On 16.01.2011 23:33, Pablo Neira Ayuso wrote: > This patch adds flow-based timestamping for conntracks. This > conntrack extension is disabled by default. Basically, we use > two 64-bits variables to store the creation timestamp once the > conntrack has been confirmed and the other to store the deletion > time. This extension is disabled by default, to enable it, you > have to: > > echo 1 > /proc/sys/net/netfilter/nf_conntrack_timestamp > > This patch allows to save memory for user-space flow-based > loogers such as ulogd2. In short, ulogd2 does not need to > keep a hashtable with the conntrack in user-space to know > when they were created and destroyed, instead we use the > kernel timestamp. If we want to have a sane IPFIX implementation > in user-space, this nanosecs resolution timestamps are also > useful. Other custom user-space applications can benefit from > this via libnetfilter_conntrack. > > This patch modifies the /proc output to display the delta time > in seconds since the flow start. You can also obtain the > flow-start date by means of the conntrack-tools. > > Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> > --- > include/linux/netfilter/nfnetlink_conntrack.h | 9 ++++ > include/net/netfilter/nf_conntrack_extend.h | 4 ++ > include/net/netfilter/nf_conntrack_timestamp.h | 53 ++++++++++++++++++++++++ > include/net/netns/conntrack.h | 2 + > net/netfilter/Kconfig | 11 +++++ > net/netfilter/Makefile | 1 > net/netfilter/nf_conntrack_core.c | 26 ++++++++++++ > net/netfilter/nf_conntrack_netlink.c | 46 ++++++++++++++++++++- > net/netfilter/nf_conntrack_standalone.c | 41 +++++++++++++++++++ The nf_conntrack_timestamp.c file is missing from this patch. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
