[NETFILTER] nfnetlink_log: add sequence numbers for log events

	NFULA_PAYLOAD,			/* opaque data payload */

	NFULA_PREFIX,			/* string prefix */

	NFULA_UID,			/* user id of socket */

	NFULA_SEQ,			/* instance-local sequence number */

	NFULA_SEQ_GLOBAL,		/* global sequence number */

	__NFULA_MAX

};

	NFULA_CFG_NLBUFSIZ,		/* u_int32_t buffer size */

	NFULA_CFG_TIMEOUT,		/* u_int32_t in 1/100 s */

	NFULA_CFG_QTHRESH,		/* u_int32_t */

	NFULA_CFG_FLAGS,		/* u_int16_t */

	__NFULA_CFG_MAX

};

#define NFULA_CFG_MAX (__NFULA_CFG_MAX -1)

#define NFULNL_COPY_META	0x01

#define NFULNL_COPY_PACKET	0x02

#define NFULNL_CFG_F_SEQ	0x0001

#define NFULNL_CFG_F_SEQ_GLOBAL	0x0002

#endif /* _NFNETLINK_LOG_H */

 * it under the terms of the GNU General Public License version 2 as

 * published by the Free Software Foundation.

 *

 * 2006-01-26 Harald Welte <laforge@netfilter.org>

 * 	- Add optional local and global sequence number to detect lost

 * 	  events from userspace

 *

 */

#include <linux/module.h>

#include <linux/skbuff.h>

	unsigned int nlbufsiz;		/* netlink buffer allocation size */

	unsigned int qthreshold;	/* threshold of the queue */

	u_int32_t copy_range;

	u_int32_t seq;			/* instance-local sequential counter */

	u_int16_t group_num;		/* number of this queue */

	u_int16_t flags;

	u_int8_t copy_mode;	

};

static DEFINE_RWLOCK(instances_lock);

static atomic_t global_seq;

#define INSTANCE_BUCKETS	16

static struct hlist_head instance_table[INSTANCE_BUCKETS];

	return 0;

}

static int

nfulnl_set_flags(struct nfulnl_instance *inst, u_int16_t flags)

{

	spin_lock_bh(&inst->lock);

	inst->flags = ntohs(flags);

	spin_unlock_bh(&inst->lock);

	return 0;

}

static struct sk_buff *nfulnl_alloc_skb(unsigned int inst_size, 

					unsigned int pkt_size)

{

	spin_unlock_bh(&inst->lock);

}

/* This is an inline function, we don't really care about a long

 * list of arguments */

static inline int 

__build_packet_message(struct nfulnl_instance *inst,

			const struct sk_buff *skb, 

			read_unlock_bh(&skb->sk->sk_callback_lock);

	}

	/* local sequence number */

	if (inst->flags & NFULNL_CFG_F_SEQ) {

		tmp_uint = htonl(inst->seq++);

		NFA_PUT(inst->skb, NFULA_SEQ, sizeof(tmp_uint), &tmp_uint);

	}

	/* global sequence number */

	if (inst->flags & NFULNL_CFG_F_SEQ_GLOBAL) {

		tmp_uint = atomic_inc_return(&global_seq);

		NFA_PUT(inst->skb, NFULA_SEQ_GLOBAL, sizeof(tmp_uint), &tmp_uint);

	}

	if (data_len) {

		struct nfattr *nfa;

		int size = NFA_LENGTH(data_len);

	spin_lock_bh(&inst->lock);

	if (inst->flags & NFULNL_CFG_F_SEQ)

		size += NFA_SPACE(sizeof(u_int32_t));

	if (inst->flags & NFULNL_CFG_F_SEQ_GLOBAL)

		size += NFA_SPACE(sizeof(u_int32_t));

	qthreshold = inst->qthreshold;

	/* per-rule qthreshold overrides per-instance */

	if (qthreshold > li->u.ulog.qthreshold)

	[NFULA_TIMESTAMP-1]	= sizeof(struct nfulnl_msg_packet_timestamp),

	[NFULA_IFINDEX_INDEV-1]	= sizeof(u_int32_t),

	[NFULA_IFINDEX_OUTDEV-1]= sizeof(u_int32_t),

	[NFULA_IFINDEX_PHYSINDEV-1]	= sizeof(u_int32_t),

	[NFULA_IFINDEX_PHYSOUTDEV-1]	= sizeof(u_int32_t),

	[NFULA_HWADDR-1]	= sizeof(struct nfulnl_msg_packet_hw),

	[NFULA_PAYLOAD-1]	= 0,

	[NFULA_PREFIX-1]	= 0,

	[NFULA_UID-1]		= sizeof(u_int32_t),

	[NFULA_SEQ-1]		= sizeof(u_int32_t),

	[NFULA_SEQ_GLOBAL-1]	= sizeof(u_int32_t),

};

static const int nfula_cfg_min[NFULA_CFG_MAX] = {

	[NFULA_CFG_TIMEOUT-1]	= sizeof(u_int32_t),

	[NFULA_CFG_QTHRESH-1]	= sizeof(u_int32_t),

	[NFULA_CFG_NLBUFSIZ-1]	= sizeof(u_int32_t),

	[NFULA_CFG_FLAGS-1]	= sizeof(u_int16_t),

};

static int

		nfulnl_set_qthresh(inst, ntohl(qthresh));

	}

	if (nfula[NFULA_CFG_FLAGS-1]) {

		u_int16_t flags =

			*(u_int16_t *)NFA_DATA(nfula[NFULA_CFG_FLAGS-1]);

		nfulnl_set_flags(inst, ntohl(flags));

	}

out_put:

	instance_put(inst);

	return ret;