[netfilter-cvslog] r3993 -
branches/netfilter-ha/linux-2.6-actact/patches
laforge at netfilter.org
laforge at netfilter.org
Thu Jun 23 11:10:28 CEST 2005
Author: laforge at netfilter.org
Date: 2005-06-23 11:10:27 +0200 (Thu, 23 Jun 2005)
New Revision: 3993
Modified:
branches/netfilter-ha/linux-2.6-actact/patches/ct_sync_config_and_makefile.patch
Log:
introduce new CONFIG_IP_NF_CONNTRACK_SYNC_MARKED option instead of implicitly
only syncing connection with a certain cmarkbit when CONNMARK is compiled in
Modified: branches/netfilter-ha/linux-2.6-actact/patches/ct_sync_config_and_makefile.patch
===================================================================
--- branches/netfilter-ha/linux-2.6-actact/patches/ct_sync_config_and_makefile.patch 2005-06-23 09:10:09 UTC (rev 3992)
+++ branches/netfilter-ha/linux-2.6-actact/patches/ct_sync_config_and_makefile.patch 2005-06-23 09:10:27 UTC (rev 3993)
@@ -22,7 +22,7 @@
===================================================================
--- linux-2.6.9.orig/net/ipv4/netfilter/Kconfig 2004-12-10 00:10:57.000000000 +0100
+++ linux-2.6.9/net/ipv4/netfilter/Kconfig 2004-12-15 22:03:22.000000000 +0100
-@@ -718,5 +718,15 @@
+@@ -718,5 +718,22 @@
IF unsure, say `N'.
@@ -36,5 +36,12 @@
+
+ If unsure, say `N'.
+
++config IP_NF_CONNTRACK_SYNC_MARKED
++ depends on IP_NF_CT_SYNC && IP_NF_CONNTRACK_MARK
++ help
++ This option enables the 'cmarkbit' option of ct_sync. This means that
++ only connections marked with a certain bit in CONNMARK will synced, instead
++ of syncing _all_ conntracks by default.
++
endmenu
More information about the netfilter-cvslog
mailing list