aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorHolger Eitzenberger <holger@eitzenberger.org>2009-03-26 08:37:14 -0400
committerPatrick McHardy <kaber@trash.net>2009-03-26 08:37:14 -0400
commitd271e8bd8c60ce059ee36d836ba063cfc61c3e21 (patch)
treed1079a22caca910d9eac59d8484c3b39e65b724e
parenta400c30edb1958ceb53c4b8ce78989189b36df47 (diff)
ctnetlink: compute generic part of event more acurately
On a box with most of the optional Netfilter switches turned off some of the NLAs are never send, e. g. secmark, mark or the conntrack byte/packet counters. As a worst case scenario this may possibly still lead to ctnetlink skbs being reallocated in netlink_trim() later, loosing all the nice effects from the previous patches. I try to solve that (at least partly) by correctly #ifdef'ing the NLAs in the computation. Signed-off-by: Holger Eitzenberger <holger@eitzenberger.org> Signed-off-by: Patrick McHardy <kaber@trash.net>
-rw-r--r--net/netfilter/nf_conntrack_netlink.c11
1 files changed, 10 insertions, 1 deletions
diff --git a/net/netfilter/nf_conntrack_netlink.c b/net/netfilter/nf_conntrack_netlink.c
index 03547c60f389..2fb833b130c3 100644
--- a/net/netfilter/nf_conntrack_netlink.c
+++ b/net/netfilter/nf_conntrack_netlink.c
@@ -441,19 +441,28 @@ ctnetlink_alloc_skb(const struct nf_conntrack_tuple *tuple, gfp_t gfp)
441 + 3 * NLA_TYPE_SIZE(u_int8_t) /* CTA_PROTO_NUM */ 441 + 3 * NLA_TYPE_SIZE(u_int8_t) /* CTA_PROTO_NUM */
442 + NLA_TYPE_SIZE(u_int32_t) /* CTA_ID */ 442 + NLA_TYPE_SIZE(u_int32_t) /* CTA_ID */
443 + NLA_TYPE_SIZE(u_int32_t) /* CTA_STATUS */ 443 + NLA_TYPE_SIZE(u_int32_t) /* CTA_STATUS */
444#ifdef CONFIG_NF_CT_ACCT
444 + 2 * nla_total_size(0) /* CTA_COUNTERS_ORIG|REPL */ 445 + 2 * nla_total_size(0) /* CTA_COUNTERS_ORIG|REPL */
445 + 2 * NLA_TYPE_SIZE(uint64_t) /* CTA_COUNTERS_PACKETS */ 446 + 2 * NLA_TYPE_SIZE(uint64_t) /* CTA_COUNTERS_PACKETS */
446 + 2 * NLA_TYPE_SIZE(uint64_t) /* CTA_COUNTERS_BYTES */ 447 + 2 * NLA_TYPE_SIZE(uint64_t) /* CTA_COUNTERS_BYTES */
448#endif
447 + NLA_TYPE_SIZE(u_int32_t) /* CTA_TIMEOUT */ 449 + NLA_TYPE_SIZE(u_int32_t) /* CTA_TIMEOUT */
448 + nla_total_size(0) /* CTA_PROTOINFO */ 450 + nla_total_size(0) /* CTA_PROTOINFO */
449 + nla_total_size(0) /* CTA_HELP */ 451 + nla_total_size(0) /* CTA_HELP */
450 + nla_total_size(NF_CT_HELPER_NAME_LEN) /* CTA_HELP_NAME */ 452 + nla_total_size(NF_CT_HELPER_NAME_LEN) /* CTA_HELP_NAME */
453#ifdef CONFIG_NF_CONNTRACK_SECMARK
451 + NLA_TYPE_SIZE(u_int32_t) /* CTA_SECMARK */ 454 + NLA_TYPE_SIZE(u_int32_t) /* CTA_SECMARK */
455#endif
456#ifdef CONFIG_NF_NAT_NEEDED
452 + 2 * nla_total_size(0) /* CTA_NAT_SEQ_ADJ_ORIG|REPL */ 457 + 2 * nla_total_size(0) /* CTA_NAT_SEQ_ADJ_ORIG|REPL */
453 + 2 * NLA_TYPE_SIZE(u_int32_t) /* CTA_NAT_SEQ_CORRECTION_POS */ 458 + 2 * NLA_TYPE_SIZE(u_int32_t) /* CTA_NAT_SEQ_CORRECTION_POS */
454 + 2 * NLA_TYPE_SIZE(u_int32_t) /* CTA_NAT_SEQ_CORRECTION_BEFORE */ 459 + 2 * NLA_TYPE_SIZE(u_int32_t) /* CTA_NAT_SEQ_CORRECTION_BEFORE */
455 + 2 * NLA_TYPE_SIZE(u_int32_t) /* CTA_NAT_SEQ_CORRECTION_AFTER */ 460 + 2 * NLA_TYPE_SIZE(u_int32_t) /* CTA_NAT_SEQ_CORRECTION_AFTER */
456 + NLA_TYPE_SIZE(u_int32_t); /* CTA_MARK */ 461#endif
462#ifdef CONFIG_NF_CONNTRACK_MARK
463 + NLA_TYPE_SIZE(u_int32_t) /* CTA_MARK */
464#endif
465 ;
457 466
458#undef NLA_TYPE_SIZE 467#undef NLA_TYPE_SIZE
459 468