aboutsummaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
authorPablo Neira Ayuso <pablo@netfilter.org>2006-09-20 15:00:45 -0400
committerDavid S. Miller <davem@sunset.davemloft.net>2006-09-22 18:19:52 -0400
commit01f348484dd8509254d045e3ad49029716eca6a1 (patch)
tree7a3f6d3bc775298bdc4b29749c34f18ffd379ee9 /net
parent90d47db4a06f93f7339618b2a4f0cb032ef8d6d5 (diff)
[NETFILTER]: ctnetlink: simplify the code to dump the conntrack table
Merge the bits to dump the conntrack table and the ones to dump and zero counters in a single piece of code. This patch does not change the default behaviour if accounting is not enabled. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net')
-rw-r--r--net/ipv4/netfilter/ip_conntrack_netlink.c63
-rw-r--r--net/netfilter/nf_conntrack_netlink.c67
2 files changed, 20 insertions, 110 deletions
diff --git a/net/ipv4/netfilter/ip_conntrack_netlink.c b/net/ipv4/netfilter/ip_conntrack_netlink.c
index a20b0e385f1b..52eddea27e93 100644
--- a/net/ipv4/netfilter/ip_conntrack_netlink.c
+++ b/net/ipv4/netfilter/ip_conntrack_netlink.c
@@ -436,6 +436,11 @@ restart:
436 cb->args[1] = (unsigned long)ct; 436 cb->args[1] = (unsigned long)ct;
437 goto out; 437 goto out;
438 } 438 }
439#ifdef CONFIG_NF_CT_ACCT
440 if (NFNL_MSG_TYPE(cb->nlh->nlmsg_type) ==
441 IPCTNL_MSG_CT_GET_CTRZERO)
442 memset(&ct->counters, 0, sizeof(ct->counters));
443#endif
439 } 444 }
440 if (cb->args[1]) { 445 if (cb->args[1]) {
441 cb->args[1] = 0; 446 cb->args[1] = 0;
@@ -451,46 +456,6 @@ out:
451 return skb->len; 456 return skb->len;
452} 457}
453 458
454#ifdef CONFIG_IP_NF_CT_ACCT
455static int
456ctnetlink_dump_table_w(struct sk_buff *skb, struct netlink_callback *cb)
457{
458 struct ip_conntrack *ct = NULL;
459 struct ip_conntrack_tuple_hash *h;
460 struct list_head *i;
461 u_int32_t *id = (u_int32_t *) &cb->args[1];
462
463 DEBUGP("entered %s, last bucket=%u id=%u\n", __FUNCTION__,
464 cb->args[0], *id);
465
466 write_lock_bh(&ip_conntrack_lock);
467 for (; cb->args[0] < ip_conntrack_htable_size; cb->args[0]++, *id = 0) {
468 list_for_each_prev(i, &ip_conntrack_hash[cb->args[0]]) {
469 h = (struct ip_conntrack_tuple_hash *) i;
470 if (DIRECTION(h) != IP_CT_DIR_ORIGINAL)
471 continue;
472 ct = tuplehash_to_ctrack(h);
473 if (ct->id <= *id)
474 continue;
475 if (ctnetlink_fill_info(skb, NETLINK_CB(cb->skb).pid,
476 cb->nlh->nlmsg_seq,
477 IPCTNL_MSG_CT_NEW,
478 1, ct) < 0)
479 goto out;
480 *id = ct->id;
481
482 memset(&ct->counters, 0, sizeof(ct->counters));
483 }
484 }
485out:
486 write_unlock_bh(&ip_conntrack_lock);
487
488 DEBUGP("leaving, last bucket=%lu id=%u\n", cb->args[0], *id);
489
490 return skb->len;
491}
492#endif
493
494static const size_t cta_min_ip[CTA_IP_MAX] = { 459static const size_t cta_min_ip[CTA_IP_MAX] = {
495 [CTA_IP_V4_SRC-1] = sizeof(u_int32_t), 460 [CTA_IP_V4_SRC-1] = sizeof(u_int32_t),
496 [CTA_IP_V4_DST-1] = sizeof(u_int32_t), 461 [CTA_IP_V4_DST-1] = sizeof(u_int32_t),
@@ -775,22 +740,14 @@ ctnetlink_get_conntrack(struct sock *ctnl, struct sk_buff *skb,
775 if (msg->nfgen_family != AF_INET) 740 if (msg->nfgen_family != AF_INET)
776 return -EAFNOSUPPORT; 741 return -EAFNOSUPPORT;
777 742
778 if (NFNL_MSG_TYPE(nlh->nlmsg_type) == 743#ifndef CONFIG_IP_NF_CT_ACCT
779 IPCTNL_MSG_CT_GET_CTRZERO) { 744 if (NFNL_MSG_TYPE(nlh->nlmsg_type) == IPCTNL_MSG_CT_GET_CTRZERO)
780#ifdef CONFIG_IP_NF_CT_ACCT
781 if ((*errp = netlink_dump_start(ctnl, skb, nlh,
782 ctnetlink_dump_table_w,
783 ctnetlink_done)) != 0)
784 return -EINVAL;
785#else
786 return -ENOTSUPP; 745 return -ENOTSUPP;
787#endif 746#endif
788 } else { 747 if ((*errp = netlink_dump_start(ctnl, skb, nlh,
789 if ((*errp = netlink_dump_start(ctnl, skb, nlh, 748 ctnetlink_dump_table,
790 ctnetlink_dump_table, 749 ctnetlink_done)) != 0)
791 ctnetlink_done)) != 0)
792 return -EINVAL; 750 return -EINVAL;
793 }
794 751
795 rlen = NLMSG_ALIGN(nlh->nlmsg_len); 752 rlen = NLMSG_ALIGN(nlh->nlmsg_len);
796 if (rlen > skb->len) 753 if (rlen > skb->len)
diff --git a/net/netfilter/nf_conntrack_netlink.c b/net/netfilter/nf_conntrack_netlink.c
index 8cd85cfd9a02..1721f7c78c77 100644
--- a/net/netfilter/nf_conntrack_netlink.c
+++ b/net/netfilter/nf_conntrack_netlink.c
@@ -455,6 +455,11 @@ restart:
455 cb->args[1] = (unsigned long)ct; 455 cb->args[1] = (unsigned long)ct;
456 goto out; 456 goto out;
457 } 457 }
458#ifdef CONFIG_NF_CT_ACCT
459 if (NFNL_MSG_TYPE(cb->nlh->nlmsg_type) ==
460 IPCTNL_MSG_CT_GET_CTRZERO)
461 memset(&ct->counters, 0, sizeof(ct->counters));
462#endif
458 } 463 }
459 if (cb->args[1]) { 464 if (cb->args[1]) {
460 cb->args[1] = 0; 465 cb->args[1] = 0;
@@ -470,50 +475,6 @@ out:
470 return skb->len; 475 return skb->len;
471} 476}
472 477
473#ifdef CONFIG_NF_CT_ACCT
474static int
475ctnetlink_dump_table_w(struct sk_buff *skb, struct netlink_callback *cb)
476{
477 struct nf_conn *ct = NULL;
478 struct nf_conntrack_tuple_hash *h;
479 struct list_head *i;
480 u_int32_t *id = (u_int32_t *) &cb->args[1];
481 struct nfgenmsg *nfmsg = NLMSG_DATA(cb->nlh);
482 u_int8_t l3proto = nfmsg->nfgen_family;
483
484 DEBUGP("entered %s, last bucket=%u id=%u\n", __FUNCTION__,
485 cb->args[0], *id);
486
487 write_lock_bh(&nf_conntrack_lock);
488 for (; cb->args[0] < nf_conntrack_htable_size; cb->args[0]++, *id = 0) {
489 list_for_each_prev(i, &nf_conntrack_hash[cb->args[0]]) {
490 h = (struct nf_conntrack_tuple_hash *) i;
491 if (DIRECTION(h) != IP_CT_DIR_ORIGINAL)
492 continue;
493 ct = nf_ct_tuplehash_to_ctrack(h);
494 if (l3proto && L3PROTO(ct) != l3proto)
495 continue;
496 if (ct->id <= *id)
497 continue;
498 if (ctnetlink_fill_info(skb, NETLINK_CB(cb->skb).pid,
499 cb->nlh->nlmsg_seq,
500 IPCTNL_MSG_CT_NEW,
501 1, ct) < 0)
502 goto out;
503 *id = ct->id;
504
505 memset(&ct->counters, 0, sizeof(ct->counters));
506 }
507 }
508out:
509 write_unlock_bh(&nf_conntrack_lock);
510
511 DEBUGP("leaving, last bucket=%lu id=%u\n", cb->args[0], *id);
512
513 return skb->len;
514}
515#endif
516
517static inline int 478static inline int
518ctnetlink_parse_tuple_ip(struct nfattr *attr, struct nf_conntrack_tuple *tuple) 479ctnetlink_parse_tuple_ip(struct nfattr *attr, struct nf_conntrack_tuple *tuple)
519{ 480{
@@ -788,22 +749,14 @@ ctnetlink_get_conntrack(struct sock *ctnl, struct sk_buff *skb,
788 if (nlh->nlmsg_flags & NLM_F_DUMP) { 749 if (nlh->nlmsg_flags & NLM_F_DUMP) {
789 u32 rlen; 750 u32 rlen;
790 751
791 if (NFNL_MSG_TYPE(nlh->nlmsg_type) == 752#ifndef CONFIG_NF_CT_ACCT
792 IPCTNL_MSG_CT_GET_CTRZERO) { 753 if (NFNL_MSG_TYPE(nlh->nlmsg_type) == IPCTNL_MSG_CT_GET_CTRZERO)
793#ifdef CONFIG_NF_CT_ACCT
794 if ((*errp = netlink_dump_start(ctnl, skb, nlh,
795 ctnetlink_dump_table_w,
796 ctnetlink_done)) != 0)
797 return -EINVAL;
798#else
799 return -ENOTSUPP; 754 return -ENOTSUPP;
800#endif 755#endif
801 } else { 756 if ((*errp = netlink_dump_start(ctnl, skb, nlh,
802 if ((*errp = netlink_dump_start(ctnl, skb, nlh, 757 ctnetlink_dump_table,
803 ctnetlink_dump_table, 758 ctnetlink_done)) != 0)
804 ctnetlink_done)) != 0)
805 return -EINVAL; 759 return -EINVAL;
806 }
807 760
808 rlen = NLMSG_ALIGN(nlh->nlmsg_len); 761 rlen = NLMSG_ALIGN(nlh->nlmsg_len);
809 if (rlen > skb->len) 762 if (rlen > skb->len)