Pablo Neira Ayuso wrote:
There's another issue that I have to fix here that I haven't noticed so far:
+ if (nf_conntrack_event_report(IPCT_DESTROY, ct,
+ NETLINK_CB(skb).pid,
+ nlmsg_report(nlh)) < 0) {
+ nf_ct_delete_from_lists(ct);
+ /* we failed to report the event, try later */
+ nf_ct_insert_dying_list(ct);
+ nf_ct_put(ct);
+ return 0;
+ }
With this, we send the first destroy event including the netlink pid.
However, in the second try, we send it using netlink pid 0. The netlink
pid is important to notice who has triggered this event (the kernel,
myself or a different process). So I think that I need to add some
structure like:
struct nf_conn_dying {
struct list_head head;
u32 pid;
struct nf_conn *ct;
};
Thus, destroy events are delivered using the original netlink pid. I can
get rid of using the nulls list in that case.
I think this is necessary, or I'm completely driving nuts and seeing
ghosts everywhere :D.
I agree, this is necessary. But I'd add the pid to the event structure
instead of adding a completely new structure I think. Or perhaps we can
reuse an unused-at-that-time conntrack member.
Patrick, You still plan to send the patches for
2.6.31 along today? I think that I need one extra day, I have to leave
now and I cannot work on this until tomorrow morning.
Yes, the networking merge window closes a lot earlier than the general
kernel merge window and I have to get the other patches in.
I can delay it today, but I don't want to risk waiting until tomorrow.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
