From: Patrick McHardy <kaber@trash.net>
To: davem@davemloft.net
Cc: netfilter-devel@lists.netfilter.org, Patrick McHardy <kaber@trash.net>
Subject: [NETFILTER 04/18]: conntrack: introduce connection mark event
Date: Tue, 22 Aug 2006 00:52:23 +0200 (MEST) [thread overview]
Message-ID: <20060821225223.10288.810.sendpatchset@localhost.localdomain> (raw)
In-Reply-To: <20060821225217.10288.69738.sendpatchset@localhost.localdomain>
[NETFILTER]: conntrack: introduce connection mark event
This patch introduces the mark event. ctnetlink can use this to know if
the mark needs to be dumped.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Patrick McHardy <kaber@trash.net>
---
commit 706761e6047b57ee8fa33c2eca912ffc5f36bfa7
tree 450fe3c2d130148e1e88909f1ef6b2b2ae1c0496
parent 55eeb35cfb789640cc0d3b179398b196286c5991
author Pablo Neira Ayuso <pablo@netfilter.org> Fri, 11 Aug 2006 21:01:12 +0200
committer Patrick McHardy <kaber@trash.net> Fri, 11 Aug 2006 21:01:12 +0200
include/linux/netfilter/nf_conntrack_common.h | 4 ++++
net/netfilter/xt_CONNMARK.c | 16 ++++++++++++++--
2 files changed, 18 insertions(+), 2 deletions(-)
diff --git a/include/linux/netfilter/nf_conntrack_common.h b/include/linux/netfilter/nf_conntrack_common.h
index d2e4bd7..9e0dae0 100644
--- a/include/linux/netfilter/nf_conntrack_common.h
+++ b/include/linux/netfilter/nf_conntrack_common.h
@@ -125,6 +125,10 @@ enum ip_conntrack_events
/* Counter highest bit has been set */
IPCT_COUNTER_FILLING_BIT = 11,
IPCT_COUNTER_FILLING = (1 << IPCT_COUNTER_FILLING_BIT),
+
+ /* Mark is set */
+ IPCT_MARK_BIT = 12,
+ IPCT_MARK = (1 << IPCT_MARK_BIT),
};
enum ip_conntrack_expect_events {
diff --git a/net/netfilter/xt_CONNMARK.c b/net/netfilter/xt_CONNMARK.c
index 60c375d..784482b 100644
--- a/net/netfilter/xt_CONNMARK.c
+++ b/net/netfilter/xt_CONNMARK.c
@@ -52,13 +52,25 @@ target(struct sk_buff **pskb,
switch(markinfo->mode) {
case XT_CONNMARK_SET:
newmark = (*ctmark & ~markinfo->mask) | markinfo->mark;
- if (newmark != *ctmark)
+ if (newmark != *ctmark) {
*ctmark = newmark;
+#ifdef CONFIG_IP_NF_CONNTRACK_EVENTS
+ ip_conntrack_event_cache(IPCT_MARK, *pskb);
+#else
+ nf_conntrack_event_cache(IPCT_MARK, *pskb);
+#endif
+ }
break;
case XT_CONNMARK_SAVE:
newmark = (*ctmark & ~markinfo->mask) | ((*pskb)->nfmark & markinfo->mask);
- if (*ctmark != newmark)
+ if (*ctmark != newmark) {
*ctmark = newmark;
+#ifdef CONFIG_IP_NF_CONNTRACK_EVENTS
+ ip_conntrack_event_cache(IPCT_MARK, *pskb);
+#else
+ nf_conntrack_event_cache(IPCT_MARK, *pskb);
+#endif
+ }
break;
case XT_CONNMARK_RESTORE:
nfmark = (*pskb)->nfmark;
next prev parent reply other threads:[~2006-08-21 22:52 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-08-21 22:52 [NETFILTER 00/18]: Netfilter Update for 2.6.19 Patrick McHardy
2006-08-21 22:52 ` [NETFILTER 01/18]: x_tables: replace IPv4 dscp match by address family independent version Patrick McHardy
2006-08-21 22:52 ` [NETFILTER 02/18]: x_tables: replace IPv4 DSCP target " Patrick McHardy
2006-08-21 22:52 ` [NETFILTER 03/18]: ipt_recent: add module parameter for changing ownership of /proc/net/ipt_recent/* Patrick McHardy
2006-08-21 22:52 ` Patrick McHardy [this message]
2006-08-21 22:52 ` [NETFILTER 05/18]: ctnetlink: dump connection mark Patrick McHardy
2006-08-21 22:52 ` [NETFILTER 06/18]: ctnetlink: check for listeners before sending expectation events Patrick McHardy
2006-08-21 22:52 ` [NETFILTER 07/18]: ctnetlink: remove impossible events tests for updates Patrick McHardy
2006-08-21 22:52 ` [NETFILTER 08/18]: nfnetlink_queue: fix typo in error message Patrick McHardy
2006-08-21 22:52 ` [NETFILTER 09/18]: replace open coded checksum updates Patrick McHardy
2006-08-21 22:52 ` [NETFILTER 10/18]: xt_CONNMARK: use tabs for indentation Patrick McHardy
2006-08-21 22:52 ` [NETFILTER 11/18]: x_tables: add helpers for mass match/target registration Patrick McHardy
2006-08-21 22:52 ` [NETFILTER 12/18]: x_tables: make use of mass registation helpers Patrick McHardy
2006-08-22 20:48 ` [NETFILTER]: x_tables: Fix typos after conversion to use mass registation helper Thomas Graf
2006-08-22 20:52 ` David Miller
2006-08-21 22:52 ` [NETFILTER 13/18]: x_tables: remove unused argument to target functions Patrick McHardy
2006-08-21 22:52 ` [NETFILTER 14/18]: x_tables: remove unused size argument to check/destroy functions Patrick McHardy
2006-08-21 22:52 ` [NETFILTER 15/18]: nfnetlink: remove unnecessary packed attributes Patrick McHardy
2006-08-21 22:52 ` [NETFILTER 16/18]: x_tables: add data member to struct xt_match Patrick McHardy
2006-08-21 22:52 ` [NETFILTER 17/18]: ip6_tables: consolidate dst and hbh matches Patrick McHardy
2006-08-21 22:52 ` [NETFILTER 18/18]: xt_tcpmss: minor cleanups Patrick McHardy
2006-08-22 7:44 ` [NETFILTER 00/18]: Netfilter Update for 2.6.19 David Miller
2006-08-22 8:40 ` Amin Azez
2006-08-22 8:47 ` Patrick McHardy
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20060821225223.10288.810.sendpatchset@localhost.localdomain \
--to=kaber@trash.net \
--cc=davem@davemloft.net \
--cc=netfilter-devel@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.