From: Patrick McHardy <kaber@trash.net>
To: Pablo Neira Ayuso <pablo@netfilter.org>
Cc: netfilter-devel@vger.kernel.org
Subject: Re: [PATCH] netfilter: nf_conntrack_tstamp: add flow-based timestamp extension
Date: Tue, 18 Jan 2011 14:59:18 +0100 [thread overview]
Message-ID: <4D359CB6.60701@trash.net> (raw)
In-Reply-To: <20110116223329.32349.13288.stgit@decadence>
On 16.01.2011 23:33, Pablo Neira Ayuso wrote:
> This patch adds flow-based timestamping for conntracks. This
> conntrack extension is disabled by default. Basically, we use
> two 64-bits variables to store the creation timestamp once the
> conntrack has been confirmed and the other to store the deletion
> time. This extension is disabled by default, to enable it, you
> have to:
>
> echo 1 > /proc/sys/net/netfilter/nf_conntrack_timestamp
>
> This patch allows to save memory for user-space flow-based
> loogers such as ulogd2. In short, ulogd2 does not need to
> keep a hashtable with the conntrack in user-space to know
> when they were created and destroyed, instead we use the
> kernel timestamp. If we want to have a sane IPFIX implementation
> in user-space, this nanosecs resolution timestamps are also
> useful. Other custom user-space applications can benefit from
> this via libnetfilter_conntrack.
>
> This patch modifies the /proc output to display the delta time
> in seconds since the flow start. You can also obtain the
> flow-start date by means of the conntrack-tools.
>
> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
> ---
> include/linux/netfilter/nfnetlink_conntrack.h | 9 ++++
> include/net/netfilter/nf_conntrack_extend.h | 4 ++
> include/net/netfilter/nf_conntrack_timestamp.h | 53 ++++++++++++++++++++++++
> include/net/netns/conntrack.h | 2 +
> net/netfilter/Kconfig | 11 +++++
> net/netfilter/Makefile | 1
> net/netfilter/nf_conntrack_core.c | 26 ++++++++++++
> net/netfilter/nf_conntrack_netlink.c | 46 ++++++++++++++++++++-
> net/netfilter/nf_conntrack_standalone.c | 41 +++++++++++++++++++
The nf_conntrack_timestamp.c file is missing from this patch.
next prev parent reply other threads:[~2011-01-18 13:59 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-01-16 22:33 [PATCH] netfilter: nf_conntrack_tstamp: add flow-based timestamp extension Pablo Neira Ayuso
2011-01-18 13:59 ` Patrick McHardy [this message]
-- strict thread matches above, loose matches on Subject: below --
2011-01-18 19:27 Pablo Neira Ayuso
2011-01-19 15:01 ` Patrick McHardy
2011-01-13 12:30 Pablo Neira Ayuso
2011-01-13 15:40 ` Pablo Neira Ayuso
2011-01-13 19:00 ` Patrick McHardy
2011-01-13 19:10 ` Patrick McHardy
2011-01-14 11:58 ` Pablo Neira Ayuso
2011-01-14 12:15 ` Patrick McHardy
2010-10-24 15:25 Pablo Neira Ayuso
2010-10-25 16:00 ` Patrick McHardy
2010-10-23 17:23 Pablo Neira Ayuso
2010-10-24 1:30 ` Changli Gao
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4D359CB6.60701@trash.net \
--to=kaber@trash.net \
--cc=netfilter-devel@vger.kernel.org \
--cc=pablo@netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).