[NETFILTER]: conntrack: introduce connection mark event

This patch introduces the mark event. ctnetlink can use this to know if
the mark needs to be dumped.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>

1 files changed, 14 insertions, 2 deletions

diff --git a/net/netfilter/xt_CONNMARK.c b/net/netfilter/xt_CONNMARK.c
index 60c375d36f01..784482b74e58 100644
--- a/net/netfilter/xt_CONNMARK.c
+++ b/net/netfilter/xt_CONNMARK.c
@@ -52,13 +52,25 @@ target(struct sk_buff **pskb,
             switch(markinfo->mode) {
             case XT_CONNMARK_SET:
                 newmark = (*ctmark & ~markinfo->mask) | markinfo->mark;
-                if (newmark != *ctmark)
+                if (newmark != *ctmark) {
                     *ctmark = newmark;
+#ifdef CONFIG_IP_NF_CONNTRACK_EVENTS
+                    ip_conntrack_event_cache(IPCT_MARK, *pskb);
+#else
+                    nf_conntrack_event_cache(IPCT_MARK, *pskb);
+#endif
+                }
                 break;
             case XT_CONNMARK_SAVE:
                 newmark = (*ctmark & ~markinfo->mask) | ((*pskb)->nfmark & markinfo->mask);
-                if (*ctmark != newmark)
+                if (*ctmark != newmark) {
                     *ctmark = newmark;
+#ifdef CONFIG_IP_NF_CONNTRACK_EVENTS
+                    ip_conntrack_event_cache(IPCT_MARK, *pskb);
+#else
+                    nf_conntrack_event_cache(IPCT_MARK, *pskb);
+#endif
+                }
                 break;
             case XT_CONNMARK_RESTORE:
                 nfmark = (*pskb)->nfmark;