Techwizz/kernel-fxtec-pro1x
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
kernel-fxtec-pro1x/include/net/netfilter
History
Pablo Neira Ayuso a992ca2a04 netfilter: nf_conntrack_tstamp: add flow-based timestamp extension 
This patch adds flow-based timestamping for conntracks. This
conntrack extension is disabled by default. Basically, we use
two 64-bits variables to store the creation timestamp once the
conntrack has been confirmed and the other to store the deletion
time. This extension is disabled by default, to enable it, you
have to:

echo 1 > /proc/sys/net/netfilter/nf_conntrack_timestamp

This patch allows to save memory for user-space flow-based
loogers such as ulogd2. In short, ulogd2 does not need to
keep a hashtable with the conntrack in user-space to know
when they were created and destroyed, instead we use the
kernel timestamp. If we want to have a sane IPFIX implementation
in user-space, this nanosecs resolution timestamps are also
useful. Other custom user-space applications can benefit from
this via libnetfilter_conntrack.

This patch modifies the /proc output to display the delta time
in seconds since the flow start. You can also obtain the
flow-start date by means of the conntrack-tools.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Patrick McHardy <kaber@trash.net>
2011-01-19 16:00:07 +01:00
..
ipv4 netfilter: nf_ct_icmp: keep the ICMP ct entries longer 2009-06-08 15:53:43 +02:00
ipv6 netfilter: fix compilation when conntrack is disabled but tproxy is enabled 2010-12-15 23:53:41 +01:00
nf_conntrack.h netfilter: nf_conntrack: use is_vmalloc_addr() 2011-01-14 15:45:56 +01:00
nf_conntrack_acct.h netfilter: xt_connbytes: Force CT accounting to be enabled 2010-06-25 14:44:07 +02:00
nf_conntrack_core.h netfilter: nf_conntrack: IPS_UNTRACKED bit 2010-06-08 16:09:52 +02:00
nf_conntrack_ecache.h netfilter: add __rcu annotations 2010-11-15 18:17:21 +01:00
nf_conntrack_expect.h netfilter: ctnetlink: add expectation deletion events 2010-10-19 10:19:06 +02:00
nf_conntrack_extend.h netfilter: nf_conntrack_tstamp: add flow-based timestamp extension 2011-01-19 16:00:07 +01:00
nf_conntrack_helper.h netfilter: nf_conntrack: nf_conntrack snmp helper 2011-01-18 18:12:24 +01:00
nf_conntrack_l3proto.h netfilter: add __rcu annotations 2010-11-15 18:17:21 +01:00
nf_conntrack_l4proto.h netfilter: nf_conntrack: pass template to l4proto ->error() handler 2010-02-15 17:45:08 +01:00
nf_conntrack_timestamp.h netfilter: nf_conntrack_tstamp: add flow-based timestamp extension 2011-01-19 16:00:07 +01:00
nf_conntrack_tuple.h net: cleanup include/net 2009-11-04 05:06:25 -08:00
nf_conntrack_zones.h netfilter: nf_defrag_ipv4: fix compilation error with NF_CONNTRACK=n 2010-02-18 19:04:44 +01:00
nf_log.h
nf_nat.h netfilter: nf_nat: define nat_pptp_info as needed 2010-11-15 12:27:27 +01:00
nf_nat_core.h netfilter: nf_nat: fix conversion to non-atomic bit ops 2011-01-18 15:02:48 +01:00
nf_nat_helper.h netfilter: nf_nat: support mangling a single TCP packet multiple times 2010-02-11 12:27:09 +01:00
nf_nat_protocol.h netfilter: nf_nat: make find/put static 2010-10-04 20:53:18 +02:00
nf_nat_rule.h netfilter: nf_nat: support user-specified SNAT rules in LOCAL_IN 2010-06-17 06:12:26 +02:00
nf_queue.h
nf_tproxy_core.h tproxy: added IPv6 socket lookup function to nf_tproxy_core 2010-10-21 16:12:14 +02:00
nfnetlink_log.h nfnetlink_log: do not expose NFULNL_COPY_DISABLED to user-space 2010-07-15 11:27:41 +02:00
xt_log.h netfilter: add missing xt_log.h file 2010-10-04 23:24:21 +02:00
xt_rateest.h Merge branch 'master' of /repos/git/net-next-2.6 2010-06-15 17:31:06 +02:00