Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit d271e8bd authored by Holger Eitzenberger's avatar Holger Eitzenberger Committed by Patrick McHardy
Browse files

ctnetlink: compute generic part of event more acurately 



On a box with most of the optional Netfilter switches turned off some
of the NLAs are never send, e. g. secmark, mark or the conntrack
byte/packet counters.  As a worst case scenario this may possibly
still lead to ctnetlink skbs being reallocated in netlink_trim()
later, loosing all the nice effects from the previous patches.

I try to solve that (at least partly) by correctly #ifdef'ing the
NLAs in the computation.

Signed-off-by: default avatarHolger Eitzenberger <holger@eitzenberger.org>
Signed-off-by: default avatarPatrick McHardy <kaber@trash.net>
parent a400c30e

net/netfilter/nf_conntrack_netlink.c

+10 −1
Original line number Diff line number Diff line
@@ -441,19 +441,28 @@ ctnetlink_alloc_skb(const struct nf_conntrack_tuple *tuple, gfp_t gfp) 
		+ 3 * NLA_TYPE_SIZE(u_int8_t)	/* CTA_PROTO_NUM */

		+ NLA_TYPE_SIZE(u_int32_t)	/* CTA_ID */

		+ NLA_TYPE_SIZE(u_int32_t)	/* CTA_STATUS */

#ifdef CONFIG_NF_CT_ACCT

		+ 2 * nla_total_size(0)		/* CTA_COUNTERS_ORIG|REPL */

		+ 2 * NLA_TYPE_SIZE(uint64_t)	/* CTA_COUNTERS_PACKETS */

		+ 2 * NLA_TYPE_SIZE(uint64_t)	/* CTA_COUNTERS_BYTES */

#endif

		+ NLA_TYPE_SIZE(u_int32_t)	/* CTA_TIMEOUT */

		+ nla_total_size(0)		/* CTA_PROTOINFO */

		+ nla_total_size(0)		/* CTA_HELP */

		+ nla_total_size(NF_CT_HELPER_NAME_LEN)	/* CTA_HELP_NAME */

#ifdef CONFIG_NF_CONNTRACK_SECMARK

		+ NLA_TYPE_SIZE(u_int32_t)	/* CTA_SECMARK */

#endif

#ifdef CONFIG_NF_NAT_NEEDED

		+ 2 * nla_total_size(0)		/* CTA_NAT_SEQ_ADJ_ORIG|REPL */

		+ 2 * NLA_TYPE_SIZE(u_int32_t)	/* CTA_NAT_SEQ_CORRECTION_POS */

		+ 2 * NLA_TYPE_SIZE(u_int32_t)	/* CTA_NAT_SEQ_CORRECTION_BEFORE */

		+ 2 * NLA_TYPE_SIZE(u_int32_t)	/* CTA_NAT_SEQ_CORRECTION_AFTER */

		+ NLA_TYPE_SIZE(u_int32_t);	/* CTA_MARK */

#endif

#ifdef CONFIG_NF_CONNTRACK_MARK

		+ NLA_TYPE_SIZE(u_int32_t)	/* CTA_MARK */

#endif

		;



#undef NLA_TYPE_SIZE