aboutsummaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
authorPablo Neira Ayuso <pablo@netfilter.org>2009-06-02 14:08:46 -0400
committerpablo <pablo@1984.(none)>2009-06-02 14:08:46 -0400
commit17e6e4eac070607a35464ea7e2c5eceac32e5eca (patch)
tree3742492b50d87c07c18cec6ff2e81e1ebafdd128 /include
parent6bfea1984aea86089907caf8974513c2402a3b3d (diff)
netfilter: conntrack: simplify event caching system
This patch simplifies the conntrack event caching system by removing several events: * IPCT_[*]_VOLATILE, IPCT_HELPINFO and IPCT_NATINFO has been deleted since the have no clients. * IPCT_COUNTER_FILLING which is a leftover of the 32-bits counter days. * IPCT_REFRESH which is not of any use since we always include the timeout in the messages. After this patch, the existing events are: * IPCT_NEW, IPCT_RELATED and IPCT_DESTROY, that are used to identify addition and deletion of entries. * IPCT_STATUS, that notes that the status bits have changes, eg. IPS_SEEN_REPLY and IPS_ASSURED. * IPCT_PROTOINFO, that reports that internal protocol information has changed, eg. the TCP, DCCP and SCTP protocol state. * IPCT_HELPER, that a helper has been assigned or unassigned to this entry. * IPCT_MARK and IPCT_SECMARK, that reports that the mark has changed, this covers the case when a mark is set to zero. * IPCT_NATSEQADJ, to report that there's updates in the NAT sequence adjustment. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include')
-rw-r--r--include/net/netfilter/nf_conntrack_ecache.h36
1 files changed, 6 insertions, 30 deletions
diff --git a/include/net/netfilter/nf_conntrack_ecache.h b/include/net/netfilter/nf_conntrack_ecache.h
index 892b8cdf7f62..2e17a2d0eb3b 100644
--- a/include/net/netfilter/nf_conntrack_ecache.h
+++ b/include/net/netfilter/nf_conntrack_ecache.h
@@ -26,52 +26,28 @@ enum ip_conntrack_events
26 IPCT_DESTROY_BIT = 2, 26 IPCT_DESTROY_BIT = 2,
27 IPCT_DESTROY = (1 << IPCT_DESTROY_BIT), 27 IPCT_DESTROY = (1 << IPCT_DESTROY_BIT),
28 28
29 /* Timer has been refreshed */
30 IPCT_REFRESH_BIT = 3,
31 IPCT_REFRESH = (1 << IPCT_REFRESH_BIT),
32
33 /* Status has changed */ 29 /* Status has changed */
34 IPCT_STATUS_BIT = 4, 30 IPCT_STATUS_BIT = 3,
35 IPCT_STATUS = (1 << IPCT_STATUS_BIT), 31 IPCT_STATUS = (1 << IPCT_STATUS_BIT),
36 32
37 /* Update of protocol info */ 33 /* Update of protocol info */
38 IPCT_PROTOINFO_BIT = 5, 34 IPCT_PROTOINFO_BIT = 4,
39 IPCT_PROTOINFO = (1 << IPCT_PROTOINFO_BIT), 35 IPCT_PROTOINFO = (1 << IPCT_PROTOINFO_BIT),
40 36
41 /* Volatile protocol info */
42 IPCT_PROTOINFO_VOLATILE_BIT = 6,
43 IPCT_PROTOINFO_VOLATILE = (1 << IPCT_PROTOINFO_VOLATILE_BIT),
44
45 /* New helper for conntrack */ 37 /* New helper for conntrack */
46 IPCT_HELPER_BIT = 7, 38 IPCT_HELPER_BIT = 5,
47 IPCT_HELPER = (1 << IPCT_HELPER_BIT), 39 IPCT_HELPER = (1 << IPCT_HELPER_BIT),
48 40
49 /* Update of helper info */
50 IPCT_HELPINFO_BIT = 8,
51 IPCT_HELPINFO = (1 << IPCT_HELPINFO_BIT),
52
53 /* Volatile helper info */
54 IPCT_HELPINFO_VOLATILE_BIT = 9,
55 IPCT_HELPINFO_VOLATILE = (1 << IPCT_HELPINFO_VOLATILE_BIT),
56
57 /* NAT info */
58 IPCT_NATINFO_BIT = 10,
59 IPCT_NATINFO = (1 << IPCT_NATINFO_BIT),
60
61 /* Counter highest bit has been set, unused */
62 IPCT_COUNTER_FILLING_BIT = 11,
63 IPCT_COUNTER_FILLING = (1 << IPCT_COUNTER_FILLING_BIT),
64
65 /* Mark is set */ 41 /* Mark is set */
66 IPCT_MARK_BIT = 12, 42 IPCT_MARK_BIT = 6,
67 IPCT_MARK = (1 << IPCT_MARK_BIT), 43 IPCT_MARK = (1 << IPCT_MARK_BIT),
68 44
69 /* NAT sequence adjustment */ 45 /* NAT sequence adjustment */
70 IPCT_NATSEQADJ_BIT = 13, 46 IPCT_NATSEQADJ_BIT = 7,
71 IPCT_NATSEQADJ = (1 << IPCT_NATSEQADJ_BIT), 47 IPCT_NATSEQADJ = (1 << IPCT_NATSEQADJ_BIT),
72 48
73 /* Secmark is set */ 49 /* Secmark is set */
74 IPCT_SECMARK_BIT = 14, 50 IPCT_SECMARK_BIT = 8,
75 IPCT_SECMARK = (1 << IPCT_SECMARK_BIT), 51 IPCT_SECMARK = (1 << IPCT_SECMARK_BIT),
76}; 52};
77 53