[conntrack-tools] conntrackd: add `-f internal' and `-f external' options
Pablo Neira
netfilter-cvslog-bounces at lists.netfilter.org
Sun Feb 15 15:43:43 CET 2009
Gitweb: http://git.netfilter.org/cgi-bin/gitweb.cgi?p=conntrack-tools.git;a=commit;h=c4ef74420bc09b82146190870186fb067ac163e9
commit c4ef74420bc09b82146190870186fb067ac163e9
Author: Pablo Neira Ayuso <pablo at netfilter.org>
AuthorDate: Sun Feb 15 15:40:47 2009 +0100
Commit: Pablo Neira Ayuso <pablo at netfilter.org>
CommitDate: Sun Feb 15 15:40:47 2009 +0100
conntrackd: add `-f internal' and `-f external' options
This patch allows flushing the internal and/or the external cache.
The `-f' with no extra parameters still works to flush both the
internal and the external cache.
Signed-off-by: Pablo Neira Ayuso <pablo at netfilter.org>
via c4ef74420bc09b82146190870186fb067ac163e9 (commit)
from fe42b4085b7dab5847bb29155ebc70b4d7880ebe (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit c4ef74420bc09b82146190870186fb067ac163e9
Author: Pablo Neira Ayuso <pablo at netfilter.org>
Date: Sun Feb 15 15:40:47 2009 +0100
conntrackd: add `-f internal' and `-f external' options
This patch allows flushing the internal and/or the external cache.
The `-f' with no extra parameters still works to flush both the
internal and the external cache.
Signed-off-by: Pablo Neira Ayuso <pablo at netfilter.org>
-----------------------------------------------------------------------
conntrackd.8 | 4 ++--
include/conntrackd.h | 2 ++
src/main.c | 23 +++++++++++++++++++++--
src/stats-mode.c | 1 +
src/sync-mode.c | 10 ++++++++++
5 files changed, 36 insertions(+), 4 deletions(-)
This patch allows flushing the internal and/or the external cache.
The `-f' with no extra parameters still works to flush both the
internal and the external cache.
Signed-off-by: Pablo Neira Ayuso <pablo at netfilter.org>
diff --git a/conntrackd.8 b/conntrackd.8
index cd1e2bd..2002738 100644
--- a/conntrackd.8
+++ b/conntrackd.8
@@ -34,8 +34,8 @@ Dump the external cache, i.e. show foreign states
Display output in XML format. This option is only valid in combination
with "-i" and "-e" parameters.
.TP
-.BI "-f "
-Flush the internal and the external cache
+.BI "-f " "[|internal|external]"
+Flush the internal and/or external cache
.TP
.BI "-F "
Flush the kernel conntrack table (if you use a Linux kernel >= 2.6.29, this
diff --git a/include/conntrackd.h b/include/conntrackd.h
index bb038a9..9b3cdf2 100644
--- a/include/conntrackd.h
+++ b/include/conntrackd.h
@@ -31,6 +31,8 @@
#define STATS_RUNTIME 30 /* extended runtime stats */
#define STATS_MULTICAST 31 /* multicast network stats */
#define STATS_QUEUE 32 /* queue stats */
+#define FLUSH_INT_CACHE 33 /* flush internal cache */
+#define FLUSH_EXT_CACHE 34 /* flush external cache */
#define DEFAULT_CONFIGFILE "/etc/conntrackd/conntrackd.conf"
#define DEFAULT_LOCKFILE "/var/lock/conntrackd.lock"
diff --git a/src/main.c b/src/main.c
index 8f75904..82f0d27 100644
--- a/src/main.c
+++ b/src/main.c
@@ -38,7 +38,7 @@ static const char usage_daemon_commands[] =
static const char usage_client_commands[] =
"Client mode commands:\n"
" -c, commit external cache to conntrack table\n"
- " -f, flush internal and external cache\n"
+ " -f [|internal|external], flush internal and external cache\n"
" -F, flush kernel conntrack table\n"
" -i, display content of the internal cache\n"
" -e, display the content of the external cache\n"
@@ -144,7 +144,26 @@ int main(int argc, char *argv[])
break;
case 'f':
set_operation_mode(&type, REQUEST, argv);
- action = FLUSH_CACHE;
+ if (i+1 < argc && argv[i+1][0] != '-') {
+ if (strncmp(argv[i+1], "internal",
+ strlen(argv[i+1])) == 0) {
+ action = FLUSH_INT_CACHE;
+ i++;
+ } else if (strncmp(argv[i+1], "external",
+ strlen(argv[i+1])) == 0) {
+ action = FLUSH_EXT_CACHE;
+ i++;
+ } else {
+ fprintf(stderr, "ERROR: unknown "
+ "parameter `%s' for "
+ "option `-f'\n",
+ argv[i+1]);
+ exit(EXIT_FAILURE);
+ }
+ } else {
+ /* default to general flushing */
+ action = FLUSH_CACHE;
+ }
break;
case 'R':
set_operation_mode(&type, REQUEST, argv);
diff --git a/src/stats-mode.c b/src/stats-mode.c
index d561409..94fc45b 100644
--- a/src/stats-mode.c
+++ b/src/stats-mode.c
@@ -66,6 +66,7 @@ static int local_handler_stats(int fd, int type, void *data)
cache_dump(STATE_STATS(cache), fd, NFCT_O_XML);
break;
case FLUSH_CACHE:
+ case FLUSH_INT_CACHE:
dlog(LOG_NOTICE, "flushing caches");
cache_flush(STATE_STATS(cache));
break;
diff --git a/src/sync-mode.c b/src/sync-mode.c
index 74eb36e..866b313 100644
--- a/src/sync-mode.c
+++ b/src/sync-mode.c
@@ -466,6 +466,16 @@ static int local_handler_sync(int fd, int type, void *data)
cache_flush(STATE_SYNC(internal));
cache_flush(STATE_SYNC(external));
break;
+ case FLUSH_INT_CACHE:
+ /* inmediate flush, remove pending flush scheduled if any */
+ del_alarm(&STATE_SYNC(reset_cache_alarm));
+ dlog(LOG_NOTICE, "flushing internal cache");
+ cache_flush(STATE_SYNC(internal));
+ break;
+ case FLUSH_EXT_CACHE:
+ dlog(LOG_NOTICE, "flushing external cache");
+ cache_flush(STATE_SYNC(external));
+ break;
case KILL:
killer(0);
break;
More information about the netfilter-cvslog
mailing list