aboutsummaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
authorEric Leblond <eric@inl.fr>2008-01-31 07:44:27 -0500
committerDavid S. Miller <davem@davemloft.net>2008-01-31 22:28:02 -0500
commita83099a60ffda10fa2af85f1c5a141610ffbb2b6 (patch)
tree39033dfe71256fcc4fc3fe8ce4c267173c4c66a0 /net
parent1f807d6eb3f1e99fe6ff9ce3e12f1fbbc0a2f5c5 (diff)
[NETFILTER]: nf_conntrack_netlink: transmit mark during all events
The following feature was submitted some months ago. It forces the dump of mark during the connection destruction event. The induced load is quiet small and the patch is usefull to provide an easy way to filter event on user side without having to keep an hash in userspace. Signed-off-by: Eric Leblond <eric@inl.fr> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net')
-rw-r--r--net/netfilter/nf_conntrack_netlink.c11
1 files changed, 6 insertions, 5 deletions
diff --git a/net/netfilter/nf_conntrack_netlink.c b/net/netfilter/nf_conntrack_netlink.c
index bf86fdd89fd0..4a1b42b2b7a5 100644
--- a/net/netfilter/nf_conntrack_netlink.c
+++ b/net/netfilter/nf_conntrack_netlink.c
@@ -491,11 +491,6 @@ static int ctnetlink_conntrack_event(struct notifier_block *this,
491 && ctnetlink_dump_helpinfo(skb, ct) < 0) 491 && ctnetlink_dump_helpinfo(skb, ct) < 0)
492 goto nla_put_failure; 492 goto nla_put_failure;
493 493
494#ifdef CONFIG_NF_CONNTRACK_MARK
495 if ((events & IPCT_MARK || ct->mark)
496 && ctnetlink_dump_mark(skb, ct) < 0)
497 goto nla_put_failure;
498#endif
499#ifdef CONFIG_NF_CONNTRACK_SECMARK 494#ifdef CONFIG_NF_CONNTRACK_SECMARK
500 if ((events & IPCT_SECMARK || ct->secmark) 495 if ((events & IPCT_SECMARK || ct->secmark)
501 && ctnetlink_dump_secmark(skb, ct) < 0) 496 && ctnetlink_dump_secmark(skb, ct) < 0)
@@ -516,6 +511,12 @@ static int ctnetlink_conntrack_event(struct notifier_block *this,
516 goto nla_put_failure; 511 goto nla_put_failure;
517 } 512 }
518 513
514#ifdef CONFIG_NF_CONNTRACK_MARK
515 if ((events & IPCT_MARK || ct->mark)
516 && ctnetlink_dump_mark(skb, ct) < 0)
517 goto nla_put_failure;
518#endif
519
519 nlh->nlmsg_len = skb->tail - b; 520 nlh->nlmsg_len = skb->tail - b;
520 nfnetlink_send(skb, 0, group, 0); 521 nfnetlink_send(skb, 0, group, 0);
521 return NOTIFY_DONE; 522 return NOTIFY_DONE;