[conntrack-tools] ftfw: shrink alive message size
Pablo Neira
netfilter-cvslog-bounces at lists.netfilter.org
Sat Dec 13 18:35:59 CET 2008
Gitweb: http://git.netfilter.org/cgi-bin/gitweb.cgi?p=conntrack-tools.git;a=commit;h=08f59121eb907802d490601f5e54dcd0fbc1d695
commit 08f59121eb907802d490601f5e54dcd0fbc1d695
Author: Pablo Neira Ayuso <pablo at netfilter.org>
AuthorDate: Sat Dec 13 17:24:47 2008 +0100
Commit: Pablo Neira Ayuso <pablo at netfilter.org>
CommitDate: Sat Dec 13 17:24:47 2008 +0100
ftfw: shrink alive message size
This patch reduces the size of alive messages by removing the
"from" and "to" fields which are not of any help. This patch also
removes the IS_CTL() macro since it does not return true for
the control messages anymore but only for IS_ACK(), IS_NACK() and
IS_RESYNC().
Signed-off-by: Pablo Neira Ayuso <pablo at netfilter.org>
commit 74455dae1d095178b09ea3f1b1e8b005076e7a94
Author: Pablo Neira Ayuso <pablo at netfilter.org>
AuthorDate: Sat Dec 13 17:24:27 2008 +0100
Commit: Pablo Neira Ayuso <pablo at netfilter.org>
CommitDate: Sat Dec 13 17:24:27 2008 +0100
network: do more strict message type checking
This patch adds more strict checking in the message type. We add a
new message type NET_T_CTL for control messages.
Signed-off-by: Pablo Neira Ayuso <pablo at netfilter.org>
commit 3de8d91c1fa7cadf68108c0c9c03193ac5e82a73
Author: Pablo Neira Ayuso <pablo at netfilter.org>
AuthorDate: Sat Dec 13 16:50:50 2008 +0100
Commit: Pablo Neira Ayuso <pablo at netfilter.org>
CommitDate: Sat Dec 13 16:50:50 2008 +0100
ftfw: resync messages can be retransmitted
This patch includes resync messages in the tx queue. Thus, if a
resync message gets lost, it is resent.
Signed-off-by: Pablo Neira Ayuso <pablo at netfilter.org>
commit b442b832971f25ad573c6765bcf63640b59342a3
Author: Pablo Neira Ayuso <pablo at netfilter.org>
AuthorDate: Sat Dec 13 16:17:38 2008 +0100
Commit: Pablo Neira Ayuso <pablo at netfilter.org>
CommitDate: Sat Dec 13 16:17:38 2008 +0100
ftfw: do not check for data messages in tx_queue_xmit
This patch removes a IS_DATA(net) in tx_queue_xmit which is not
possible to happen anymore since there are no chances to have
data in the transmission queue (instead it is all in the
transmission list).
Signed-off-by: Pablo Neira Ayuso <pablo at netfilter.org>
commit 8d6efef0daed05925bf9b13c21948afa651482a5
Author: Pablo Neira Ayuso <pablo at netfilter.org>
AuthorDate: Sat Dec 13 16:15:18 2008 +0100
Commit: Pablo Neira Ayuso <pablo at netfilter.org>
CommitDate: Sat Dec 13 16:15:18 2008 +0100
network: use NET_T_* instead of NFCT_Q_*
This patch replaces the use of NFCT_Q_* in the message type by
specific network message type NET_T_*. The query types are reserved
for libnetfilter_conntrack operations.
Signed-off-by: Pablo Neira Ayuso <pablo at netfilter.org>
via 08f59121eb907802d490601f5e54dcd0fbc1d695 (commit)
via 74455dae1d095178b09ea3f1b1e8b005076e7a94 (commit)
via 3de8d91c1fa7cadf68108c0c9c03193ac5e82a73 (commit)
via b442b832971f25ad573c6765bcf63640b59342a3 (commit)
via 8d6efef0daed05925bf9b13c21948afa651482a5 (commit)
from 77d7daef4e41b5fb55d9fb2c4c0a66fe7039887d (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 08f59121eb907802d490601f5e54dcd0fbc1d695
Author: Pablo Neira Ayuso <pablo at netfilter.org>
Date: Sat Dec 13 17:24:47 2008 +0100
ftfw: shrink alive message size
This patch reduces the size of alive messages by removing the
"from" and "to" fields which are not of any help. This patch also
removes the IS_CTL() macro since it does not return true for
the control messages anymore but only for IS_ACK(), IS_NACK() and
IS_RESYNC().
Signed-off-by: Pablo Neira Ayuso <pablo at netfilter.org>
commit 74455dae1d095178b09ea3f1b1e8b005076e7a94
Author: Pablo Neira Ayuso <pablo at netfilter.org>
Date: Sat Dec 13 17:24:27 2008 +0100
network: do more strict message type checking
This patch adds more strict checking in the message type. We add a
new message type NET_T_CTL for control messages.
Signed-off-by: Pablo Neira Ayuso <pablo at netfilter.org>
commit 3de8d91c1fa7cadf68108c0c9c03193ac5e82a73
Author: Pablo Neira Ayuso <pablo at netfilter.org>
Date: Sat Dec 13 16:50:50 2008 +0100
ftfw: resync messages can be retransmitted
This patch includes resync messages in the tx queue. Thus, if a
resync message gets lost, it is resent.
Signed-off-by: Pablo Neira Ayuso <pablo at netfilter.org>
commit b442b832971f25ad573c6765bcf63640b59342a3
Author: Pablo Neira Ayuso <pablo at netfilter.org>
Date: Sat Dec 13 16:17:38 2008 +0100
ftfw: do not check for data messages in tx_queue_xmit
This patch removes a IS_DATA(net) in tx_queue_xmit which is not
possible to happen anymore since there are no chances to have
data in the transmission queue (instead it is all in the
transmission list).
Signed-off-by: Pablo Neira Ayuso <pablo at netfilter.org>
commit 8d6efef0daed05925bf9b13c21948afa651482a5
Author: Pablo Neira Ayuso <pablo at netfilter.org>
Date: Sat Dec 13 16:15:18 2008 +0100
network: use NET_T_* instead of NFCT_Q_*
This patch replaces the use of NFCT_Q_* in the message type by
specific network message type NET_T_*. The query types are reserved
for libnetfilter_conntrack operations.
Signed-off-by: Pablo Neira Ayuso <pablo at netfilter.org>
-----------------------------------------------------------------------
include/network.h | 25 +++++++++++++++++--------
src/network.c | 7 ++++++-
src/sync-alarm.c | 2 +-
src/sync-ftfw.c | 49 +++++++++++++++++++++++++++++++++++++++++--------
src/sync-mode.c | 18 +++++++++---------
src/sync-notrack.c | 3 ++-
6 files changed, 76 insertions(+), 28 deletions(-)
This patch replaces the use of NFCT_Q_* in the message type by
specific network message type NET_T_*. The query types are reserved
for libnetfilter_conntrack operations.
Signed-off-by: Pablo Neira Ayuso <pablo at netfilter.org>
diff --git a/include/network.h b/include/network.h
index 9098e5c..b6722bd 100644
--- a/include/network.h
+++ b/include/network.h
@@ -17,6 +17,13 @@ struct nethdr {
};
#define NETHDR_SIZ nethdr_align(sizeof(struct nethdr))
+enum nethdr_type {
+ NET_T_STATE_NEW = 0,
+ NET_T_STATE_UPD,
+ NET_T_STATE_DEL,
+ NET_T_STATE_MAX = NET_T_STATE_DEL,
+};
+
int nethdr_align(int len);
int nethdr_size(int len);
void nethdr_set(struct nethdr *net, int type);
diff --git a/src/sync-alarm.c b/src/sync-alarm.c
index fe3d9af..d871b75 100644
--- a/src/sync-alarm.c
+++ b/src/sync-alarm.c
@@ -38,7 +38,7 @@ static void refresher(struct alarm_block *a, void *data)
random() % CONFIG(refresh) + 1,
((random() % 5 + 1) * 200000) - 1);
- net = BUILD_NETMSG(u->ct, NFCT_Q_UPDATE);
+ net = BUILD_NETMSG(u->ct, NET_T_STATE_UPD);
mcast_buffered_send_netmsg(STATE_SYNC(mcast_client), net);
}
diff --git a/src/sync-ftfw.c b/src/sync-ftfw.c
index a4895d4..05475ab 100644
--- a/src/sync-ftfw.c
+++ b/src/sync-ftfw.c
@@ -454,9 +454,9 @@ static void ftfw_send(struct nethdr *net, struct us_conntrack *u)
struct cache_ftfw *cn;
switch(net->type) {
- case NFCT_Q_CREATE:
- case NFCT_Q_UPDATE:
- case NFCT_Q_DESTROY:
+ case NET_T_STATE_NEW:
+ case NET_T_STATE_UPD:
+ case NET_T_STATE_DEL:
cn = (struct cache_ftfw *)
cache_get_extra(STATE_SYNC(internal), u);
@@ -537,9 +537,9 @@ static void ftfw_run(void)
u = cache_get_conntrack(STATE_SYNC(internal), cn);
if (alarm_pending(&u->alarm))
- tx_list_xmit(&cn->tx_list, u, NFCT_Q_DESTROY);
+ tx_list_xmit(&cn->tx_list, u, NET_T_STATE_DEL);
else
- tx_list_xmit(&cn->tx_list, u, NFCT_Q_UPDATE);
+ tx_list_xmit(&cn->tx_list, u, NET_T_STATE_UPD);
}
/* reset alive alarm */
diff --git a/src/sync-mode.c b/src/sync-mode.c
index cfed7f4..d5355a7 100644
--- a/src/sync-mode.c
+++ b/src/sync-mode.c
@@ -68,7 +68,7 @@ static void do_mcast_handler_step(struct nethdr *net, size_t remain)
}
switch(net->type) {
- case NFCT_Q_CREATE:
+ case NET_T_STATE_NEW:
retry:
if ((u = cache_add(STATE_SYNC(external), ct))) {
debug_ct(u->ct, "external new");
@@ -85,13 +85,13 @@ retry:
debug_ct(ct, "can't add");
}
break;
- case NFCT_Q_UPDATE:
+ case NET_T_STATE_UPD:
if ((u = cache_update_force(STATE_SYNC(external), ct))) {
debug_ct(u->ct, "external update");
} else
debug_ct(ct, "can't update");
break;
- case NFCT_Q_DESTROY:
+ case NET_T_STATE_DEL:
if (cache_del(STATE_SYNC(external), ct))
debug_ct(ct, "external destroy");
else
@@ -415,7 +415,7 @@ static int purge_step(void *data1, void *data2)
ret = nfct_query(h, NFCT_Q_GET, u->ct);
if (ret == -1 && errno == ENOENT) {
debug_ct(u->ct, "overrun purge resync");
- mcast_send_sync(u, NFCT_Q_DESTROY);
+ mcast_send_sync(u, NET_T_STATE_DEL);
__cache_del_timer(STATE_SYNC(internal), u, CONFIG(del_timeout));
}
@@ -448,7 +448,7 @@ static int overrun_sync(enum nf_conntrack_msg_type type,
if (!cache_test(STATE_SYNC(internal), ct)) {
if ((u = cache_update_force(STATE_SYNC(internal), ct))) {
debug_ct(u->ct, "overrun resync");
- mcast_send_sync(u, NFCT_Q_UPDATE);
+ mcast_send_sync(u, NET_T_STATE_UPD);
}
}
@@ -466,7 +466,7 @@ static void event_new_sync(struct nf_conntrack *ct)
nfct_attr_unset(ct, ATTR_REPL_COUNTER_PACKETS);
retry:
if ((u = cache_add(STATE_SYNC(internal), ct))) {
- mcast_send_sync(u, NFCT_Q_CREATE);
+ mcast_send_sync(u, NET_T_STATE_NEW);
debug_ct(u->ct, "internal new");
} else {
if (errno == EEXIST) {
@@ -489,7 +489,7 @@ static void event_update_sync(struct nf_conntrack *ct)
return;
}
debug_ct(u->ct, "internal update");
- mcast_send_sync(u, NFCT_Q_UPDATE);
+ mcast_send_sync(u, NET_T_STATE_UPD);
}
static int event_destroy_sync(struct nf_conntrack *ct)
@@ -502,7 +502,7 @@ static int event_destroy_sync(struct nf_conntrack *ct)
return 0;
}
- mcast_send_sync(u, NFCT_Q_DESTROY);
+ mcast_send_sync(u, NET_T_STATE_DEL);
__cache_del_timer(STATE_SYNC(internal), u, CONFIG(del_timeout));
debug_ct(ct, "internal destroy");
return 1;
diff --git a/src/sync-notrack.c b/src/sync-notrack.c
index fdb0c43..8e6601a 100644
--- a/src/sync-notrack.c
+++ b/src/sync-notrack.c
@@ -188,7 +188,7 @@ static void notrack_run(void)
struct us_conntrack *u;
u = cache_get_conntrack(STATE_SYNC(internal), cn);
- tx_list_xmit(&cn->tx_list, u, NFCT_Q_UPDATE);
+ tx_list_xmit(&cn->tx_list, u, NET_T_STATE_UPD);
}
}
More information about the netfilter-cvslog
mailing list