diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2009-06-13 12:26:29 +0200 |
---|---|---|
committer | Patrick McHardy <kaber@trash.net> | 2009-06-13 12:26:29 +0200 |
commit | a0891aa6a635f658f29bb061a00d6d3486941519 (patch) | |
tree | 40df3898f9f2e0892683c482d81deec4fd5a9257 /include/net/netns/conntrack.h | |
parent | 65cb9fda32be613216f601a330b311c3bd7a8436 (diff) | |
download | talos-op-linux-a0891aa6a635f658f29bb061a00d6d3486941519.tar.gz talos-op-linux-a0891aa6a635f658f29bb061a00d6d3486941519.zip |
netfilter: conntrack: move event caching to conntrack extension infrastructure
This patch reworks the per-cpu event caching to use the conntrack
extension infrastructure.
The main drawback is that we consume more memory per conntrack
if event delivery is enabled. This patch is required by the
reliable event delivery that follows to this patch.
BTW, this patch allows you to enable/disable event delivery via
/proc/sys/net/netfilter/nf_conntrack_events in runtime, although
you can still disable event caching as compilation option.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Diffstat (limited to 'include/net/netns/conntrack.h')
-rw-r--r-- | include/net/netns/conntrack.h | 5 |
1 files changed, 2 insertions, 3 deletions
diff --git a/include/net/netns/conntrack.h b/include/net/netns/conntrack.h index 9dc58402bc09..505a51cd8c63 100644 --- a/include/net/netns/conntrack.h +++ b/include/net/netns/conntrack.h @@ -15,15 +15,14 @@ struct netns_ct { struct hlist_head *expect_hash; struct hlist_nulls_head unconfirmed; struct ip_conntrack_stat *stat; -#ifdef CONFIG_NF_CONNTRACK_EVENTS - struct nf_conntrack_ecache *ecache; -#endif + int sysctl_events; int sysctl_acct; int sysctl_checksum; unsigned int sysctl_log_invalid; /* Log invalid packets */ #ifdef CONFIG_SYSCTL struct ctl_table_header *sysctl_header; struct ctl_table_header *acct_sysctl_header; + struct ctl_table_header *event_sysctl_header; #endif int hash_vmalloc; int expect_vmalloc; |