diff options
author | Holger Eitzenberger <holger@eitzenberger.org> | 2009-03-26 08:37:14 -0400 |
---|---|---|
committer | Patrick McHardy <kaber@trash.net> | 2009-03-26 08:37:14 -0400 |
commit | d271e8bd8c60ce059ee36d836ba063cfc61c3e21 (patch) | |
tree | d1079a22caca910d9eac59d8484c3b39e65b724e | |
parent | a400c30edb1958ceb53c4b8ce78989189b36df47 (diff) |
ctnetlink: compute generic part of event more acurately
On a box with most of the optional Netfilter switches turned off some
of the NLAs are never send, e. g. secmark, mark or the conntrack
byte/packet counters. As a worst case scenario this may possibly
still lead to ctnetlink skbs being reallocated in netlink_trim()
later, loosing all the nice effects from the previous patches.
I try to solve that (at least partly) by correctly #ifdef'ing the
NLAs in the computation.
Signed-off-by: Holger Eitzenberger <holger@eitzenberger.org>
Signed-off-by: Patrick McHardy <kaber@trash.net>
-rw-r--r-- | net/netfilter/nf_conntrack_netlink.c | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/net/netfilter/nf_conntrack_netlink.c b/net/netfilter/nf_conntrack_netlink.c index 03547c60f389..2fb833b130c3 100644 --- a/net/netfilter/nf_conntrack_netlink.c +++ b/net/netfilter/nf_conntrack_netlink.c | |||
@@ -441,19 +441,28 @@ ctnetlink_alloc_skb(const struct nf_conntrack_tuple *tuple, gfp_t gfp) | |||
441 | + 3 * NLA_TYPE_SIZE(u_int8_t) /* CTA_PROTO_NUM */ | 441 | + 3 * NLA_TYPE_SIZE(u_int8_t) /* CTA_PROTO_NUM */ |
442 | + NLA_TYPE_SIZE(u_int32_t) /* CTA_ID */ | 442 | + NLA_TYPE_SIZE(u_int32_t) /* CTA_ID */ |
443 | + NLA_TYPE_SIZE(u_int32_t) /* CTA_STATUS */ | 443 | + NLA_TYPE_SIZE(u_int32_t) /* CTA_STATUS */ |
444 | #ifdef CONFIG_NF_CT_ACCT | ||
444 | + 2 * nla_total_size(0) /* CTA_COUNTERS_ORIG|REPL */ | 445 | + 2 * nla_total_size(0) /* CTA_COUNTERS_ORIG|REPL */ |
445 | + 2 * NLA_TYPE_SIZE(uint64_t) /* CTA_COUNTERS_PACKETS */ | 446 | + 2 * NLA_TYPE_SIZE(uint64_t) /* CTA_COUNTERS_PACKETS */ |
446 | + 2 * NLA_TYPE_SIZE(uint64_t) /* CTA_COUNTERS_BYTES */ | 447 | + 2 * NLA_TYPE_SIZE(uint64_t) /* CTA_COUNTERS_BYTES */ |
448 | #endif | ||
447 | + NLA_TYPE_SIZE(u_int32_t) /* CTA_TIMEOUT */ | 449 | + NLA_TYPE_SIZE(u_int32_t) /* CTA_TIMEOUT */ |
448 | + nla_total_size(0) /* CTA_PROTOINFO */ | 450 | + nla_total_size(0) /* CTA_PROTOINFO */ |
449 | + nla_total_size(0) /* CTA_HELP */ | 451 | + nla_total_size(0) /* CTA_HELP */ |
450 | + nla_total_size(NF_CT_HELPER_NAME_LEN) /* CTA_HELP_NAME */ | 452 | + nla_total_size(NF_CT_HELPER_NAME_LEN) /* CTA_HELP_NAME */ |
453 | #ifdef CONFIG_NF_CONNTRACK_SECMARK | ||
451 | + NLA_TYPE_SIZE(u_int32_t) /* CTA_SECMARK */ | 454 | + NLA_TYPE_SIZE(u_int32_t) /* CTA_SECMARK */ |
455 | #endif | ||
456 | #ifdef CONFIG_NF_NAT_NEEDED | ||
452 | + 2 * nla_total_size(0) /* CTA_NAT_SEQ_ADJ_ORIG|REPL */ | 457 | + 2 * nla_total_size(0) /* CTA_NAT_SEQ_ADJ_ORIG|REPL */ |
453 | + 2 * NLA_TYPE_SIZE(u_int32_t) /* CTA_NAT_SEQ_CORRECTION_POS */ | 458 | + 2 * NLA_TYPE_SIZE(u_int32_t) /* CTA_NAT_SEQ_CORRECTION_POS */ |
454 | + 2 * NLA_TYPE_SIZE(u_int32_t) /* CTA_NAT_SEQ_CORRECTION_BEFORE */ | 459 | + 2 * NLA_TYPE_SIZE(u_int32_t) /* CTA_NAT_SEQ_CORRECTION_BEFORE */ |
455 | + 2 * NLA_TYPE_SIZE(u_int32_t) /* CTA_NAT_SEQ_CORRECTION_AFTER */ | 460 | + 2 * NLA_TYPE_SIZE(u_int32_t) /* CTA_NAT_SEQ_CORRECTION_AFTER */ |
456 | + NLA_TYPE_SIZE(u_int32_t); /* CTA_MARK */ | 461 | #endif |
462 | #ifdef CONFIG_NF_CONNTRACK_MARK | ||
463 | + NLA_TYPE_SIZE(u_int32_t) /* CTA_MARK */ | ||
464 | #endif | ||
465 | ; | ||
457 | 466 | ||
458 | #undef NLA_TYPE_SIZE | 467 | #undef NLA_TYPE_SIZE |
459 | 468 | ||