Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit a83099a6 authored by Eric Leblond's avatar Eric Leblond Committed by David S. Miller
Browse files

[NETFILTER]: nf_conntrack_netlink: transmit mark during all events 



The following feature was submitted some months ago. It forces the dump
of mark during the connection destruction event. The induced load is
quiet small and the patch is usefull to provide an easy way to filter
event on user side without having to keep an hash in userspace.

Signed-off-by: default avatarEric Leblond <eric@inl.fr>
Signed-off-by: default avatarPatrick McHardy <kaber@trash.net>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent 1f807d6e

net/netfilter/nf_conntrack_netlink.c

+6 −5
Original line number Diff line number Diff line
@@ -491,11 +491,6 @@ static int ctnetlink_conntrack_event(struct notifier_block *this, 
		    && ctnetlink_dump_helpinfo(skb, ct) < 0)

			goto nla_put_failure;



#ifdef CONFIG_NF_CONNTRACK_MARK

		if ((events & IPCT_MARK || ct->mark)

		    && ctnetlink_dump_mark(skb, ct) < 0)

			goto nla_put_failure;

#endif

#ifdef CONFIG_NF_CONNTRACK_SECMARK

		if ((events & IPCT_SECMARK || ct->secmark)

		    && ctnetlink_dump_secmark(skb, ct) < 0)
@@ -516,6 +511,12 @@ static int ctnetlink_conntrack_event(struct notifier_block *this, 
			goto nla_put_failure;

	}



#ifdef CONFIG_NF_CONNTRACK_MARK

	if ((events & IPCT_MARK || ct->mark)

	    && ctnetlink_dump_mark(skb, ct) < 0)

		goto nla_put_failure;

#endif



	nlh->nlmsg_len = skb->tail - b;

	nfnetlink_send(skb, 0, group, 0);

	return NOTIFY_DONE;