Am 24.10.2010 17:25, schrieb Pablo Neira Ayuso: > This patch adds flow-based timestamping for conntracks. This > conntrack extension is disabled by default. Basically, we use > two 64-bits variables to store the creation timestamp once the > conntrack has been confirmed and the other to store the deletion > time. This extension is disabled by default, to enable it, you > have to: > > echo 1 > /proc/sys/net/netfilter/nf_conntrack_timestamp > > You can also alternatively enable this through a module parameter. > > This patch allows to save memory for user-space flow-based > loogers such as ulogd2. In short, ulogd2 does not need to > keep a hashtable with the conntrack in user-space to know > when they were created and destroyed, instead we use the > kernel timestamp. If we want to have a sane IPFIX implementation > in user-space, this nanosecs resolution timestamps are also > useful. Other custom user-space applications can benefit from > this via libnetfilter_conntrack. > > This patch does not modifies the /proc output to display > the start timestamping in nanosecs (which is not very useful). > We would need some generic functions similar to those in > xt_time to convert that output to local time in the kernel. > I think that ctnetlink is better for this, we pass the > timestamps in nanosecs and we call localtime() in the > user-space application. For that reason, I decided to only > modify the ctnetlink part (including dumping and event > notifications). Makes sense. Please resend once net-next opens up for new patches. Thanks! -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
