilter/nf_conntrack_core.c b/net/netfilter/nf_conntrack_core.c
index 091ff770eb7..53b8da6ad6b 100644
--- a/net/netfilter/nf_conntrack_core.c
+++ b/net/netfilter/nf_conntrack_core.c
@@ -648,7 +648,7 @@ init_conntrack(struct net *net,
        }
        nf_ct_acct_ext_add(ct, GFP_ATOMIC);
-        nf_ct_ecache_ext_add(ct, GFP_ATOMIC);
+        nf_ct_ecache_ext_add(ct, 0, 0, GFP_ATOMIC);
        spin_lock_bh(&nf_conntrack_lock);
        exp = nf_ct_find_expectation(net, tuple);
diff --git a/net/netfilter/nf_conntrack_netlink.c b/net/netfilter/nf_conntrack_netlink.c
index ff594eb138c..f5c0b09e12f 100644
--- a/net/netfilter/nf_conntrack_netlink.c
+++ b/net/netfilter/nf_conntrack_netlink.c
@@ -1281,7 +1281,7 @@ ctnetlink_create_conntrack(struct net *net,
        }
        nf_ct_acct_ext_add(ct, GFP_ATOMIC);
-        nf_ct_ecache_ext_add(ct, GFP_ATOMIC);
+        nf_ct_ecache_ext_add(ct, 0, 0, GFP_ATOMIC);
 #if defined(CONFIG_NF_CONNTRACK_MARK)
        if (cda[CTA_MARK])
author	Patrick McHardy <kaber@trash.net>	2010-02-03 07:51:51 -0500
committer	Patrick McHardy <kaber@trash.net>	2010-02-03 07:51:51 -0500
commit	0cebe4b4163b6373c9d24c1a192939777bc27e55 (patch)
tree	6a091112f27c17b7bbe8d2adcdbf45564312bba4 /net/netfilter
parent	858b31330054a9ad259feceea0ad1ce5385c47f0 (diff)

diff --git a/net/netfilter/nf_conntrack_core.c b/net/netfilter/nf_conntrack_core.c index 091ff770eb7..53b8da6ad6b 100644 --- a/net/netfilter/nf_conntrack_core.c +++ b/net/netfilter/nf_conntrack_core.c
@@ -648,7 +648,7 @@ init_conntrack(struct net *net,
648	}	648	}
649		649
650	nf_ct_acct_ext_add(ct, GFP_ATOMIC);	650	nf_ct_acct_ext_add(ct, GFP_ATOMIC);
651	nf_ct_ecache_ext_add(ct, GFP_ATOMIC);	651	nf_ct_ecache_ext_add(ct, 0, 0, GFP_ATOMIC);
652		652
653	spin_lock_bh(&nf_conntrack_lock);	653	spin_lock_bh(&nf_conntrack_lock);
654	exp = nf_ct_find_expectation(net, tuple);	654	exp = nf_ct_find_expectation(net, tuple);


diff --git a/net/netfilter/nf_conntrack_netlink.c b/net/netfilter/nf_conntrack_netlink.c index ff594eb138c..f5c0b09e12f 100644 --- a/net/netfilter/nf_conntrack_netlink.c +++ b/net/netfilter/nf_conntrack_netlink.c
@@ -1281,7 +1281,7 @@ ctnetlink_create_conntrack(struct net *net,
1281	}	1281	}
1282		1282
1283	nf_ct_acct_ext_add(ct, GFP_ATOMIC);	1283	nf_ct_acct_ext_add(ct, GFP_ATOMIC);
1284	nf_ct_ecache_ext_add(ct, GFP_ATOMIC);	1284	nf_ct_ecache_ext_add(ct, 0, 0, GFP_ATOMIC);
1285		1285
1286	#if defined(CONFIG_NF_CONNTRACK_MARK)	1286	#if defined(CONFIG_NF_CONNTRACK_MARK)
1287	if (cda[CTA_MARK])	1287	if (cda[CTA_MARK])