* ipq_flush doesn't work with NF_ACCEPT?
@ 2005-10-11 18:42 Dan Good
0 siblings, 0 replies; only message in thread
From: Dan Good @ 2005-10-11 18:42 UTC (permalink / raw)
To: netfilter-devel
Hi everyone,
I'm new to the list and am looking for some help. I wanted to
try a scenario where, if the user space program reading the
queue died, the remaining packets in the queue would be accepted
instead of dropped. To that end, I made a small change to
ip_queue.c in __ipq_reset to change the arg to __ipq_flush
from NF_DROP to NF_ACCEPT (diff below, based on linux 2.6.12
version).
The result seems to be that, no matter how many packets are
in the queue, only the first one arrives at the destination.
Please, can anyone shed some light on this? Thanks.
--- ip_queue.c.bak Tue Oct 11 14:40:46 2005
+++ ip_queue.c Tue Oct 11 14:40:56 2005
@@ -169,13 +169,13 @@
static inline void
__ipq_reset(void)
{
peer_pid = 0;
net_disable_timestamp();
__ipq_set_mode(IPQ_COPY_NONE, 0);
- __ipq_flush(NF_DROP);
+ __ipq_flush(NF_ACCEPT);
}
static struct ipq_queue_entry *
ipq_find_dequeue_entry(ipq_cmpfn cmpfn, unsigned long data)
{
struct ipq_queue_entry *entry;
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2005-10-11 18:42 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2005-10-11 18:42 ipq_flush doesn't work with NF_ACCEPT? Dan Good
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.