mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
synced 2025-01-13 16:50:05 +00:00
[NETFILTER]: nf_conntrack_netlink: transmit mark during all events
The following feature was submitted some months ago. It forces the dump of mark during the connection destruction event. The induced load is quiet small and the patch is usefull to provide an easy way to filter event on user side without having to keep an hash in userspace. Signed-off-by: Eric Leblond <eric@inl.fr> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
parent
1f807d6eb3
commit
a83099a60f
@ -491,11 +491,6 @@ static int ctnetlink_conntrack_event(struct notifier_block *this,
|
||||
&& ctnetlink_dump_helpinfo(skb, ct) < 0)
|
||||
goto nla_put_failure;
|
||||
|
||||
#ifdef CONFIG_NF_CONNTRACK_MARK
|
||||
if ((events & IPCT_MARK || ct->mark)
|
||||
&& ctnetlink_dump_mark(skb, ct) < 0)
|
||||
goto nla_put_failure;
|
||||
#endif
|
||||
#ifdef CONFIG_NF_CONNTRACK_SECMARK
|
||||
if ((events & IPCT_SECMARK || ct->secmark)
|
||||
&& ctnetlink_dump_secmark(skb, ct) < 0)
|
||||
@ -516,6 +511,12 @@ static int ctnetlink_conntrack_event(struct notifier_block *this,
|
||||
goto nla_put_failure;
|
||||
}
|
||||
|
||||
#ifdef CONFIG_NF_CONNTRACK_MARK
|
||||
if ((events & IPCT_MARK || ct->mark)
|
||||
&& ctnetlink_dump_mark(skb, ct) < 0)
|
||||
goto nla_put_failure;
|
||||
#endif
|
||||
|
||||
nlh->nlmsg_len = skb->tail - b;
|
||||
nfnetlink_send(skb, 0, group, 0);
|
||||
return NOTIFY_DONE;
|
||||
|
Loading…
x
Reference in New Issue
Block a user