diff options
Diffstat (limited to 'net/ipv4')
| -rw-r--r-- | net/ipv4/netfilter/ip_conntrack_netlink.c | 49 |
1 files changed, 27 insertions, 22 deletions
diff --git a/net/ipv4/netfilter/ip_conntrack_netlink.c b/net/ipv4/netfilter/ip_conntrack_netlink.c index d5d2efddba57..5fcf91d617cd 100644 --- a/net/ipv4/netfilter/ip_conntrack_netlink.c +++ b/net/ipv4/netfilter/ip_conntrack_netlink.c | |||
| @@ -320,8 +320,6 @@ static int ctnetlink_conntrack_event(struct notifier_block *this, | |||
| 320 | } else if (events & (IPCT_NEW | IPCT_RELATED)) { | 320 | } else if (events & (IPCT_NEW | IPCT_RELATED)) { |
| 321 | type = IPCTNL_MSG_CT_NEW; | 321 | type = IPCTNL_MSG_CT_NEW; |
| 322 | flags = NLM_F_CREATE|NLM_F_EXCL; | 322 | flags = NLM_F_CREATE|NLM_F_EXCL; |
| 323 | /* dump everything */ | ||
| 324 | events = ~0UL; | ||
| 325 | group = NFNLGRP_CONNTRACK_NEW; | 323 | group = NFNLGRP_CONNTRACK_NEW; |
| 326 | } else if (events & (IPCT_STATUS | IPCT_PROTOINFO)) { | 324 | } else if (events & (IPCT_STATUS | IPCT_PROTOINFO)) { |
| 327 | type = IPCTNL_MSG_CT_NEW; | 325 | type = IPCTNL_MSG_CT_NEW; |
| @@ -356,28 +354,35 @@ static int ctnetlink_conntrack_event(struct notifier_block *this, | |||
| 356 | if (ctnetlink_dump_tuples(skb, tuple(ct, IP_CT_DIR_REPLY)) < 0) | 354 | if (ctnetlink_dump_tuples(skb, tuple(ct, IP_CT_DIR_REPLY)) < 0) |
| 357 | goto nfattr_failure; | 355 | goto nfattr_failure; |
| 358 | NFA_NEST_END(skb, nest_parms); | 356 | NFA_NEST_END(skb, nest_parms); |
| 359 | |||
| 360 | /* NAT stuff is now a status flag */ | ||
| 361 | if ((events & IPCT_STATUS || events & IPCT_NATINFO) | ||
| 362 | && ctnetlink_dump_status(skb, ct) < 0) | ||
| 363 | goto nfattr_failure; | ||
| 364 | if (events & IPCT_REFRESH | ||
| 365 | && ctnetlink_dump_timeout(skb, ct) < 0) | ||
| 366 | goto nfattr_failure; | ||
| 367 | if (events & IPCT_PROTOINFO | ||
| 368 | && ctnetlink_dump_protoinfo(skb, ct) < 0) | ||
| 369 | goto nfattr_failure; | ||
| 370 | if (events & IPCT_HELPINFO | ||
| 371 | && ctnetlink_dump_helpinfo(skb, ct) < 0) | ||
| 372 | goto nfattr_failure; | ||
| 373 | 357 | ||
| 374 | if (ctnetlink_dump_counters(skb, ct, IP_CT_DIR_ORIGINAL) < 0 || | 358 | if (events & IPCT_DESTROY) { |
| 375 | ctnetlink_dump_counters(skb, ct, IP_CT_DIR_REPLY) < 0) | 359 | if (ctnetlink_dump_counters(skb, ct, IP_CT_DIR_ORIGINAL) < 0 || |
| 376 | goto nfattr_failure; | 360 | ctnetlink_dump_counters(skb, ct, IP_CT_DIR_REPLY) < 0) |
| 361 | goto nfattr_failure; | ||
| 362 | } else { | ||
| 363 | if (ctnetlink_dump_status(skb, ct) < 0) | ||
| 364 | goto nfattr_failure; | ||
| 377 | 365 | ||
| 378 | if (events & IPCT_MARK | 366 | if (ctnetlink_dump_timeout(skb, ct) < 0) |
| 379 | && ctnetlink_dump_mark(skb, ct) < 0) | 367 | goto nfattr_failure; |
| 380 | goto nfattr_failure; | 368 | |
| 369 | if (events & IPCT_PROTOINFO | ||
| 370 | && ctnetlink_dump_protoinfo(skb, ct) < 0) | ||
| 371 | goto nfattr_failure; | ||
| 372 | |||
| 373 | if ((events & IPCT_HELPER || ct->helper) | ||
| 374 | && ctnetlink_dump_helpinfo(skb, ct) < 0) | ||
| 375 | goto nfattr_failure; | ||
| 376 | |||
| 377 | if ((events & IPCT_MARK || ct->mark) | ||
| 378 | && ctnetlink_dump_mark(skb, ct) < 0) | ||
| 379 | goto nfattr_failure; | ||
| 380 | |||
| 381 | if (events & IPCT_COUNTER_FILLING && | ||
| 382 | (ctnetlink_dump_counters(skb, ct, IP_CT_DIR_ORIGINAL) < 0 || | ||
| 383 | ctnetlink_dump_counters(skb, ct, IP_CT_DIR_REPLY) < 0)) | ||
| 384 | goto nfattr_failure; | ||
| 385 | } | ||
| 381 | 386 | ||
| 382 | nlh->nlmsg_len = skb->tail - b; | 387 | nlh->nlmsg_len = skb->tail - b; |
| 383 | nfnetlink_send(skb, 0, group, 0); | 388 | nfnetlink_send(skb, 0, group, 0); |