On Wed, Dec 17, 2008 at 12:22 PM, Piotr Duszynski <regis44@xxxxxxxxx> wrote:
> I wanted to write a module that would track all the MAC information for
> all established connections. Unfortunately, after the module is loaded
> and all the information is being properly recorded to the conntrack
> computer hangs . I can read that it is related with interrupt timeout,
> but after several hours of trying to fix this I am still in the same
> spot . I would really appreciate any guidance in this matter .
>
> + l2info = nfct_l2info(ct);
> + if (!l2info) {
> + printk(KERN_INFO "Adding L2INFO extension\n");
> + l2info = nf_ct_ext_add(ct, NF_CT_EXT_L2INFO,GFP_ATOMIC);
You shouldn't call nf_ct_ext_add from within your target, as your
private structure needs to be added before the conntrack is confirmed
(preferably at allocation time). From _nf_ct_ext_add() in
nf_conntrack_extend.c:
/* Conntrack must not be confirmed to avoid races on reallocation. */
NF_CT_ASSERT(!nf_ct_is_confirmed(ct));
Take a look at init_conntrack() in nf_conntrack_core.c to see how
nf_conntrack_acct does it. lxr.linux.no is your friend :)
HTH,
James
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
