Commit 89f2e218 authored by Patrick McHardy's avatar Patrick McHardy Committed by David S. Miller

[NETFILTER]: ctnetlink: change table dumping not to require an unique ID

Instead of using the ID to find out where to continue dumping, take a
reference to the last entry dumped and try to continue there.
Signed-off-by: default avatarPatrick McHardy <kaber@trash.net>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent 3726add7
...@@ -399,38 +399,54 @@ nfattr_failure: ...@@ -399,38 +399,54 @@ nfattr_failure:
static int ctnetlink_done(struct netlink_callback *cb) static int ctnetlink_done(struct netlink_callback *cb)
{ {
DEBUGP("entered %s\n", __FUNCTION__); DEBUGP("entered %s\n", __FUNCTION__);
if (cb->args[1])
ip_conntrack_put((struct ip_conntrack *)cb->args[1]);
return 0; return 0;
} }
static int static int
ctnetlink_dump_table(struct sk_buff *skb, struct netlink_callback *cb) ctnetlink_dump_table(struct sk_buff *skb, struct netlink_callback *cb)
{ {
struct ip_conntrack *ct = NULL; struct ip_conntrack *ct, *last;
struct ip_conntrack_tuple_hash *h; struct ip_conntrack_tuple_hash *h;
struct list_head *i; struct list_head *i;
u_int32_t *id = (u_int32_t *) &cb->args[1];
DEBUGP("entered %s, last bucket=%lu id=%u\n", __FUNCTION__, DEBUGP("entered %s, last bucket=%lu id=%u\n", __FUNCTION__,
cb->args[0], *id); cb->args[0], *id);
read_lock_bh(&ip_conntrack_lock); read_lock_bh(&ip_conntrack_lock);
for (; cb->args[0] < ip_conntrack_htable_size; cb->args[0]++, *id = 0) { for (; cb->args[0] < ip_conntrack_htable_size; cb->args[0]++) {
restart:
last = (struct ip_conntrack *)cb->args[1];
list_for_each_prev(i, &ip_conntrack_hash[cb->args[0]]) { list_for_each_prev(i, &ip_conntrack_hash[cb->args[0]]) {
h = (struct ip_conntrack_tuple_hash *) i; h = (struct ip_conntrack_tuple_hash *) i;
if (DIRECTION(h) != IP_CT_DIR_ORIGINAL) if (DIRECTION(h) != IP_CT_DIR_ORIGINAL)
continue; continue;
ct = tuplehash_to_ctrack(h); ct = tuplehash_to_ctrack(h);
if (ct->id <= *id) if (last != NULL) {
continue; if (ct == last) {
ip_conntrack_put(last);
cb->args[1] = 0;
last = NULL;
} else
continue;
}
if (ctnetlink_fill_info(skb, NETLINK_CB(cb->skb).pid, if (ctnetlink_fill_info(skb, NETLINK_CB(cb->skb).pid,
cb->nlh->nlmsg_seq, cb->nlh->nlmsg_seq,
IPCTNL_MSG_CT_NEW, IPCTNL_MSG_CT_NEW,
1, ct) < 0) 1, ct) < 0) {
nf_conntrack_get(&ct->ct_general);
cb->args[1] = (unsigned long)ct;
goto out; goto out;
*id = ct->id; }
}
if (last != NULL) {
ip_conntrack_put(last);
cb->args[1] = 0;
goto restart;
} }
} }
out: out:
read_unlock_bh(&ip_conntrack_lock); read_unlock_bh(&ip_conntrack_lock);
DEBUGP("leaving, last bucket=%lu id=%u\n", cb->args[0], *id); DEBUGP("leaving, last bucket=%lu id=%u\n", cb->args[0], *id);
......
...@@ -407,6 +407,8 @@ nfattr_failure: ...@@ -407,6 +407,8 @@ nfattr_failure:
static int ctnetlink_done(struct netlink_callback *cb) static int ctnetlink_done(struct netlink_callback *cb)
{ {
if (cb->args[1])
nf_ct_put((struct nf_conn *)cb->args[1]);
DEBUGP("entered %s\n", __FUNCTION__); DEBUGP("entered %s\n", __FUNCTION__);
return 0; return 0;
} }
...@@ -416,10 +418,9 @@ static int ctnetlink_done(struct netlink_callback *cb) ...@@ -416,10 +418,9 @@ static int ctnetlink_done(struct netlink_callback *cb)
static int static int
ctnetlink_dump_table(struct sk_buff *skb, struct netlink_callback *cb) ctnetlink_dump_table(struct sk_buff *skb, struct netlink_callback *cb)
{ {
struct nf_conn *ct = NULL; struct nf_conn *ct, *last;
struct nf_conntrack_tuple_hash *h; struct nf_conntrack_tuple_hash *h;
struct list_head *i; struct list_head *i;
u_int32_t *id = (u_int32_t *) &cb->args[1];
struct nfgenmsg *nfmsg = NLMSG_DATA(cb->nlh); struct nfgenmsg *nfmsg = NLMSG_DATA(cb->nlh);
u_int8_t l3proto = nfmsg->nfgen_family; u_int8_t l3proto = nfmsg->nfgen_family;
...@@ -427,7 +428,9 @@ ctnetlink_dump_table(struct sk_buff *skb, struct netlink_callback *cb) ...@@ -427,7 +428,9 @@ ctnetlink_dump_table(struct sk_buff *skb, struct netlink_callback *cb)
cb->args[0], *id); cb->args[0], *id);
read_lock_bh(&nf_conntrack_lock); read_lock_bh(&nf_conntrack_lock);
for (; cb->args[0] < nf_conntrack_htable_size; cb->args[0]++, *id = 0) { for (; cb->args[0] < nf_conntrack_htable_size; cb->args[0]++) {
restart:
last = (struct nf_conn *)cb->args[1];
list_for_each_prev(i, &nf_conntrack_hash[cb->args[0]]) { list_for_each_prev(i, &nf_conntrack_hash[cb->args[0]]) {
h = (struct nf_conntrack_tuple_hash *) i; h = (struct nf_conntrack_tuple_hash *) i;
if (DIRECTION(h) != IP_CT_DIR_ORIGINAL) if (DIRECTION(h) != IP_CT_DIR_ORIGINAL)
...@@ -438,17 +441,30 @@ ctnetlink_dump_table(struct sk_buff *skb, struct netlink_callback *cb) ...@@ -438,17 +441,30 @@ ctnetlink_dump_table(struct sk_buff *skb, struct netlink_callback *cb)
* then dump everything. */ * then dump everything. */
if (l3proto && L3PROTO(ct) != l3proto) if (l3proto && L3PROTO(ct) != l3proto)
continue; continue;
if (ct->id <= *id) if (last != NULL) {
continue; if (ct == last) {
nf_ct_put(last);
cb->args[1] = 0;
last = NULL;
} else
continue;
}
if (ctnetlink_fill_info(skb, NETLINK_CB(cb->skb).pid, if (ctnetlink_fill_info(skb, NETLINK_CB(cb->skb).pid,
cb->nlh->nlmsg_seq, cb->nlh->nlmsg_seq,
IPCTNL_MSG_CT_NEW, IPCTNL_MSG_CT_NEW,
1, ct) < 0) 1, ct) < 0) {
nf_conntrack_get(&ct->ct_general);
cb->args[1] = (unsigned long)ct;
goto out; goto out;
*id = ct->id; }
}
if (last != NULL) {
nf_ct_put(last);
cb->args[1] = 0;
goto restart;
} }
} }
out: out:
read_unlock_bh(&nf_conntrack_lock); read_unlock_bh(&nf_conntrack_lock);
DEBUGP("leaving, last bucket=%lu id=%u\n", cb->args[0], *id); DEBUGP("leaving, last bucket=%lu id=%u\n", cb->args[0], *id);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment