[NETFILTER]: conntrack: introduce connection mark event

This patch introduces the mark event. ctnetlink can use this to know if
the mark needs to be dumped.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
Pablo Neira Ayuso 2006-08-22 00:31:24 -07:00 committed by David S. Miller
parent b93ff78317
commit 2521c12cf1
2 changed files with 18 additions and 2 deletions

View File

@ -125,6 +125,10 @@ enum ip_conntrack_events
/* Counter highest bit has been set */
IPCT_COUNTER_FILLING_BIT = 11,
IPCT_COUNTER_FILLING = (1 << IPCT_COUNTER_FILLING_BIT),
/* Mark is set */
IPCT_MARK_BIT = 12,
IPCT_MARK = (1 << IPCT_MARK_BIT),
};
enum ip_conntrack_expect_events {

View File

@ -52,13 +52,25 @@ target(struct sk_buff **pskb,
switch(markinfo->mode) {
case XT_CONNMARK_SET:
newmark = (*ctmark & ~markinfo->mask) | markinfo->mark;
if (newmark != *ctmark)
if (newmark != *ctmark) {
*ctmark = newmark;
#ifdef CONFIG_IP_NF_CONNTRACK_EVENTS
ip_conntrack_event_cache(IPCT_MARK, *pskb);
#else
nf_conntrack_event_cache(IPCT_MARK, *pskb);
#endif
}
break;
case XT_CONNMARK_SAVE:
newmark = (*ctmark & ~markinfo->mask) | ((*pskb)->nfmark & markinfo->mask);
if (*ctmark != newmark)
if (*ctmark != newmark) {
*ctmark = newmark;
#ifdef CONFIG_IP_NF_CONNTRACK_EVENTS
ip_conntrack_event_cache(IPCT_MARK, *pskb);
#else
nf_conntrack_event_cache(IPCT_MARK, *pskb);
#endif
}
break;
case XT_CONNMARK_RESTORE:
nfmark = (*pskb)->nfmark;