[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Nufw-devel] Re: [PATCH 1/3] [kernel patch] fixed duration connection
From: |
Eric Leblond |
Subject: |
[Nufw-devel] Re: [PATCH 1/3] [kernel patch] fixed duration connection |
Date: |
Sat, 08 Apr 2006 22:55:38 +0200 |
User-agent: |
Debian Thunderbird 1.0.7 (X11/20051017) |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi again,
I followed your recommendation and here's the patch.
Patrick McHardy wrote:
> Eric Leblond wrote:
>
>>Hi,
>>
>>Here's the patch against Linus git tree.
>
>
> I don't have any principle objections against merging this (if
> there are no objections from others), a couple of comments
> on the patch though.
BR and thanks a lot for your help,
- --
Eric Leblond
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFEOCNKnxA7CdMWjzIRAuVlAJ9v75j2WeEvMAJVqDekgOxzTRmHQwCcDN5B
sdtE712lSkUuG25DMBB9v+w=
=K6vk
-----END PGP SIGNATURE-----
diff --git a/include/linux/netfilter/nf_conntrack_common.h
b/include/linux/netfilter/nf_conntrack_common.h
index 3ff88c8..68d282d 100644
--- a/include/linux/netfilter/nf_conntrack_common.h
+++ b/include/linux/netfilter/nf_conntrack_common.h
@@ -69,6 +69,11 @@ enum ip_conntrack_status {
/* Connection is dying (removed from lists), can not be unset. */
IPS_DYING_BIT = 9,
IPS_DYING = (1 << IPS_DYING_BIT),
+
+ /* Connection has fixed timeout. */
+ IPS_FIXED_TIMEOUT_BIT = 10,
+ IPS_FIXED_TIMEOUT = (1 << IPS_FIXED_TIMEOUT_BIT),
+
};
/* Connection tracking event bits */
diff --git a/net/ipv4/netfilter/ip_conntrack_core.c
b/net/ipv4/netfilter/ip_conntrack_core.c
index ceaabc1..d9dbe0f 100644
--- a/net/ipv4/netfilter/ip_conntrack_core.c
+++ b/net/ipv4/netfilter/ip_conntrack_core.c
@@ -1130,18 +1130,21 @@ void __ip_ct_refresh_acct(struct ip_conn
write_lock_bh(&ip_conntrack_lock);
- /* If not in hash table, timer will not be active yet */
- if (!is_confirmed(ct)) {
- ct->timeout.expires = extra_jiffies;
- event = IPCT_REFRESH;
- } else {
- /* Need del_timer for race avoidance (may already be dying). */
- if (del_timer(&ct->timeout)) {
- ct->timeout.expires = jiffies + extra_jiffies;
- add_timer(&ct->timeout);
- event = IPCT_REFRESH;
- }
- }
+ /* only update if this is not a fixed timeout */
+ if (! test_bit(IPS_FIXED_TIMEOUT_BIT, &ct->status)){
+ /* If not in hash table, timer will not be active yet */
+ if (!is_confirmed(ct)) {
+ ct->timeout.expires = extra_jiffies;
+ event = IPCT_REFRESH;
+ } else {
+ /* Need del_timer for race avoidance (may already be dying). */
+ if (del_timer(&ct->timeout)) {
+ ct->timeout.expires = jiffies + extra_jiffies;
+ add_timer(&ct->timeout);
+ event = IPCT_REFRESH;
+ }
+ }
+ }
#ifdef CONFIG_IP_NF_CT_ACCT
if (do_acct) {
- [Nufw-devel] [PATCH 0/3] [RFC] fixed duration connection, Eric Leblond, 2006/04/04
- [Nufw-devel] [PATCH 1/3] fixed duration connection, Eric Leblond, 2006/04/04
- [Nufw-devel] [PATCH 2/3] fixed duration connection, Eric Leblond, 2006/04/04
- [Nufw-devel] [PATCH 3/3] [RFC] fixed duration connection, Eric Leblond, 2006/04/04
- [Nufw-devel] Re: [PATCH 0/3] [RFC] fixed duration connection, Patrick McHardy, 2006/04/05
- [Nufw-devel] Re: [PATCH 1/3] [kernel patch] fixed duration connection, Harald Welte, 2006/04/12
- [Nufw-devel] Re: [PATCH 1/3] [kernel patch] fixed duration connection, Harald Welte, 2006/04/12
- [Nufw-devel] Re: [PATCH 1/3] [kernel patch] fixed duration connection, Patrick McHardy, 2006/04/12
- [Nufw-devel] Re: [PATCH 1/3] [kernel patch] fixed duration connection, Eric Leblond, 2006/04/13
- [Nufw-devel] Re: [PATCH 1/3] [kernel patch] fixed duration connection, Patrick McHardy, 2006/04/20
- [Nufw-devel] Re: [PATCH 1/3] [kernel patch] fixed duration connection, Eric Leblond, 2006/04/21
- [Nufw-devel] Re: [PATCH 1/3] [kernel patch] fixed duration connection, Patrick McHardy, 2006/04/21
- [Nufw-devel] Re: [PATCH 2/3] [libnetfilter_conntrack] fixed duration connection, Eric Leblond, 2006/04/07